def test_user_cannot_view_user_list(admin_client, user_client):
"""An unprivileged user should not be able to see private entries."""
post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
url = reverse("user-list", kwargs=V1)
response = user_client.get(url, **HTTPS_KWARG)
rjson = validate_response(response, status.HTTP_403_FORBIDDEN)
assert "results" not in rjson
def test_admin_can_delete_all_entries(admin_client, user_client,
alt_admin_client):
# user schedule entry
user_rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY)
user_entry_name = user_rjson['name']
kws = {'pk': user_entry_name}
kws.update(V1)
user_url = reverse('schedule-detail', kwargs=kws)
# admin user schedule entry
alt_admin_rjson = post_schedule(alt_admin_client,
TEST_PRIVATE_SCHEDULE_ENTRY)
alt_admin_entry_name = alt_admin_rjson['name']
kws = {'pk': alt_admin_entry_name}
kws.update(V1)
alt_admin_url = reverse('schedule-detail', kwargs=kws)
response = admin_client.delete(user_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_204_NO_CONTENT)
response = admin_client.delete(user_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
response = admin_client.delete(alt_admin_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_204_NO_CONTENT)
response = admin_client.delete(alt_admin_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
def test_user_cannot_view_private_entry_in_list(admin_client, user_client):
"""An unprivileged user should not be able to see private entries."""
post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
url = reverse('user-list', kwargs=V1)
response = user_client.get(url, **HTTPS_KWARG)
rjson = validate_response(response, status.HTTP_200_OK)
admin_rjson = [user for user in rjson if user['username'] == 'admin'][0]
assert admin_rjson['schedule_entries'] == []
def test_get_schedule(admin_client):
url = reverse("schedule-list", kwargs=V1)
rjson = validate_response(admin_client.get(url, **HTTPS_KWARG))
assert rjson["results"] == EMPTY_SCHEDULE_RESPONSE
post_schedule(admin_client, TEST_SCHEDULE_ENTRY)
rjson = validate_response(admin_client.get(url, **HTTPS_KWARG))
assert rjson["count"] == 1
expected_name = TEST_SCHEDULE_ENTRY["name"]
actual_name = rjson["results"][0]["name"]
assert expected_name == actual_name
def test_get_schedule(user_client):
url = reverse('schedule-list', kwargs=V1)
rjson = validate_response(user_client.get(url, **HTTPS_KWARG))
assert rjson == EMPTY_SCHEDULE_RESPONSE
post_schedule(user_client, TEST_SCHEDULE_ENTRY)
rjson = validate_response(user_client.get(url, **HTTPS_KWARG))
assert len(rjson) == 1
expected_name = TEST_SCHEDULE_ENTRY['name']
actual_name = rjson[0]['name']
assert expected_name == actual_name
def test_validate_only_does_not_modify_schedule_with_good_entry(user_client):
"""A good entry with validate_only should return 200 only."""
# Ensure that a 200 "OK" is returned from the validator
entry = TEST_SCHEDULE_ENTRY.copy()
entry["validate_only"] = True
expected_status = status.HTTP_204_NO_CONTENT
post_schedule(user_client, entry, expected_status=expected_status)
# Ensure that the entry didn't make it into the schedule
entry_name = entry["name"]
url = reverse_detail_url(entry_name)
response = user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
def test_validate_only_does_not_modify_schedule_with_bad_entry(user_client):
"""A bad entry with validate_only should return 400 only."""
