def test_folder_from_url(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
folder = ice.folder_from_url(f"{ice.base_url}/folders/{self.folder_id}/")
self.assertIsNotNone(folder)
self.assertEqual(folder.id, self.folder_id)
self.assertEqual(folder.name, self.folder_name)
def test_read_parts(self):
admin_auth = HmacAuth('edd', self.admin_ice_user.email)
reader_auth = HmacAuth('edd', self.read_ice_user.email)
none_auth = HmacAuth('edd', self.none_ice_user.email)
# verify that admin user finds all parts
entries_url = ice_url(
'/collections/available/entries?sort=created&asc=false')
ice = IceApi(admin_auth)
response = ice.session.get(entries_url)
payload = response.json()['data']
entries = {p['partId'] for p in payload}
self.assertTrue(entries.issuperset(self.part_ids))
# verify that reader user finds the five parts with permissions set
ice = IceApi(reader_auth)
response = ice.session.get(entries_url)
payload = response.json()['data']
entries = {p['partId'] for p in payload}
self.assertTrue(entries.issuperset(self.part_ids[:5]))
self.assertEqual(len(entries.intersection(self.part_ids[5:])), 0)
# verify that user with no permissions finds no parts
ice = IceApi(none_auth)
response = ice.session.get(entries_url)
payload = response.json()['data']
entries = {p['partId'] for p in payload}
self.assertEqual(len(entries.intersection(self.part_ids)), 0)
def load_part_from_ice(self, registry_id):
update = Update.load_update()
user_email = update.mod_by.email
try:
ice = IceApi(auth=HmacAuth(key_id=settings.ICE_KEY_ID,
username=user_email),
verify_ssl_cert=settings.VERIFY_ICE_CERT)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
self.entry = ice.get_entry(registry_id)
self.entry.url = ''.join((
ice.base_url,
'/entry/',
str(self.entry.id),
))
except Exception:
logger.exception(
'Exception loading part %(part_id)s from ICE for user '
'%(user_email)s' % {
'part_id': registry_id,
'user_email': user_email,
})
raise ValidationError(
_('Failed to load strain %(uuid)s from ICE'),
code='ice failure',
params={"uuid": registry_id},
)
def test_get_folder_known_id_admin_user(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
folder = ice.get_folder(self.folder_id)
self.assertIsNotNone(folder)
self.assertEqual(folder.id, self.folder_id)
self.assertEqual(folder.name, self.folder_name)
def test_search(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
# pRS426 is one of the items in the ice_entries.csv file
results = ice.search("pRS426")
# multiple matching entries, check that one is found
# ceiling on number of results depends on how often test suite runs
self.assertNotEqual(len(results), 0)
def test_admin_read_part(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
# verify that admin user can load specific entry
entry = ice.get_entry(self.part_ids[0])
self.assertIsNotNone(entry)
entry = ice.get_entry(self.part_ids[5])
self.assertIsNotNone(entry)
def search_strain(request):
""" Autocomplete delegates to ICE search API. """
auth = HmacAuth(key_id=settings.ICE_KEY_ID, username=request.user.email)
ice = IceApi(auth=auth, verify_ssl_cert=settings.ICE_VERIFY_CERT)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
term = request.GET.get("term", "")
results = ice.search(term)
return JsonResponse({"rows": results})
def test_reader_read_part(self):
reader_auth = HmacAuth("edd", self.read_ice_user.email)
ice = IceApi(reader_auth)
# verify that reader user can load specific entry with permission
entry = ice.get_entry(self.part_ids[0])
self.assertIsNotNone(entry)
# verify that reader user cannot load entry without permission
with self.assertRaises(IceApiException):
ice.get_entry(self.part_ids[5])
def test_get_folder_entries(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
# set result_limit to a small number to exercise the generator on entries
ice.result_limit = 2
folder = ice.get_folder_entries(self.folder_id)
self.assertIsNotNone(folder)
self.assertEqual(folder.id, self.folder_id)
self.assertEqual(folder.name, self.folder_name)
self.assertEqual(len(list(folder.entries)), 10)
def test_admin_find_parts(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
# verify that admin user finds all parts
entries_url = ice_url("/collections/available/entries?sort=created&asc=false")
response = ice.session.get(entries_url)
payload = response.json()["data"]
entries = {p["partId"] for p in payload}
self.assertTrue(entries.issuperset(self.part_ids))
def test_none_find_parts(self):
none_auth = HmacAuth("edd", self.none_ice_user.email)
ice = IceApi(none_auth)
# verify that user with no permissions finds no parts
entries_url = ice_url("/collections/available/entries?sort=created&asc=false")
response = ice.session.get(entries_url)
payload = response.json()["data"]
entries = {p["partId"] for p in payload}
self.assertEqual(len(entries.intersection(self.part_ids)), 0)
def create_ice_connection(user_token):
"""Creates an instance of the ICE API using common settings."""
