def grandchild_node_two(self, user, child_node_two, institution):
grandchild_node_two = NodeFactory(parent=child_node_two,
creator=user,
is_public=True)
grandchild_node_two.affiliated_institutions.add(institution)
grandchild_node_two.save()
return grandchild_node_two
def node_source(self, user, auth, private_node_one, private_node_two, public_node):
node_source = NodeFactory(creator=user)
node_source.add_pointer(private_node_one, auth=auth)
node_source.add_pointer(private_node_two, auth=auth)
node_source.add_pointer(public_node, auth=auth)
node_source.save()
return node_source
def node(self, user, write_contrib, read_contrib):
node = NodeFactory(creator=user)
node.add_contributor(write_contrib,
permissions=[permissions.READ, permissions.WRITE])
node.add_contributor(read_contrib, permissions=[permissions.READ])
node.save()
return node
def setUp(self):
super(LinkedRegistrationsTestCase, self).setUp()
self.mock_archive = mock.patch('website.archiver.tasks.archive')
self.non_contributor = AuthUserFactory()
self.read_contributor = AuthUserFactory()
self.rw_contributor = AuthUserFactory()
self.admin_contributor = AuthUserFactory()
self.public_linked_registration = RegistrationFactory(is_public=True, creator=self.rw_contributor)
self.private_linked_registration = RegistrationFactory(is_public=False, creator=self.rw_contributor)
self.mock_archive.start()
public_node = NodeFactory(creator=self.admin_contributor, is_public=True)
public_node.add_contributor(self.rw_contributor, auth=Auth(self.admin_contributor))
public_node.add_contributor(self.read_contributor, permissions=['read'], auth=Auth(self.admin_contributor))
public_node.add_pointer(self.public_linked_registration, auth=Auth(self.admin_contributor))
public_node.add_pointer(self.private_linked_registration, auth=Auth(self.rw_contributor))
public_node.save()
self.public_registration = public_node.register_node(get_default_metaschema(), Auth(self.admin_contributor), '', None)
self.public_registration.is_public = True
self.public_registration.save()
private_node = NodeFactory(creator=self.admin_contributor)
private_node.add_contributor(self.rw_contributor, auth=Auth(self.admin_contributor))
private_node.add_contributor(self.read_contributor, permissions=['read'], auth=Auth(self.admin_contributor))
private_node.add_pointer(self.public_linked_registration, auth=Auth(self.admin_contributor))
private_node.add_pointer(self.private_linked_registration, auth=Auth(self.rw_contributor))
private_node.save()
self.private_registration = private_node.register_node(get_default_metaschema(), Auth(self.admin_contributor), '', None)
def node_linking(self, user, node_one, node_two, node_public):
node_linking = NodeFactory(creator=user)
node_linking.add_pointer(node_one, auth=Auth(user))
node_linking.add_pointer(node_two, auth=Auth(user))
node_linking.add_pointer(node_public, auth=Auth(user))
node_linking.save()
return node_linking
def node_linking(self, user, node_one, node_two, node_public):
node_linking = NodeFactory(creator=user)
node_linking.add_pointer(node_one, auth=Auth(user))
node_linking.add_pointer(node_two, auth=Auth(user))
node_linking.add_pointer(node_public, auth=Auth(user))
node_linking.save()
return node_linking
def child_node_two(self, user, parent_project, institution):
child_node_two = NodeFactory(parent=parent_project,
creator=user,
is_public=True)
child_node_two.affiliated_institutions.add(institution)
child_node_two.save()
return child_node_two
def node_source(self, user, auth, private_node_one, private_node_two,
public_node):
node_source = NodeFactory(creator=user)
node_source.add_pointer(private_node_one, auth=auth)
node_source.add_pointer(private_node_two, auth=auth)
node_source.add_pointer(public_node, auth=auth)
node_source.save()
return node_source
def test_is_current_with_single_version(self):
node = NodeFactory()
page = NodeWikiPage(page_name='foo', node=node)
page.save()
node.wiki_pages_current['foo'] = page._id
node.wiki_pages_versions['foo'] = [page._id]
node.save()
assert page.is_current is True
def test_is_current_with_single_version(self):
node = NodeFactory()
page = NodeWikiPage(page_name='foo', node=node)
page.save()
node.wiki_pages_current['foo'] = page._id
node.wiki_pages_versions['foo'] = [page._id]
node.save()
assert page.is_current is True
def child_node_two(self, user, parent_project, institution):
child_node_two = NodeFactory(
parent=parent_project,
creator=user,
is_public=True)
child_node_two.affiliated_institutions.add(institution)
child_node_two.save()
return child_node_two
def great_grandchild_node_two(
self, user, grandchild_node_two,
institution
):
great_grandchild_node_two = NodeFactory(
parent=grandchild_node_two, creator=user, is_public=True)
