class TestNodeLinkDetail(ApiTestCase): def setUp(self): super(TestNodeLinkDetail, self).setUp() self.user = AuthUserFactory() self.private_project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=False) self.pointer = self.private_project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.private_project._id, self.pointer._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(creator=self.user, is_public=True) self.public_pointer_project = ProjectFactory(is_public=True) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) def test_returns_embedded_public_node_pointer_detail_logged_out(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') res_json = res.json['data'] embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_returns_public_node_pointer_detail_logged_in(self): res = self.app.get(self.public_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_returns_private_node_pointer_detail_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) def test_returns_private_node_pointer_detail_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.pointer_project._id) def test_returns_private_node_pointer_detail_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) def test_self_link_points_to_node_link_detail_url(self): res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) url = res.json['data']['links']['self'] assert_in(self.public_url, url)
def test_view_project_pointer_count_excludes_folders(self): pointer_project = ProjectFactory(is_public=True) # project that points to another project pointed_project = self.node # project that other project points to pointer_project.add_pointer(pointed_project, Auth(pointer_project.creator), save=True) # Project is in a organizer collection folder = CollectionFactory(creator=pointed_project.creator) folder.add_pointer(pointed_project, Auth(pointed_project.creator), save=True) result = _view_project(pointed_project, Auth(pointed_project.creator)) # pointer_project is included in count, but not folder assert_equal(result["node"]["points"], 1)
def test_view_project_pointer_count_excludes_folders(self): user = UserFactory() pointer_project = ProjectFactory(is_public=True) # project that points to another project pointed_project = ProjectFactory(creator=user) # project that other project points to pointer_project.add_pointer(pointed_project, Auth(pointer_project.creator), save=True) # Project is in a dashboard folder folder = FolderFactory(creator=pointed_project.creator) folder.add_pointer(pointed_project, Auth(pointed_project.creator), save=True) result = _view_project(pointed_project, Auth(pointed_project.creator)) # pointer_project is included in count, but not folder assert_equal(result['node']['points'], 1)
def test_view_project_pointer_count_excludes_folders(self): user = UserFactory() pointer_project = ProjectFactory(is_public=True) # project that points to another project pointed_project = ProjectFactory(creator=user) # project that other project points to pointer_project.add_pointer(pointed_project, Auth(pointer_project.creator), save=True) # Project is in a dashboard folder folder = FolderFactory(creator=pointed_project.creator) folder.add_pointer(pointed_project, Auth(pointed_project.creator), save=True) result = _view_project(pointed_project, Auth(pointed_project.creator)) # pointer_project is included in count, but not folder assert_equal(result['node']['points'], 1)
class TestExplorePublicActivity(OsfTestCase): def setUp(self): super(TestExplorePublicActivity, self).setUp() self.project = ProjectFactory(is_public=True) self.registration = RegistrationFactory(project=self.project) self.private_project = ProjectFactory(title="Test private project") # Add project to new and noteworthy projects self.new_and_noteworthy_links_node = ProjectFactory() self.new_and_noteworthy_links_node._id = settings.NEW_AND_NOTEWORTHY_LINKS_NODE self.new_and_noteworthy_links_node.add_pointer( self.project, auth=Auth(self.new_and_noteworthy_links_node.creator), save=True) @mock.patch('website.discovery.views.KeenClient') def test_new_and_noteworthy_and_registrations_show_in_explore_activity( self, mock_client): mock_client.count.return_value = { 'result': [{ 'result': 5, 'node.id': self.project._id }, { 'result': 5, 'node.id': self.registration._id }] } mock_client.count_unique.return_value = { 'result': [{ 'result': 2, 'node.id': self.project._id }, { 'result': 2, 'node.id': self.registration._id }] } url = self.project.web_url_for('activity') res = self.app.get(url) assert_in(str(self.project.title), res) assert_in(str(self.project.date_created.date()), res) assert_in(str(self.registration.title), res) assert_in(str(self.registration.registered_date.date()), res) assert_not_in(str(self.private_project.title), res)
def test_view_project_pointer_count_excludes_folders(self): pointer_project = ProjectFactory( is_public=True) # project that points to another project pointed_project = self.node # project that other project points to pointer_project.add_pointer(pointed_project, Auth(pointer_project.creator), save=True) # Project is in a organizer collection folder = CollectionFactory(creator=pointed_project.creator) folder.add_pointer(pointed_project, Auth(pointed_project.creator), save=True) result = _view_project(pointed_project, Auth(pointed_project.creator)) # pointer_project is included in count, but not folder assert_equal(result['node']['points'], 1)
def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_view', wname='home', _guid=True) )
def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_page', wname='home', _guid=True) )
def test_get_node_name(self): user = UserFactory() auth = Auth(user=user) another_user = UserFactory() another_auth = Auth(user=another_user) # Public (Can View) public_project = ProjectFactory(is_public=True) collector = rubeus.NodeFileCollector(node=public_project, auth=another_auth) node_name = u'{0}: {1}'.format( public_project.project_or_component.capitalize(), sanitize.unescape_entities(public_project.title)) assert_equal(collector._get_node_name(public_project), node_name) # Private (Can't View) registration_private = RegistrationFactory(creator=user) registration_private.is_public = False registration_private.save() collector = rubeus.NodeFileCollector(node=registration_private, auth=another_auth) assert_equal(collector._get_node_name(registration_private), u'Private Registration') content = ProjectFactory(creator=user) node = ProjectFactory(creator=user) forked_private = node.fork_node(auth=auth) forked_private.is_public = False forked_private.save() collector = rubeus.NodeFileCollector(node=forked_private, auth=another_auth) assert_equal(collector._get_node_name(forked_private), u'Private Fork') pointer_private = node.add_pointer(content, auth=auth) pointer_private.is_public = False pointer_private.save() collector = rubeus.NodeFileCollector(node=pointer_private, auth=another_auth) assert_equal(collector._get_node_name(pointer_private), u'Private Link') private_project = ProjectFactory(is_public=False) collector = rubeus.NodeFileCollector(node=private_project, auth=another_auth) assert_equal(collector._get_node_name(private_project), u'Private Component') private_node = NodeFactory(is_public=False) collector = rubeus.NodeFileCollector(node=private_node, auth=another_auth) assert_equal(collector._get_node_name(private_node), u'Private Component')
class TestExplorePublicActivity(OsfTestCase): def setUp(self): super(TestExplorePublicActivity, self).setUp() self.project = ProjectFactory(is_public=True) self.registration = RegistrationFactory(project=self.project) self.private_project = ProjectFactory(title="Test private project") self.popular_project = ProjectFactory(is_public=True) self.popular_registration = RegistrationFactory(project=self.project) # Add project to new and noteworthy projects self.new_and_noteworthy_links_node = ProjectFactory() self.new_and_noteworthy_links_node._id = settings.NEW_AND_NOTEWORTHY_LINKS_NODE self.new_and_noteworthy_links_node.add_pointer(self.project, auth=Auth(self.new_and_noteworthy_links_node.creator), save=True) # Set up popular projects and registrations self.popular_links_node = ProjectFactory() self.popular_links_node._id = settings.POPULAR_LINKS_NODE self.popular_links_node.add_pointer(self.popular_project, auth=Auth(self.popular_links_node.creator), save=True) self.popular_links_registrations = ProjectFactory() self.popular_links_registrations._id = settings.POPULAR_LINKS_REGISTRATIONS self.popular_links_registrations.add_pointer(self.popular_registration, auth=Auth(self.popular_links_registrations.creator), save=True) def tearDown(self): super(TestExplorePublicActivity, self).tearDown() Node.remove() def test_explore_page_loads_when_settings_not_configured(self): old_settings_values = settings.POPULAR_LINKS_NODE, settings.NEW_AND_NOTEWORTHY_LINKS_NODE, settings.POPULAR_LINKS_REGISTRATIONS settings.POPULAR_LINKS_NODE = 'notanode' settings.NEW_AND_NOTEWORTHY_LINKS_NODE = 'alsototallywrong' settings.POPULAR_LINKS_REGISTRATIONS = 'nopenope' url = self.project.web_url_for('activity') res = self.app.get(url) assert_equal(res.status_code, 200) settings.POPULAR_LINKS_NODE, settings.NEW_AND_NOTEWORTHY_LINKS_NODE, settings.POPULAR_LINKS_REGISTRATIONS = old_settings_values def test_new_and_noteworthy_and_popular_nodes_show_in_explore_activity(self): url = self.project.web_url_for('activity') res = self.app.get(url) # New and Noteworthy assert_in(str(self.project.title), res) assert_in(str(self.project.date_created.date()), res) assert_in(str(self.registration.title), res) assert_in(str(self.registration.registered_date.date()), res) assert_not_in(str(self.private_project.title), res) # Popular Projects and Registrations assert_in(str(self.popular_project.title), res) assert_in(str(self.popular_project.date_created.date()), res) assert_in(str(self.popular_registration.title), res) assert_in(str(self.popular_registration.registered_date.date()), res)
def test_get_node_name(self): user = UserFactory() auth = Auth(user=user) another_user = UserFactory() another_auth = Auth(user=another_user) # Public (Can View) public_project = ProjectFactory(is_public=True) collector = rubeus.NodeFileCollector(node=public_project, auth=another_auth) node_name = u"{0}: {1}".format( public_project.project_or_component.capitalize(), sanitize.unescape_entities(public_project.title) ) assert_equal(collector._get_node_name(public_project), node_name) # Private (Can't View) registration_private = RegistrationFactory(creator=user) registration_private.is_public = False registration_private.save() collector = rubeus.NodeFileCollector(node=registration_private, auth=another_auth) assert_equal(collector._get_node_name(registration_private), u"Private Registration") content = ProjectFactory(creator=user) node = ProjectFactory(creator=user) forked_private = node.fork_node(auth=auth) forked_private.is_public = False forked_private.save() collector = rubeus.NodeFileCollector(node=forked_private, auth=another_auth) assert_equal(collector._get_node_name(forked_private), u"Private Fork") pointer_private = node.add_pointer(content, auth=auth) pointer_private.is_public = False pointer_private.save() collector = rubeus.NodeFileCollector(node=pointer_private, auth=another_auth) assert_equal(collector._get_node_name(pointer_private), u"Private Link") private_project = ProjectFactory(is_public=False) collector = rubeus.NodeFileCollector(node=private_project, auth=another_auth) assert_equal(collector._get_node_name(private_project), u"Private Component") private_node = NodeFactory(is_public=False) collector = rubeus.NodeFileCollector(node=private_node, auth=another_auth) assert_equal(collector._get_node_name(private_node), u"Private Component")
class TestNodeChildrenList(ApiTestCase): def setUp(self): super(TestNodeChildrenList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory() self.project.add_contributor(self.user, permissions=[permissions.READ, permissions.WRITE]) self.project.save() self.component = NodeFactory(parent=self.project, creator=self.user) self.pointer = ProjectFactory() self.project.add_pointer(self.pointer, auth=Auth(self.user), save=True) self.private_project_url = '/{}nodes/{}/children/'.format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.save() self.public_component = NodeFactory(parent=self.public_project, creator=self.user, is_public=True) self.public_project_url = '/{}nodes/{}/children/'.format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_node_children_list_does_not_include_pointers(self): res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(len(res.json['data']), 1) def test_return_public_node_children_list_logged_out(self): res = self.app.get(self.public_project_url) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.public_component._id) def test_return_public_node_children_list_logged_in(self): res = self.app.get(self.public_project_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.public_component._id) def test_return_private_node_children_list_logged_out(self): res = self.app.get(self.private_project_url, expect_errors=True) assert_equal(res.status_code, 401) assert 'detail' in res.json['errors'][0] def test_return_private_node_children_list_logged_in_contributor(self): res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.component._id) def test_return_private_node_children_list_logged_in_non_contributor(self): res = self.app.get(self.private_project_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert 'detail' in res.json['errors'][0] def test_node_children_list_does_not_include_unauthorized_projects(self): private_component = NodeFactory(parent=self.project) res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(len(res.json['data']), 1) def test_node_children_list_does_not_include_deleted(self): child_project = NodeFactory(parent=self.public_project, creator=self.user) child_project.save() res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) ids = [node['id'] for node in res.json['data']] assert_in(child_project._id, ids) assert_equal(2, len(ids)) child_project.is_deleted = True child_project.save() res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) ids = [node['id'] for node in res.json['data']] assert_not_in(child_project._id, ids) assert_equal(1, len(ids)) def test_node_children_list_does_not_include_node_links(self): pointed_to = ProjectFactory(is_public=True) self.public_project.add_pointer(pointed_to, auth=Auth(self.public_project.creator)) res = self.app.get(self.public_project_url, auth=self.user.auth) ids = [node['id'] for node in res.json['data']] assert_in(self.public_component._id, ids) # sanity check assert_equal(len(ids), len([e for e in self.public_project.nodes if e.primary])) assert_not_in(pointed_to._id, ids) def test_cannot_access_retracted_children(self): registration = RegistrationFactory(creator=self.user, project=self.public_project) retraction = RetractedRegistrationFactory(registration=registration, user=self.user) url = '/{}nodes/{}/children/'.format(API_BASE, registration._id) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
