def test_search(self): annotations = self._create_annotations_for_search() res = Annotation.search() assert_equal(len(res), 3) res = Annotation.count() assert_equal(res, 3) res = Annotation.search(query={'uri': uri1}) assert_equal(len(res), 2) assert_equal(res[0]['uri'], uri1) assert_equal(res[0]['id'], annotations[1]['id']) res = Annotation.search(query={'user': user1}) assert_equal(len(res), 2) assert_equal(res[0]['user'], user1) assert_equal(res[0]['id'], annotations[2]['id']) res = Annotation.search(query={'user': user1, 'uri':uri2}) assert_equal(len(res), 1) assert_equal(res[0]['user'], user1) assert_equal(res[0]['id'], annotations[2]['id']) res = Annotation.count(query={'user': user1, 'uri':uri2}) assert_equal(res, 1)
def index(): if g.consumer and g.user: if not g.auth.verify_request(request): return _failed_auth_response() annotations = Annotation.search(_user_id=g.user.username, _consumer_key=g.consumer.key) else: annotations = Annotation.search() return jsonify(annotations)
def test_search_permissions_null(self): anno = Annotation(text='Foobar') anno.save() res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('bob') res = Annotation.search() assert_equal(len(res), 0)
def test_search_permissions_null(self): anno = Annotation(text='Foobar') anno.save() res = Annotation.search() assert_equal(len(res), 0) user = h.MockUser('bob') res = Annotation.search(user=user) assert_equal(len(res), 0)
def test_search_permissions_owner(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer') anno.save() res = Annotation.search() assert_equal(len(res), 0) user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1)
def test_search_permissions_null(self): anno = Annotation(text='Foobar') anno.save() es.conn.refresh(timesleep=0.01) res = Annotation.search() assert_equal(len(res), 0) res = Annotation.search(_user_id='bob') assert_equal(len(res), 0)
def test_search_permissions_owner(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer') anno.save() res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('alice', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1)
def test_search_permissions_owner(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer') anno.save() es.conn.refresh(timesleep=0.01) res = Annotation.search() assert_equal(len(res), 0) res = Annotation.search(_user_id='alice', _consumer_key='testconsumer') assert_equal(len(res), 1)
def test_search_permissions_authenticated(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['group:__authenticated__']}) anno.save() res = Annotation.search() assert_equal(len(res), 0) user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1) user = h.MockUser('bob', 'anotherconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1)
def test_search_permissions_authenticated(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['group:__authenticated__']}) anno.save() res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('alice', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1) g.user = h.MockUser('bob', 'anotherconsumer') res = Annotation.search() assert_equal(len(res), 1)
def test_search_permissions_authenticated(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['group:__authenticated__']}) anno.save() es.conn.refresh(timesleep=0.01) res = Annotation.search() assert_equal(len(res), 0) res = Annotation.search(_user_id='alice', _consumer_key='testconsumer') assert_equal(len(res), 1) res = Annotation.search(_user_id='bob', _consumer_key='anotherconsumer') assert_equal(len(res), 1)
def test_search(self): perms = {'read': ['group:__world__']} uri1 = u'http://xyz.com' uri2 = u'urn:uuid:xxxxx' user1 = u'levin' user2 = u'anna' anno1 = Annotation(uri=uri1, text=uri1, user=user1, permissions=perms) anno2 = Annotation(uri=uri1, text=uri1 + uri1, user=user2, permissions=perms) anno3 = Annotation(uri=uri2, text=uri2, user=user1, permissions=perms) anno1.save() anno2.save() anno3.save() es.conn.refresh(timesleep=0.01) res = Annotation.search() assert_equal(len(res), 3) # ordering (most recent first) assert_equal(res[0]['text'], uri2) res = Annotation.count() assert_equal(res, 3) res = Annotation.search(limit=1) assert_equal(len(res), 1) res = Annotation.count(limit=1) assert_equal(res, 3) res = Annotation.search(uri=uri1) assert_equal(len(res), 2) assert_equal(res[0]['uri'], uri1) assert_equal(res[0]['id'], anno2.id) res = Annotation.search(user=user1) assert_equal(len(res), 2) assert_equal(res[0]['user'], user1) assert_equal(res[0]['id'], anno3.id) res = Annotation.search(user=user1, uri=uri2) assert_equal(len(res), 1) assert_equal(res[0]['user'], user1) assert_equal(res[0]['id'], anno3.id) res = Annotation.count(user=user1, uri=uri2) assert_equal(res, 1)
