def test_workgroup_member_search_of_discussions(self): self.logout() # Only workgroup members should be able to see discussion posts self.discussionPost = models.DiscussionPost.objects.create( title="Hello World", body="Text text", workgroup=self.wg1) # Remove viewer from workgroup self.wg1.removeUser(self.viewer) # Check that the viewer was successfully removed self.assertFalse(perms.user_in_workgroup(self.viewer, self.wg1)) # Confirm discussion in QuerySet from haystack.query import SearchQuerySet sqs = SearchQuerySet() self.assertEqual(len(sqs.auto_query('Hello')), 1) # User is not in workgroup, so there should be no results psqs = get_permission_sqs().auto_query( 'Hello').apply_permission_checks(self.viewer) self.assertEqual(len(psqs), 0) # Put the viewer in the correct workgroup self.wg1.giveRoleToUser('manager', self.viewer) self.assertTrue(perms.user_in_workgroup(self.viewer, self.wg1)) # Viewer is now in workgroup, so there should be results psqs = get_permission_sqs().auto_query( 'Hello').apply_permission_checks(self.viewer) self.assertEqual(len(psqs), 1) self.login_viewer() response = self.client.get(reverse('aristotle:search') + "?q=Hello") self.assertEqual(len(response.context['page'].object_list), 1)
def test_self_publish_queryset_anon(self): self.logout() response = self.client.get(self.item.get_absolute_url()) self.assertTrue(response.status_code == 302) self.item = ObjectClass.objects.get(pk=self.item.pk) self.assertFalse(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 0) pub.PublicationRecord.objects.create( user=self.submitting_user, concept=self.item, visibility=pub.PublicationRecord.VISIBILITY.public) response = self.client.get(self.item.get_absolute_url()) self.assertTrue(response.status_code == 200) self.item = ObjectClass.objects.get(pk=self.item.pk) self.assertTrue(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 1)
def test_self_publish_queryset_anon(self): self.logout() response = self.client.get(self.item.get_absolute_url()) self.assertTrue(response.status_code == 302) self.item = ObjectClass.objects.get(pk=self.item.pk) self.assertFalse(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 0) pub.PublicationRecord.objects.create( user=self.submitting_user, concept=self.item, visibility=pub.PublicationRecord.VISIBILITY.public ) response = self.client.get(self.item.get_absolute_url()) self.assertTrue(response.status_code == 200) self.item = ObjectClass.objects.get(pk=self.item.pk) self.assertTrue(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 1)
def test_values_in_value_domain_search(self): # For bug #676 from aristotle_mdr.forms.search import get_permission_sqs PSQS = get_permission_sqs() psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs), 0) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs), 0) psqs = PSQS.auto_query('FLT').apply_permission_checks(self.su) self.assertEqual(len(psqs), 0) # with reversion.create_revision(): vd = models.ValueDomain.objects.create( name="Mutation", definition="Coded list of mutations", ) for i, data in enumerate([("FLT", 'flight'), ("HEAL", 'healing'), ("INVIS", 'invisiblilty')]): code, power = data models.PermissibleValue.objects.create(value=code, meaning=power, order=i, valueDomain=vd) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs), 1) self.assertEqual(psqs[0].object.pk, vd.pk) psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs), 1) self.assertEqual(psqs[0].object.pk, vd.pk) psqs = PSQS.auto_query('FLT').apply_permission_checks(self.su) self.assertEqual(len(psqs), 1) self.assertEqual(psqs[0].object.pk, vd.pk)
def test_values_in_conceptual_domain_search(self): # For bug #676 from aristotle_mdr.forms.search import get_permission_sqs PSQS = get_permission_sqs() psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs), 0) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs), 0) cd = models.ConceptualDomain.objects.create( name="Mutation", definition="List of mutations", ) for i, power in enumerate(['flight', 'healing', 'invisiblilty']): models.ValueMeaning.objects.create(name=power, definition=power, order=i, conceptual_domain=cd) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs), 1) self.assertEqual(psqs[0].object.pk, cd.pk) psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs), 1) self.assertEqual(psqs[0].object.pk, cd.pk)
