def test_remove_errors(
self, app, user, user_write_contrib,
user_non_contrib, project, url_user,
url_user_write_contrib, url_user_non_contrib):
# test_remove_contributor_non_contributor
res = app.delete(
url_user_write_contrib,
auth=user_non_contrib.auth,
expect_errors=True)
assert res.status_code == 403
project.reload()
assert user_write_contrib in project.contributors
# test_remove_contributor_not_logged_in
res = app.delete(url_user_write_contrib, expect_errors=True)
assert res.status_code == 401
project.reload()
assert user_write_contrib in project.contributors
# test_remove_non_contributor_admin
assert user_non_contrib not in project.contributors
res = app.delete(
url_user_non_contrib,
auth=user.auth,
expect_errors=True)
assert res.status_code == 404
project.reload()
assert user_non_contrib not in project.contributors
# test_remove_non_existing_user_admin
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(
API_BASE, project._id, 'fake')
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user_fake, auth=user.auth, expect_errors=True)
assert res.status_code == 404
# test_remove_self_contributor_unique_admin
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user, auth=user.auth, expect_errors=True)
assert res.status_code == 400
project.reload()
assert user in project.contributors
def test_remove_errors(self, app, user, user_write_contrib,
user_non_contrib, project, url_user,
url_user_write_contrib, url_user_non_contrib):
# test_remove_contributor_non_contributor
res = app.delete(url_user_write_contrib,
auth=user_non_contrib.auth,
expect_errors=True)
assert res.status_code == 403
project.reload()
assert user_write_contrib in project.contributors
# test_remove_contributor_not_logged_in
res = app.delete(url_user_write_contrib, expect_errors=True)
assert res.status_code == 401
project.reload()
assert user_write_contrib in project.contributors
# test_remove_non_contributor_admin
assert user_non_contrib not in project.contributors
res = app.delete(url_user_non_contrib,
auth=user.auth,
expect_errors=True)
assert res.status_code == 404
project.reload()
assert user_non_contrib not in project.contributors
# test_remove_non_existing_user_admin
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(
API_BASE, project._id, 'fake')
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user_fake, auth=user.auth, expect_errors=True)
assert res.status_code == 404
# test_remove_self_contributor_unique_admin
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user, auth=user.auth, expect_errors=True)
assert res.status_code == 400
project.reload()
assert user in project.contributors
def test_remove_non_existing_user_admin(self):
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(API_BASE, self.project._id, 'fake')
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(url_user_fake, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_remove_contributor_admin(self):
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user_two, auth=self.user.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_contributor_unique_admin(self):
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 400)
self.project.reload()
assert_in(self.user, self.project.contributors)
def test_remove_contributor_admin(self, app, user, user_write_contrib, project, url_user_write_contrib):
with assert_latest_log(NodeLog.CONTRIB_REMOVED, project):
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user_write_contrib, auth=user.auth)
assert res.status_code == 204
project.reload()
assert user_write_contrib not in project.contributors
def test_can_remove_self_as_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two, permissions.ADMIN, save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user_two, auth=self.user_two.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_non_existing_user_admin(self):
url_user_fake = '/{}nodes/{}/contributors/{}/'.format(
API_BASE, self.project._id, 'fake')
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(url_user_fake,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 404)
def test_remove_self_non_admin(self):
self.project.add_contributor(self.user_three, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user_three, auth=self.user_three.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_can_remove_self_as_contributor_not_unique_admin(self):
self.project.add_permission(self.user_two,
permissions.ADMIN,
save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user_two, auth=self.user_two.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_two, self.project.contributors)
def test_remove_self_non_admin(self, app, user_non_contrib, project, url_user_non_contrib):
with assert_latest_log(NodeLog.CONTRIB_REMOVED, project):
project.add_contributor(user_non_contrib, permissions=[permissions.READ, permissions.WRITE], visible=True, save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user_non_contrib, auth=user_non_contrib.auth)
assert res.status_code == 204
project.reload()
assert user_non_contrib not in project.contributors