class TestBulkDeleteNodeLinks(ApiTestCase): def setUp(self): super(TestBulkDeleteNodeLinks, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=True) self.pointer_project_two = ProjectFactory(creator=self.user, is_public=True) self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.pointer_two = self.project.add_pointer(self.pointer_project_two, auth=Auth(self.user), save=True) self.private_payload = { "data": [ {"type": "node_links", "id": self.pointer._id}, {"type": "node_links", "id": self.pointer_two._id} ] } self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project_two = ProjectFactory(is_public=True, creator=self.user) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_pointer_two = self.public_project.add_pointer(self.public_pointer_project_two, auth=Auth(self.user), save=True) self.public_payload = { 'data': [ {'type': 'node_links', 'id': self.public_pointer._id}, {'type': 'node_links', 'id': self.public_pointer_two._id} ] } self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id) def test_bulk_delete_node_links_blank_request(self): res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) def test_bulk_delete_pointer_limits(self): res = self.app.delete_json_api(self.public_url, {'data': [self.public_payload['data'][0]] * 101}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.') assert_equal(res.json['errors'][0]['source']['pointer'], '/data') def test_bulk_delete_dict_inside_data(self): res = self.app.delete_json_api(self.public_url, {'data': {'id': self.public_project._id, 'type': 'node_links'}}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".') def test_bulk_delete_pointers_no_type(self): payload = {'data': [ {'id': self.public_pointer._id}, {'id': self.public_pointer_two._id} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['source']['pointer'], "/data/type") def test_bulk_delete_pointers_incorrect_type(self): payload = {'data': [ {'id': self.public_pointer._id, 'type': 'Incorrect type.'}, {'id': self.public_pointer_two._id, 'type': 'Incorrect type.'} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 409) def test_bulk_delete_pointers_no_id(self): payload = {'data': [ {'type': 'node_links'}, {'type': 'node_links'} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['source']['pointer'], "/data/id") def test_bulk_delete_pointers_no_data(self): res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Request must contain array of resource identifier objects.') def test_bulk_delete_pointers_payload_is_empty_dict(self): res = self.app.delete_json_api(self.public_url, {}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Request must include /data.') def test_cannot_delete_if_registration(self): registration = RegistrationFactory(project=self.public_project) url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id) res = self.app.delete_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 404) def test_bulk_deletes_public_node_pointers_logged_out(self): res = self.app.delete_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) def test_bulk_deletes_public_node_pointers_fails_if_bad_auth(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user_two.auth, expect_errors=True, bulk=True) # This is could arguably be a 405, but we don't need to go crazy with status codes assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) self.public_project.reload() assert_equal(node_count_before, len(self.public_project.nodes_pointer)) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1) def test_bulk_deletes_public_node_pointers_succeeds_as_owner(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True) self.public_project.reload() assert_equal(res.status_code, 204) assert_equal(node_count_before - 2, len(self.public_project.nodes_pointer)) self.public_project.reload() def test_bulk_deletes_private_node_pointers_logged_out(self): res = self.app.delete_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_bulk_deletes_private_node_pointers_logged_in_contributor(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) assert_equal(len(self.project.nodes_pointer), 0) def test_bulk_deletes_private_node_pointers_logged_in_non_contributor(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_return_bulk_deleted_public_node_pointer(self): res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True) self.public_project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) #check that deleted pointer can not be returned res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_return_bulk_deleted_private_node_pointer(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id) #check that deleted pointer can not be returned res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) # Regression test for https://openscience.atlassian.net/browse/OSF-4322 def test_bulk_delete_link_that_is_not_linked_to_correct_node(self): project = ProjectFactory(creator=self.user) # The node link belongs to a different project res = self.app.delete_json_api( self.private_url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True ) assert_equal(res.status_code, 400) errors = res.json['errors'] assert_equal(len(errors), 1) assert_equal(errors[0]['detail'], 'Node link does not belong to the requested node.')
class TestWikiViews(OsfTestCase): def setUp(self): super(TestWikiViews, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=True, creator=self.user) self.consolidate_auth = Auth(user=self.project.creator) def test_wiki_url_get_returns_200(self): url = self.project.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_for_pointer_returns_200(self): # TODO: explain how this tests a pointer project = ProjectFactory(is_public=True) self.project.add_pointer(project, Auth(self.project.creator), save=True) url = self.project.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_content_returns_200(self): node = ProjectFactory(is_public=True) url = node.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_for_component_returns_200(self): component = NodeFactory(project=self.project, is_public=True) url = component.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_serialize_wiki_toc(self): project = ProjectFactory() auth = Auth(project.creator) NodeFactory(project=project, creator=project.creator) no_wiki = NodeFactory(project=project, creator=project.creator) project.save() serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 2) no_wiki.delete_addon('wiki', auth=auth) serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 1) def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_page', wname='home', _guid=True) ) def test_project_wiki_edit_post(self): self.project.update_node_wiki( 'home', content='old content', auth=Auth(self.project.creator) ) url = self.project.web_url_for('project_wiki_edit_post', wname='home') res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() # page was updated with new content new_wiki = self.project.get_wiki_page('home') assert_equal(new_wiki.content, 'new content') def test_project_wiki_edit_post_with_new_wname_and_no_content(self): page_name = fake.catch_phrase() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': ''}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) def test_project_wiki_edit_post_with_new_wname_and_content(self): page_name, page_content = fake.catch_phrase(), fake.bs() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': page_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) # content was set assert_equal(new_page.content, page_content) def test_project_wiki_edit_post_with_non_ascii_title(self): # regression test for https://github.com/CenterForOpenScience/openscienceframework.org/issues/1040 # wname doesn't exist in the db, so it will be created new_wname = u'øˆ∆´ƒøßå√ß' url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) # updating content should return correct url as well. res = self.app.post(url, {'content': 'updated content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) def test_project_wiki_edit_post_with_special_characters(self): new_wname = 'title: ' + SPECIAL_CHARACTERS_ALLOWED new_wiki_content = 'content: ' + SPECIAL_CHARACTERS_ALL url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': new_wiki_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) assert_equal(wiki.content, new_wiki_content) assert_equal(res.status_code, 200) def test_wiki_edit_get_home(self): url = self.project.web_url_for('project_wiki_edit', wname='home') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_returns_200(self): self.project.update_node_wiki('home', 'updated content', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_compare', wname='home', wver=1) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_with_invalid_wname(self): url = self.project.web_url_for('project_wiki_compare', wname='this-doesnt-exist', wver=1) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) def test_wiki_page_creation_strips_whitespace(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1080 # wname has a trailing space url = self.project.web_url_for('project_wiki_edit', wname='cupcake ') res = self.app.post(url, {'content': 'blah'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page('cupcake') assert_is_not_none(wiki) def test_wiki_validate_name(self): url = self.project.api_url_for('project_wiki_validate_name', wname='Capslock') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_validate_name_cannot_create_home(self): url = self.project.api_url_for('project_wiki_validate_name', wname='home') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_wiki_validate_name_mixed_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_not_in('capslock', self.project.wiki_pages_current) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) def test_project_wiki_validate_name_diplay_correct_capitalization(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('CaPsLoCk', res) def test_project_wiki_validate_name_conflict_different_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CAPSLOCK') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) url = self.project.api_url_for('project_wiki_validate_name', wname='capslock') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_dashboard_shows_no_wiki_content_text(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 project = ProjectFactory(creator=self.user) url = project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in('No wiki content', res) def test_project_dashboard_wiki_wname_get_shows_non_ascii_characters(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 text = u'你好' self.project.update_node_wiki('home', text, Auth(self.user)) # can view wiki preview from project dashboard url = self.project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in(text, res) def test_project_wiki_home_api_route(self): url = self.project.api_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) # TODO: should this route exist? it redirects you to the web_url_for, not api_url_for. # page_url = self.project.api_url_for('project_wiki_page', wname='home') # assert_in(page_url, res.location) def test_project_wiki_home_web_route(self): page_url = self.project.web_url_for('project_wiki_page', wname='home', _guid=True) url = self.project.web_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) assert_in(page_url, res.location) def test_wiki_id_url_get_returns_302_and_resolves(self): name = 'page by id' self.project.update_node_wiki(name, 'some content', Auth(self.project.creator)) page = self.project.get_wiki_page(name) page_url = self.project.web_url_for('project_wiki_page', wname=page.page_name, _guid=True) url = self.project.web_url_for('project_wiki_id_page', wid=page._primary_key, _guid=True) res = self.app.get(url) assert_equal(res.status_code, 302) assert_in(page_url, res.location) res = res.follow() assert_equal(res.status_code, 200) assert_in(page_url, res.request.url) def test_wiki_id_url_get_returns_404(self): url = self.project.web_url_for('project_wiki_id_page', wid='12345', _guid=True) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_home_is_capitalized_in_web_view(self): url = self.project.web_url_for('project_wiki_home', wid='home', _guid=True) res = self.app.get(url, auth=self.user.auth).follow(auth=self.user.auth) page_name_elem = res.html.find('span', {'id': 'pageName'}) assert_in('Home', page_name_elem.text)
class TestBulkDeleteNodeLinks(ApiTestCase): def setUp(self): super(TestBulkDeleteNodeLinks, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=True) self.pointer_project_two = ProjectFactory(creator=self.user, is_public=True) self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.pointer_two = self.project.add_pointer(self.pointer_project_two, auth=Auth(self.user), save=True) self.private_payload = { "data": [ {"type": "node_links", "id": self.pointer._id}, {"type": "node_links", "id": self.pointer_two._id} ] } self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project_two = ProjectFactory(is_public=True, creator=self.user) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_pointer_two = self.public_project.add_pointer(self.public_pointer_project_two, auth=Auth(self.user), save=True) self.public_payload = { 'data': [ {'type': 'node_links', 'id': self.public_pointer._id}, {'type': 'node_links', 'id': self.public_pointer_two._id} ] } self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id) def test_bulk_delete_node_links_blank_request(self): res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) def test_bulk_delete_pointer_limits(self): res = self.app.delete_json_api(self.public_url, {'data': [self.public_payload['data'][0]] * 101}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.') assert_equal(res.json['errors'][0]['source']['pointer'], '/data') def test_bulk_delete_dict_inside_data(self): res = self.app.delete_json_api(self.public_url, {'data': {'id': self.public_project._id, 'type': 'node_links'}}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".') def test_bulk_delete_pointers_no_type(self): payload = {'data': [ {'id': self.public_pointer._id}, {'id': self.public_pointer_two._id} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['source']['pointer'], "/data/type") def test_bulk_delete_pointers_incorrect_type(self): payload = {'data': [ {'id': self.public_pointer._id, 'type': 'Incorrect type.'}, {'id': self.public_pointer_two._id, 'type': 'Incorrect type.'} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 409) def test_bulk_delete_pointers_no_id(self): payload = {'data': [ {'type': 'node_links'}, {'type': 'node_links'} ]} res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['source']['pointer'], "/data/id") def test_bulk_delete_pointers_no_data(self): res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Request must contain array of resource identifier objects.') def test_bulk_delete_pointers_payload_is_empty_dict(self): res = self.app.delete_json_api(self.public_url, {}, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 400) assert_equal(res.json['errors'][0]['detail'], 'Request must include /data.') def test_cannot_delete_if_registration(self): registration = RegistrationFactory(project=self.public_project) url = '/{}registrations/{}/node_links/'.format(API_BASE, registration._id) res = self.app.delete_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 405) def test_bulk_deletes_public_node_pointers_logged_out(self): res = self.app.delete_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) def test_bulk_deletes_public_node_pointers_fails_if_bad_auth(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user_two.auth, expect_errors=True, bulk=True) # This is could arguably be a 405, but we don't need to go crazy with status codes assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) self.public_project.reload() assert_equal(node_count_before, len(self.public_project.nodes_pointer)) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1) def test_bulk_deletes_public_node_pointers_succeeds_as_owner(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True) self.public_project.reload() assert_equal(res.status_code, 204) assert_equal(node_count_before - 2, len(self.public_project.nodes_pointer)) self.public_project.reload() def test_bulk_deletes_private_node_pointers_logged_out(self): res = self.app.delete_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_bulk_deletes_private_node_pointers_logged_in_contributor(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) assert_equal(len(self.project.nodes_pointer), 0) def test_bulk_deletes_private_node_pointers_logged_in_non_contributor(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_return_bulk_deleted_public_node_pointer(self): res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True) self.public_project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) #check that deleted pointer can not be returned res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_return_bulk_deleted_private_node_pointer(self): res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id) #check that deleted pointer can not be returned res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) # Regression test for https://openscience.atlassian.net/browse/OSF-4322 def test_bulk_delete_link_that_is_not_linked_to_correct_node(self): project = ProjectFactory(creator=self.user) # The node link belongs to a different project res = self.app.delete_json_api( self.private_url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True ) assert_equal(res.status_code, 400) errors = res.json['errors'] assert_equal(len(errors), 1) assert_equal(errors[0]['detail'], 'Node link does not belong to the requested node.')