def test_search_permissions_admin(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer') anno.save() user = h.MockUser('bob', 'testconsumer') user.is_admin = True res = Annotation.search(user=user) assert_equal(len(res), 1)
def test_search_before_and_after(self): self._create_annotations_for_search() res = Annotation.search(query={'after': '2015-02-02'}) assert_equal(len(res), 2) assert_equal(res[0]['created'], date2) assert_equal(res[1]['created'], date1) res = Annotation.count(query={'after': '2015-02-02', 'uri': uri1}) assert_equal(res, 2) res = Annotation.search(query={'after': '2015-01-23', 'before': '2015-02-03'}) assert_equal(len(res), 1) assert_equal(res[0]['created'], date1) res = Annotation.search(query={'before': '2015-02-02'}) assert_equal(len(res), 1) assert_equal(res[0]['created'], date3)
def test_search_permissions_consumer(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer', permissions={'read': ['group:__consumer__']}) anno.save() es.conn.refresh(timesleep=0.01) res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('bob', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1) g.user = h.MockUser('alice', 'anotherconsumer') res = Annotation.search() assert_equal(len(res), 0)
def test_cross_representations(self): # create an annotation for an html document which we can # scrape some document metadata from, including a link to a pdf a1 = Annotation(uri='http://example.com/1234', text='annotation1', user='******', document = { "link": [ { "href": "http://example.com/1234", "type": "text/html" }, { "href": "http://example.com/1234.pdf", "type": "application/pdf" } ] }, consumer='testconsumer') a1.save() # create an annotation for the pdf that lacks document metadata since # annotator doesn't currently extract information from pdfs a2 = Annotation(uri='http://example.com/1234.pdf', text='annotation2', user='******', consumer='testconsumer') a2.save() # now a query for annotations of the pdf should yield both annotations user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user, query={'uri':'http://example.com/1234.pdf'}) assert_equal(len(res), 2) # and likewise for annotations of the html res = Annotation.search(user=user, query={'uri':'http://example.com/1234'}) assert_equal(len(res), 2)
def test_search_permissions_world(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['group:__world__']}) anno.save() res = Annotation.search() assert_equal(len(res), 1) user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1) user = h.MockUser('bob') res = Annotation.search(user=user) assert_equal(len(res), 1) user = h.MockUser('bob', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1)
def test_search_permissions_malicious(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer', permissions={'read': ['group:__consumer__']}) anno.save() # Any user whose username starts with "group:" must be refused any results user = h.MockUser('group:anyone', 'testconsumer') search_action = lambda: Annotation.search(user=user) assert_raises(RuntimeError, search_action)
def test_search_permissions_simple(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['bob']}) anno.save() res = Annotation.search() assert_equal(len(res), 0) user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 0) user = h.MockUser('bob') res = Annotation.search(user=user) assert_equal(len(res), 0) user = h.MockUser('bob', 'testconsumer') res = Annotation.search(user=user) assert_equal(len(res), 1)
def test_search_permissions_world(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['group:__world__']}) anno.save() res = Annotation.search() assert_equal(len(res), 1) g.user = h.MockUser('alice', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1) g.user = h.MockUser('bob') res = Annotation.search() assert_equal(len(res), 1) g.user = h.MockUser('bob', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1)