# Ensure that a 400 "BAD REQUEST" is returned from the validator
entry = TEST_SCHEDULE_ENTRY.copy()
entry["interval"] = 1.5 # non-integer interval is invalid
entry["validate_only"] = True
expected_status = status.HTTP_400_BAD_REQUEST
post_schedule(user_client, entry, expected_status=expected_status)
# Ensure that the entry didn't make it into the schedule
url = reverse_detail_url(entry["name"])
response = user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
def test_user_can_view_non_private_user_entries(user_client, alt_user_client):
# alt user schedule entry
alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY)
alt_user_entry_name = alt_user_rjson["name"]
alt_user_entry_url = reverse_detail_url(alt_user_entry_name)
response = user_client.get(alt_user_entry_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_user_can_view_non_private_admin_entries(admin_client, user_client):
# admin user schedule entry
admin_rjson = post_schedule(admin_client, TEST_ALTERNATE_SCHEDULE_ENTRY)
admin_entry_name = admin_rjson["name"]
admin_entry_url = reverse_detail_url(admin_entry_name)
response = user_client.get(admin_entry_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def create_task_results(n, admin_client, entry_name=None):
# We need an entry in the schedule to create TRs for
try:
entry = ScheduleEntry.objects.get(name=entry_name)
except Exception:
test_entry = TEST_SCHEDULE_ENTRY
if entry_name is not None:
test_entry["name"] = entry_name
rjson = post_schedule(admin_client, test_entry)
entry_name = rjson["name"]
entry = ScheduleEntry.objects.get(name=entry_name)
for i in range(n):
started = timezone.now()
tr = TaskResult(
schedule_entry=entry,
task_id=i + 1,
started=started,
finished=started + ONE_MICROSECOND,
duration=ONE_MICROSECOND,
status="success",
detail="",
)
tr.max_disk_usage = TEST_MAX_DISK_USAGE
tr.save()
return entry_name
def test_get_existing_entry_details_returns_200(admin_client):
"""Requesting details of existing entry should return 200."""
rjson = post_schedule(admin_client, TEST_SCHEDULE_ENTRY)
entry_name = rjson["name"]
url = reverse_detail_url(entry_name)
response = admin_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def create_task_results(n, user_client, entry_name=None):
# We need an entry in the schedule to create TRs for
try:
entry = ScheduleEntry.objects.get(name=entry_name)
except Exception:
test_entry = TEST_SCHEDULE_ENTRY
if entry_name is not None:
test_entry['name'] = entry_name
rjson = post_schedule(user_client, test_entry)
entry_name = rjson['name']
entry = ScheduleEntry.objects.get(name=entry_name)
for i in range(n):
started = timezone.now()
tr = TaskResult(schedule_entry=entry,
task_id=i + 1,
started=started,
finished=started + ONE_MICROSECOND,
duration=ONE_MICROSECOND,
result='success',
detail='')
tr.max_results = TEST_MAX_TASK_RESULTS
tr.save()
return entry_name
def test_user_cannot_view_schedule_entry_detail(user_client, admin_client):
admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
admin_entry_name = admin_rjson["name"]
kws = {"pk": admin_entry_name}
kws.update(V1)
admin_url = reverse("schedule-detail", kwargs=kws)
response = user_client.get(admin_url)
rjson = validate_response(response, status.HTTP_403_FORBIDDEN)
assert rjson != EMPTY_SCHEDULE_RESPONSE
def test_user_cannot_post_private_schedule(user_client):
"""Unpriveleged users should not be able to create private entries."""
rjson = post_schedule(user_client, TEST_PRIVATE_SCHEDULE_ENTRY)
entry_name = rjson["name"]
url = reverse_detail_url(entry_name)
response = user_client.get(url, **HTTPS_KWARG)
assert not rjson["is_private"]
validate_response(response, status.HTTP_200_OK)
assert not response.data["is_private"]
def test_user_cannot_view_private_entry_details(admin_client, user_client):
"""A user attempting to access a private entry should receive 404."""
