def create_draft_publication(user, publication_title, publication_description): # Note: Maybe this logic can be taken from the tardis_portal/views.py? experiment = Experiment(created_by=user, title=publication_title, description=publication_description) experiment.save() ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(user.id), canRead=True, canWrite=False, canDelete=False, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() ObjectACL(content_object=experiment, pluginId=django_group, entityId=str( Group.objects.get_or_create( name=getattr( settings, 'PUBLICATION_OWNER_GROUP', default_settings.PUBLICATION_OWNER_GROUP))[0].id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() publication_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_SCHEMA_ROOT', default_settings.PUBLICATION_SCHEMA_ROOT)) # Attach draft schema draft_publication_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_DRAFT_SCHEMA', default_settings.PUBLICATION_DRAFT_SCHEMA)) ExperimentParameterSet(schema=draft_publication_schema, experiment=experiment).save() # Attach root schema and blank form_state parameter publication_root_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_SCHEMA_ROOT', default_settings.PUBLICATION_SCHEMA_ROOT)) publication_root_parameter_set = ExperimentParameterSet( schema=publication_schema, experiment=experiment) publication_root_parameter_set.save() form_state_param_name = ParameterName.objects.get( schema=publication_root_schema, name='form_state') ExperimentParameter(name=form_state_param_name, parameterset=publication_root_parameter_set).save() return experiment
def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save()
def testCantEditLockedExperiment(self): login = self.client3.login(username=self.user3.username, password='******') self.assertTrue(login) # user3 has acl to write to experiment3 acl = ObjectACL( pluginId=django_user, entityId=str(self.user3.id), content_object=self.experiment3, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() response = self.client3.get('/experiment/edit/%i/' % (self.experiment3.id)) self.assertEqual(response.status_code, 403) response = self.client3.post( '/experiment/edit/%i/' % (self.experiment3.id), { 'anything': True, }) self.assertEqual(response.status_code, 403) acl.delete() self.client3.logout()
def _create_test_data(): user = User(username='******', first_name='Thomas', last_name='Atkins', email='*****@*****.**') user.save() license_ = License( name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.experimentauthor_set.create(order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.experimentauthor_set.create(order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return user, experiment
def setUp(self): self.client = Client() # old_user user_old_username = '******' # new_user user_new_username = '******' pwd = 'secret' email = '*****@*****.**' self.user_new = User.objects.create_user(user_new_username, email, pwd) self.user_old = User.objects.create_user(user_old_username, email, pwd) # create group self.group = Group.objects.create(name='test group') # add old user to group self.group.user_set.add(self.user_old) # add user auth user_auth = UserAuthentication(userProfile=UserProfile.objects.get(user=self.user_old), username= self.user_old.username, authenticationMethod='localdb') user_auth.save() # add experiments experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=self.user_old) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(self.user_old.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save()
def setUp(self): super(MyTardisResourceTestCase, self).setUp() self.username = '******' self.password = '******' self.user = User.objects.create_user(username=self.username, password=self.password) test_auth_service = AuthService() test_auth_service._set_user_from_dict(self.user, user_dict={ 'first_name': 'Testing', 'last_name': 'MyTardis API', 'email': '*****@*****.**' }, auth_method="None") self.user.user_permissions.add( Permission.objects.get(codename='change_dataset')) self.user.user_permissions.add( Permission.objects.get(codename='add_dataset_file')) self.user_profile = UserProfile(user=self.user).save() self.testexp = Experiment(title="test exp") self.testexp.approved = True self.testexp.created_by = self.user self.testexp.locked = False self.testexp.save() testacl = ObjectACL(content_type=self.testexp.get_ct(), object_id=self.testexp.id, pluginId=django_user, entityId=str(self.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) testacl.save()
