def test_cant_view_unshared_document(self):
doc = setup_document(self.org, self.user)
doc_share = setup_document_share(doc)
response = self.client.get(f"/app/share/{doc_share.pid}")
self.assertEqual(response.status_code, 200)
doc_share.delete()
response = self.client.get(f"/app/share/{doc_share.pid}")
self.assertEqual(response.status_code, 404)
def test_list_documents_search_title(self):
doc_to_search = setup_document(self.org, self.user, note="bingo!")
search_result = self.client.get(
f"/app/api/v1/documents?search={doc_to_search.title}", format="json"
)
self.assertEqual(search_result.status_code, status.HTTP_200_OK)
self.assertEqual(search_result["Content-Type"], "application/json")
self.assertEqual(search_result.data["count"], 1)
self.assertEqual(len(search_result.data["results"]), 1)
self.assertEqual(search_result.data["results"][0]["note"], "bingo!")
def test_temp_document_download_expired(self, mocked_time):
mocked_time.return_value = time.mktime(
datetime.datetime(2019, 1, 1).timetuple())
doc = setup_document(self.org, self.user)
setup_authenticated_session(self.client, self.org, self.user)
response = self.client.get(reverse_lazy("api_temp_download_url",
kwargs={"spid": doc.pid}),
follow=True)
self.assertEqual(response.status_code, 404)
def test_document_download_only_work_for_users_in_the_doc_org(self):
# Add a document in first org with first user
doc = setup_document(self.org, self.user)
# Create a second org and user, log the second user
org_2 = setup_org(tv.ORG_NAME_2, tv.ORG_SLUG_2)
user_2 = setup_user(org_2, tv.USER2_EMAIL, tv.USER2_PASS)
setup_authenticated_session(self.client, org_2, user_2)
# Trying to download the document of first org with a user of second org returns a 404
response = self.client.get(f"/app/api/v1/documents/{doc.pid}/download")
self.assertEqual(response.status_code, 404)
def setUp(self):
self.org = setup_org()
setup_admin(self.org)
self.user1 = setup_user(self.org)
self.user2 = setup_user(self.org, email=tv.USER2_EMAIL)
self.doc = setup_document(self.org, self.user1)
self.doc_bis = setup_document(self.org, self.user1, title=tv.DOCUMENT2_TITLE)
self.doc_user1_reminder = setup_document_reminder(
self.doc, self.user1, tv.DOCUMENT_REMINDER_TOMORROW_DATE
)
self.doc_user1_reminder2 = setup_document_reminder(
self.doc, self.user1, tv.DOCUMENT_REMINDER_NEXT_WEEK_DATE
)
self.doc_user2_reminder = setup_document_reminder(
self.doc, self.user2, tv.DOCUMENT_REMINDER_TOMORROW_DATE
)
self.client.login(
request=HttpRequest(), email=tv.USER1_EMAIL, password=tv.USER1_PASS
)
def setUp(self):
self.org = setup_org("To delete A", "to-delete-a")
self.user_a = setup_admin(self.org, "*****@*****.**", "aaa")
self.folder = setup_folder(self.org, "Folder 1")
self.doc = setup_document(self.org, self.user_a, self.folder, title="Doc 1")
self.devices = setup_2fa_static_device(
self.user_a, codes_list=["AA1222", "BB1222"]
)
self.org_no_delete = setup_org("Not delete A", "not-delete-a")
self.user_no_delete_a = setup_admin(
self.org_no_delete, "*****@*****.**", "bbb"
)
self.folder_no_delete = setup_folder(self.org_no_delete, "Folder 1 no delete")
self.doc_no_delete = setup_document(
self.org_no_delete,
self.user_no_delete_a,
self.folder_no_delete,
title="Doc 1 no delete",
)
self.devices_no_delete = setup_2fa_static_device(
self.user_no_delete_a, codes_list=["AA1222", "BB1222"]
)
def test_temp_document_download(self):
doc = setup_document(
self.org,
self.user,
title=tv.DOCUMENT_DOCX_TITLE,
note=tv.DOCUMENT_DOCX_NOTE,
text_content=tv.DOCUMENT_DOCX_CONTENT,
binary=tv.DOCUMENT_DOCX_BINARY_PATH,
file_type=
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
)
setup_authenticated_session(self.client, self.org, self.user)
response = self.client.get(f"/app/api/v1/documents/{doc.pid}")
self.assertEqual(response.status_code, 200)
self.assertIn("only_office_config", response.data)
self.assertIn("document", response.data["only_office_config"])
self.assertIn("url", response.data["only_office_config"]["document"])
response = self.client.get(