great_grandchild_node_two.affiliated_institutions.add(institution)
great_grandchild_node_two.save()
return great_grandchild_node_two
class TestValidProject(OsfTestCase):
def setUp(self):
super(TestValidProject, self).setUp()
self.project = ProjectFactory()
self.node = NodeFactory()
self.auth = Auth(user=self.project.creator)
def test_populates_kwargs_node(self):
res = valid_project_helper(pid=self.project._id)
assert_equal(res['node'], self.project)
assert_is_none(res['parent'])
def test_populates_kwargs_node_and_parent(self):
res = valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(res['parent'], self.project)
assert_equal(res['node'], self.node)
def test_project_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid='fakepid')
assert_equal(exc_info.exception.code, 404)
def test_project_deleted(self):
self.project.is_deleted = True
self.project.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id)
assert_equal(exc_info.exception.code, 410)
def test_node_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid='fakenid')
assert_equal(exc_info.exception.code, 404)
def test_node_deleted(self):
self.node.is_deleted = True
self.node.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(exc_info.exception.code, 410)
def test_valid_project_as_factory_allow_retractions_is_retracted(self):
registration = RegistrationFactory(project=self.project)
registration.retraction = RetractionFactory()
registration.retraction.state = Sanction.UNAPPROVED
registration.retraction.save()
res = as_factory_allow_retractions(pid=registration._id)
assert_equal(res['node'], registration)
def test_collection_guid_not_found(self):
collection = CollectionFactory()
collection.collect_object(self.project, self.auth.user)
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=collection._id, nid=collection._id)
assert_equal(exc_info.exception.code, 404)
def node(self, user, write_contrib, read_contrib):
node = NodeFactory(creator=user)
node.add_contributor(
write_contrib,
permissions=[
permissions.READ,
permissions.WRITE])
node.add_contributor(read_contrib, permissions=[permissions.READ])
node.save()
return node
def public_linking_node_source(self, contributor, private_node,
public_node):
public_linking_node_source = NodeFactory(is_public=True,
creator=contributor)
public_linking_node_source.add_pointer(private_node,
auth=Auth(contributor))
public_linking_node_source.add_pointer(public_node,
auth=Auth(contributor))
public_linking_node_source.save()
return public_linking_node_source
def test_affiliated_component_with_affiliated_parent_not_returned(self, app, user, institution, public_node, institution_node_url):
# version < 2.2
component = NodeFactory(parent=public_node, is_public=True)
component.affiliated_institutions.add(institution)
component.save()
res = app.get(institution_node_url, auth=user.auth)
affiliated_node_ids = [node['id'] for node in res.json['data']]
assert res.status_code == 200
assert public_node._id in affiliated_node_ids
assert component._id not in affiliated_node_ids
def test_affiliated_component_with_affiliated_parent_not_returned(self, app, user, institution, public_node, institution_node_url):
# version < 2.2
component = NodeFactory(parent=public_node, is_public=True)
component.affiliated_institutions.add(institution)
component.save()
res = app.get(institution_node_url, auth=user.auth)
affiliated_node_ids = [node['id'] for node in res.json['data']]
assert res.status_code == 200
assert public_node._id in affiliated_node_ids
assert component._id not in affiliated_node_ids
def public_linking_node_source(
self, contributor, private_node, public_node):
public_linking_node_source = NodeFactory(
is_public=True, creator=contributor)
public_linking_node_source.add_pointer(
private_node, auth=Auth(contributor))
public_linking_node_source.add_pointer(
public_node, auth=Auth(contributor))
public_linking_node_source.save()
return public_linking_node_source
class TestValidProject(OsfTestCase):
def setUp(self):
super(TestValidProject, self).setUp()
self.project = ProjectFactory()
self.node = NodeFactory()
self.auth = Auth(user=self.project.creator)
def test_populates_kwargs_node(self):
res = valid_project_helper(pid=self.project._id)
assert_equal(res['node'], self.project)
assert_is_none(res['parent'])
def test_populates_kwargs_node_and_parent(self):
res = valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(res['parent'], self.project)
assert_equal(res['node'], self.node)
def test_project_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid='fakepid')
assert_equal(exc_info.exception.code, 404)
def test_project_deleted(self):
self.project.is_deleted = True
self.project.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id)
assert_equal(exc_info.exception.code, 410)