def test_values_in_value_domain_search(self): # For bug #676 from aristotle_mdr.forms.search import get_permission_sqs PSQS = get_permission_sqs() psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs),0) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs),0) psqs = PSQS.auto_query('FLT').apply_permission_checks(self.su) self.assertEqual(len(psqs),0) # with reversion.create_revision(): vd = models.ValueDomain.objects.create( name="Mutation", definition="Coded list of mutations", ) for i, data in enumerate([("FLT", 'flight'), ("HEAL", 'healing'), ("INVIS", 'invisiblilty')]): code, power = data models.PermissibleValue.objects.create( value=code, meaning=power, order=i, valueDomain=vd ) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs),1) self.assertEqual(psqs[0].object.pk, vd.pk) psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs),1) self.assertEqual(psqs[0].object.pk, vd.pk) psqs = PSQS.auto_query('FLT').apply_permission_checks(self.su) self.assertEqual(len(psqs),1) self.assertEqual(psqs[0].object.pk, vd.pk)
def test_values_in_conceptual_domain_search(self): # For bug #676 from aristotle_mdr.forms.search import get_permission_sqs PSQS = get_permission_sqs() psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs),0) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs),0) cd = models.ConceptualDomain.objects.create( name="Mutation", definition="List of mutations", ) for i, power in enumerate(['flight', 'healing', 'invisiblilty']): models.ValueMeaning.objects.create( name=power, definition=power, order=i, conceptual_domain=cd ) psqs = PSQS.auto_query('mutations').apply_permission_checks(self.su) self.assertEqual(len(psqs),1) self.assertEqual(psqs[0].object.pk, cd.pk) psqs = PSQS.auto_query('flight').apply_permission_checks(self.su) self.assertEqual(len(psqs),1) self.assertEqual(psqs[0].object.pk, cd.pk)
def test_self_publish_queryset_anon(self): self.logout() response = self.client.get(self.item.get_absolute_url()) # self.assertTrue(response.status_code == 302) self.item = ObjectClass.objects.get(pk=self.item.pk) # self.assertFalse(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 0) pub_record = pub.PublicationRecord.objects.create( content_type=ContentType.objects.get_for_model(_concept), object_id=self.item.pk, publisher=self.submitting_user, publication_date=timezone.now() - timedelta(days=2), permission=visibility_permission_choices.public) self.item = ObjectClass.objects.get(pk=self.item.pk) self.assertTrue(self.item.concept.publication_details.count() == 1) # TODO: Make the below true # self.assertTrue(self.item.publication_details.count() == 1) items = ObjectClass.objects.all().public().all() self.assertTrue(items.count() == 1) items = _concept.objects.all().public().all() self.assertTrue(items.count() == 1) oc = ObjectClass.objects.public().get(pk=self.item.pk) self.assertTrue(self.item.can_view(AnonymousUser())) response = self.client.get(self.item.get_absolute_url()) self.assertTrue(response.status_code == 200) self.item = ObjectClass.objects.get(pk=self.item.pk) # self.assertTrue(self.item._is_public) psqs = get_permission_sqs() psqs = psqs.auto_query('published').apply_permission_checks() self.assertEqual(len(psqs), 1)
def test_facet_search(self): self.logout() with reversion.create_revision(): oc = models.ObjectClass.objects.create( name="Pokemon", definition="a Pocket monster") dec = models.DataElementConcept.objects.create( name="Pokemon—Combat Power", definition="a Pokemons combat power", objectClass=oc) de = models.DataElement.objects.create( name="Pokemon—Combat Power, Go", definition= "a Pokemons combat power as recorded in the Pokemon-Go scale", dataElementConcept=dec) self.login_superuser() from aristotle_mdr.forms.search import get_permission_sqs response = self.client.get(reverse('aristotle:search') + "?q=pokemon") objs = response.context['page'].object_list self.assertDelayedEqual(len(objs), 3) extra_facets = response.context['form'].extra_facet_fields self.assertTrue(len(extra_facets) == 2) self.assertTrue('data_element_concept' in [f[0] for f in