# Private indicates admin wants users to be unaware that the entry exists
# on the system, hence 404 vs 403 (FORBIDDEN).
rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
entry_name = rjson["name"]
url = reverse_detail_url(entry_name)
response = user_client.get(url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
def test_private_schedule_entry_is_private(admin_client, user_client):
rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
entry_name = rjson["name"]
entry_url = reverse_detail_url(entry_name)
user_response = user_client.get(entry_url, **HTTPS_KWARG)
admin_user_response = admin_client.get(entry_url, **HTTPS_KWARG)
validate_response(user_response, status.HTTP_404_NOT_FOUND)
validate_response(admin_user_response, status.HTTP_200_OK)
def test_entry_posted_to_schedule_is_immediately_available(admin_client):
rjson = post_schedule(admin_client, TEST_SCHEDULE_ENTRY)
entry_name = rjson["name"]
entry_url = reverse_detail_url(entry_name)
user_response = admin_client.get(entry_url, **HTTPS_KWARG)
for k, v in TEST_SCHEDULE_ENTRY.items():
assert rjson[k] == v
validate_response(user_response, status.HTTP_200_OK)
def test_user_cannot_modify_any_other_entry(admin_client, user_client,
alt_user_client):
# alt user schedule entry
alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY)
alt_user_entry_name = alt_user_rjson["name"]
user_adjust_alt_user_response = update_schedule(
user_client, alt_user_entry_name, TEST_PRIVATE_SCHEDULE_ENTRY)
# admin user schedule entry
admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
admin_entry_name = admin_rjson["name"]
user_adjust_admin_response = update_schedule(user_client, admin_entry_name,
TEST_SCHEDULE_ENTRY)
validate_response(user_adjust_alt_user_response, status.HTTP_403_FORBIDDEN)
# Admin's entry is private, hence 404 instead of 403
validate_response(user_adjust_admin_response, status.HTTP_404_NOT_FOUND)
def test_user_can_modify_their_entry(user_client):
rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY)
entry_name = rjson["name"]
user_adjust_response = update_schedule(user_client, entry_name,
TEST_ALTERNATE_SCHEDULE_ENTRY)
validate_response(user_adjust_response, status.HTTP_200_OK)
assert rjson["priority"] == 10
assert user_adjust_response.data["priority"] == 5
def simulate_multirec_acquisition(client, is_private=False, name=None):
schedule_entry = SINGLE_MULTI_RECORDING_ACQUISITION.copy()
schedule_entry["is_private"] = is_private
if name is not None:
schedule_entry["name"] = name
entry = post_schedule(client, schedule_entry)
simulate_scheduler_run()
return entry["name"]
def test_admin_can_modify_all_entries(admin_client, alt_admin_client):
# admin user schedule entry
alt_admin_rjson = post_schedule(alt_admin_client,
TEST_PRIVATE_SCHEDULE_ENTRY)
alt_admin_entry_name = alt_admin_rjson["name"]
admin_adjust_alt_admin_response = update_schedule(admin_client,
alt_admin_entry_name,
TEST_SCHEDULE_ENTRY)
validate_response(admin_adjust_alt_admin_response, status.HTTP_200_OK)
def test_detector(user_client, rf):
# Put an entry in the schedule that we can refer to
rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY)
entry_name = rjson['name']
task_id = rjson['next_task_id']
# use mock_acquire set up in conftest.py
by_name['mock_acquire'](entry_name, task_id)
acquistion = Acquisition.objects.get(task_id=task_id)
sigmf_metadata = acquistion.sigmf_metadata
assert sigmf_validate(sigmf_metadata)
def test_admin_can_view_all_entries(admin_client, alt_admin_client):
# alt admin user schedule entry
alt_admin_rjson = post_schedule(alt_admin_client,
TEST_PRIVATE_SCHEDULE_ENTRY)
alt_admin_entry_name = alt_admin_rjson["name"]
kws = {"pk": alt_admin_entry_name}
kws.update(V1)
alt_admin_url = reverse("schedule-detail", kwargs=kws)
response = admin_client.get(alt_admin_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_200_OK)