def test_node_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid='fakenid')
assert_equal(exc_info.exception.code, 404)
def test_node_deleted(self):
self.node.is_deleted = True
self.node.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(exc_info.exception.code, 410)
def test_valid_project_as_factory_allow_retractions_is_retracted(self):
registration = RegistrationFactory(project=self.project)
registration.retraction = RetractionFactory()
registration.retraction.state = Sanction.UNAPPROVED
registration.retraction.save()
res = as_factory_allow_retractions(pid=registration._id)
assert_equal(res['node'], registration)
def test_collection_guid_not_found(self):
collection = CollectionFactory()
collection.add_pointer(self.project, self.auth)
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=collection._id, nid=collection._id)
assert_equal(exc_info.exception.code, 404)
def setUp(self):
super(LinkedRegistrationsTestCase, self).setUp()
self.mock_archive = mock.patch('website.archiver.tasks.archive')
self.non_contributor = AuthUserFactory()
self.read_contributor = AuthUserFactory()
self.rw_contributor = AuthUserFactory()
self.admin_contributor = AuthUserFactory()
self.public_linked_registration = RegistrationFactory(
is_public=True, creator=self.rw_contributor)
self.private_linked_registration = RegistrationFactory(
is_public=False, creator=self.rw_contributor)
self.mock_archive.start()
public_node = NodeFactory(
creator=self.admin_contributor,
is_public=True)
public_node.add_contributor(
self.rw_contributor, auth=Auth(self.admin_contributor))
public_node.add_contributor(
self.read_contributor,
permissions=['read'],
auth=Auth(self.admin_contributor))
public_node.add_pointer(
self.public_linked_registration,
auth=Auth(self.admin_contributor))
public_node.add_pointer(
self.private_linked_registration,
auth=Auth(self.rw_contributor))
public_node.save()
self.public_registration = public_node.register_node(
get_default_metaschema(), Auth(self.admin_contributor), '', None)
self.public_registration.is_public = True
self.public_registration.save()
private_node = NodeFactory(creator=self.admin_contributor)
private_node.add_contributor(
self.rw_contributor,
auth=Auth(self.admin_contributor))
private_node.add_contributor(
self.read_contributor,
permissions=['read'],
auth=Auth(self.admin_contributor))
private_node.add_pointer(
self.public_linked_registration,
auth=Auth(self.admin_contributor))
private_node.add_pointer(
self.private_linked_registration,
auth=Auth(self.rw_contributor))
private_node.save()
self.private_registration = private_node.register_node(
get_default_metaschema(), Auth(self.admin_contributor), '', None)
def test_is_current_with_multiple_versions(self):
node = NodeFactory()
ver1 = NodeWikiPage(page_name='foo', node=node)
ver2 = NodeWikiPage(page_name='foo', node=node)
ver1.save()
ver2.save()
node.wiki_pages_current['foo'] = ver2._id
node.wiki_pages_versions['foo'] = [ver1._id, ver2._id]
node.save()
assert ver1.is_current is False
assert ver2.is_current is True
def test_is_current_with_multiple_versions(self):
node = NodeFactory()
ver1 = NodeWikiPage(page_name='foo', node=node)
ver2 = NodeWikiPage(page_name='foo', node=node)
ver1.save()
ver2.save()
node.wiki_pages_current['foo'] = ver2._id
node.wiki_pages_versions['foo'] = [ver1._id, ver2._id]
node.save()
assert ver1.is_current is False
assert ver2.is_current is True
def test_affiliated_component_without_affiliated_parent_returned(self, app, user, institution, public_node, institution_node_url):
# version 2.2
node = ProjectFactory(is_public=True)
component = NodeFactory(parent=node, is_public=True)
component.affiliated_institutions.add(institution)
component.save()
url = '{}?version=2.2'.format(institution_node_url)
res = app.get(url, auth=user.auth)
affiliated_node_ids = [item['id'] for item in res.json['data']]
assert res.status_code == 200
assert node._id not in affiliated_node_ids
assert component._id in affiliated_node_ids
def test_affiliated_component_without_affiliated_parent_returned(self, app, user, institution, public_node, institution_node_url):
# version 2.2
node = ProjectFactory(is_public=True)
component = NodeFactory(parent=node, is_public=True)
component.affiliated_institutions.add(institution)
component.save()
url = '{}?version=2.2'.format(institution_node_url)
res = app.get(url, auth=user.auth)
affiliated_node_ids = [item['id'] for item in res.json['data']]
assert res.status_code == 200
assert node._id not in affiliated_node_ids
assert component._id in affiliated_node_ids
def child_node_one(
self, user, parent_project,
institution, parent_project_one
):
child_node_one = NodeFactory(
parent=parent_project,
title='Friend of {}'.format(
parent_project_one._id),
creator=user,
is_public=True)