def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url):
public_project.add_contributor(contrib, auth=user_auth)
assert public_project.logs.latest().action == 'contributor_added'
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
public_project.remove_contributor(contrib, auth=user_auth)
assert public_project.logs.latest().action == 'contributor_removed'
res = app.get(public_url, auth=user.auth)
assert res.status_code == 200
assert len(res.json['data']) == public_project.logs.count()
assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed'
assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
def test_remove_contributor_admin(
self, app, user, user_write_contrib,
project, url_user_write_contrib):
with assert_latest_log(NodeLog.CONTRIB_REMOVED, project):
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in
# osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user_write_contrib, auth=user.auth)
assert res.status_code == 204
project.reload()
assert user_write_contrib not in project.contributors
def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url):
public_project.add_contributor(contrib, auth=user_auth)
assert public_project.logs.latest().action == 'contributor_added'
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
public_project.remove_contributor(contrib, auth=user_auth)
assert public_project.logs.latest().action == 'contributor_removed'
res = app.get(public_url, auth=user.auth)
assert res.status_code == 200
assert len(res.json['data']) == public_project.logs.count()
assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed'
assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
def test_remove_self_non_admin(self):
self.project.add_contributor(
self.user_three,
permissions=[permissions.READ, permissions.WRITE],
visible=True,
save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
res = self.app.delete(self.url_user_three,
auth=self.user_three.auth)
assert_equal(res.status_code, 204)
self.project.reload()
assert_not_in(self.user_three, self.project.contributors)
def test_remove_self_contributor_not_unique_admin(self, app, user,
user_write_contrib,
project, url_user):
with assert_latest_log(NodeLog.CONTRIB_REMOVED, project):
project.add_permission(user_write_contrib,
permissions.ADMIN,
save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in
# osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(url_user, auth=user.auth)
assert res.status_code == 204
project.reload()
assert user not in project.contributors
def test_linked_nodes_only_return_viewable_nodes(
self, app, user, node_one, node_two, node_public, node_ids):
user_two = AuthUserFactory()
node_linking_two = NodeFactory(creator=user_two)
node_one.add_contributor(user_two, auth=Auth(user), save=True)
node_two.add_contributor(user_two, auth=Auth(user), save=True)
node_public.add_contributor(user_two, auth=Auth(user), save=True)
node_linking_two.add_pointer(node_one, auth=Auth(user_two))
node_linking_two.add_pointer(node_two, auth=Auth(user_two))
node_linking_two.add_pointer(node_public, auth=Auth(user_two))
node_linking_two.save()
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, node_linking_two._id),
auth=user_two.auth
)
assert res.status_code == 200
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
node_two.remove_contributor(user_two, auth=Auth(user))
node_public.remove_contributor(user_two, auth=Auth(user))
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(
API_BASE, node_linking_two._id
),
auth=user_two.auth
)
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert node_one._id in nodes_returned
assert node_public._id in nodes_returned
assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(
self, app, auth, private_node_one, private_node_two,
public_node, node_ids):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
private_node_one.add_contributor(user, auth=auth, save=True)
private_node_two.add_contributor(user, auth=auth, save=True)
public_node.add_contributor(user, auth=auth, save=True)
new_linking_node.add_pointer(private_node_one, auth=Auth(user))
new_linking_node.add_pointer(private_node_two, auth=Auth(user))
new_linking_node.add_pointer(public_node, auth=Auth(user))
new_linking_node.save()
new_linking_registration = RegistrationFactory(
project=new_linking_node, creator=user)
res = app.get(
'/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id),
auth=user.auth
)
assert res.status_code == 200
nodes_returned = [linked_node['id']
for linked_node in res.json['data']]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
private_node_two.remove_contributor(user, auth=auth)
public_node.remove_contributor(user, auth=auth)
res = app.get(
'/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id),
auth=user.auth
)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert private_node_one._id in nodes_returned
assert public_node._id in nodes_returned
assert private_node_two._id not in nodes_returned
def test_project_add_remove_contributor(self):