class TestNodeLinksList(ApiTestCase): def setUp(self): super(TestNodeLinksList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=False, creator=self.user) self.pointer_project = ProjectFactory(is_public=False, creator=self.user) self.project.add_pointer(self.pointer_project, auth=Auth(self.user)) self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user)) self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_return_embedded_public_node_pointers_logged_out(self): res = self.app.get(self.public_url) res_json = res.json['data'] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_return_embedded_public_node_pointers_logged_in(self): res = self.app.get(self.public_url, auth=self.user_two.auth) res_json = res.json['data'] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_return_private_node_pointers_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) def test_return_private_node_pointers_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res_json), 1) embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.pointer_project._id) def test_return_private_node_pointers_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) def test_deleted_links_not_returned(self): res = self.app.get(self.public_url, expect_errors=True) res_json = res.json['data'] original_length = len(res_json) self.public_pointer_project.is_deleted = True self.public_pointer_project.save() res = self.app.get(self.public_url) res_json = res.json['data'] assert_equal(len(res_json), original_length - 1)
class TestExplorePublicActivity(OsfTestCase): def setUp(self): super(TestExplorePublicActivity, self).setUp() self.project = ProjectFactory(is_public=True) self.registration = RegistrationFactory(project=self.project) self.private_project = ProjectFactory(title="Test private project") self.popular_project = ProjectFactory(is_public=True) self.popular_registration = RegistrationFactory(project=self.project) # Add project to new and noteworthy projects self.new_and_noteworthy_links_node = ProjectFactory() self.new_and_noteworthy_links_node._id = settings.NEW_AND_NOTEWORTHY_LINKS_NODE self.new_and_noteworthy_links_node.add_pointer( self.project, auth=Auth(self.new_and_noteworthy_links_node.creator), save=True) # Set up popular projects and registrations self.popular_links_node = ProjectFactory() self.popular_links_node._id = settings.POPULAR_LINKS_NODE self.popular_links_node.add_pointer( self.popular_project, auth=Auth(self.popular_links_node.creator), save=True) self.popular_links_registrations = ProjectFactory() self.popular_links_registrations._id = settings.POPULAR_LINKS_REGISTRATIONS self.popular_links_registrations.add_pointer( self.popular_registration, auth=Auth(self.popular_links_registrations.creator), save=True) def tearDown(self): super(TestExplorePublicActivity, self).tearDown() Node.remove() def test_explore_page_loads_when_settings_not_configured(self): old_settings_values = settings.POPULAR_LINKS_NODE, settings.NEW_AND_NOTEWORTHY_LINKS_NODE, settings.POPULAR_LINKS_REGISTRATIONS settings.POPULAR_LINKS_NODE = 'notanode' settings.NEW_AND_NOTEWORTHY_LINKS_NODE = 'alsototallywrong' settings.POPULAR_LINKS_REGISTRATIONS = 'nopenope' url = self.project.web_url_for('activity') res = self.app.get(url) assert_equal(res.status_code, 200) settings.POPULAR_LINKS_NODE, settings.NEW_AND_NOTEWORTHY_LINKS_NODE, settings.POPULAR_LINKS_REGISTRATIONS = old_settings_values def test_new_and_noteworthy_and_popular_nodes_show_in_explore_activity( self): url = self.project.web_url_for('activity') res = self.app.get(url) # New and Noteworthy assert_in(str(self.project.title), res) assert_in(str(self.project.date_created.date()), res) assert_in(str(self.registration.title), res) assert_in(str(self.registration.registered_date.date()), res) assert_not_in(str(self.private_project.title), res) # Popular Projects and Registrations assert_in(str(self.popular_project.title), res) assert_in(str(self.popular_project.date_created.date()), res) assert_in(str(self.popular_registration.title), res) assert_in(str(self.popular_registration.registered_date.date()), res)
class TestWikiViews(OsfTestCase): def setUp(self): super(TestWikiViews, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=True, creator=self.user) self.consolidate_auth = Auth(user=self.project.creator) def test_wiki_url_get_returns_200(self): url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_404_with_no_write_permission(self): url = self.project.web_url_for('project_wiki_view', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) @mock.patch('website.addons.wiki.utils.broadcast_to_sharejs') def test_wiki_deleted_404_with_no_write_permission(self, mock_sharejs): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='funpage') res = self.app.get(url) assert_equal(res.status_code, 200) delete_url = self.project.api_url_for('project_wiki_delete', wname='funpage') self.app.delete(delete_url, auth=self.user.auth) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_wiki_url_with_path_get_returns_200(self): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.update_node_wiki('funpage', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for( 'project_wiki_view', wname='funpage', ) + '?view&compare=1&edit' res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_url_with_edit_get_returns_404_with_no_write_permission(self): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.update_node_wiki('funpage', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for( 'project_wiki_view', wname='funpage', compare=1, ) res = self.app.get(url) assert_equal(res.status_code, 200) url = self.project.web_url_for( 'project_wiki_view', wname='funpage', ) + '?edit' res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 403) def test_wiki_url_for_pointer_returns_200(self): # TODO: explain how this tests a pointer project = ProjectFactory(is_public=True) self.project.add_pointer(project, Auth(self.project.creator), save=True) url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_draft_returns_200(self): url = self.project.api_url_for('wiki_page_draft', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_content_returns_200(self): url = self.project.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) @mock.patch('website.addons.wiki.model.NodeWikiPage.rendered_before_update', new_callable=mock.PropertyMock) def test_wiki_content_use_python_render(self, mock_rendered_before_update): content = 'Some content' self.project.update_node_wiki('somerandomid', content, Auth(self.user)) self.project.save() mock_rendered_before_update.return_value = True url = self.project.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(content, res.json['wiki_content']) assert_in(content, res.json['wiki_rendered']) mock_rendered_before_update.return_value = False res = self.app.get(url, auth=self.user.auth) assert_equal(content, res.json['wiki_content']) assert_equal('', res.json['wiki_rendered']) def test_wiki_url_for_component_returns_200(self): component = NodeFactory(project=self.project, is_public=True) url = component.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_serialize_wiki_toc(self): project = ProjectFactory() auth = Auth(project.creator) NodeFactory(project=project, creator=project.creator) no_wiki = NodeFactory(project=project, creator=project.creator) project.save() serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 2) no_wiki.delete_addon('wiki', auth=auth) serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 1) def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_view', wname='home', _guid=True) ) def test_project_wiki_edit_post(self): self.project.update_node_wiki( 'home', content='old content', auth=Auth(self.project.creator) ) url = self.project.web_url_for('project_wiki_edit_post', wname='home') res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() # page was updated with new content new_wiki = self.project.get_wiki_page('home') assert_equal(new_wiki.content, 'new content') def test_project_wiki_edit_post_with_new_wname_and_no_content(self): # note: forward slashes not allowed in page_name page_name = fake.catch_phrase().replace('/', ' ') old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': ''}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) def test_project_wiki_edit_post_with_new_wname_and_content(self): # note: forward slashes not allowed in page_name page_name = fake.catch_phrase().replace('/' , ' ') page_content = fake.bs() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': page_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) # content was set assert_equal(new_page.content, page_content) def test_project_wiki_edit_post_with_non_ascii_title(self): # regression test for https://github.com/CenterForOpenScience/openscienceframework.org/issues/1040 # wname doesn't exist in the db, so it will be created new_wname = u'øˆ∆´ƒøßå√ß' url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) # updating content should return correct url as well. res = self.app.post(url, {'content': 'updated content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) def test_project_wiki_edit_post_with_special_characters(self): new_wname = 'title: ' + SPECIAL_CHARACTERS_ALLOWED new_wiki_content = 'content: ' + SPECIAL_CHARACTERS_ALL url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': new_wiki_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) assert_equal(wiki.content, new_wiki_content) assert_equal(res.status_code, 200) def test_wiki_edit_get_home(self): url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_view_scope(self): self.project.update_node_wiki('home', 'Version 1', Auth(self.user)) self.project.update_node_wiki('home', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home', view=2) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) url = self.project.web_url_for('project_wiki_view', wname='home', view=3) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) url = self.project.web_url_for('project_wiki_view', wname='home', view=0) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_project_wiki_compare_returns_200(self): self.project.update_node_wiki('home', 'updated content', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home') + '?compare' res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_scope(self): self.project.update_node_wiki('home', 'Version 1', Auth(self.user)) self.project.update_node_wiki('home', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home', compare=2) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) url = self.project.web_url_for('project_wiki_view', wname='home', compare=3) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) url = self.project.web_url_for('project_wiki_view', wname='home', compare=0) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_wiki_page_creation_strips_whitespace(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1080 # wname has a trailing space url = self.project.web_url_for('project_wiki_view', wname='cupcake ') res = self.app.post(url, {'content': 'blah'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page('cupcake') assert_is_not_none(wiki) def test_wiki_validate_name(self): url = self.project.api_url_for('project_wiki_validate_name', wname='Capslock') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_validate_name_cannot_create_home(self): url = self.project.api_url_for('project_wiki_validate_name', wname='home') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_wiki_validate_name_mixed_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_not_in('capslock', self.project.wiki_pages_current) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) def test_project_wiki_validate_name_diplay_correct_capitalization(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('CaPsLoCk', res) def test_project_wiki_validate_name_conflict_different_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CAPSLOCK') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) url = self.project.api_url_for('project_wiki_validate_name', wname='capslock') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_dashboard_shows_no_wiki_content_text(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 project = ProjectFactory(creator=self.user) url = project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in('No wiki content', res) def test_project_dashboard_wiki_wname_get_shows_non_ascii_characters(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 text = u'你好' self.project.update_node_wiki('home', text, Auth(self.user)) # can view wiki preview from project dashboard url = self.project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in(text, res) def test_project_wiki_home_api_route(self): url = self.project.api_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) # TODO: should this route exist? it redirects you to the web_url_for, not api_url_for. # page_url = self.project.api_url_for('project_wiki_view', wname='home') # assert_in(page_url, res.location) def test_project_wiki_home_web_route(self): page_url = self.project.web_url_for('project_wiki_view', wname='home', _guid=True) url = self.project.web_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) assert_in(page_url, res.location) def test_wiki_id_url_get_returns_302_and_resolves(self): name = 'page by id' self.project.update_node_wiki(name, 'some content', Auth(self.project.creator)) page = self.project.get_wiki_page(name) page_url = self.project.web_url_for('project_wiki_view', wname=page.page_name, _guid=True) url = self.project.web_url_for('project_wiki_id_page', wid=page._primary_key, _guid=True) res = self.app.get(url) assert_equal(res.status_code, 