child_node_one.affiliated_institutions.add(institution)
child_node_one.save()
return child_node_one
def test_user_is_read_write(self):
user = AuthUserFactory()
user.affiliated_institutions.add(self.institution)
node = NodeFactory()
node.add_contributor(user)
node.save()
res = self.app.post_json_api(self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth)
assert_equal(res.status_code, 201)
node.reload()
assert_in(self.institution, node.affiliated_institutions.all())
def test_only_add_existent_with_permissions(self):
node = NodeFactory(creator=self.user)
node.affiliated_institutions.add(self.institution)
node.save()
assert_in(self.institution, self.node1.affiliated_institutions.all())
assert_in(self.institution, node.affiliated_institutions.all())
res = self.app.post_json_api(self.institution_nodes_url,
self.create_payload(
node._id, self.node1._id),
auth=self.user.auth)
assert_equal(res.status_code, 204)
def test_delete_user_is_admin_but_not_affiliated_with_inst(self):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(self.institution)
node.save()
assert_in(self.institution, node.affiliated_institutions.all())
res = self.app.delete_json_api(self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth)
assert_equal(res.status_code, 204)
node.reload()
assert_not_in(self.institution, node.affiliated_institutions.all())
def test_only_add_existent_with_permissions(self):
node = NodeFactory(creator=self.user)
node.affiliated_institutions.add(self.institution)
node.save()
assert_in(self.institution, self.node1.affiliated_institutions.all())
assert_in(self.institution, node.affiliated_institutions.all())
res = self.app.post_json_api(
self.institution_nodes_url,
self.create_payload(node._id, self.node1._id),
auth=self.user.auth
)
assert_equal(res.status_code, 204)
def test_user_is_read_only(self):
user = AuthUserFactory()
user.affiliated_institutions.add(self.institution)
node = NodeFactory()
node.add_contributor(user, permissions=[permissions.READ])
node.save()
res = self.app.post_json_api(self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
node.reload()
assert_not_in(self.institution, node.affiliated_institutions.all())
def test_user_is_read_write(self):
user = AuthUserFactory()
user.affiliated_institutions.add(self.institution)
node = NodeFactory()
node.add_contributor(user)
node.save()
res = self.app.post_json_api(
self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth
)
assert_equal(res.status_code, 201)
node.reload()
assert_in(self.institution, node.affiliated_institutions.all())
def test_delete_user_is_admin_but_not_affiliated_with_inst(
self, institution, app, url_institution_nodes):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(institution)
node.save()
assert institution in node.affiliated_institutions.all()
res = app.delete_json_api(url_institution_nodes,
make_payload(node._id),
auth=user.auth)
assert res.status_code == 204
node.reload()
assert institution not in node.affiliated_institutions.all()
def test_delete_user_is_admin_but_not_affiliated_with_inst(self):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(self.institution)
node.save()
assert_in(self.institution, node.affiliated_institutions.all())
res = self.app.delete_json_api(
self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth
)
assert_equal(res.status_code, 204)
node.reload()
assert_not_in(self.institution, node.affiliated_institutions.all())
def test_delete_user_is_admin_but_not_affiliated_with_inst(self, app, institution_one, create_payload):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(institution_one)
node.save()
assert institution_one in node.affiliated_institutions.all()
res = app.delete_json_api(
'/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, node._id),
create_payload(institution_one._id),
auth=user.auth,
)
assert res.status_code == 204
node.reload()
assert institution_one not in node.affiliated_institutions.all()
def test_delete_user_is_admin_but_not_affiliated_with_inst(self):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(self.institution1)
node.save()
assert_in(self.institution1, node.affiliated_institutions.all())
res = self.app.delete_json_api(
'/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, node._id),
self.create_payload(self.institution1._id),
auth=user.auth,
)
assert_equal(res.status_code, 204)
node.reload()
assert_not_in(self.institution1, node.affiliated_institutions.all())
def test_user_is_read_only(self):
user = AuthUserFactory()
user.affiliated_institutions.add(self.institution)
node = NodeFactory()
node.add_contributor(user, permissions=[permissions.READ])
node.save()
res = self.app.post_json_api(
self.institution_nodes_url,
self.create_payload(node._id),
auth=user.auth,
expect_errors=True
)
assert_equal(res.status_code, 403)