# Use getattr to load settings without raising AttributeError
key_id = getattr(settings, "ICE_KEY_ID", None)
url = getattr(settings, "ICE_URL", None)
verify = getattr(settings, "ICE_VERIFY_CERT", False)
timeout = getattr(settings, "ICE_REQUEST_TIMEOUT", None)
if key_id and url:
try:
auth = HmacAuth(key_id=key_id, username=user_token)
ice = IceApi(auth=auth, base_url=url, verify_ssl_cert=verify)
if timeout:
ice.timeout = timeout
ice.write_enabled = True
return ice
except Exception as e:
logger.error("Failed to create ICE connection: %s", e)
return None
def test_add_remove_experiment_link(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
ice.write_enabled = True
study = factory.StudyFactory()
study_url = f"https://edd.example.org/s/{study.slug}/"
for entry_id in self.db_ids:
ice.add_experiment_link(entry_id, study.name, study_url)
# verify link exists on a given entry
found_links = list(ice.fetch_experiment_links(self.db_ids[3]))
self.assertEqual(len(found_links), 1)
# verify that removal works
ice.unlink_entry_from_study(self.db_ids[3], study_url)
found_links = list(ice.fetch_experiment_links(self.db_ids[3]))
self.assertEqual(len(found_links), 0)
def test_reader_find_parts(self):
reader_auth = HmacAuth("edd", self.read_ice_user.email)
ice = IceApi(reader_auth)
# verify that reader user finds the five parts with permissions set
entries_url = ice_url("/collections/available/entries?sort=created&asc=false")
response = ice.session.get(entries_url)
payload = response.json()["data"]
entries = {p["partId"] for p in payload}
self.assertTrue(entries.issuperset(self.part_ids[:5]))
self.assertEqual(len(entries.intersection(self.part_ids[5:])), 0)
def handle(self, *args, **options):
# get the username argument
username = options['username']
# get ICE authentication configured via EDD's config files (secrets.env and / or
# settings/local.py)
auth = HmacAuth(key_id=settings.ICE_KEY_ID, username=username)
ice = IceApi(auth, verify_ssl_cert=settings.VERIFY_ICE_CERT)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
try:
print('Contacting ICE at %s' % ice.base_url)
part_id = options.get('part_id')
if part_id:
print('Requesting part "%s"' % part_id)
entry = ice.get_entry(part_id)
if entry:
print('Found the part!')