302) assert_in(page_url, res.location) res = res.follow() assert_equal(res.status_code, 200) assert_in(page_url, res.request.url) def test_wiki_id_url_get_returns_404(self): url = self.project.web_url_for('project_wiki_id_page', wid='12345', _guid=True) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_home_is_capitalized_in_web_view(self): url = self.project.web_url_for('project_wiki_home', wid='home', _guid=True) res = self.app.get(url, auth=self.user.auth).follow(auth=self.user.auth) page_name_elem = res.html.find('span', {'id': 'pageName'}) assert_in('Home', page_name_elem.text) def test_wiki_widget_no_content(self): url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_is_none(res.json['wiki_content']) def test_wiki_widget_short_content_no_cutoff(self): short_content = 'a' * 150 self.project.update_node_wiki('home', short_content, Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_in(short_content, res.json['wiki_content']) assert_not_in('...', res.json['wiki_content']) assert_false(res.json['more']) def test_wiki_widget_long_content_cutoff(self): long_content = 'a' * 600 self.project.update_node_wiki('home', long_content, Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_less(len(res.json['wiki_content']), 520) # wiggle room for closing tags assert_in('...', res.json['wiki_content']) assert_true(res.json['more']) @mock.patch('website.addons.wiki.model.NodeWikiPage.rendered_before_update', new_callable=mock.PropertyMock) def test_wiki_widget_use_python_render(self, mock_rendered_before_update): # New pages use js renderer mock_rendered_before_update.return_value = False self.project.update_node_wiki('home', 'updated content', Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_false(res.json['use_python_render']) # Old pages use python renderer mock_rendered_before_update.return_value = True res = self.app.get(url, auth=self.user.auth) assert_true(res.json['use_python_render']) def test_read_only_users_cannot_view_edit_pane(self): url = self.project.web_url_for('project_wiki_view', wname='home') # No write permissions res = self.app.get(url) assert_equal(res.status_code, 200) assert_not_in('data-osf-panel="Edit"', res.text) # Write permissions res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('data-osf-panel="Edit"', res.text)
class TestDeleteNodeLink(ApiTestCase): def setUp(self): super(TestDeleteNodeLink, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=True) self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) def test_delete_node_link_no_permissions_for_target_node(self): pointer_project = ProjectFactory(creator=self.user_two, is_public=False) pointer = self.public_project.add_pointer(pointer_project, auth=Auth(self.user), save=True) assert_in(pointer, self.public_project.nodes) url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, pointer._id) res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 204) self.public_project.reload() assert_not_in(pointer, self.public_project.nodes) def test_cannot_delete_if_registration(self): registration = RegistrationFactory(project=self.public_project) url = '/{}registrations/{}/node_links/'.format( API_BASE, registration._id, ) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) pointer_id = res.json['data'][0]['id'] url = '/{}nodes/{}/node_links/{}/'.format( API_BASE, registration._id, pointer_id, ) res = self.app.delete(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_deletes_public_node_pointer_logged_out(self): res = self.app.delete(self.public_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0].keys()) def test_deletes_public_node_pointer_fails_if_bad_auth(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete(self.public_url, auth=self.user_two.auth, expect_errors=True) # This is could arguably be a 405, but we don't need to go crazy with status codes assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) self.public_project.reload() assert_equal(node_count_before, len(self.public_project.nodes_pointer)) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_deletes_public_node_pointer_succeeds_as_owner(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete(self.public_url, auth=self.user.auth) self.public_project.reload() assert_equal(res.status_code, 204) assert_equal(node_count_before - 1, len(self.public_project.nodes_pointer)) def test_deletes_private_node_pointer_logged_out(self): res = self.app.delete(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_deletes_private_node_pointer_logged_in_contributor(self): res = self.app.delete(self.private_url, auth=self.user.auth) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) assert_equal(len(self.project.nodes_pointer), 0) def test_deletes_private_node_pointer_logged_in_non_contributor(self): res = self.app.delete(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_return_deleted_public_node_pointer(self): res = self.app.delete(self.public_url, auth=self.user.auth) self.public_project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) #check that deleted pointer can not be returned res = self.app.get(self.public_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_return_deleted_private_node_pointer(self): res = self.app.delete(self.private_url, auth=self.user.auth) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) #check that deleted pointer can not be returned res = self.app.get(self.private_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) # Regression test for https://openscience.atlassian.net/browse/OSF-4322 def test_delete_link_that_is_not_linked_to_correct_node(self): project = ProjectFactory(creator=self.user) # The node link belongs to a different project res = self.app.delete( '/{}nodes/{}/node_links/{}/'.format(API_BASE, project._id, self.public_pointer._id), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 404) errors = res.json['errors'] assert_equal(len(errors), 1) assert_equal(errors[0]['detail'], 'Node link does not belong to the requested node.')
class TestPopulateNewAndNoteworthy(OsfTestCase): def setUp(self): super(TestPopulateNewAndNoteworthy, self).setUp() self.pop1 = ProjectFactory() self.pop2 = ProjectFactory() self.pop3 = ProjectFactory() self.pop4 = ProjectFactory() self.pop5 = ProjectFactory() self.nn1 = ProjectFactory(is_public=True) self.nn2 = ProjectFactory(is_public=True) self.nn3 = ProjectFactory(is_public=True) self.nn4 = ProjectFactory(is_public=True) self.nn5 = ProjectFactory(is_public=True) self.user = UserFactory() today = datetime.datetime.now() self.last_month = ( today - dateutil.relativedelta.relativedelta(months=1)).isoformat() popular_json = { "popular_node_ids": [ self.pop1._id, self.pop2._id, self.pop3._id, self.pop4._id, self.pop5._id ] } self.popular_json_body = json.dumps(popular_json) def tearDown(self): super(TestPopulateNewAndNoteworthy, self).tearDown() Node.remove() def test_get_new_and_noteworthy_nodes(self): new_noteworthy = script.get_new_and_noteworthy_nodes() assert_equal(set(new_noteworthy), { self.nn1._id, self.nn2._id, self.nn3._id, self.nn4._id, self.nn5._id }) def test_populate_new_and_noteworthy(self): self.popular_links_node = ProjectFactory(creator=self.user) self.popular_links_node._id = POPULAR_LINKS_NODE self.popular_links_node.save() self.new_and_noteworthy_links_node = ProjectFactory() self.new_and_noteworthy_links_node._id = NEW_AND_NOTEWORTHY_LINKS_NODE self.new_and_noteworthy_links_node.save() popular_nodes = [self.pop1, self.pop2, self.pop3, self.pop4, self.pop5] for node in popular_nodes: self.popular_links_node.add_pointer(node, auth=Auth(self.user), save=True) assert_equal(len(self.popular_links_node.nodes), 5) assert_equal(len(self.new_and_noteworthy_links_node.nodes), 0) script.main(dry_run=False) self.popular_links_node.reload() self.new_and_noteworthy_links_node.reload() assert_equal(len(self.popular_links_node.nodes), 0) # verifies remove pointer is working assert_equal(len(self.new_and_noteworthy_links_node.nodes), 5) script.main(dry_run=False) self.popular_links_node.reload() self.new_and_noteworthy_links_node.reload() popular_node_links = [ pointer.node._id for pointer in self.popular_links_node.nodes ] assert_equal(popular_node_links, []) new_and_noteworthy_node_links = { pointer.node._id for pointer in self.new_and_noteworthy_links_node.nodes } assert_equal(set(new_and_noteworthy_node_links), { self.nn1._id, self.nn2._id, self.nn3._id, self.nn4._id, self.nn5._id })
class TestNodeLinksList(ApiTestCase): def setUp(self): super(TestNodeLinksList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=False, creator=self.user) self.pointer_project = ProjectFactory(is_public=False, creator=self.user) self.project.add_pointer(self.pointer_project, auth=Auth(self.user)) self.private_url = "/{}nodes/{}/node_links/".format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user)) self.public_url = "/{}nodes/{}/node_links/".format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_return_public_node_pointers_logged_out(self): res = self.app.get(self.public_url) res_json = res.json["data"] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") expected_path = node_url_for(self.public_pointer_project._id) actual_path = urlparse(res_json[0]["relationships"]["target_node"]["links"]["related"]["href"]).path assert_equal(expected_path, actual_path) def test_return_public_node_pointers_logged_in(self): res = self.app.get(self.public_url, auth=self.user_two.auth) res_json = res.json["data"] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") expected_path = node_url_for(self.public_pointer_project._id) actual_path = urlparse(res_json[0]["relationships"]["target_node"]["links"]["related"]["href"]).path assert_equal(expected_path, actual_path) def test_return_private_node_pointers_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in("detail", res.json["errors"][0]) def test_return_private_node_pointers_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json["data"] assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") assert_equal(len(res_json), 1) expected_path = node_url_for(self.pointer_project._id) actual_path = urlparse(res_json[0]["relationships"]["target_node"]["links"]["related"]["href"]).path assert_equal(expected_path, actual_path) def test_return_private_node_pointers_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in("detail", res.json["errors"][0]) def test_deleted_links_not_returned(self): res = self.app.get(self.public_url, expect_errors=True) res_json = res.json["data"] original_length = len(res_json) self.public_pointer_project.is_deleted = True self.public_pointer_project.save() res = self.app.get(self.public_url) res_json = res.json["data"] assert_equal(len(res_json), original_length - 1)
class TestNodeChildrenList(ApiTestCase): def setUp(self): super(TestNodeChildrenList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory() self.project.add_contributor( self.user, permissions=[permissions.READ, permissions.WRITE]) self.project.save() self.component = NodeFactory(parent=self.project, creator=self.user) self.pointer = ProjectFactory() self.project.add_pointer(self.pointer, auth=Auth(self.user), save=True) self.private_project_url = '/{}nodes/{}/children/'.format( API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.save() self.public_component = NodeFactory(parent=self.public_project, creator=self.user, is_public=True) self.public_project_url = '/{}nodes/{}/children/'.format( API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_node_children_list_does_not_include_pointers(self): res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(len(res.json['data']), 1) def test_return_public_node_children_list_logged_out(self): res = self.app.get(self.public_project_url) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.public_component._id) def test_return_public_node_children_list_logged_in(self): res = self.app.get(self.public_project_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.public_component._id) def test_return_private_node_children_list_logged_out(self): res = self.app.get(self.private_project_url, expect_errors=True) assert_equal(res.status_code, 401) assert 'detail' in res.json['errors'][0] def test_return_private_node_children_list_logged_in_contributor(self): res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res.json['data']), 1) assert_equal(res.json['data'][0]['id'], self.component._id) def test_return_private_node_children_list_logged_in_non_contributor(self): res = self.app.get(self.private_project_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert 'detail' in res.json['errors'][0] def test_node_children_list_does_not_include_unauthorized_projects(self): private_component = NodeFactory(parent=self.project) res = self.app.get(self.private_project_url, auth=self.user.auth) assert_equal(len(res.json['data']), 1) def test_node_children_list_does_not_include_deleted(self): child_project = NodeFactory(parent=self.public_project, creator=self.user) child_project.save() res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) ids = [node['id'] for node in res.json['data']] assert_in(child_project._id, ids) assert_equal(2, len(ids)) child_project.is_deleted = True child_project.save() res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) ids = [node['id'] for node in res.json['data']] assert_not_in(child_project._id, ids) assert_equal(1, len(ids)) def test_node_children_list_does_not_include_node_links(self): pointed_to = ProjectFactory(is_public=True) self.public_project.add_pointer(pointed_to, auth=Auth(self.public_project.creator)) res = self.app.get(self.public_project_url, auth=self.user.auth) ids = [node['id'] for node in res.json['data']] assert_in(self.public_component._id, ids) # sanity check assert_equal(len(ids), len([e for e in self.public_project.nodes if e.primary])) assert_not_in(pointed_to._id, ids)