node.reload()
assert_not_in(self.institution, node.affiliated_institutions.all())
def test_delete_user_is_admin_but_not_affiliated_with_inst(
self, institution, app, url_institution_nodes):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(institution)
node.save()
assert institution in node.affiliated_institutions.all()
res = app.delete_json_api(
url_institution_nodes,
make_payload(node._id),
auth=user.auth
)
assert res.status_code == 204
node.reload()
assert institution not in node.affiliated_institutions.all()
def test_linked_nodes_only_return_viewable_nodes(
self, app, user, node_one, node_two, node_public, node_ids):
user_two = AuthUserFactory()
node_linking_two = NodeFactory(creator=user_two)
node_one.add_contributor(user_two, auth=Auth(user), save=True)
node_two.add_contributor(user_two, auth=Auth(user), save=True)
node_public.add_contributor(user_two, auth=Auth(user), save=True)
node_linking_two.add_pointer(node_one, auth=Auth(user_two))
node_linking_two.add_pointer(node_two, auth=Auth(user_two))
node_linking_two.add_pointer(node_public, auth=Auth(user_two))
node_linking_two.save()
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, node_linking_two._id),
auth=user_two.auth
)
assert res.status_code == 200
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
node_two.remove_contributor(user_two, auth=Auth(user))
node_public.remove_contributor(user_two, auth=Auth(user))
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(
API_BASE, node_linking_two._id
),
auth=user_two.auth
)
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert node_one._id in nodes_returned
assert node_public._id in nodes_returned
assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(self, app, auth,
private_node_one,
private_node_two,
public_node, node_ids):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
private_node_one.add_contributor(user, auth=auth, save=True)
private_node_two.add_contributor(user, auth=auth, save=True)
public_node.add_contributor(user, auth=auth, save=True)
new_linking_node.add_pointer(private_node_one, auth=Auth(user))
new_linking_node.add_pointer(private_node_two, auth=Auth(user))
new_linking_node.add_pointer(public_node, auth=Auth(user))
new_linking_node.save()
new_linking_registration = RegistrationFactory(
project=new_linking_node, creator=user)
res = app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
assert res.status_code == 200
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
private_node_two.remove_contributor(user, auth=auth)
public_node.remove_contributor(user, auth=auth)
res = app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert private_node_one._id in nodes_returned
assert public_node._id in nodes_returned
assert private_node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(
self, app, user, node_one, node_two, node_public, node_ids):
user_two = AuthUserFactory()
node_linking_two = NodeFactory(creator=user_two)
node_one.add_contributor(user_two, auth=Auth(user), save=True)
node_two.add_contributor(user_two, auth=Auth(user), save=True)
node_public.add_contributor(user_two, auth=Auth(user), save=True)
node_linking_two.add_pointer(node_one, auth=Auth(user_two))
node_linking_two.add_pointer(node_two, auth=Auth(user_two))
node_linking_two.add_pointer(node_public, auth=Auth(user_two))
node_linking_two.save()
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, node_linking_two._id),
auth=user_two.auth
)
assert res.status_code == 200
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
node_two.remove_contributor(user_two, auth=Auth(user))
node_public.remove_contributor(user_two, auth=Auth(user))
res = app.get(
'/{}nodes/{}/linked_nodes/'.format(
API_BASE, node_linking_two._id
),
auth=user_two.auth
)
nodes_returned = [
linked_node['id']for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert node_one._id in nodes_returned
assert node_public._id in nodes_returned
assert node_two._id not in nodes_returned
def test_linked_nodes_only_return_viewable_nodes(
self, app, auth, private_node_one, private_node_two,
public_node, node_ids):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
private_node_one.add_contributor(user, auth=auth, save=True)
private_node_two.add_contributor(user, auth=auth, save=True)
public_node.add_contributor(user, auth=auth, save=True)
new_linking_node.add_pointer(private_node_one, auth=Auth(user))
new_linking_node.add_pointer(private_node_two, auth=Auth(user))
new_linking_node.add_pointer(public_node, auth=Auth(user))
new_linking_node.save()
new_linking_registration = RegistrationFactory(
project=new_linking_node, creator=user)
res = app.get(
'/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id),
auth=user.auth
)
assert res.status_code == 200
nodes_returned = [linked_node['id']