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(index): testfile = path.join(path.dirname(__file__), 'fixtures', 'jeol_sem_test%d.txt' % index) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() base_url = 'file://' + path.abspath(path.dirname(testfile)) location = Location.load_location({ 'name': 'test-jeol', 'url': base_url, 'type': 'external', 'priority': 10, 'transfer_provider': 'local' }) replica = Replica(datafile=datafile, url='file://' + path.abspath(testfile), protocol='file', location=location) replica.verify() replica.save() return Dataset_File.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile(i) for i in (1, 2)]
def setUp(self): from os import path, mkdir from tempfile import mkdtemp user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.test_dir = mkdtemp() Location.force_initialize() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.experiment_path = path.join( settings.FILE_STORE_PATH, str(self.dataset.get_first_experiment().id)) self.dataset_path = path.join(self.experiment_path, str(self.dataset.id)) if not path.exists(self.experiment_path): mkdir(self.experiment_path) if not path.exists(self.dataset_path): mkdir(self.dataset_path) # write test file self.filename = 'testfile.txt' self.f1 = open(path.join(self.test_dir, self.filename), 'w') self.f1.write('Test file 1') self.f1.close() self.f1_size = path.getsize(path.join(self.test_dir, self.filename)) self.f1 = open(path.join(self.test_dir, self.filename), 'r')
def setUp(self): self.ns = { 'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/' } user, client = _create_user_and_login() license_ = License( name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = { 'code': '010107', 'name': 'Mathematical Logic, Set Theory, Lattices and Universal Algebra', 'uri': 'http://purl.org/asc/1297.0/2008/for/010107' } try: response = client.post(\ reverse('tardis.apps.anzsrc_codes.views.'\ +'list_or_create_for_code', args=[experiment.id]), data=json.dumps(params), content_type='application/json') except: # no internet most likely from nose.plugins.skip import SkipTest raise SkipTest # Check related info was created expect(response.status_code).to_equal(201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def create_experiment(request, template_name='tardis_portal/create_experiment.html'): """Create a new experiment view. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param template_name: the path of the template to render :type template_name: string :rtype: :class:`django.http.HttpResponse` """ c = { 'subtitle': 'Create Experiment', 'user_id': request.user.id, } if request.method == 'POST': form = ExperimentForm(request.POST) if form.is_valid(): full_experiment = form.save(commit=False) # group/owner assignment stuff, soon to be replaced experiment = full_experiment['experiment'] experiment.created_by = request.user full_experiment.save_m2m() # add defaul ACL acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(request.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() request.POST = {'status': "Experiment Created."} return HttpResponseSeeAlso( reverse('tardis_portal.view_experiment', args=[str(experiment.id)]) + "#created") c['status'] = "Errors exist in form." c["error"] = 'true' else: form = ExperimentForm(extra=1) c['form'] = form c['default_institution'] = settings.DEFAULT_INSTITUTION return HttpResponse(render_response_index(request, template_name, c))
def setUp(self): self.hostname = '127.0.0.1' self.username = '******' self.password = '******' email = '' self.user = User.objects.create_user(self.username, email, self.password) self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL(content_object=self.exp, pluginId='django_user', entityId=str(self.user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) self.acl.save() self.dataset = Dataset(description='test dataset1') self.dataset.save() self.dataset.experiments.set([self.exp]) self.dataset.save() def _build(dataset, filename, url): datafile_content = b"\n".join( [b'some data %d' % i for i in range(1000)]) filesize = len(datafile_content) datafile = DataFile(dataset=dataset, filename=filename, size=filesize) datafile.save() dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.file_object = BytesIO(datafile_content) dfo.save() return datafile saved_setting = settings.REQUIRE_DATAFILE_CHECKSUMS try: settings.REQUIRE_DATAFILE_CHECKSUMS = False _build(self.dataset, 'file.txt', 'path/file.txt') finally: settings.REQUIRE_DATAFILE_CHECKSUMS = saved_setting