self.public_project.add_contributor(self.contrib, auth=self.user_auth)
assert_equal('contributor_added',
self.public_project.logs.latest().action)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
self.public_project.remove_contributor(self.contrib,
auth=self.user_auth)
assert_equal('contributor_removed',
self.public_project.logs.latest().action)
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(len(res.json['data']), self.public_project.logs.count())
assert_equal(res.json['data'][API_LATEST]['attributes']['action'],
'contributor_removed')
assert_equal(res.json['data'][1]['attributes']['action'],
'contributor_added')
def test_linked_nodes_only_return_viewable_nodes(self):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
self.linked_node.add_contributor(user, auth=self.auth, save=True)
self.linked_node2.add_contributor(user, auth=self.auth, save=True)
self.public_node.add_contributor(user, auth=self.auth, save=True)
new_linking_node.add_pointer(self.linked_node, auth=Auth(user))
new_linking_node.add_pointer(self.linked_node2, auth=Auth(user))
new_linking_node.add_pointer(self.public_node, auth=Auth(user))
new_linking_node.save()
new_linking_registration = RegistrationFactory(
project=new_linking_node, creator=user)
res = self.app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
assert_equal(res.status_code, 200)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert_equal(len(nodes_returned), len(self.node_ids))
for node_id in self.node_ids:
assert_in(node_id, nodes_returned)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
self.linked_node2.remove_contributor(user, auth=self.auth)
self.public_node.remove_contributor(user, auth=self.auth)
res = self.app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert_equal(len(nodes_returned), len(self.node_ids) - 1)
assert_in(self.linked_node._id, nodes_returned)
assert_in(self.public_node._id, nodes_returned)
assert_not_in(self.linked_node2._id, nodes_returned)
def test_linked_nodes_only_return_viewable_nodes(self, app, user, node_one,
node_two, node_public,
node_ids):
user_two = AuthUserFactory()
node_linking_two = NodeFactory(creator=user_two)
node_one.add_contributor(user_two, auth=Auth(user), save=True)
node_two.add_contributor(user_two, auth=Auth(user), save=True)
node_public.add_contributor(user_two, auth=Auth(user), save=True)
node_linking_two.add_pointer(node_one, auth=Auth(user_two))
node_linking_two.add_pointer(node_two, auth=Auth(user_two))
node_linking_two.add_pointer(node_public, auth=Auth(user_two))
node_linking_two.save()
res = app.get('/{}nodes/{}/linked_nodes/'.format(
API_BASE, node_linking_two._id),
auth=user_two.auth)
assert res.status_code == 200
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
node_two.remove_contributor(user_two, auth=Auth(user))
node_public.remove_contributor(user_two, auth=Auth(user))
res = app.get('/{}nodes/{}/linked_nodes/'.format(
API_BASE, node_linking_two._id),
auth=user_two.auth)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert node_one._id in nodes_returned
assert node_public._id in nodes_returned
assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(self):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
self.linked_node.add_contributor(user, auth=self.auth, save=True)
self.linked_node2.add_contributor(user, auth=self.auth, save=True)
self.public_node.add_contributor(user, auth=self.auth, save=True)
new_linking_node.add_pointer(self.linked_node, auth=Auth(user))
new_linking_node.add_pointer(self.linked_node2, auth=Auth(user))
new_linking_node.add_pointer(self.public_node, auth=Auth(user))
new_linking_node.save()
res = self.app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id),
auth=user.auth
)
assert_equal(res.status_code, 200)
nodes_returned = [linked_node['id'] for linked_node in res.json['data']]
assert_equal(len(nodes_returned), len(self.node_ids))
for node_id in self.node_ids:
assert_in(node_id, nodes_returned)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
self.linked_node2.remove_contributor(user, auth=self.auth)
self.public_node.remove_contributor(user, auth=self.auth)
res = self.app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id),
auth=user.auth
)
nodes_returned = [linked_node['id'] for linked_node in res.json['data']]
assert_equal(len(nodes_returned), len(self.node_ids) - 1)
assert_in(self.linked_node._id, nodes_returned)
assert_in(self.public_node._id, nodes_returned)
assert_not_in(self.linked_node2._id, nodes_returned)
def test_remove_self_non_admin(
self, app, user_non_contrib,
project, url_user_non_contrib):
with assert_latest_log(NodeLog.CONTRIB_REMOVED, project):
project.add_contributor(
user_non_contrib,
permissions=[
permissions.READ,
permissions.WRITE],
visible=True,
save=True)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in
# osf-models
with disconnected_from_listeners(contributor_removed):
res = app.delete(
url_user_non_contrib,
auth=user_non_contrib.auth)
assert res.status_code == 204
project.reload()
assert user_non_contrib not in project.contributors