for linked_node in res.json['data']]
assert len(nodes_returned) == len(node_ids)
for node_id in node_ids:
assert node_id in nodes_returned
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
private_node_two.remove_contributor(user, auth=auth)
public_node.remove_contributor(user, auth=auth)
res = app.get(
'/{}registrations/{}/linked_nodes/'.format(API_BASE, new_linking_registration._id),
auth=user.auth
)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert len(nodes_returned) == len(node_ids) - 1
assert private_node_one._id in nodes_returned
assert public_node._id in nodes_returned
assert private_node_two._id not in nodes_returned
def test_delete_user_is_admin_but_not_affiliated_with_inst(
self, app, institution_one, create_payload):
user = AuthUserFactory()
node = NodeFactory(creator=user)
node.affiliated_institutions.add(institution_one)
node.save()
assert institution_one in node.affiliated_institutions.all()
res = app.delete_json_api(
'/{0}nodes/{1}/relationships/institutions/'.format(
API_BASE, node._id),
create_payload(institution_one._id),
auth=user.auth,
)
assert res.status_code == 204
node.reload()
assert institution_one not in node.affiliated_institutions.all()
def test_node_children_list_does_not_include_deleted(self, app, user, public_project, public_component, component, public_project_url):
child_project = NodeFactory(parent=public_project, creator=user)
child_project.save()
res = app.get(public_project_url, auth=user.auth)
assert res.status_code == 200
ids = [node['id'] for node in res.json['data']]
assert child_project._id in ids
assert 2 == len(ids)
child_project.is_deleted = True
child_project.save()
res = app.get(public_project_url, auth=user.auth)
assert res.status_code == 200
ids = [node['id'] for node in res.json['data']]
assert child_project._id not in ids
assert 1 == len(ids)
def test_linked_nodes_only_return_viewable_nodes(self):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
self.linked_node.add_contributor(user, auth=self.auth, save=True)
self.linked_node2.add_contributor(user, auth=self.auth, save=True)
self.public_node.add_contributor(user, auth=self.auth, save=True)
new_linking_node.add_pointer(self.linked_node, auth=Auth(user))
new_linking_node.add_pointer(self.linked_node2, auth=Auth(user))
new_linking_node.add_pointer(self.public_node, auth=Auth(user))
new_linking_node.save()
new_linking_registration = RegistrationFactory(
project=new_linking_node, creator=user)
res = self.app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
assert_equal(res.status_code, 200)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert_equal(len(nodes_returned), len(self.node_ids))
for node_id in self.node_ids:
assert_in(node_id, nodes_returned)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
self.linked_node2.remove_contributor(user, auth=self.auth)
self.public_node.remove_contributor(user, auth=self.auth)
res = self.app.get('/{}registrations/{}/linked_nodes/'.format(
API_BASE, new_linking_registration._id),
auth=user.auth)
nodes_returned = [
linked_node['id'] for linked_node in res.json['data']
]
assert_equal(len(nodes_returned), len(self.node_ids) - 1)
assert_in(self.linked_node._id, nodes_returned)
assert_in(self.public_node._id, nodes_returned)
assert_not_in(self.linked_node2._id, nodes_returned)
def test_node_children_list_does_not_include_deleted(self):
child_project = NodeFactory(parent=self.public_project,
creator=self.user)
child_project.save()
res = self.app.get(self.public_project_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
ids = [node['id'] for node in res.json['data']]
assert_in(child_project._id, ids)
assert_equal(2, len(ids))
child_project.is_deleted = True
child_project.save()
res = self.app.get(self.public_project_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
ids = [node['id'] for node in res.json['data']]
assert_not_in(child_project._id, ids)
assert_equal(1, len(ids))
class LinkedRegistrationsTestCase(ApiTestCase):
def setUp(self):
super(LinkedRegistrationsTestCase, self).setUp()
self.registration = RegistrationFactory(is_public=True)
self.public_node = NodeFactory(is_public=True)
self.public_node.add_pointer(self.registration, auth=Auth(self.public_node.creator))
self.public_node.save()
self.admin_contributor = AuthUserFactory()
self.rw_contributor = AuthUserFactory()
self.read_contributor = AuthUserFactory()
self.non_contributor = AuthUserFactory()
self.private_node = NodeFactory(creator=self.admin_contributor)
self.private_node.add_contributor(self.rw_contributor, auth=Auth(self.admin_contributor))
self.private_node.add_contributor(self.read_contributor, permissions=['read'], auth=Auth(self.admin_contributor))
self.private_node.add_pointer(self.registration, auth=Auth(self.admin_contributor))