class TestWikiViews(OsfTestCase): def setUp(self): super(TestWikiViews, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=True, creator=self.user) self.consolidate_auth = Auth(user=self.project.creator) def test_wiki_url_get_returns_200(self): url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_404_with_no_write_permission(self): url = self.project.web_url_for('project_wiki_view', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) @mock.patch('website.addons.wiki.utils.broadcast_to_sharejs') def test_wiki_deleted_404_with_no_write_permission(self, mock_sharejs): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='funpage') res = self.app.get(url) assert_equal(res.status_code, 200) delete_url = self.project.api_url_for('project_wiki_delete', wname='funpage') self.app.delete(delete_url, auth=self.user.auth) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_wiki_url_with_path_get_returns_200(self): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.update_node_wiki('funpage', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for( 'project_wiki_view', wname='funpage', ) + '?view&compare=1&edit' res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_url_with_edit_get_returns_404_with_no_write_permission(self): self.project.update_node_wiki('funpage', 'Version 1', Auth(self.user)) self.project.update_node_wiki('funpage', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for( 'project_wiki_view', wname='funpage', compare=1, ) res = self.app.get(url) assert_equal(res.status_code, 200) url = self.project.web_url_for( 'project_wiki_view', wname='funpage', ) + '?edit' res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 403) def test_wiki_url_for_pointer_returns_200(self): # TODO: explain how this tests a pointer project = ProjectFactory(is_public=True) self.project.add_pointer(project, Auth(self.project.creator), save=True) url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_draft_returns_200(self): url = self.project.api_url_for('wiki_page_draft', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_content_returns_200(self): url = self.project.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) @mock.patch('website.addons.wiki.model.NodeWikiPage.rendered_before_update', new_callable=mock.PropertyMock) def test_wiki_content_use_python_render(self, mock_rendered_before_update): content = 'Some content' self.project.update_node_wiki('somerandomid', content, Auth(self.user)) self.project.save() mock_rendered_before_update.return_value = True url = self.project.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url, auth=self.user.auth) assert_equal(content, res.json['wiki_content']) assert_in(content, res.json['wiki_rendered']) mock_rendered_before_update.return_value = False res = self.app.get(url, auth=self.user.auth) assert_equal(content, res.json['wiki_content']) assert_equal('', res.json['wiki_rendered']) def test_wiki_url_for_component_returns_200(self): component = NodeFactory(project=self.project, is_public=True) url = component.web_url_for('project_wiki_view', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_serialize_wiki_toc(self): project = ProjectFactory() auth = Auth(project.creator) NodeFactory(parent=project, creator=project.creator) no_wiki = NodeFactory(parent=project, creator=project.creator) project.save() serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 2) no_wiki.delete_addon('wiki', auth=auth) serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 1) def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_view', wname='home', _guid=True) ) def test_project_wiki_edit_post(self): self.project.update_node_wiki( 'home', content='old content', auth=Auth(self.project.creator) ) url = self.project.web_url_for('project_wiki_edit_post', wname='home') res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() # page was updated with new content new_wiki = self.project.get_wiki_page('home') assert_equal(new_wiki.content, 'new content') def test_project_wiki_edit_post_with_new_wname_and_no_content(self): # note: forward slashes not allowed in page_name page_name = fake.catch_phrase().replace('/', ' ') old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': ''}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) def test_project_wiki_edit_post_with_new_wname_and_content(self): # note: forward slashes not allowed in page_name page_name = fake.catch_phrase().replace('/' , ' ') page_content = fake.bs() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': page_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) # content was set assert_equal(new_page.content, page_content) def test_project_wiki_edit_post_with_non_ascii_title(self): # regression test for https://github.com/CenterForOpenScience/openscienceframework.org/issues/1040 # wname doesn't exist in the db, so it will be created new_wname = u'øˆ∆´ƒøßå√ß' url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': 'new content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) # updating content should return correct url as well. res = self.app.post(url, {'content': 'updated content'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) def test_project_wiki_edit_post_with_special_characters(self): new_wname = 'title: ' + SPECIAL_CHARACTERS_ALLOWED new_wiki_content = 'content: ' + SPECIAL_CHARACTERS_ALL url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, {'content': new_wiki_content}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) assert_equal(wiki.content, new_wiki_content) assert_equal(res.status_code, 200) def test_wiki_edit_get_home(self): url = self.project.web_url_for('project_wiki_view', wname='home') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_view_scope(self): self.project.update_node_wiki('home', 'Version 1', Auth(self.user)) self.project.update_node_wiki('home', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home', view=2) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) url = self.project.web_url_for('project_wiki_view', wname='home', view=3) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) url = self.project.web_url_for('project_wiki_view', wname='home', view=0) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_project_wiki_compare_returns_200(self): self.project.update_node_wiki('home', 'updated content', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home') + '?compare' res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_scope(self): self.project.update_node_wiki('home', 'Version 1', Auth(self.user)) self.project.update_node_wiki('home', 'Version 2', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_view', wname='home', compare=2) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) url = self.project.web_url_for('project_wiki_view', wname='home', compare=3) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) url = self.project.web_url_for('project_wiki_view', wname='home', compare=0) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 400) def test_wiki_page_creation_strips_whitespace(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1080 # wname has a trailing space url = self.project.web_url_for('project_wiki_view', wname='cupcake ') res = self.app.post(url, {'content': 'blah'}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page('cupcake') assert_is_not_none(wiki) def test_wiki_validate_name(self): url = self.project.api_url_for('project_wiki_validate_name', wname='Capslock') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_validate_name_cannot_create_home(self): url = self.project.api_url_for('project_wiki_validate_name', wname='home') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_wiki_validate_name_mixed_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_not_in('capslock', self.project.wiki_pages_current) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) def test_project_wiki_validate_name_diplay_correct_capitalization(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('CaPsLoCk', res) def test_project_wiki_validate_name_conflict_different_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CAPSLOCK') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) url = self.project.api_url_for('project_wiki_validate_name', wname='capslock') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_dashboard_shows_no_wiki_content_text(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 project = ProjectFactory(creator=self.user) url = project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in('No wiki content', res) def test_project_dashboard_wiki_wname_get_shows_non_ascii_characters(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 text = u'你好' self.project.update_node_wiki('home', text, Auth(self.user)) # can view wiki preview from project dashboard url = self.project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in(text, res) def test_project_wiki_home_api_route(self): url = self.project.api_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) # TODO: should this route exist? it redirects you to the web_url_for, not api_url_for. # page_url = self.project.api_url_for('project_wiki_view', wname='home') # assert_in(page_url, res.location) def test_project_wiki_home_web_route(self): page_url = self.project.web_url_for('project_wiki_view', wname='home', _guid=True) url = self.project.web_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) assert_in(page_url, res.location) def test_wiki_id_url_get_returns_302_and_resolves(self): name = 'page by id' self.project.update_node_wiki(name, 'some content', Auth(self.project.creator)) page = self.project.get_wiki_page(name) page_url = self.project.web_url_for('project_wiki_view', wname=page.page_name, _guid=True) url = self.project.web_url_for('project_wiki_id_page', wid=page._primary_key, _guid=True) res = self.app.get(url) assert_equal(res.status_code, 302) assert_in(page_url, res.location) res = res.follow() assert_equal(res.status_code, 200) assert_in(page_url, res.request.url) def test_wiki_id_url_get_returns_404(self): url = self.project.web_url_for('project_wiki_id_page', wid='12345', _guid=True) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_home_is_capitalized_in_web_view(self): url = self.project.web_url_for('project_wiki_home', wid='home', _guid=True) res = self.app.get(url, auth=self.user.auth).follow(auth=self.user.auth) page_name_elem = res.html.find('span', {'id': 'pageName'}) assert_in('Home', page_name_elem.text) def test_wiki_widget_no_content(self): url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_is_none(res.json['wiki_content']) def test_wiki_widget_short_content_no_cutoff(self): short_content = 'a' * 150 self.project.update_node_wiki('home', short_content, Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_in(short_content, res.json['wiki_content']) assert_not_in('...', res.json['wiki_content']) assert_false(res.json['more']) def test_wiki_widget_long_content_cutoff(self): long_content = 'a' * 600 self.project.update_node_wiki('home', long_content, Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_less(len(res.json['wiki_content']), 520) # wiggle room for closing tags assert_in('...', res.json['wiki_content']) assert_true(res.json['more']) @mock.patch('website.addons.wiki.model.NodeWikiPage.rendered_before_update', new_callable=mock.PropertyMock) def test_wiki_widget_use_python_render(self, mock_rendered_before_update): # New pages use js renderer mock_rendered_before_update.return_value = False self.project.update_node_wiki('home', 'updated content', Auth(self.user)) url = self.project.api_url_for('wiki_widget', wid='home') res = self.app.get(url, auth=self.user.auth) assert_false(res.json['use_python_render']) # Old pages use python renderer mock_rendered_before_update.return_value = True res = self.app.get(url, auth=self.user.auth) assert_true(res.json['use_python_render']) def test_read_only_users_cannot_view_edit_pane(self): url = self.project.web_url_for('project_wiki_view', wname='home') # No write permissions res = self.app.get(url) assert_equal(res.status_code, 200) assert_not_in('data-osf-panel="Edit"', res.text) # Write permissions res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('data-osf-panel="Edit"', res.text)
class TestNodeLinksList(ApiTestCase): def setUp(self): super(TestNodeLinksList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=False, creator=self.user) self.pointer_project = ProjectFactory(is_public=False, creator=self.user) self.project.add_pointer(self.pointer_project, auth=Auth(self.user)) self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user)) self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_return_embedded_public_node_pointers_logged_out(self): res = self.app.get(self.public_url) res_json = res.json['data'] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_return_embedded_public_node_pointers_logged_in(self): res = self.app.get(self.public_url, auth=self.user_two.auth) res_json = res.json['data'] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_return_private_node_pointers_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) def test_return_private_node_pointers_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(len(res_json), 1) embedded = res_json[0]['embeds']['target_node']['data']['id'] assert_equal(embedded, self.pointer_project._id) def test_return_private_node_pointers_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) def test_deleted_links_not_returned(self): res = self.app.get(self.public_url, expect_errors=True) res_json = res.json['data'] original_length = len(res_json) self.public_pointer_project.is_deleted = True self.public_pointer_project.save() res = self.app.get(self.public_url) res_json = res.json['data'] assert_equal(len(res_json), original_length - 1) def test_cannot_access_retracted_node_links_list(self): registration = RegistrationFactory(creator=self.user, project=self.public_project) url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id) retraction = RetractedRegistrationFactory(registration=registration, user=registration.creator) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