extra_facets]) self.assertTrue('object_class' in [f[0] for f in extra_facets]) # Confirm spaces are included in the facet self.assertTrue(dec.name in [ v[0] for v in dict(extra_facets)['data_element_concept']['values'] ]) psqs = get_permission_sqs() psqs = psqs.auto_query('pokemon').apply_permission_checks(self.su) self.assertDelayedEqual(len(psqs), 3) response = self.client.get(reverse('aristotle:search') + "?q=pokemon") objs = response.context['page'].object_list self.assertDelayedEqual(len(objs), 3) response = self.client.get( reverse('aristotle:search') + "?q=pokemon&f=object_class::%s" % oc.name) objs = response.context['page'].object_list self.assertDelayedEqual(len(objs), 2) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk in [o.object.pk for o in objs]) response = self.client.get( reverse('aristotle:search') + "?q=pokemon&f=data_element_concept::%s" % dec.name.replace(' ', '+')) objs = response.context['page'].object_list self.assertDelayedEqual(len(objs), 2) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk in [o.object.pk for o in objs]) response = self.client.get( reverse('aristotle:search') + "?q=pokemon&models=aristotle_mdr.dataelement&f=data_element_concept::%s" % dec.name.replace(' ', '+')) objs = response.context['page'].object_list self.assertDelayedEqual(len(objs), 1) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk not in [o.object.pk for o in objs])
def test_workgroup_member_search(self): self.logout() self.viewer = get_user_model().objects.create_user( '*****@*****.**', 'equalRightsForAll') self.weaponx_wg = models.Workgroup.objects.create(name="WeaponX") response = self.client.post( reverse('friendly_login'), { 'username': '******', 'password': '******' }) self.assertEqual(response.status_code, 302) # logged in #Charles is not in any workgroups self.assertFalse(perms.user_in_workgroup(self.viewer, self.xmen_wg)) self.assertFalse(perms.user_in_workgroup(self.viewer, self.weaponx_wg)) #Create Deadpool in Weapon X workgroup with reversion.create_revision(): dp = models.ObjectClass.objects.create( name="deadpool", definition="not really an xman, no matter how much he tries", workgroup=self.weaponx_wg) dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache self.assertFalse(perms.user_can_view(self.viewer, dp)) self.assertFalse(dp.is_public()) # Charles isn't a viewer of X-men yet, so no results. from aristotle_mdr.forms.search import get_permission_sqs psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertEqual(len(psqs), 0) #response = self.client.get(reverse('aristotle:search')+"?q=deadpool") #self.assertEqual(len(response.context['page'].object_list),0) # Make viewer of XMen self.xmen_wg.giveRoleToUser('viewer', self.viewer) self.assertFalse(perms.user_can_view(self.viewer, dp)) # Deadpool isn't an Xman yet, still no results. psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertDelayedEqual(len(psqs), 0) with reversion.create_revision(): dp.workgroup = self.xmen_wg dp.save() dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache # Charles is a viewer, Deadpool is in X-men, should have results now. psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertDelayedEqual(len(psqs), 1) response = self.client.get(reverse('aristotle:search') + "?q=deadpool") self.assertTrue(perms.user_can_view(self.viewer, dp)) self.assertDelayedEqual(len(response.context['page'].object_list), 1) self.assertEqual(response.context['page'].object_list[0].object.item, dp) # Take away Charles viewing rights and no results again. self.xmen_wg.removeRoleFromUser('viewer', self.viewer) psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertDelayedEqual(len(psqs), 0) response = self.client.get(reverse('aristotle:search') + "?q=deadpool") self.assertDelayedEqual(len(response.context['page'].object_list), 0)