else:
print('Part "%s" was not found in ICE' % part_id)
else:
entries_results_page = ice.search_entries()
if entries_results_page:
self.stdout.write(
'Successfully searched ICE for entries.\nICE reports %(total_entries)d '
'total entries and returned the first page of %(returned_entries)d'
% {
'total_entries':
entries_results_page.total_result_count,
'returned_entries':
entries_results_page.current_result_count,
})
else:
print(
"No known error occurred, but also didn't find any entries in ICE. If "
"user %s has any ICE entries visible to him/her, you might want to "
"look into this." % username)
except Exception as e:
raise CommandError(e)
def search_ice_as_action(self, request, queryset):
# intentionally throw error when multiple users selected
user = queryset.get()
context = self.admin_site.each_context(request)
auth = HmacAuth(key_id=settings.ICE_KEY_ID, username=user.email)
ice = IceApi(auth=auth, verify_ssl_cert=settings.ICE_VERIFY_CERT)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
results = []
term = request.POST.get("term", None)
if term is not None:
try:
results = ice.search(term)
except IceApiException:
self.message_user(
request,
"Failed to execute search in ICE, check the ICE logs.",
messages.ERROR,
)
context.update(ice=ice.base_url, results=results, impersonate=user)
return render(request,
"admin/strain_impersonate_search.html",
context=context)
def load_part_from_ice(self, registry_id):
if self.existing_entry is not None:
return self.existing_entry
# using the Update to get the correct user for the search
update = Update.load_update()
user_email = update.mod_by.email
try:
auth = HmacAuth(key_id=settings.ICE_KEY_ID, username=user_email)
verify = getattr(settings, "ICE_VERIFY_CERT", True)
ice = IceApi(auth=auth, verify_ssl_cert=verify)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
entry = ice.get_entry(registry_id)
return entry
except Exception as e:
raise ValidationError(
_("Failed to load strain %(uuid)s from ICE for user %(user)s"),
code="ice failure",
params={
"user": user_email,
"uuid": registry_id
},
) from e
def test_none_read_part(self):
none_auth = HmacAuth("edd", self.none_ice_user.email)
ice = IceApi(none_auth)
# verify no permission user cannot load entries
with self.assertRaises(IceApiException):
ice.get_entry(self.part_ids[0])
with self.assertRaises(IceApiException):
ice.get_entry(self.part_ids[5])
def setUpClass(cls):
super(IceIntegrationTests, cls).setUpClass()
auth = HmacAuth("edd", "Administrator")
ice = IceApi(auth)
try:
# make sure ICE has users matching EDD users
cls._ensureTestUsers(ice)
# populate ICE with some strains
cls._populateTestStrains(ice)
# add strains to a folder
cls._populateTestFolder(ice)
except Exception as e:
cls.tearDownClass()
raise e
def load_part_from_ice(self, registry_id):
update = Update.load_update()
user_email = update.mod_by.email
try:
ice = IceApi(
auth=HmacAuth(key_id=settings.ICE_KEY_ID, username=user_email),
verify_ssl_cert=settings.ICE_VERIFY_CERT,
)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
self.entry = ice.get_entry(registry_id)
self.entry.url = f"{ice.base_url}/entry/{self.entry.id}"
except Exception:
logger.exception(
"Exception loading part %(part_id)s from ICE for user "
"%(user_email)s" % {
"part_id": registry_id,
"user_email": user_email
})
raise ValidationError(
_("Failed to load strain %(uuid)s from ICE"),
code="ice failure",
params={"uuid": registry_id},
)
def setUpClass(cls):
super(IceIntegrationTests, cls).setUpClass()
auth = HmacAuth('edd', 'Administrator')
ice = IceApi(auth)
try:
# make sure ICE has users matching EDD users
cls._ensureUsers(ice)
# set the admin account type on admin_ice_user
acct = user_to_ice_json(cls.admin_ice_user)
acct.update(accountType='ADMIN')
ice.session.put(ice_url(f"/users/{cls.admin_ice_user._ice_id}"),
json=acct)
# populate ICE with some strains
with factory.load_test_file('ice_entries.csv') as entries:
response = ice.session.post(ice_url('/uploads/file'),
files={
'type': 'strain',
'file': entries,
})
upload_id = response.json()['uploadInfo']['id']
response = ice.session.put(ice_url(f'/uploads/{upload_id}/status'),