class TestNodeLinksList(ApiTestCase): def setUp(self): super(TestNodeLinksList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=False, creator=self.user) self.pointer_project = ProjectFactory(is_public=False, creator=self.user) self.project.add_pointer(self.pointer_project, auth=Auth(self.user)) self.private_url = "/{}nodes/{}/node_links/".format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user)) self.public_url = "/{}nodes/{}/node_links/".format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_return_embedded_public_node_pointers_logged_out(self): res = self.app.get(self.public_url) res_json = res.json["data"] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") embedded = res_json[0]["embeds"]["target_node"]["data"]["id"] assert_equal(embedded, self.public_pointer_project._id) def test_return_embedded_public_node_pointers_logged_in(self): res = self.app.get(self.public_url, auth=self.user_two.auth) res_json = res.json["data"] assert_equal(len(res_json), 1) assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") embedded = res_json[0]["embeds"]["target_node"]["data"]["id"] assert_equal(embedded, self.public_pointer_project._id) def test_return_private_node_pointers_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in("detail", res.json["errors"][0]) def test_return_private_node_pointers_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json["data"] assert_equal(res.status_code, 200) assert_equal(res.content_type, "application/vnd.api+json") assert_equal(len(res_json), 1) embedded = res_json[0]["embeds"]["target_node"]["data"]["id"] assert_equal(embedded, self.pointer_project._id) def test_return_private_node_pointers_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in("detail", res.json["errors"][0]) def test_deleted_links_not_returned(self): res = self.app.get(self.public_url, expect_errors=True) res_json = res.json["data"] original_length = len(res_json) self.public_pointer_project.is_deleted = True self.public_pointer_project.save() res = self.app.get(self.public_url) res_json = res.json["data"] assert_equal(len(res_json), original_length - 1) def test_cannot_access_retracted_node_links_list(self): registration = RegistrationFactory(creator=self.user, project=self.public_project) url = "/{}nodes/{}/node_links/".format(API_BASE, registration._id) retraction = RetractedRegistrationFactory(registration=registration, user=registration.creator) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
class TestPopulateNewAndNoteworthy(OsfTestCase): def setUp(self): super(TestPopulateNewAndNoteworthy, self).setUp() self.pop1 = ProjectFactory() self.pop2 = ProjectFactory() self.pop3 = ProjectFactory() self.pop4 = ProjectFactory() self.pop5 = ProjectFactory() self.nn1 = ProjectFactory(is_public=True) self.nn2 = ProjectFactory(is_public=True) self.nn3 = ProjectFactory(is_public=True) self.nn4 = ProjectFactory(is_public=True) self.nn5 = ProjectFactory(is_public=True) self.user = UserFactory() today = datetime.datetime.now() self.last_month = (today - dateutil.relativedelta.relativedelta(months=1)).isoformat() popular_json = {"popular_node_ids": [self.pop1._id, self.pop2._id, self.pop3._id, self.pop4._id, self.pop5._id]} self.popular_json_body = json.dumps(popular_json) def tearDown(self): super(TestPopulateNewAndNoteworthy, self).tearDown() Node.remove() def test_get_new_and_noteworthy_nodes(self): new_noteworthy = script.get_new_and_noteworthy_nodes() assert_equal(set(new_noteworthy), {self.nn1._id, self.nn2._id, self.nn3._id, self.nn4._id, self.nn5._id}) def test_populate_new_and_noteworthy(self): self.popular_links_node = ProjectFactory(creator=self.user) self.popular_links_node._id = POPULAR_LINKS_NODE self.popular_links_node.save() self.new_and_noteworthy_links_node = ProjectFactory() self.new_and_noteworthy_links_node._id = NEW_AND_NOTEWORTHY_LINKS_NODE self.new_and_noteworthy_links_node.save() popular_nodes = [self.pop1, self.pop2, self.pop3, self.pop4, self.pop5] for node in popular_nodes: self.popular_links_node.add_pointer(node, auth=Auth(self.user), save=True) assert_equal(len(self.popular_links_node.nodes), 5) assert_equal(len(self.new_and_noteworthy_links_node.nodes), 0) script.main(dry_run=False) self.popular_links_node.reload() self.new_and_noteworthy_links_node.reload() assert_equal(len(self.popular_links_node.nodes), 0) # verifies remove pointer is working assert_equal(len(self.new_and_noteworthy_links_node.nodes), 5) script.main(dry_run=False) self.popular_links_node.reload() self.new_and_noteworthy_links_node.reload() popular_node_links = [pointer.node._id for pointer in self.popular_links_node.nodes] assert_equal(popular_node_links, []) new_and_noteworthy_node_links = {pointer.node._id for pointer in self.new_and_noteworthy_links_node.nodes} assert_equal(set(new_and_noteworthy_node_links), {self.nn1._id, self.nn2._id, self.nn3._id, self.nn4._id, self.nn5._id})
class TestNodeLogList(ApiTestCase): def setUp(self): super(TestNodeLogList, self).setUp() self.user = AuthUserFactory() self.contrib = AuthUserFactory() self.creator = AuthUserFactory() self.user_auth = Auth(self.user) self.NodeLogFactory = ProjectFactory() self.pointer = ProjectFactory() self.private_project = ProjectFactory(is_public=False, creator=self.user) self.private_url = '/{}nodes/{}/logs/'.format(API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_url = '/{}nodes/{}/logs/'.format(API_BASE, self.public_project._id) def tearDown(self): super(TestNodeLogList, self).tearDown() NodeLog.remove() def test_add_tag(self): user_auth = Auth(self.user) self.public_project.add_tag("Jeff Spies", auth=user_auth) assert_equal("tag_added", self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_added') assert_equal("Jeff Spies", self.public_project.logs[OSF_LATEST].params['tag']) def test_remove_tag(self): user_auth = Auth(self.user) self.public_project.add_tag("Jeff Spies", auth=user_auth) assert_equal("tag_added", self.public_project.logs[OSF_LATEST].action) self.public_project.remove_tag("Jeff Spies", auth=self.user_auth) assert_equal("tag_removed", self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_removed') assert_equal("Jeff Spies", self.public_project.logs[OSF_LATEST].params['tag']) def test_project_created(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(self.public_project.logs[OSF_FIRST].action, "project_created") assert_equal(self.public_project.logs[OSF_FIRST].action,res.json['data'][API_LATEST]['attributes']['action']) def test_log_create_on_public_project(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_datetime_equal(parse_date(res.json['data'][API_FIRST]['attributes']['date']), self.public_project.logs[OSF_FIRST].date) assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.public_project.logs[OSF_FIRST].action) def test_log_create_on_private_project(self): res = self.app.get(self.private_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_datetime_equal(datetime.datetime.strptime(res.json['data'][API_FIRST]['attributes']['date'], "%Y-%m-%dT%H:%M:%S.%f"), self.private_project.logs[OSF_FIRST].date) assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.private_project.logs[OSF_FIRST].action) def test_add_addon(self): self.public_project.add_addon('github', auth=self.user_auth) assert_equal('addon_added', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_added') def test_project_add_remove_contributor(self): self.public_project.add_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_added', self.public_project.logs[OSF_LATEST].action) self.public_project.remove_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_removed', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'contributor_removed') assert_equal(res.json['data'][1]['attributes']['action'], 'contributor_added') def test_remove_addon(self): self.public_project.add_addon('github', auth=self.user_auth) assert_equal('addon_added', self.public_project.logs[OSF_LATEST].action) self.public_project.delete_addon('github', auth=self.user_auth) assert_equal('addon_removed', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_removed') def test_add_pointer(self): self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True) assert_equal('pointer_created', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'pointer_created')
class TestNodeLogList(ApiTestCase): def setUp(self): super(TestNodeLogList, self).setUp() self.user = AuthUserFactory() self.contrib = AuthUserFactory() self.creator = AuthUserFactory() self.user_auth = Auth(self.user) self.NodeLogFactory = ProjectFactory() self.pointer = ProjectFactory() self.private_project = ProjectFactory(is_public=False, creator=self.user) self.private_url = '/{}nodes/{}/logs/'.format(API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_url = '/{}nodes/{}/logs/'.format(API_BASE, self.public_project._id) def tearDown(self): super(TestNodeLogList, self).tearDown() NodeLog.remove() def test_add_tag(self): user_auth = Auth(self.user) self.public_project.add_tag("Jeff Spies", auth=user_auth) assert_equal("tag_added", self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_added') assert_equal("Jeff Spies", self.public_project.logs[OSF_LATEST].params['tag']) def test_remove_tag(self): user_auth = Auth(self.user) self.public_project.add_tag("Jeff Spies", auth=user_auth) assert_equal("tag_added", self.public_project.logs[OSF_LATEST].action) self.public_project.remove_tag("Jeff Spies", auth=self.user_auth) assert_equal("tag_removed", self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_removed') assert_equal("Jeff Spies", self.public_project.logs[OSF_LATEST].params['tag']) def test_project_created(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(self.public_project.logs[OSF_FIRST].action, "project_created") assert_equal(self.public_project.logs[OSF_FIRST].action, res.json['data'][API_LATEST]['attributes']['action']) def test_log_create_on_public_project(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_datetime_equal( parse_date(res.json['data'][API_FIRST]['attributes']['date']), self.public_project.logs[OSF_FIRST].date) assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.public_project.logs[OSF_FIRST].action) def test_log_create_on_private_project(self): res = self.app.get(self.private_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_datetime_equal( datetime.datetime.strptime( res.json['data'][API_FIRST]['attributes']['date'], "%Y-%m-%dT%H:%M:%S.%f"), self.private_project.logs[OSF_FIRST].date) assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.private_project.logs[OSF_FIRST].action) def test_add_addon(self): self.public_project.add_addon('github', auth=self.user_auth) assert_equal('addon_added', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_added') def test_project_add_remove_contributor(self): self.public_project.add_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_added', self.public_project.logs[OSF_LATEST].action) self.public_project.remove_contributor(self.contrib, auth=self.user_auth) assert_equal('contributor_removed', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'contributor_removed') assert_equal(res.json['data'][1]['attributes']['action'], 'contributor_added') def test_remove_addon(self): self.public_project.add_addon('github', auth=self.user_auth) assert_equal('addon_added', self.public_project.logs[OSF_LATEST].action) self.public_project.delete_addon('github', auth=self.user_auth) assert_equal('addon_removed', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_removed') def test_add_pointer(self): self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True) assert_equal('pointer_created', self.public_project.logs[OSF_LATEST].action) res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), len(self.public_project.logs)) assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'pointer_created')