self.private_node.save()
def test_node_children_list_does_not_include_deleted(
self, app, user, public_project, public_component,
component, public_project_url):
child_project = NodeFactory(parent=public_project, creator=user)
child_project.save()
res = app.get(public_project_url, auth=user.auth)
assert res.status_code == 200
ids = [node['id'] for node in res.json['data']]
assert child_project._id in ids
assert 2 == len(ids)
child_project.is_deleted = True
child_project.save()
res = app.get(public_project_url, auth=user.auth)
assert res.status_code == 200
ids = [node['id'] for node in res.json['data']]
assert child_project._id not in ids
assert 1 == len(ids)
def test_get_children_only_returns_child_nodes_with_admin_permissions(
self):
user = UserFactory()
admin_project = ProjectFactory()
admin_project.add_contributor(
user,
auth=Auth(admin_project.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_project.save()
admin_component = NodeFactory(parent=admin_project)
admin_component.add_contributor(
user,
auth=Auth(admin_component.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_component.save()
read_and_write = NodeFactory(parent=admin_project)
read_and_write.add_contributor(
user,
auth=Auth(read_and_write.creator),
permissions=permissions.expand_permissions(permissions.WRITE))
read_and_write.save()
read_only = NodeFactory(parent=admin_project)
read_only.add_contributor(user,
auth=Auth(read_only.creator),
permissions=permissions.expand_permissions(
permissions.READ))
read_only.save()
non_contributor = NodeFactory(parent=admin_project)
components = _get_children(admin_project, Auth(user))
assert_equal(len(components), 1)
def test_linked_nodes_only_return_viewable_nodes(self):
user = AuthUserFactory()
new_linking_node = NodeFactory(creator=user)
self.linked_node.add_contributor(user, auth=self.auth, save=True)
self.linked_node2.add_contributor(user, auth=self.auth, save=True)
self.public_node.add_contributor(user, auth=self.auth, save=True)
new_linking_node.add_pointer(self.linked_node, auth=Auth(user))
new_linking_node.add_pointer(self.linked_node2, auth=Auth(user))
new_linking_node.add_pointer(self.public_node, auth=Auth(user))
new_linking_node.save()
res = self.app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id),
auth=user.auth
)
assert_equal(res.status_code, 200)
nodes_returned = [linked_node['id'] for linked_node in res.json['data']]
assert_equal(len(nodes_returned), len(self.node_ids))
for node_id in self.node_ids:
assert_in(node_id, nodes_returned)
# Disconnect contributor_removed so that we don't check in files
# We can remove this when StoredFileNode is implemented in osf-models
with disconnected_from_listeners(contributor_removed):
self.linked_node2.remove_contributor(user, auth=self.auth)
self.public_node.remove_contributor(user, auth=self.auth)
res = self.app.get(
'/{}nodes/{}/linked_nodes/'.format(API_BASE, new_linking_node._id),
auth=user.auth
)
nodes_returned = [linked_node['id'] for linked_node in res.json['data']]
assert_equal(len(nodes_returned), len(self.node_ids) - 1)
assert_in(self.linked_node._id, nodes_returned)
assert_in(self.public_node._id, nodes_returned)
assert_not_in(self.linked_node2._id, nodes_returned)
def test_get_contributors_from_parent(self):
self.project.add_contributor(
AuthUserFactory(),
auth=self.auth,
visible=True,
)
self.project.add_contributor(
AuthUserFactory(),
auth=self.auth,
visible=False,
)
component = NodeFactory(parent=self.project, creator=self.user)
user_already_on_component = AuthUserFactory()
component.add_contributor(
user_already_on_component,
auth=self.auth,
visible=True,
)
self.project.add_contributor(
user_already_on_component,
auth=self.auth,
visible=True,
)
self.project.save()
component.save()
url = component.api_url_for('get_contributors_from_parent')
res = self.app.get(url, auth=self.user.auth)
# Should be all contributors, client-side handles marking
# contributors that are already added to the child.
ids = [contrib['id'] for contrib in res.json['contributors']]
assert_not_in(user_already_on_component.id, ids)
assert_equal(
len(res.json['contributors']),
2,
)
def test_get_contributors_from_parent(self):
self.project.add_contributor(
AuthUserFactory(),
auth=self.auth,
visible=True,
)
self.project.add_contributor(
AuthUserFactory(),
auth=self.auth,
visible=False,
)
component = NodeFactory(parent=self.project, creator=self.user)
user_already_on_component = AuthUserFactory()
component.add_contributor(
user_already_on_component,
auth=self.auth,
visible=True,
)
self.project.add_contributor(
user_already_on_component,
auth=self.auth,
visible=True,
)
self.project.save()
component.save()
url = component.api_url_for('get_contributors_from_parent')
res = self.app.get(url, auth=self.user.auth)