def setUp(self): self.ns = { 'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/' } user, client = _create_user_and_login() license_ = License(name='Creative Commons Attribution-NoDerivs ' '2.5 Australia', url='http://creativecommons.org/licenses/by-nd/' '2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = { 'type': 'website', 'identifier': 'https://www.google.com/', 'title': 'Google', 'notes': 'This is a note.' } response = client.post(\ reverse('tardis.apps.related_info.views.' + 'list_or_create_related_info', args=[experiment.id]), data=json.dumps(params), content_type='application/json') # Check related info was created self.assertEqual(response.status_code, 201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def create_experiment(i): experiment = Experiment(title='Text Experiment #%d' % i, institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() return experiment
def add_experiment_access_group(request, experiment_id, groupname): canRead = request.GET.get('canRead') == 'true' canWrite = request.GET.get('canWrite') == 'true' canDelete = request.GET.get('canDelete') == 'true' isOwner = request.GET.get('isOwner') == 'true' try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return HttpResponse('Experiment (id=%d) does not exist' % (experiment_id)) try: group = Group.objects.get(name=groupname) except Group.DoesNotExist: return HttpResponse('Group %s does not exist' % (groupname)) acl = ObjectACL.objects.filter( content_type=experiment.get_ct(), object_id=experiment.id, pluginId='django_group', entityId=str(group.id), aclOwnershipType=ObjectACL.OWNER_OWNED) if acl.count() > 0: # An ACL already exists for this experiment/group. return HttpResponse('Could not create group %s ' '(It is likely that it already exists)' % (groupname)) acl = ObjectACL(content_object=experiment, pluginId='django_group', entityId=str(group.id), canRead=canRead, canWrite=canWrite, canDelete=canDelete, isOwner=isOwner, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() c = {'group': group, 'group_acl': acl, 'experiment_id': experiment_id} return HttpResponse(render_response_index( request, 'tardis_portal/ajax/add_group_result.html', c))
def generate_experiment(datasets=[], users=[]): from tardis.tardis_portal.models import Experiment, ObjectACL experiment = Experiment(created_by=users[0]) experiment.save() for ds in datasets: ds.experiments.add(experiment) ds.save() for user in users: acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): user, client = _create_user_and_login() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=False, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() self.client = client self.experiment = experiment
def _create_datafile(): user = User.objects.create_user('testuser', '*****@*****.**', 'pwd') user.save() full_access = Experiment.PUBLIC_ACCESS_FULL experiment = Experiment.objects.create(title="IIIF Test", created_by=user, public_access=full_access) experiment.save() ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() dataset = Dataset() dataset.save() dataset.experiments.add(experiment) dataset.save() # Create new Datafile tempfile = TemporaryUploadedFile('iiif_stored_file', None, None, None) with Image(filename='magick:rose') as img: img.format = 'tiff' img.save(file=tempfile.file) tempfile.file.flush() datafile = DataFile(dataset=dataset, size=os.path.getsize(tempfile.file.name), filename='iiif_named_file', mimetype='image/tiff') compute_md5 = getattr(settings, 'COMPUTE_MD5', True) compute_sha512 = getattr(settings, 'COMPUTE_SHA512', True) checksums = compute_checksums(open(tempfile.file.name, 'r'), compute_md5=compute_md5, compute_sha512=compute_sha512) if compute_md5: datafile.md5sum = checksums['md5sum'] if compute_sha512: datafile.sha512sum = checksums['sha512sum'] datafile.save() datafile.file_object = tempfile return datafile
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Need UserAuthentication UserAuthentication(userProfile=profile, username=username, authenticationMethod='localdb').save() # Create staging dir from os import path, makedirs staging_dir = path.join(settings.STAGING_PATH, username) if not path.exists(staging_dir): makedirs(staging_dir) # Ensure that staging dir is set up properly expect(get_full_staging_path(username)).to_be_truthy() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(experiment) self.dataset.save() self.username, self.password = (username, password)