def search_annotations(): kwargs = dict(request.args.items()) if "offset" in kwargs: kwargs["offset"] = atoi(kwargs["offset"]) if "limit" in kwargs: kwargs["limit"] = atoi(kwargs["limit"], 20) results = Annotation.search(**kwargs) total = Annotation.count(**kwargs) return jsonify({"total": total, "rows": results})
def test_search_permissions_simple(self): anno = Annotation(text='Foobar', consumer='testconsumer', permissions={'read': ['bob']}) anno.save() res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('alice', 'testconsumer') res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('bob') res = Annotation.search() assert_equal(len(res), 0) g.user = h.MockUser('bob', 'testconsumer') res = Annotation.search() assert_equal(len(res), 1)
def test_search_permissions_malicious(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer', permissions={'read': ['group:__consumer__']}) anno.save() # Any user whose username starts with "group:" must be refused any results g.user = h.MockUser('group:anyone', 'testconsumer') res = Annotation.search() assert_equal(len(res), 0)
def test_search_permissions_admin(self): anno = Annotation(text='Foobar', user='******', consumer='testconsumer') anno.save() g.user = h.MockUser('bob', 'testconsumer') g.user.is_admin = True res = Annotation.search() assert_equal(len(res), 1)
def test_case_sensitivity(self): """Indexing and search should not apply lowercase to strings (this requirement might be changed sometime) """ # https://github.com/openannotation/annotator-store/issues/73 anno = Annotation(uri='http://example.com/1234', text='Foobar', user='******', consumer='testconsumer', custom_field='CaseSensitive') anno.save() user = h.MockUser('alice', 'testconsumer') res = Annotation.search(user=user, query={'custom_field':'CaseSensitive'}) assert_equal(len(res), 1) res = Annotation.search(user=user, query={'custom_field':'casesensitive'}) assert_equal(len(res), 0)
def test_search_ordering(self): self._create_annotations_for_search() res = Annotation.search() # ordering (default: most recent first) assert_equal(res[0]['text'], uri2) res = Annotation.search(order='asc') assert_equal(res[0]['text'], uri1) res = Annotation.search(sort='user') assert_equal(res[0]['user'], user1) res = Annotation.search(sort='user', order='asc') assert_equal(res[0]['user'], user2) res = Annotation.search(limit=1) assert_equal(len(res), 1) res = Annotation.count(limit=1) assert_equal(res, 3)
def search_annotations(): kwargs = dict(request.args.items()) if 'offset' in kwargs: kwargs['offset'] = atoi(kwargs['offset']) if 'limit' in kwargs: kwargs['limit'] = atoi(kwargs['limit'], 20) results = Annotation.search(**kwargs) total = Annotation.count(**kwargs) return jsonify({'total': total, 'rows': results})
def search_annotations(): kwargs = dict(request.args.items()) consumer, user = g.auth.request_credentials(request) kwargs['_consumer_key'] = consumer kwargs['_user_id'] = user if 'offset' in kwargs: kwargs['offset'] = _quiet_int(kwargs['offset']) if 'limit' in kwargs: kwargs['limit'] = _quiet_int(kwargs['limit'], 20) results = Annotation.search(**kwargs) total = Annotation.count(**kwargs) return jsonify({ 'total': total, 'rows': results })
def search_annotations(): kwargs = dict(request.args.items()) if g.user and g.consumer: if not g.auth.verify_request(request): return _failed_auth_response() kwargs["_consumer_key"] = g.consumer.key kwargs["_user_id"] = g.user.username else: # Prevent request forgery kwargs.pop("_consumer_key", None) kwargs.pop("_user_id", None) if "offset" in kwargs: kwargs["offset"] = _quiet_int(kwargs["offset"]) if "limit" in kwargs: kwargs["limit"] = _quiet_int(kwargs["limit"], 20) results = Annotation.search(**kwargs) total = Annotation.count(**kwargs) return jsonify({"total": total, "rows": results})
def index(): annotations = Annotation.search() return jsonify(annotations)
def index(): consumer, user = g.auth.request_credentials(request) annotations = Annotation.search(_user_id=user, _consumer_key=consumer) return jsonify(annotations)