def test_remove_errors( self, app, user, user_write_contrib, user_non_contrib, project, url_user, url_user_write_contrib, url_user_non_contrib): # test_remove_contributor_non_contributor res = app.delete( url_user_write_contrib, auth=user_non_contrib.auth, expect_errors=True) assert res.status_code == 403 project.reload() assert user_write_contrib in project.contributors # test_remove_contributor_not_logged_in res = app.delete(url_user_write_contrib, expect_errors=True) assert res.status_code == 401 project.reload() assert user_write_contrib in project.contributors # test_remove_non_contributor_admin assert user_non_contrib not in project.contributors res = app.delete( url_user_non_contrib, auth=user.auth, expect_errors=True) assert res.status_code == 404 project.reload() assert user_non_contrib not in project.contributors # test_remove_non_existing_user_admin url_user_fake = '/{}nodes/{}/contributors/{}/'.format( API_BASE, project._id, 'fake') # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user_fake, auth=user.auth, expect_errors=True) assert res.status_code == 404 # test_remove_self_contributor_unique_admin # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user, auth=user.auth, expect_errors=True) assert res.status_code == 400 project.reload() assert user in project.contributors
def test_remove_errors(self, app, user, user_write_contrib, user_non_contrib, project, url_user, url_user_write_contrib, url_user_non_contrib): # test_remove_contributor_non_contributor res = app.delete(url_user_write_contrib, auth=user_non_contrib.auth, expect_errors=True) assert res.status_code == 403 project.reload() assert user_write_contrib in project.contributors # test_remove_contributor_not_logged_in res = app.delete(url_user_write_contrib, expect_errors=True) assert res.status_code == 401 project.reload() assert user_write_contrib in project.contributors # test_remove_non_contributor_admin assert user_non_contrib not in project.contributors res = app.delete(url_user_non_contrib, auth=user.auth, expect_errors=True) assert res.status_code == 404 project.reload() assert user_non_contrib not in project.contributors # test_remove_non_existing_user_admin url_user_fake = '/{}nodes/{}/contributors/{}/'.format( API_BASE, project._id, 'fake') # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user_fake, auth=user.auth, expect_errors=True) assert res.status_code == 404 # test_remove_self_contributor_unique_admin # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user, auth=user.auth, expect_errors=True) assert res.status_code == 400 project.reload() assert user in project.contributors
def test_remove_non_existing_user_admin(self): url_user_fake = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, 'fake') # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(url_user_fake, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
def test_remove_contributor_admin(self): # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user_two, auth=self.user.auth) assert_equal(res.status_code, 204) self.project.reload() assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_contributor_unique_admin(self): # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) self.project.reload() assert_in(self.user, self.project.contributors)
def test_remove_contributor_admin(self, app, user, user_write_contrib, project, url_user_write_contrib): with assert_latest_log(NodeLog.CONTRIB_REMOVED, project): # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user_write_contrib, auth=user.auth) assert res.status_code == 204 project.reload() assert user_write_contrib not in project.contributors
def test_can_remove_self_as_contributor_not_unique_admin(self): self.project.add_permission(self.user_two, permissions.ADMIN, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user_two, auth=self.user_two.auth) assert_equal(res.status_code, 204) self.project.reload() assert_not_in(self.user_two, self.project.contributors)
def test_remove_non_existing_user_admin(self): url_user_fake = '/{}nodes/{}/contributors/{}/'.format( API_BASE, self.project._id, 'fake') # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(url_user_fake, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
def test_remove_self_non_admin(self): self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user_three, auth=self.user_three.auth) assert_equal(res.status_code, 204) self.project.reload() assert_not_in(self.user_three, self.project.contributors)
def test_can_remove_self_as_contributor_not_unique_admin(self): self.project.add_permission(self.user_two, permissions.ADMIN, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user_two, auth=self.user_two.auth) assert_equal(res.status_code, 204) self.project.reload() assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_non_admin(self, app, user_non_contrib, project, url_user_non_contrib): with assert_latest_log(NodeLog.CONTRIB_REMOVED, project): project.add_contributor(user_non_contrib, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user_non_contrib, auth=user_non_contrib.auth) assert res.status_code == 204 project.reload() assert user_non_contrib not in project.contributors