def test_facet_search(self): self.logout() with reversion.create_revision(): oc = models.ObjectClass.objects.create( name="Pokemon", definition="a Pocket monster" ) dec = models.DataElementConcept.objects.create( name="Pokemon—Combat Power", definition="a Pokemons combat power", objectClass=oc ) de = models.DataElement.objects.create( name="Pokemon—Combat Power, Go", definition="a Pokemons combat power as recorded in the Pokemon-Go scale", dataElementConcept=dec ) self.login_superuser() from aristotle_mdr.forms.search import get_permission_sqs response = self.client.get(reverse('aristotle:search')+"?q=pokemon") objs = response.context['page'].object_list self.assertEqual(len(objs),3) extra_facets = response.context['form'].extra_facet_fields self.assertTrue(len(extra_facets) == 2) self.assertTrue('data_element_concept' in [f[0] for f in extra_facets] ) self.assertTrue('object_class' in [f[0] for f in extra_facets] ) # Confirm spaces are included in the facet self.assertTrue(dec.name in [v[0] for v in dict(extra_facets)['data_element_concept']['values']]) psqs = get_permission_sqs() psqs = psqs.auto_query('pokemon').apply_permission_checks(self.su) self.assertEqual(len(psqs),3) response = self.client.get(reverse('aristotle:search')+"?q=pokemon") objs = response.context['page'].object_list self.assertEqual(len(objs),3) response = self.client.get(reverse('aristotle:search')+"?q=pokemon&f=object_class::%s"%oc.name) objs = response.context['page'].object_list self.assertEqual(len(objs),2) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk in [o.object.pk for o in objs]) response = self.client.get(reverse('aristotle:search')+"?q=pokemon&f=data_element_concept::%s"%dec.name.replace(' ','+')) objs = response.context['page'].object_list self.assertEqual(len(objs),2) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk in [o.object.pk for o in objs]) response = self.client.get(reverse('aristotle:search')+"?q=pokemon&models=aristotle_mdr.dataelement&f=data_element_concept::%s"%dec.name.replace(' ','+')) objs = response.context['page'].object_list self.assertEqual(len(objs),1) self.assertTrue(de.pk in [o.object.pk for o in objs]) self.assertTrue(dec.pk not in [o.object.pk for o in objs])
def test_workgroup_member_search(self): self.logout() self.viewer = get_user_model().objects.create_user('*****@*****.**','equalRightsForAll') self.weaponx_wg = models.Workgroup.objects.create(name="WeaponX") response = self.client.post(reverse('friendly_login'), {'username': '******', 'password': '******'}) self.assertEqual(response.status_code,302) # logged in #Charles is not in any workgroups self.assertFalse(perms.user_in_workgroup(self.viewer,self.xmen_wg)) self.assertFalse(perms.user_in_workgroup(self.viewer,self.weaponx_wg)) #Create Deadpool in Weapon X workgroup with reversion.create_revision(): dp = models.ObjectClass.objects.create(name="deadpool", definition="not really an xman, no matter how much he tries", workgroup=self.weaponx_wg) dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache self.assertFalse(perms.user_can_view(self.viewer,dp)) self.assertFalse(dp.is_public()) # Charles isn't a viewer of X-men yet, so no results. from aristotle_mdr.forms.search import get_permission_sqs psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertEqual(len(psqs),0) #response = self.client.get(reverse('aristotle:search')+"?q=deadpool") #self.assertEqual(len(response.context['page'].object_list),0) # Make viewer of XMen self.xmen_wg.giveRoleToUser('viewer',self.viewer) self.assertFalse(perms.user_can_view(self.viewer,dp)) # Deadpool isn't an Xman yet, still no results. psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertEqual(len(psqs),0) with reversion.create_revision(): dp.workgroup = self.xmen_wg dp.save() dp = models.ObjectClass.objects.get(pk=dp.pk) # Un-cache # Charles is a viewer, Deadpool is in X-men, should have results now. psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertEqual(len(psqs),1) response = self.client.get(reverse('aristotle:search')+"?q=deadpool") self.assertTrue(perms.user_can_view(self.viewer,dp)) self.assertEqual(len(response.context['page'].object_list),1) self.assertEqual(response.context['page'].object_list[0].object.item,dp) # Take away Charles viewing rights and no results again. self.xmen_wg.removeRoleFromUser('viewer',self.viewer) psqs = get_permission_sqs() psqs = psqs.auto_query('deadpool').apply_permission_checks(self.viewer) self.assertEqual(len(psqs),0) response = self.client.get(reverse('aristotle:search')+"?q=deadpool") self.assertEqual(len(response.context['page'].object_list),0)