def _create_datafile(): user = User.objects.create_user('testuser', '*****@*****.**', 'pwd') user.save() UserProfile(user=user).save() Location.force_initialize() full_access = Experiment.PUBLIC_ACCESS_FULL experiment = Experiment.objects.create(title="IIIF Test", created_by=user, public_access=full_access) experiment.save() ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() dataset = Dataset() dataset.save() dataset.experiments.add(experiment) dataset.save() # Create new Datafile tempfile = TemporaryUploadedFile('iiif_stored_file', None, None, None) with Image(filename='magick:rose') as img: img.format = 'tiff' img.save(file=tempfile.file) tempfile.file.flush() datafile = Dataset_File(dataset=dataset, size=os.path.getsize(tempfile.file.name), filename='iiif_named_file') replica = Replica(datafile=datafile, url=write_uploaded_file_to_dataset(dataset, tempfile), location=Location.get_default_location()) replica.verify(allowEmptyChecksums=True) datafile.save() replica.datafile = datafile replica.save() return datafile
def testRightsRequireValidOwner(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # Create client and login as user client = Client() login = client.login(username=username, password=password) self.assertTrue(login) # Get "Choose Rights" page, and check that we're forbidden rights_url = reverse('tardis.tardis_portal.views.choose_rights', args=[str(experiment.id)]) response = client.get(rights_url) expect(response.status_code).to_equal(403) # Fill in remaining details user.first_name = "Voltaire" # Mononymous persons are just fine user.save() # Get "Choose Rights" page, and check that we're now allowed access response = client.get(rights_url) expect(response.status_code).to_equal(200)
def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.testschema = Schema(namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True) self.testschema.save() self.dfps = DatafileParameterSet(dataset_file=self.dataset_file, schema=self.testschema) self.dfps.save()
def hydrate_m2m(self, bundle): ''' create ACL before any related objects are created in order to use ACL permissions for those objects. ''' if getattr(bundle.obj, 'id', False): experiment = bundle.obj # TODO: unify this with the view function's ACL creation, # maybe through an ACL toolbox. acl = ObjectACL(content_type=experiment.get_ct(), object_id=experiment.id, pluginId=django_user, entityId=str(bundle.request.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return super(ExperimentResource, self).hydrate_m2m(bundle)
def _create_test_experiment(user, license_): experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.author_experiment_set.create( order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.author_experiment_set.create( order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): """ setting up essential objects, copied from tests above """ Location.force_initialize() self.location = Location.get_location('local') user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.replica = Replica(datafile=self.dataset_file, url="http://foo", location=self.location, verified=False) self.replica.save()
def obj_create(self, bundle, **kwargs): acl_pairs = simplejson.loads(bundle.data['json_data'])['acl_pairs'] acl_pairs = [(u.lower(), p) for (u, p) in acl_pairs] # Users in supplied list: # users = dict(acl_pairs) # acl_pairs :: [(Email, ProjectId)] # Users currently in MyTardis apart from the special admin user: #current_users = [u.email.lower() for u in User.objects.all() if u.username != 'admin'] #for u in current_users: # if u not in users: # User.objects.get(email__iexact=u).delete() for (email, project_id) in acl_pairs: project_name = 'Project ' + project_id # Create this group (for the project): g = _get_group(project_name) # Create this user: u = _get_user(email) # Add this user to the group: u.groups.add(g) u.save() # Apply ACLs for experiments. for eps in ExperimentParameterSet.objects.all(): for p in eps.parameters: str(p) # force calculation of _name_cache if p._name_cache.name != 'Project': continue project_name = p.string_value g = _get_group(project_name) if ObjectACL.objects.filter( aclOwnershipType=1, canRead=True, entityId=str(g.id), object_id=eps.experiment.id).count() == 0: oacl = ObjectACL(content_type=eps.experiment.get_ct(), aclOwnershipType=1, canRead=True, canWrite=False, canDelete=False, entityId=str(g.id), object_id=eps.experiment.id, isOwner=False, pluginId="django_group") oacl.save() # Apply access for operators. for eps in ExperimentParameterSet.objects.all(): operator_emails = _get_value(eps, 'Operator') instrument = _get_value(eps, 'Instrument') if instrument is not None: operator_group_name = 'OPERATOR :: ' + instrument operator_group = _get_group(operator_group_name) else: # FIXME log warning somewhere continue if operator_emails is not None: operator_emails = operator_emails.split( ) # multiple email addresses else: # FIXME log warning somewhere continue # For each operator, create/add them as a user, add them to the group, # and add the ObjectACL for this experiment. for operator_email in operator_emails: operator = _get_user(operator_email) operator.groups.add(operator_group) operator.save() if ObjectACL.objects.filter( aclOwnershipType=1, canRead=True, entityId=str(operator_group.id), object_id=eps.experiment.id).count() == 0: oacl = ObjectACL(content_type=eps.experiment.get_ct(), aclOwnershipType=1, canRead=True, canWrite=False, canDelete=False, entityId=str(operator_group.id), object_id=eps.experiment.id, isOwner=False, pluginId="django_group") oacl.save()
def add_experiment_access_user(request, experiment_id, username): canRead = False canWrite = False canDelete = False isOwner = False if 'canRead' in request.GET: if request.GET['canRead'] == 'true': canRead = True if 'canWrite' in request.GET: if request.GET['canWrite'] == 'true': canWrite = True if 'canDelete' in request.GET: if request.GET['canDelete'] == 'true': canDelete = True if 'isOwner' in request.GET: if request.GET['isOwner'] == 'true': isOwner = True authMethod = request.GET['authMethod'] user = auth_service.getUser(authMethod, username) if user is None or username == settings.TOKEN_USERNAME: return HttpResponse('User %s does not exist.' % (username)) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return HttpResponse('Experiment (id=%d) does not exist.' % (experiment.id)) acl = ObjectACL.objects.filter( content_type=experiment.get_ct(), object_id=experiment.id, pluginId=django_user, entityId=str(user.id), aclOwnershipType=ObjectACL.OWNER_OWNED) if acl.count() == 0: acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(user.id), canRead=canRead, canWrite=canWrite, canDelete=canDelete, isOwner=isOwner, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() c = {'authMethod': authMethod, 'user': user, 'user_acl': acl, 'username': username, 'experiment_id': experiment_id} return HttpResponse(render_response_index( request, 'tardis_portal/ajax/add_user_result.html', c)) return HttpResponse('User already has experiment access.')
def authenticate(self, request): username = lower(request.POST['username']) password = request.POST['password'] if not username or not password: return None # authenticate user and update group memberships try: VBLTARDISINTERFACE = settings.VBLTARDISINTERFACE except AttributeError: logger.error('setting VBLTARDISINTERFACE not configured') return None try: # Switch the suds cache off, otherwise suds will try to # create a tmp directory in /tmp. If it already exists but # has the wrong permissions, the authentication will fail. client = Client(VBLTARDISINTERFACE, cache=None) except: logger.exception() return None result = str(client.service.VBLauthenticate(username, password)) try: user_info = json.loads(result) except: user_info = None if not user_info: logger.error('VBLauthenticate: %s %s' % (username, result)) return None # result contains comma separated list of epns the user is # allowed to see request.session[EPN_LIST] = user_info['epns'] request.user.epn_list = user_info['epns'] logger.info('%s %s %s' % (user_info['name'], user_info['username'], user_info['epns'])) logger.info(user_info) # need to make sure ObjectACLs exist for all epns for epn in user_info['epns']: try: # create vbl group epn_parameter_set = ExperimentParameterSet.objects.filter( experimentparameter__string_value=epn, experimentparameter__name__name='EPN').first() # handle case where EPN exists but no experiments exists yet if epn_parameter_set is None: continue exp = epn_parameter_set.experiment acls = ObjectACL.objects.filter( content_type=exp.get_ct(), object_id=exp.id, pluginId='vbl_group', entityId=epn, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) if len(acls) == 0: acl = ObjectACL(content_type=exp.get_ct(), object_id=exp.id, pluginId='vbl_group', entityId=epn, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) acl.save() from django.contrib.auth.models import Group from tardis.tardis_portal.auth.localdb_auth import django_group beamline_group = "BEAMLINE_MX" group, created = Group.objects.get_or_create(name=beamline_group) acl = ObjectACL(content_type=exp.get_ct(), object_id=exp.id, pluginId=django_group, entityId=str(group.id), canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) acl.save() group, created = Group.objects.get_or_create(name='admin') acl = ObjectACL(content_type=exp.get_ct(), object_id=exp.id, pluginId=django_group, entityId=str(group.id), isOwner=True, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) acl.save() except ExperimentParameterSet.DoesNotExist: pass return self._make_user_dict(user_info)
def setUp(self): # create a couple of test users self.user1 = User.objects.create_user('testuser1', '', 'secret') self.user2 = User.objects.create_user('testuser2', '', 'secret') self.user3 = User.objects.create_user('testuser3', '', 'secret') self.user4 = User.objects.create_user('testuser4', '', 'secret') # with standard permissions for user in [self.user1, self.user2, self.user3, self.user4]: user.user_permissions.add( Permission.objects.get(codename='add_experiment')) user.user_permissions.add( Permission.objects.get(codename='change_experiment')) user.user_permissions.add( Permission.objects.get(codename='change_group')) user.user_permissions.add( Permission.objects.get(codename='change_userauthentication')) user.user_permissions.add( Permission.objects.get(codename='change_objectacl')) self.userProfile1 = self.user1.userprofile self.userProfile2 = self.user2.userprofile self.userProfile3 = self.user3.userprofile self.userProfile4 = self.user4.userprofile # each user will have their own client self.client1 = Client() self.client2 = Client() self.client3 = Client() self.client4 = Client() # user1 will own experiment1 self.experiment1 = Experiment( title='Experiment1', institution_name='Australian Synchrotron', approved=True, public_access=Experiment.PUBLIC_ACCESS_NONE, created_by=self.user1, ) self.experiment1.save() # user2 will own experiment2 self.experiment2 = Experiment( title='Experiment2', institution_name='Australian Synchrotron', approved=True, public_access=Experiment.PUBLIC_ACCESS_NONE, created_by=self.user2, ) self.experiment2.save() # experiment3 is public & locked self.experiment3 = Experiment( title='Experiment3', institution_name='Australian Synchrotron', approved=True, locked=True, public_access=Experiment.PUBLIC_ACCESS_FULL, created_by=self.user3, ) self.experiment3.save() # experiment4 will be accessible based on location information self.experiment4 = Experiment( title='Experiment4', institution_name='Australian Synchrotron', approved=True, public_access=Experiment.PUBLIC_ACCESS_NONE, created_by=self.user1, ) self.experiment4.save() # user1 owns experiment1 acl = ObjectACL( pluginId=django_user, entityId=str(self.user1.id), content_object=self.experiment1, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # user2 owns experiment2 acl = ObjectACL( pluginId=django_user, entityId=str(self.user2.id), content_object=self.experiment2, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # experiment4 is accessible via location acl = ObjectACL( pluginId='ip_address', entityId='127.0.0.1', content_object=self.experiment4, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED, ) acl.save()
def test_datafile(self, mock_send_task): def _build(dataset, filename, url=None): datafile = DataFile(dataset=dataset, filename=filename) datafile.save() if url is None: datafile.file_object = StringIO(u'bla') return datafile dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.save() # Tests are run with CELERY_ALWAYS_EAGER = True, # so saving a DFO will trigger an immediate attempt # to verify the DFO which will trigger an attempt # to apply filters because we are overriding the # USE_FILTERS setting to True in this test: self.assertNotEqual(mock_send_task.call_count, 0) return datafile exp = Experiment(title='test exp1', institution_name='monash', approved=True, created_by=self.user, public_access=Experiment.PUBLIC_ACCESS_NONE) exp.save() acl = ObjectACL( pluginId='django_user', entityId=str(self.user.id), content_object=exp, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description="dataset description...