def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url): public_project.add_contributor(contrib, auth=user_auth) assert public_project.logs.latest().action == 'contributor_added' # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): public_project.remove_contributor(contrib, auth=user_auth) assert public_project.logs.latest().action == 'contributor_removed' res = app.get(public_url, auth=user.auth) assert res.status_code == 200 assert len(res.json['data']) == public_project.logs.count() assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed' assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
def test_remove_contributor_admin( self, app, user, user_write_contrib, project, url_user_write_contrib): with assert_latest_log(NodeLog.CONTRIB_REMOVED, project): # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in # osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user_write_contrib, auth=user.auth) assert res.status_code == 204 project.reload() assert user_write_contrib not in project.contributors
def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url): public_project.add_contributor(contrib, auth=user_auth) assert public_project.logs.latest().action == 'contributor_added' # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): public_project.remove_contributor(contrib, auth=user_auth) assert public_project.logs.latest().action == 'contributor_removed' res = app.get(public_url, auth=user.auth) assert res.status_code == 200 assert len(res.json['data']) == public_project.logs.count() assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed' assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
def test_remove_self_non_admin(self): self.project.add_contributor( self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): res = self.app.delete(self.url_user_three, auth=self.user_three.auth) assert_equal(res.status_code, 204) self.project.reload() assert_not_in(self.user_three, self.project.contributors)
def test_remove_self_contributor_not_unique_admin(self, app, user, user_write_contrib, project, url_user): with assert_latest_log(NodeLog.CONTRIB_REMOVED, project): project.add_permission(user_write_contrib, permissions.ADMIN, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in # osf-models with disconnected_from_listeners(contributor_removed): res = app.delete(url_user, auth=user.auth) assert res.status_code == 204 project.reload() assert user not in project.contributors
def test_linked_nodes_only_return_viewable_nodes( self, app, user, node_one, node_two, node_public, node_ids): user_two = AuthUserFactory() node_linking_two = NodeFactory(creator=user_two) node_one.add_contributor(user_two, auth=Auth(user), save=True) node_two.add_contributor(user_two, auth=Auth(user), save=True) node_public.add_contributor(user_two, auth=Auth(user), save=True) node_linking_two.add_pointer(node_one, auth=Auth(user_two)) node_linking_two.add_pointer(node_two, auth=Auth(user_two)) node_linking_two.add_pointer(node_public, auth=Auth(user_two)) node_linking_two.save() res = app.get( '/{}nodes/{}/linked_nodes/'.format(API_BASE, node_linking_two._id), auth=user_two.auth ) assert res.status_code == 200 nodes_returned = [ linked_node['id']for linked_node in res.json['data'] ] assert len(nodes_returned) == len(node_ids) for node_id in node_ids: assert node_id in nodes_returned # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): node_two.remove_contributor(user_two, auth=Auth(user)) node_public.remove_contributor(user_two, auth=Auth(user)) res = app.get( '/{}nodes/{}/linked_nodes/'.format( API_BASE, node_linking_two._id ), auth=user_two.auth ) nodes_returned = [ linked_node['id']for linked_node in res.json['data'] ] assert len(nodes_returned) == len(node_ids) - 1 assert node_one._id in nodes_returned assert node_public._id in nodes_returned assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes( self, app, auth, private_node_one, private_node_two, public_node, node_ids): user = AuthUserFactory() new_linking_node = NodeFactory(creator=user) private_node_one.add_contributor(user, auth=auth, save=True) private_node_two.add_contributor(user, auth=auth, save=True) public_node.add_contributor(user, auth=auth, save=True) new_linking_node.add_pointer(private_node_one, auth=Auth(user)) new_linking_node.add_pointer(private_node_two, auth=Auth(user)) new_linking_node.add_pointer(public_node, auth=Auth(user)) new_linking_node.save() new_linking_registration = RegistrationFactory( project=new_linking_node, creator=user) res = app.get( '/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id), auth=user.auth ) assert res.status_code == 200 nodes_returned = [linked_node['id'] for linked_node in res.json['data']] assert len(nodes_returned) == len(node_ids) for node_id in node_ids: assert node_id in nodes_returned # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): private_node_two.remove_contributor(user, auth=auth) public_node.remove_contributor(user, auth=auth) res = app.get( '/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id), auth=user.auth ) nodes_returned = [ linked_node['id'] for linked_node in res.json['data'] ] assert len(nodes_returned) == len(node_ids) - 1 assert private_node_one._id in nodes_returned assert public_node._id in nodes_returned assert private_node_two._id not in nodes_returned