class TestNodeForkCreate(ApiTestCase): def setUp(self): super(TestNodeForkCreate, self).setUp() self.user = AuthUserFactory() self.user_two = AuthUserFactory() self.user_three = AuthUserFactory() self.private_project = ProjectFactory(creator=self.user) self.fork_data = { 'data': { 'type': 'nodes' } } self.fork_data_with_title = { 'data': { 'type': 'nodes', 'attributes': {'title': 'My Forked Project'} } } self.private_project_url = '/{}nodes/{}/forks/'.format(API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project_url = '/{}nodes/{}/forks/'.format(API_BASE, self.public_project._id) def tearDown(self): super(TestNodeForkCreate, self).tearDown() Node.remove() def test_create_fork_from_public_project_with_new_title(self): res = self.app.post_json_api(self.public_project_url, self.fork_data_with_title, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], self.fork_data_with_title['data']['attributes']['title']) def test_create_fork_from_private_project_with_new_title(self): res = self.app.post_json_api(self.private_project_url, self.fork_data_with_title, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.private_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], self.fork_data_with_title['data']['attributes']['title']) def test_can_fork_public_node_logged_in(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, auth=self.user_two.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.public_project.title) def test_cannot_fork_public_node_logged_out(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_can_fork_public_node_logged_in_contributor(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.public_project.title) def test_cannot_fork_private_node_logged_out(self): res = self.app.post_json_api(self.private_project_url, self.fork_data, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_cannot_fork_private_node_logged_in_non_contributor(self): res = self.app.post_json_api(self.private_project_url, self.fork_data, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.') def test_can_fork_private_node_logged_in_contributor(self): res = self.app.post_json_api(self.private_project_url + '?embed=children&embed=node_links&embed=logs&embed=contributors&embed=forked_from', self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) data = res.json['data'] assert_equal(data['attributes']['title'], 'Fork of ' + self.private_project.title) fork_contributors = data['embeds']['contributors']['data'][0]['embeds']['users']['data'] assert_equal(fork_contributors['attributes']['family_name'], self.user.family_name) assert_equal(fork_contributors['id'], self.user._id) forked_from = data['embeds']['forked_from']['data'] assert_equal(forked_from['id'], self.private_project._id) def test_fork_private_components_no_access(self): url = self.public_project_url + '?embed=children' private_component = NodeFactory(parent=self.public_project, creator=self.user_two, is_public=False) res = self.app.post_json_api(url, self.fork_data, auth=self.user_three.auth) assert_equal(res.status_code, 201) # Private components that you do not have access to are not forked assert_equal(res.json['data']['embeds']['children']['links']['meta']['total'], 0) def test_fork_components_you_can_access(self): url = self.private_project_url + '?embed=children' new_component = NodeFactory(parent=self.private_project, creator=self.user) res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['embeds']['children']['links']['meta']['total'], 1) assert_equal(res.json['data']['embeds']['children']['data'][0]['id'], new_component.forks[0]._id) def test_fork_private_node_links(self): private_pointer = ProjectFactory(creator=self.user_two) actual_pointer = self.private_project.add_pointer(private_pointer, auth=Auth(self.user_two), save=True) url = self.private_project_url + '?embed=node_links' # Node link is forked, but shows up as a private node link res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['embeds']['node_links']['data'][0]['embeds']['target_node']['errors'][0]['detail'], 'You do not have permission to perform this action.') assert_equal(res.json['data']['embeds']['node_links']['links']['meta']['total'], 1) self.private_project.rm_pointer(actual_pointer, auth=Auth(self.user_two)) def test_fork_node_links_you_can_access(self): pointer = ProjectFactory(creator=self.user) self.private_project.add_pointer(pointer, auth=Auth(self.user_two), save=True) url = self.private_project_url + '?embed=node_links' res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['embeds']['node_links']['data'][0]['embeds']['target_node']['data']['id'], pointer._id) assert_equal(res.json['data']['embeds']['node_links']['links']['meta']['total'], 1) def test_can_fork_registration(self): registration = RegistrationFactory(project=self.private_project, user=self.user) url = '/{}registrations/{}/forks/'.format(API_BASE, registration._id) res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], registration.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + registration.title) def test_read_only_contributor_can_fork_private_registration(self): read_only_user = AuthUserFactory() self.private_project.add_contributor(read_only_user, permissions=[permissions.READ], save=True) res = self.app.post_json_api(self.private_project_url, self.fork_data, auth=read_only_user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.private_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.private_project.title)
class TestDeleteNodeLink(ApiTestCase): def setUp(self): super(TestDeleteNodeLink, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=True) self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) def test_delete_node_link_no_permissions_for_target_node(self): pointer_project = ProjectFactory(creator=self.user_two, is_public=False) pointer = self.public_project.add_pointer(pointer_project, auth=Auth(self.user), save=True) assert_in(pointer, self.public_project.nodes) url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, pointer._id) res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 204) self.public_project.reload() assert_not_in(pointer, self.public_project.nodes) def test_cannot_delete_if_registration(self): registration = RegistrationFactory(project=self.public_project) url = '/{}registrations/{}/node_links/'.format( API_BASE, registration._id, ) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) pointer_id = res.json['data'][0]['id'] url = '/{}nodes/{}/node_links/{}/'.format( API_BASE, registration._id, pointer_id, ) res = self.app.delete(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 403) def test_deletes_public_node_pointer_logged_out(self): res = self.app.delete(self.public_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0].keys()) def test_deletes_public_node_pointer_fails_if_bad_auth(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete(self.public_url, auth=self.user_two.auth, expect_errors=True) # This is could arguably be a 405, but we don't need to go crazy with status codes assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) self.public_project.reload() assert_equal(node_count_before, len(self.public_project.nodes_pointer)) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_deletes_public_node_pointer_succeeds_as_owner(self): node_count_before = len(self.public_project.nodes_pointer) res = self.app.delete(self.public_url, auth=self.user.auth) self.public_project.reload() assert_equal(res.status_code, 204) assert_equal(node_count_before - 1, len(self.public_project.nodes_pointer)) def test_deletes_private_node_pointer_logged_out(self): res = self.app.delete(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_deletes_private_node_pointer_logged_in_contributor(self): res = self.app.delete(self.private_url, auth=self.user.auth) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) assert_equal(len(self.project.nodes_pointer), 0) def test_deletes_private_node_pointer_logged_in_non_contributor(self): res = self.app.delete(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_in('detail', res.json['errors'][0]) @assert_logs(NodeLog.POINTER_REMOVED, 'public_project') def test_return_deleted_public_node_pointer(self): res = self.app.delete(self.public_url, auth=self.user.auth) self.public_project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) #check that deleted pointer can not be returned res = self.app.get(self.public_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) @assert_logs(NodeLog.POINTER_REMOVED, 'project') def test_return_deleted_private_node_pointer(self): res = self.app.delete(self.private_url, auth=self.user.auth) self.project.reload() # Update the model to reflect changes made by post request assert_equal(res.status_code, 204) #check that deleted pointer can not be returned res = self.app.get(self.private_url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) # Regression test for https://openscience.atlassian.net/browse/OSF-4322 def test_delete_link_that_is_not_linked_to_correct_node(self): project = ProjectFactory(creator=self.user) # The node link belongs to a different project res = self.app.delete( '/{}nodes/{}/node_links/{}/'.format(API_BASE, project._id, self.public_pointer._id), auth=self.user.auth, expect_errors=True ) assert_equal(res.status_code, 404) errors = res.json['errors'] assert_equal(len(errors), 1) assert_equal(errors[0]['detail'], 'Node link does not belong to the requested node.')
class TestNodeForksList(ApiTestCase): def setUp(self): super(TestNodeForksList, self).setUp() self.user = AuthUserFactory() self.private_project = ProjectFactory() self.private_project.add_contributor(self.user, permissions=[permissions.READ, permissions.WRITE]) self.private_project.save() self.component = NodeFactory(parent=self.private_project, creator=self.user) self.pointer = ProjectFactory(creator=self.user) self.private_project.add_pointer(self.pointer, auth=Auth(self.user), save=True) self.private_fork = ForkFactory(project=self.private_project, user=self.user) self.private_project_url = '/{}nodes/{}/forks/'.format(API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.save() self.public_component = NodeFactory(parent=self.public_project, creator=self.user, is_public=True) self.public_project_url = '/{}nodes/{}/forks/'.format(API_BASE, self.public_project._id) self.public_fork = ForkFactory(project=self.public_project, user=self.user) self.user_two = AuthUserFactory() def test_can_access_public_node_forks_list_when_unauthenticated(self): res = self.app.get(self.public_project_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 0) # Fork defaults to private assert_equal(self.public_fork.is_public, False) self.public_fork.is_public = True self.public_fork.save() res = self.app.get(self.public_project_url) assert_equal(len(res.json['data']), 1) assert_equal(self.public_fork.is_public, True) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_can_access_public_node_forks_list_authenticated_contributor(self): res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(self.public_fork.is_public, False) assert_equal(len(res.json['data']), 1) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_can_access_public_node_forks_list_authenticated_non_contributor(self): res = self.app.get(self.public_project_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 0) # Fork defaults to private assert_equal(self.public_fork.is_public, False) self.public_fork.is_public = True self.public_fork.save() res = self.app.get(self.public_project_url) assert_equal(len(res.json['data']), 1) assert_equal(self.public_fork.is_public, True) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_cannot_access_private_node_forks_list_unauthenticated(self): res = self.app.get(self.private_project_url, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_authenticated_contributor_can_access_private_node_forks_list(self): res = self.app.get(self.private_project_url + '?embed=children&embed=node_links&embed=logs&embed=contributors&embed=forked_from', auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 1) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.private_project.title) assert_equal(data['id'], self.private_fork._id) fork_contributors = data['embeds']['contributors']['data'][0]['embeds']['users']['data'] assert_equal(fork_contributors['attributes']['family_name'], self.user.family_name) assert_equal(fork_contributors['id'], self.user._id) forked_children = data['embeds']['children']['data'][0] assert_equal(forked_children['id'], self.component.forks[0]._id) assert_equal(forked_children['attributes']['title'], self.component.title) forked_node_links = data['embeds']['node_links']['data'][0]['embeds']['target_node']['data'] assert_equal(forked_node_links['id'], self.pointer._id) assert_equal(forked_node_links['attributes']['title'], self.pointer.title) expected_logs = [log.action for log in self.private_project.logs] expected_logs.append(self.component.logs[0].action) expected_logs.append('node_forked') expected_logs.append('node_forked') forked_logs = data['embeds']['logs']['data'] assert_equal(set(expected_logs), set(log['attributes']['action'] for log in forked_logs)) assert_equal(len(forked_logs), 6) forked_from = data['embeds']['forked_from']['data'] assert_equal(forked_from['id'], self.private_project._id) def test_authenticated_non_contributor_cannot_access_private_node_forks_list(self): res = self.app.get(self.private_project_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