def test_user_cannot_delete_any_other_entry(admin_client, user_client,
alt_user_client):
# alt user schedule entry
alt_user_rjson = post_schedule(alt_user_client, TEST_SCHEDULE_ENTRY)
alt_user_entry_name = alt_user_rjson["name"]
alt_user_entry_url = reverse_detail_url(alt_user_entry_name)
user_delete_alt_user_response = user_client.delete(alt_user_entry_url,
**HTTPS_KWARG)
# admin user schedule entry
admin_rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
admin_entry_name = admin_rjson["name"]
admin_entry_url = reverse_detail_url(admin_entry_name)
user_delete_admin_response = user_client.delete(admin_entry_url,
**HTTPS_KWARG)
validate_response(user_delete_alt_user_response, status.HTTP_403_FORBIDDEN)
# Admin's entry is private, hence 404 instead of 403
validate_response(user_delete_admin_response, status.HTTP_404_NOT_FOUND)
def test_user_can_delete_their_entry(user_client):
rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY)
entry_name = rjson["name"]
entry_url = reverse_detail_url(entry_name)
# First attempt to delete should return 204
response = user_client.delete(entry_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_204_NO_CONTENT)
# Second attempt to delete should return 404
response = user_client.delete(entry_url, **HTTPS_KWARG)
validate_response(response, status.HTTP_404_NOT_FOUND)
def test_admin_can_use_negative_priority(admin_client):
hipri = TEST_PRIVATE_SCHEDULE_ENTRY.copy()
hipri["priority"] = -20
rjson = post_schedule(admin_client, hipri)
entry_name = rjson["name"]
kws = {"pk": entry_name}
kws.update(V1)
entry_url = reverse("schedule-detail", kwargs=kws)
admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG)
assert rjson["priority"] == -20
validate_response(admin_user_respose, status.HTTP_200_OK)
def test_admin_can_modify_all_entries(admin_client, user_client,
alt_admin_client):
# user schedule entry
user_rjson = post_schedule(user_client, TEST_SCHEDULE_ENTRY)
user_entry_name = user_rjson['name']
admin_adjust_user_response = update_schedule(admin_client, user_entry_name,
TEST_PRIVATE_SCHEDULE_ENTRY)
# admin user schedule entry
alt_admin_rjson = post_schedule(alt_admin_client,
TEST_PRIVATE_SCHEDULE_ENTRY)
alt_admin_entry_name = alt_admin_rjson['name']
admin_adjust_alt_admin_response = update_schedule(
admin_client, alt_admin_entry_name, TEST_SCHEDULE_ENTRY)
validate_response(admin_adjust_user_response, status.HTTP_200_OK)
assert admin_adjust_user_response.data['is_private']
validate_response(admin_adjust_alt_admin_response, status.HTTP_200_OK)
assert not admin_adjust_alt_admin_response.data['is_private']
def simulate_acquisitions(client, schedule_entry, n=1, name=None):
assert 0 < n <= 10
if n > 1:
schedule_entry["relative_stop"] = n
if name is not None:
schedule_entry["name"] = name
entry = post_schedule(client, schedule_entry)
simulate_scheduler_run(n)
return entry["name"]
def test_admin_can_use_negative_priority(admin_client):
hipri = TEST_PRIVATE_SCHEDULE_ENTRY.copy()
hipri['priority'] = -20
rjson = post_schedule(admin_client, hipri)
entry_name = rjson['name']
kws = {'pk': entry_name}
kws.update(V1)
entry_url = reverse('schedule-detail', kwargs=kws)
admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG)
assert rjson['priority'] == -20
validate_response(admin_user_respose, status.HTTP_200_OK)
assert admin_user_respose.data['is_private']
def test_post_admin_private_schedule(admin_client):
rjson = post_schedule(admin_client, TEST_PRIVATE_SCHEDULE_ENTRY)
entry_name = rjson['name']
kws = {'pk': entry_name}
kws.update(V1)
entry_url = reverse('schedule-detail', kwargs=kws)
admin_user_respose = admin_client.get(entry_url, **HTTPS_KWARG)
for k, v in TEST_PRIVATE_SCHEDULE_ENTRY.items():
assert rjson[k] == v
assert rjson['is_private']
validate_response(admin_user_respose, status.HTTP_200_OK)
assert admin_user_respose.data['is_private']