def test_project_add_remove_contributor(self): self.public_project.add_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_added', self.public_project.logs.latest().action) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): self.public_project.remove_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_removed', self.public_project.logs.latest().action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), self.public_project.logs.count()) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'contributor_removed') assert_equal(res.json['data'][1]['attributes']['action'], 'contributor_added')
def test_linked_nodes_only_return_viewable_nodes(self): user = AuthUserFactory() new_linking_node = NodeFactory(creator=user) self.linked_node.add_contributor(user, auth=self.auth, save=True) self.linked_node2.add_contributor(user, auth=self.auth, save=True) self.public_node.add_contributor(user, auth=self.auth, save=True) new_linking_node.add_pointer(self.linked_node, auth=Auth(user)) new_linking_node.add_pointer(self.linked_node2, auth=Auth(user)) new_linking_node.add_pointer(self.public_node, auth=Auth(user)) new_linking_node.save() new_linking_registration = RegistrationFactory( project=new_linking_node, creator=user) res = self.app.get('/{}registrations/{}/linked_nodes/'.format( API_BASE, new_linking_registration._id), auth=user.auth) assert_equal(res.status_code, 200) nodes_returned = [ linked_node['id'] for linked_node in res.json['data'] ] assert_equal(len(nodes_returned), len(self.node_ids)) for node_id in self.node_ids: assert_in(node_id, nodes_returned) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): self.linked_node2.remove_contributor(user, auth=self.auth) self.public_node.remove_contributor(user, auth=self.auth) res = self.app.get('/{}registrations/{}/linked_nodes/'.format( API_BASE, new_linking_registration._id), auth=user.auth) nodes_returned = [ linked_node['id'] for linked_node in res.json['data'] ] assert_equal(len(nodes_returned), len(self.node_ids) - 1) assert_in(self.linked_node._id, nodes_returned) assert_in(self.public_node._id, nodes_returned) assert_not_in(self.linked_node2._id, nodes_returned)
def test_linked_nodes_only_return_viewable_nodes(self, app, user, node_one, node_two, node_public, node_ids): user_two = AuthUserFactory() node_linking_two = NodeFactory(creator=user_two) node_one.add_contributor(user_two, auth=Auth(user), save=True) node_two.add_contributor(user_two, auth=Auth(user), save=True) node_public.add_contributor(user_two, auth=Auth(user), save=True) node_linking_two.add_pointer(node_one, auth=Auth(user_two)) node_linking_two.add_pointer(node_two, auth=Auth(user_two)) node_linking_two.add_pointer(node_public, auth=Auth(user_two)) node_linking_two.save() res = app.get('/{}nodes/{}/linked_nodes/'.format( API_BASE, node_linking_two._id), auth=user_two.auth) assert res.status_code == 200 nodes_returned = [ linked_node['id'] for linked_node in res.json['data'] ] assert len(nodes_returned) == len(node_ids) for node_id in node_ids: assert node_id in nodes_returned # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): node_two.remove_contributor(user_two, auth=Auth(user)) node_public.remove_contributor(user_two, auth=Auth(user)) res = app.get('/{}nodes/{}/linked_nodes/'.format( API_BASE, node_linking_two._id), auth=user_two.auth) nodes_returned = [ linked_node['id'] for linked_node in res.json['data'] ] assert len(nodes_returned) == len(node_ids) - 1 assert node_one._id in nodes_returned assert node_public._id in nodes_returned assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(self): user = AuthUserFactory() new_linking_node = NodeFactory(creator=user) self.linked_node.add_contributor(user, auth=self.auth, save=True) self.linked_node2.add_contributor(user, auth=self.auth, save=True) self.public_node.add_contributor(user, auth=self.auth, save=True) new_linking_node.add_pointer(self.linked_node, auth=Auth(user)) new_linking_node.add_pointer(self.linked_node2, auth=Auth(user)) new_linking_node.add_pointer(self.public_node, auth=Auth(user)) new_linking_node.save() res = self.app.get( '/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id), auth=user.auth ) assert_equal(res.status_code, 200) nodes_returned = [linked_node['id'] for linked_node in res.json['data']] assert_equal(len(nodes_returned), len(self.node_ids)) for node_id in self.node_ids: assert_in(node_id, nodes_returned) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in osf-models with disconnected_from_listeners(contributor_removed): self.linked_node2.remove_contributor(user, auth=self.auth) self.public_node.remove_contributor(user, auth=self.auth) res = self.app.get( '/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id), auth=user.auth ) nodes_returned = [linked_node['id'] for linked_node in res.json['data']] assert_equal(len(nodes_returned), len(self.node_ids) - 1) assert_in(self.linked_node._id, nodes_returned) assert_in(self.public_node._id, nodes_returned) assert_not_in(self.linked_node2._id, nodes_returned)
def test_remove_self_non_admin( self, app, user_non_contrib, project, url_user_non_contrib): with assert_latest_log(NodeLog.CONTRIB_REMOVED, project): project.add_contributor( user_non_contrib, permissions=[ permissions.READ, permissions.WRITE], visible=True, save=True) # Disconnect contributor_removed so that we don't check in files # We can remove this when StoredFileNode is implemented in # osf-models with disconnected_from_listeners(contributor_removed): res = app.delete( url_user_non_contrib, auth=user_non_contrib.auth) assert res.status_code == 204 project.reload() assert user_non_contrib not in project.contributors