\nwith; issues") dataset.save() dataset.experiments.add(exp) dataset.save() save1 = settings.REQUIRE_DATAFILE_SIZES save2 = settings.REQUIRE_DATAFILE_CHECKSUMS saved_render_image_size_limit = getattr(settings, 'RENDER_IMAGE_SIZE_LIMIT', 0) try: settings.REQUIRE_DATAFILE_SIZES = False settings.REQUIRE_DATAFILE_CHECKSUMS = False df_file = _build(dataset, 'file.txt', 'path/file.txt') first_id = df_file.id self.assertEqual(df_file.filename, 'file.txt') self.assertEqual(df_file.file_objects.all()[0].uri, 'path/file.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id, trailing_slash())) # Test string representation of DataFileObject: dfo = df_file.get_preferred_dfo() self.assertEqual( str(dfo), "Box: %s, URI: %s, verified: %s" % (str(dfo.storage_box), dfo.uri, str(dfo.verified))) # Test constructing absolute file path: self.assertEqual( df_file.get_absolute_filepath(), os.path.join(settings.DEFAULT_STORAGE_BASE_DIR, dfo.uri)) # get_as_temporary_file() doesn't work for a StringIO file object: if not os.path.exists(os.path.dirname(dfo.get_full_path())): os.makedirs(os.path.dirname(dfo.get_full_path())) with open(dfo.get_full_path(), 'w') as file_obj: file_obj.write(u'bla') # Test ability to check out a temporary copy of file: with df_file.get_as_temporary_file() as temp_file_obj: self.assertEqual(temp_file_obj.read().decode(), u'bla') self.assertFalse(df_file.has_image()) # Test checking online status, i.e. whether the DataFile # has at least one verified DataFileObject in a non-tape # storage box: self.assertTrue(df_file.is_online) DataFileObject.objects.get(datafile=df_file).delete() # This behaviour is documented in the is_online property # method's docstring, i.e. is_online is expected to be # True for a DataFile without any DataFileObjects: self.assertTrue(df_file.is_online) # Test method for getting MIME type: self.assertEqual(df_file.get_mimetype(), "text/plain") df_file.mimetype = "" # DataFile's save automatically updates the mimetype, # and we want to test get_mimetype without a mimetype: models.Model.save(df_file) self.assertEqual(df_file.get_mimetype(), "text/plain") df_file.filename = "file.unknown-extension" models.Model.save(df_file) self.assertEqual(df_file.get_mimetype(), "application/octet-stream") # Test method for getting view URL for file types which can # be displayed in the browser. # First test a file of unknown MIME type: self.assertIsNone(df_file.get_view_url()) # Now test for a text/plain file: df_file.filename = "file.txt" df_file.save() self.assertEqual(df_file.mimetype, "text/plain") self.assertEqual(df_file.get_view_url(), "/datafile/view/%s/" % df_file.id) # This setting will prevent files larger than 2 bytes # from being rendered in the browser: settings.RENDER_IMAGE_SIZE_LIMIT = 2 df_file.size = 3 df_file.save() self.assertIsNone(df_file.get_view_url()) df_file = _build(dataset, 'file1.txt', 'path/file1.txt') self.assertEqual(df_file.filename, 'file1.txt') self.assertEqual(df_file.file_objects.all()[0].uri, 'path/file1.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 1, trailing_slash())) df_file = _build(dataset, 'file2.txt', 'path/file2#txt') self.assertEqual(df_file.filename, 'file2.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 2, trailing_slash())) df_file = _build(dataset, 'f.txt', 'http://localhost:8080/filestore/f.txt') self.assertEqual(df_file.filename, 'f.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 3, trailing_slash())) df_file = _build(dataset, 'f-bad-ds.txt') self.assertEqual(df_file.filename, 'f-bad-ds.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 4, trailing_slash())) pattern = re.compile('\n|;') self.assertFalse(pattern.search(df_file.file_objects.first().uri)) # check that can't save negative byte sizes with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = True DataFile(dataset=dataset, filename='lessthanempty.txt', size=-1).save() # Now check the 'REQUIRE' config params with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = True settings.REQUIRE_DATAFILE_CHECKSUMS = False DataFile(dataset=dataset, filename='foo.txt', md5sum='bad').save() with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = False settings.REQUIRE_DATAFILE_CHECKSUMS = True DataFile(dataset=dataset, filename='foo.txt', size=1).save() finally: settings.REQUIRE_DATAFILE_SIZES = save1 settings.REQUIRE_DATAFILE_CHECKSUMS = save2 settings.RENDER_IMAGE_SIZE_LIMIT = saved_render_image_size_limit