# Should be all contributors, client-side handles marking
# contributors that are already added to the child.
ids = [contrib['id'] for contrib in res.json['contributors']]
assert_not_in(user_already_on_component.id, ids)
assert_equal(
len(res.json['contributors']),
2,
)
class LinkedRegistrationsTestCase(ApiTestCase):
def setUp(self):
super(LinkedRegistrationsTestCase, self).setUp()
self.registration = RegistrationFactory(is_public=True)
self.public_node = NodeFactory(is_public=True)
self.public_node.add_pointer(self.registration,
auth=Auth(self.public_node.creator))
self.public_node.save()
self.admin_contributor = AuthUserFactory()
self.rw_contributor = AuthUserFactory()
self.read_contributor = AuthUserFactory()
self.non_contributor = AuthUserFactory()
self.private_node = NodeFactory(creator=self.admin_contributor)
self.private_node.add_contributor(self.rw_contributor,
auth=Auth(self.admin_contributor))
self.private_node.add_contributor(self.read_contributor,
permissions=['read'],
auth=Auth(self.admin_contributor))
self.private_node.add_pointer(self.registration,
auth=Auth(self.admin_contributor))
self.private_node.save()
class TestNodeInstitutionDetail(ApiTestCase):
def setUp(self):
super(TestNodeInstitutionDetail, self).setUp()
self.institution = InstitutionFactory()
self.node = NodeFactory(is_public=True)
self.node.affiliated_institutions.add(self.institution)
self.node.save()
self.user = AuthUserFactory()
self.node2 = NodeFactory(creator=self.user)
def test_return_institution(self):
url = '/{0}nodes/{1}/institutions/'.format(API_BASE, self.node._id)
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['name'],
self.institution.name)
assert_equal(res.json['data'][0]['id'], self.institution._id)
def test_return_no_institution(self):
url = '/{0}nodes/{1}/institution/'.format(API_BASE, self.node2._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_get_children_only_returns_child_nodes_with_admin_permissions(self):
user = UserFactory()
admin_project = ProjectFactory()
admin_project.add_contributor(user, auth=Auth(admin_project.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_project.save()
admin_component = NodeFactory(parent=admin_project)
admin_component.add_contributor(user, auth=Auth(admin_component.creator),
permissions=permissions.expand_permissions(permissions.ADMIN))
admin_component.save()
read_and_write = NodeFactory(parent=admin_project)
read_and_write.add_contributor(user, auth=Auth(read_and_write.creator),
permissions=permissions.expand_permissions(permissions.WRITE))
read_and_write.save()
read_only = NodeFactory(parent=admin_project)
read_only.add_contributor(user, auth=Auth(read_only.creator),
permissions=permissions.expand_permissions(permissions.READ))
read_only.save()
non_contributor = NodeFactory(parent=admin_project)
components = _get_children(admin_project, Auth(user))
assert_equal(len(components), 1)
def node_public(self, registration):
node_public = NodeFactory(is_public=True)
node_public.add_pointer(registration, auth=Auth(node_public.creator))
node_public.save()
return node_public
def node_one(self, institution):
node_one = NodeFactory(is_public=True)
node_one.affiliated_institutions.add(institution)
node_one.save()
return node_one
def grandchild_node_one(self, user, child_node_one, institution):
grandchild_node_one = NodeFactory(parent=child_node_one, creator=user, is_public = True)
grandchild_node_one.affiliated_institutions.add(institution)
grandchild_node_one.save()
return grandchild_node_one
class TestComponents(OsfTestCase):
def setUp(self):
super(TestComponents, self).setUp()
self.user = AuthUserFactory()
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(creator=self.user)
self.project.add_contributor(contributor=self.user, auth=self.consolidate_auth)
# A non-project componenet
self.component = NodeFactory(
category='hypothesis',
creator=self.user,
parent=self.project,
)
self.component.save()
self.component.set_privacy('public', self.consolidate_auth)
self.component.set_privacy('private', self.consolidate_auth)
self.project.save()
self.project_url = self.project.web_url_for('view_project')
def test_sees_parent(self):
res = self.app.get(self.component.url, auth=self.user.auth).maybe_follow()
parent_title = res.html.find_all('h2', class_='node-parent-title')
assert_equal(len(parent_title), 1)
assert_in(self.project.title, parent_title[0].text) # Bs4 will handle unescaping HTML here
def test_delete_project(self):
res = self.app.get(
self.component.url + 'settings/',
auth=self.user.auth
).maybe_follow()
assert_in(
'Delete {0}'.format(self.component.project_or_component),
res
)
def test_cant_delete_project_if_not_admin(self):
non_admin = AuthUserFactory()
self.component.add_contributor(
non_admin,
permissions=['read', 'write'],
auth=self.consolidate_auth,
save=True,
)
res = self.app.get(
self.component.url + 'settings/',
auth=non_admin.auth
).maybe_follow()
assert_not_in(
'Delete {0}'.format(self.component.project_or_component),
res
)
def test_can_configure_comments_if_admin(self):
res = self.app.get(
self.component.url + 'settings/',
auth=self.user.auth,
).maybe_follow()
assert_in('Commenting', res)
def test_cant_configure_comments_if_not_admin(self):
non_admin = AuthUserFactory()
self.component.add_contributor(
non_admin,
permissions=['read', 'write'],
auth=self.consolidate_auth,
save=True,
)
res = self.app.get(
self.component.url + 'settings/',
auth=non_admin.auth
).maybe_follow()
assert_not_in('Commenting', res)
def test_components_should_have_component_list(self):
res = self.app.get(self.component.url, auth=self.user.auth)
assert_in('Components', res)
def contributor_node(self, user, contributor):
contributor_node = NodeFactory(creator=contributor)
contributor_node.add_contributor(user, auth=Auth(contributor))
contributor_node.save()
return contributor_node