json={
'id': upload_id,
'status': 'APPROVED',
})
# fetch the part IDs
response = ice.session.get(
ice_url('/collections/available/entries'),
params={
"sort": "created",
"asc": "false"
},
)
entries = response.json()['data'][:10]
cls.part_ids = [p['partId'] for p in reversed(entries)]
cls.db_ids = [p['id'] for p in reversed(entries)]
# set read permissions on some of the created strains
for idx in range(5):
response = ice.session.post(
ice_url(f'/parts/{cls.part_ids[idx]}/permissions'),
json={
'article': 'ACCOUNT',
'articleId': cls.read_ice_user._ice_id,
'type': 'READ_ENTRY',
'typeId': cls.db_ids[idx],
})
except Exception as e:
cls.tearDownClass()
raise e
def setUpClass(cls):
super(IceIntegrationTests, cls).setUpClass()
auth = HmacAuth('edd', 'Administrator')
ice = IceApi(auth)
# make sure ICE has users matching EDD users
user_url = ice_url('/users?sendEmail=false')
ice.session.post(user_url, json=user_to_ice_json(cls.admin_ice_user))
ice.session.post(user_url, json=user_to_ice_json(cls.read_ice_user))
ice.session.post(user_url, json=user_to_ice_json(cls.none_ice_user))
# set the admin account type on admin_ice_user
response = ice.session.get(ice_url('/[email protected]'))
admin_id = response.json()['users'][0]['id']
acct = user_to_ice_json(cls.admin_ice_user)
acct.update(accountType='ADMIN')
ice.session.put(ice_url('/users/%d' % admin_id), json=acct)
# populate ICE with some strains
with factory.load_test_file('ice_entries.csv') as entries:
response = ice.session.post(ice_url('/uploads/file'), files={
'type': 'strain',
'file': entries,
})
upload_id = response.json()['uploadInfo']['id']
response = ice.session.put(ice_url('/uploads/%d/status' % upload_id), json={
'id': upload_id,
'status': 'APPROVED',
})
# fetch the part IDs
response = ice.session.get(
ice_url('/collections/available/entries?sort=created&asc=false')
)
entries = response.json()['data'][:10]
cls.part_ids = map(lambda p: p['partId'], reversed(entries))
cls.db_ids = map(lambda p: p['id'], reversed(entries))
# set read permissions on some of the created strains
response = ice.session.get(ice_url('/[email protected]'))
reader_id = response.json()['users'][0]['id']
for idx in range(5):
response = ice.session.post(
ice_url('/parts/%s/permissions' % cls.part_ids[idx]),
json={
'article': 'ACCOUNT',
'articleId': reader_id,
'type': 'READ_ENTRY',
'typeId': cls.db_ids[idx],
})
def handle(self, *args, **options):
# get the username argument
username = options["username"]
# get ICE authentication configured via EDD's config files (secrets.env and / or
# settings/local.py)
auth = HmacAuth(key_id=settings.ICE_KEY_ID, username=username)
ice = IceApi(auth, verify_ssl_cert=settings.ICE_VERIFY_CERT)
ice.timeout = settings.ICE_REQUEST_TIMEOUT
try:
self.stdout.write("Contacting ICE at %s" % ice.base_url)
part_id = options.get("part_id")
if part_id:
self.stdout.write('Requesting part "%s"' % part_id)
entry = ice.get_entry(part_id)
if entry:
self.stdout.write("Found the part!")
else:
self.stdout.write(f'Part "{part_id}" was not found in ICE')
else:
search_term = options.get("term", "")
if options.get("advanced", False):
self.stdout.write(
f'Searching ICE for term "{search_term}" (advanced search)'
)
results_page = ice.search_entries(search_term)
self.print_advanced_search(results_page, username)
else:
self.stdout.write(
f'Searching ICE for term "{search_term}" '
f"(simple UI-facing search)")
entry_info = ice.search(search_term)
self.print_simple_search(entry_info)
except Exception as e:
raise CommandError(e)
def test_write_protection(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
with self.assertRaises(IceApiException):
ice.add_experiment_link(self.db_ids[0], "Error", "https://www.example.net/")
def test_get_folder_known_id_none_user(self):
none_auth = HmacAuth("edd", self.none_ice_user.email)
ice = IceApi(none_auth)
with self.assertRaises(IceApiException):
ice.get_folder(self.folder_id)
def test_get_folder_known_bad_id(self):
admin_auth = HmacAuth("edd", self.admin_ice_user.email)
ice = IceApi(admin_auth)
folder = ice.get_folder(self.folder_id + 1)
self.assertIsNone(folder)