response.data["only_office_config"]["document"]["url"])
with open(doc.binary.path, "rb") as uploaded_doc:
self.assertEqual(uploaded_doc.read(), response.content)
def setUp(self, **kwargs):
# orgs, admin, users are already created
super().setUp()
self.admin_org = setup_org(name="admin-org", slug="admin-org")
self.admin = setup_admin(self.admin_org)
self.user1_org = setup_org(name=tv.ORG_NAME_1, slug=tv.ORG_SLUG_1)
self.user1 = setup_user(self.user1_org,
email=tv.USER1_EMAIL,
password=tv.USER1_PASS)
self.user2_org = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user2 = setup_user(self.user2_org,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
# mock OTPMiddleware._verify_user() to skip check page
self.middleware_patcher = patch.object(OTPMiddleware, "_verify_user",
mocked_verify_user)
self.middleware_patcher.start()
self.addCleanup(
patch.stopall
) # ensure mock is remove after each test, even if the test crash
self.addCleanup(totp_time_setter.reset_mock, side_effect=True)
# admin, user1 and user2 have added documents, folders, otp devices
self.admin_resources = {}
self.admin_resources["folder1"] = setup_folder(self.admin_org)
self.admin_resources["sub_folder1"] = setup_folder(
self.admin_org, parent=self.admin_resources["folder1"])
self.admin_resources["doc1"] = setup_document(
self.admin_org,
ftl_user=self.admin,
binary=setup_temporary_file().name)
self.admin_resources["doc2"] = setup_document(
self.admin_org,
ftl_user=self.admin,
ftl_folder=self.admin_resources["folder1"],
binary=setup_temporary_file().name,
)
self.admin_resources["doc3"] = setup_document(
self.admin_org,
ftl_user=self.admin,
ftl_folder=self.admin_resources["sub_folder1"],
binary=setup_temporary_file().name,
)
self.admin_resources["totp_device"] = setup_2fa_totp_device(
self.admin, secret_key=TOTP_DEVICE_SECRET_KEY)
self.admin_resources["fido2_device"] = setup_2fa_fido2_device(
self.admin)
self.admin_resources["static_device"] = setup_2fa_static_device(
self.admin, codes_list=["AAA"])
self.user1_resources = {}
self.user1_resources["folder1"] = setup_folder(self.user1_org)
self.user1_resources["sub_folder1"] = setup_folder(
self.user1_org, parent=self.user1_resources["folder1"])
self.user1_resources["doc1"] = setup_document(
self.user1_org,
ftl_user=self.user1,
binary=setup_temporary_file().name)
self.user1_resources["doc2"] = setup_document(
self.user1_org,
ftl_user=self.user1,
ftl_folder=self.user1_resources["folder1"],
binary=setup_temporary_file().name,
)
self.user1_resources["doc3"] = setup_document(
self.user1_org,
ftl_user=self.user1,
ftl_folder=self.user1_resources["sub_folder1"],
binary=setup_temporary_file().name,
)
self.user1_resources["totp_device"] = setup_2fa_totp_device(
self.user1, secret_key=TOTP_DEVICE_SECRET_KEY)
self.user1_resources["fido2_device"] = setup_2fa_fido2_device(
self.user1)
self.user1_resources["static_device"] = setup_2fa_static_device(
self.user1, codes_list=["AAA"])
self.user2_resources = {}
self.user2_resources["folder1"] = setup_folder(self.user2_org)
self.user2_resources["sub_folder1"] = setup_folder(
self.user2_org, parent=self.user2_resources["folder1"])
self.user2_resources["doc1"] = setup_document(self.user2_org,
ftl_user=self.user2)
self.user2_resources["doc2"] = setup_document(
self.user2_org,
ftl_user=self.user2,
ftl_folder=self.user2_resources["folder1"],
)
self.user2_resources["doc3"] = setup_document(
self.user2_org,
ftl_user=self.user2,
ftl_folder=self.user2_resources["sub_folder1"],
)
self.user2_resources["totp_device"] = setup_2fa_totp_device(
self.user2, secret_key=TOTP_DEVICE_SECRET_KEY)
self.user2_resources["fido2_device"] = setup_2fa_fido2_device(
self.user2)
self.user2_resources["static_device"] = setup_2fa_static_device(
self.user2, codes_list=["AAA"])
def setUp(self, **kwargs):
# orgs, admin, users are already created
super().setUp()
self.admin_org = setup_org(name="admin-org", slug="admin-org")
self.admin = setup_admin(self.admin_org)
self.user1_org = setup_org(name=tv.ORG_NAME_1, slug=tv.ORG_SLUG_1)
self.user1 = setup_user(self.user1_org,
email=tv.USER1_EMAIL,
password=tv.USER1_PASS)
self.user2_org = setup_org(name=tv.ORG_NAME_2, slug=tv.ORG_SLUG_2)
self.user2 = setup_user(self.user2_org,
email=tv.USER2_EMAIL,
password=tv.USER2_PASS)
# admin, user1 and user2 have added documents, some documents are shared
self.admin_resources = {}
self.admin_resources["doc1"] = setup_document(
self.admin_org,
ftl_user=self.admin,
binary=setup_temporary_file().name)
self.admin_resources["doc2"] = setup_document(
self.admin_org,
ftl_user=self.admin,
binary=setup_temporary_file().name,
)
self.admin_resources["doc3"] = setup_document(
self.admin_org,
ftl_user=self.admin,
binary=setup_temporary_file().name,
)
self.admin_resources["share_links"] = [
setup_document_share(self.admin_resources["doc3"])
]
self.user1_resources = {}
self.user1_resources["doc1"] = setup_document(
self.user1_org,
ftl_user=self.user1,
binary=setup_temporary_file().name)
self.user1_resources["doc2"] = setup_document(
self.user1_org,
ftl_user=self.user1,
binary=setup_temporary_file().name,
)
self.user1_resources["doc3"] = setup_document(
self.user1_org,
ftl_user=self.user1,
binary=setup_temporary_file().name,
)
self.user1_resources["share_links"] = [
setup_document_share(self.user1_resources["doc2"])
]
self.user2_resources = {}
self.user2_resources["doc1"] = setup_document(self.user2_org,
ftl_user=self.user2)
self.user2_resources["doc2"] = setup_document(
self.user2_org,
ftl_user=self.user2,
)
self.user2_resources["doc3"] = setup_document(
self.user2_org,
ftl_user=self.user2,
)
self.user2_resources["share_links"] = [
setup_document_share(self.user2_resources["doc1"])
]
def test_only_office_viewer(self):
doc = setup_document(
self.org,
self.user,
title=tv.DOCUMENT_DOCX_TITLE,
note=tv.DOCUMENT_DOCX_NOTE,
text_content=tv.DOCUMENT_DOCX_CONTENT,
binary=tv.DOCUMENT_DOCX_BINARY_PATH,
file_type=
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
)
doc_share = setup_document_share(doc)
response = self.client.get(f"/app/share/{doc_share.pid}")
self.assertContains(response,
"onlyoffice-embed-container",
status_code=200)
self.assertIn("only_office_supported_ext", response.context)
self.assertIn("only_office_config", response.context)
self.assertIn("document", response.context["only_office_config"])
self.assertIn("editorConfig", response.context["only_office_config"])
self.assertIn("token", response.context["only_office_config"])
self.assertIn("url",
response.context["only_office_config"]["document"])
self.assertIn("fileType",
response.context["only_office_config"]["document"])
self.assertIn("key",
response.context["only_office_config"]["document"])
self.assertIn("title",
response.context["only_office_config"]["document"])
self.assertIn("permissions",
response.context["only_office_config"]["document"])
self.assertDictEqual(
{
"comment": False,
"copy": True,
"download": True,
"edit": False,
"fillForms": False,
"modifyContentControl": False,
"modifyFilter": False,
"print": True,
"review": False,
},
response.context["only_office_config"]["document"]["permissions"],
)
self.assertIn("lang",
response.context["only_office_config"]["editorConfig"])
self.assertIn("mode",
response.context["only_office_config"]["editorConfig"])
self.assertIn("customization",
response.context["only_office_config"]["editorConfig"])
self.assertDictEqual(
{
"autosave": False,
"chat": False,
"commentAuthorOnly": False,
"comments": False,
"compactHeader": False,
"compactToolbar": False,
"compatibleFeatures": False,
"help": True,
"hideRightMenu": False,
"mentionShare": False,
"plugins": False,
"reviewDisplay": "original",
"showReviewChanges": False,
"spellcheck": False,
"toolbarNoTabs": False,
"unit": "cm",
"zoom": -2,
},
response.context["only_office_config"]["editorConfig"]
["customization"],
)
def test_cant_use_doc_pid_for_sharing(self):
doc = setup_document(self.org, self.user)
response = self.client.get(f"/app/share/{doc.pid}")
self.assertEqual(response.status_code, 404)