class TestNodeForksList(ApiTestCase): def setUp(self): super(TestNodeForksList, self).setUp() self.user = AuthUserFactory() self.private_project = ProjectFactory() self.private_project.add_contributor( self.user, permissions=[permissions.READ, permissions.WRITE]) self.private_project.save() self.component = NodeFactory(parent=self.private_project, creator=self.user) self.pointer = ProjectFactory(creator=self.user) self.private_project.add_pointer(self.pointer, auth=Auth(self.user), save=True) self.private_fork = ForkFactory(project=self.private_project, user=self.user) self.private_project_url = '/{}nodes/{}/forks/'.format( API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.save() self.public_component = NodeFactory(parent=self.public_project, creator=self.user, is_public=True) self.public_project_url = '/{}nodes/{}/forks/'.format( API_BASE, self.public_project._id) self.public_fork = ForkFactory(project=self.public_project, user=self.user) self.user_two = AuthUserFactory() def test_can_access_public_node_forks_list_when_unauthenticated(self): res = self.app.get(self.public_project_url) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 0) # Fork defaults to private assert_equal(self.public_fork.is_public, False) self.public_fork.is_public = True self.public_fork.save() res = self.app.get(self.public_project_url) assert_equal(len(res.json['data']), 1) assert_equal(self.public_fork.is_public, True) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_can_access_public_node_forks_list_authenticated_contributor(self): res = self.app.get(self.public_project_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(self.public_fork.is_public, False) assert_equal(len(res.json['data']), 1) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_can_access_public_node_forks_list_authenticated_non_contributor( self): res = self.app.get(self.public_project_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 0) # Fork defaults to private assert_equal(self.public_fork.is_public, False) self.public_fork.is_public = True self.public_fork.save() res = self.app.get(self.public_project_url) assert_equal(len(res.json['data']), 1) assert_equal(self.public_fork.is_public, True) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.public_project.title) assert_equal(data['id'], self.public_fork._id) assert_equal(data['attributes']['registration'], False) assert_equal(data['attributes']['fork'], True) def test_cannot_access_private_node_forks_list_unauthenticated(self): res = self.app.get(self.private_project_url, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_authenticated_contributor_can_access_private_node_forks_list( self): res = self.app.get( self.private_project_url + '?embed=children&embed=node_links&embed=logs&embed=contributors&embed=forked_from', auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(len(res.json['data']), 1) data = res.json['data'][0] assert_equal(data['attributes']['title'], 'Fork of ' + self.private_project.title) assert_equal(data['id'], self.private_fork._id) fork_contributors = data['embeds']['contributors']['data'][0][ 'embeds']['users']['data'] assert_equal(fork_contributors['attributes']['family_name'], self.user.family_name) assert_equal(fork_contributors['id'], self.user._id) forked_children = data['embeds']['children']['data'][0] assert_equal(forked_children['id'], self.component.forks[0]._id) assert_equal(forked_children['attributes']['title'], self.component.title) forked_node_links = data['embeds']['node_links']['data'][0]['embeds'][ 'target_node']['data'] assert_equal(forked_node_links['id'], self.pointer._id) assert_equal(forked_node_links['attributes']['title'], self.pointer.title) expected_logs = [log.action for log in self.private_project.logs] expected_logs.append(self.component.logs[0].action) expected_logs.append('node_forked') expected_logs.append('node_forked') forked_logs = data['embeds']['logs']['data'] assert_equal(set(expected_logs), set(log['attributes']['action'] for log in forked_logs)) assert_equal(len(forked_logs), 6) forked_from = data['embeds']['forked_from']['data'] assert_equal(forked_from['id'], self.private_project._id) def test_authenticated_non_contributor_cannot_access_private_node_forks_list( self): res = self.app.get(self.private_project_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
class TestNodeForkCreate(ApiTestCase): def setUp(self): super(TestNodeForkCreate, self).setUp() self.user = AuthUserFactory() self.user_two = AuthUserFactory() self.user_three = AuthUserFactory() self.private_project = ProjectFactory(creator=self.user) self.fork_data = {'data': {'type': 'nodes'}} self.fork_data_with_title = { 'data': { 'type': 'nodes', 'attributes': { 'title': 'My Forked Project' } } } self.private_project_url = '/{}nodes/{}/forks/'.format( API_BASE, self.private_project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project_url = '/{}nodes/{}/forks/'.format( API_BASE, self.public_project._id) def tearDown(self): super(TestNodeForkCreate, self).tearDown() Node.remove() def test_create_fork_from_public_project_with_new_title(self): res = self.app.post_json_api(self.public_project_url, self.fork_data_with_title, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], self.fork_data_with_title['data']['attributes']['title']) def test_create_fork_from_private_project_with_new_title(self): res = self.app.post_json_api(self.private_project_url, self.fork_data_with_title, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.private_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], self.fork_data_with_title['data']['attributes']['title']) def test_can_fork_public_node_logged_in(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, auth=self.user_two.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.public_project.title) def test_cannot_fork_public_node_logged_out(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_can_fork_public_node_logged_in_contributor(self): res = self.app.post_json_api(self.public_project_url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.public_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.public_project.title) def test_cannot_fork_private_node_logged_out(self): res = self.app.post_json_api(self.private_project_url, self.fork_data, expect_errors=True) assert_equal(res.status_code, 401) assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_cannot_fork_private_node_logged_in_non_contributor(self): res = self.app.post_json_api(self.private_project_url, self.fork_data, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.') def test_can_fork_private_node_logged_in_contributor(self): res = self.app.post_json_api( self.private_project_url + '?embed=children&embed=node_links&embed=logs&embed=contributors&embed=forked_from', self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) data = res.json['data'] assert_equal(data['attributes']['title'], 'Fork of ' + self.private_project.title) fork_contributors = data['embeds']['contributors']['data'][0][ 'embeds']['users']['data'] assert_equal(fork_contributors['attributes']['family_name'], self.user.family_name) assert_equal(fork_contributors['id'], self.user._id) forked_from = data['embeds']['forked_from']['data'] assert_equal(forked_from['id'], self.private_project._id) def test_fork_private_components_no_access(self): url = self.public_project_url + '?embed=children' private_component = NodeFactory(parent=self.public_project, creator=self.user_two, is_public=False) res = self.app.post_json_api(url, self.fork_data, auth=self.user_three.auth) assert_equal(res.status_code, 201) # Private components that you do not have access to are not forked assert_equal( res.json['data']['embeds']['children']['links']['meta']['total'], 0) def test_fork_components_you_can_access(self): url = self.private_project_url + '?embed=children' new_component = NodeFactory(parent=self.private_project, creator=self.user) res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal( res.json['data']['embeds']['children']['links']['meta']['total'], 1) assert_equal(res.json['data']['embeds']['children']['data'][0]['id'], new_component.forks[0]._id) assert_equal( res.json['data']['embeds']['children']['data'][0]['attributes'] ['title'], new_component.title) def test_fork_private_node_links(self): private_pointer = ProjectFactory(creator=self.user_two) actual_pointer = self.private_project.add_pointer(private_pointer, auth=Auth( self.user_two), save=True) url = self.private_project_url + '?embed=node_links' # Node link is forked, but shows up as a private node link res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal( res.json['data']['embeds']['node_links']['data'][0]['embeds'] ['target_node']['errors'][0]['detail'], 'You do not have permission to perform this action.') assert_equal( res.json['data']['embeds']['node_links']['links']['meta']['total'], 1) self.private_project.rm_pointer(actual_pointer, auth=Auth(self.user_two)) def test_fork_node_links_you_can_access(self): pointer = ProjectFactory(creator=self.user) self.private_project.add_pointer(pointer, auth=Auth(self.user_two), save=True) url = self.private_project_url + '?embed=node_links' res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal( res.json['data']['embeds']['node_links']['data'][0]['embeds'] ['target_node']['data']['id'], pointer._id) assert_equal( res.json['data']['embeds']['node_links']['links']['meta']['total'], 1) def test_can_fork_registration(self): registration = RegistrationFactory(project=self.private_project, user=self.user) url = '/{}registrations/{}/forks/'.format(API_BASE, registration._id) res = self.app.post_json_api(url, self.fork_data, auth=self.user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], registration.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + registration.title) def test_read_only_contributor_can_fork_private_registration(self): read_only_user = AuthUserFactory() self.private_project.add_contributor(read_only_user, permissions=[permissions.READ], save=True) res = self.app.post_json_api(self.private_project_url, self.fork_data, auth=read_only_user.auth) assert_equal(res.status_code, 201) assert_equal(res.json['data']['id'], self.private_project.forks[0]._id) assert_equal(res.json['data']['attributes']['title'], 'Fork of ' + self.private_project.title)
class TestWikiViews(OsfTestCase): def setUp(self): super(TestWikiViews, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=True, creator=self.user) self.consolidate_auth = Auth(user=self.project.creator) def test_wiki_url_get_returns_200(self): url = self.project.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_for_pointer_returns_200(self): # TODO: explain how this tests a pointer project = ProjectFactory(is_public=True) self.project.add_pointer(project, Auth(self.project.creator), save=True) url = self.project.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_content_returns_200(self): node = ProjectFactory(is_public=True) url = node.api_url_for('wiki_page_content', wname='somerandomid') res = self.app.get(url) assert_equal(res.status_code, 200) def test_wiki_url_for_component_returns_200(self): component = NodeFactory(project=self.project, is_public=True) url = component.web_url_for('project_wiki_page', wname='home') res = self.app.get(url) assert_equal(res.status_code, 200) def test_serialize_wiki_toc(self): project = ProjectFactory() auth = Auth(project.creator) NodeFactory(project=project, creator=project.creator) no_wiki = NodeFactory(project=project, creator=project.creator) project.save() serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 2) no_wiki.delete_addon('wiki', auth=auth) serialized = _serialize_wiki_toc(project, auth=auth) assert_equal(len(serialized), 1) def test_get_wiki_url_pointer_component(self): """Regression test for issues https://github.com/CenterForOpenScience/osf/issues/363 and https://github.com/CenterForOpenScience/openscienceframework.org/issues/574 """ user = UserFactory() pointed_node = NodeFactory(creator=user) project = ProjectFactory(creator=user) auth = Auth(user=user) project.add_pointer(pointed_node, auth=auth, save=True) serialized = _serialize_wiki_toc(project, auth) assert_equal( serialized[0]['url'], pointed_node.web_url_for('project_wiki_page', wname='home', _guid=True)) def test_project_wiki_edit_post(self): self.project.update_node_wiki('home', content='old content', auth=Auth(self.project.creator)) url = self.project.web_url_for('project_wiki_edit_post', wname='home') res = self.app.post(url, { 'content': 'new content' }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() # page was updated with new content new_wiki = self.project.get_wiki_page('home') assert_equal(new_wiki.content, 'new content') def test_project_wiki_edit_post_with_new_wname_and_no_content(self): page_name = fake.catch_phrase() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, {'content': ''}, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) def test_project_wiki_edit_post_with_new_wname_and_content(self): page_name, page_content = fake.catch_phrase(), fake.bs() old_wiki_page_count = NodeWikiPage.find().count() url = self.project.web_url_for('project_wiki_edit_post', wname=page_name) # User submits to edit form with no content res = self.app.post(url, { 'content': page_content }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) new_wiki_page_count = NodeWikiPage.find().count() # A new wiki page was created in the db assert_equal(new_wiki_page_count, old_wiki_page_count + 1) # Node now has the new wiki page associated with it self.project.reload() new_page = self.project.get_wiki_page(page_name) assert_is_not_none(new_page) # content was set assert_equal(new_page.content, page_content) def test_project_wiki_edit_post_with_non_ascii_title(self): # regression test for https://github.com/CenterForOpenScience/openscienceframework.org/issues/1040 # wname doesn't exist in the db, so it will be created new_wname = u'øˆ∆´ƒøßå√ß' url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, { 'content': 'new content' }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) # updating content should return correct url as well. res = self.app.post(url, { 'content': 'updated content' }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) def test_project_wiki_edit_post_with_special_characters(self): new_wname = 'title: ' + SPECIAL_CHARACTERS_ALLOWED new_wiki_content = 'content: ' + SPECIAL_CHARACTERS_ALL url = self.project.web_url_for('project_wiki_edit_post', wname=new_wname) res = self.app.post(url, { 'content': new_wiki_content }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page(new_wname) assert_equal(wiki.page_name, new_wname) assert_equal(wiki.content, new_wiki_content) assert_equal(res.status_code, 200) def test_wiki_edit_get_home(self): url = self.project.web_url_for('project_wiki_edit', wname='home') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_returns_200(self): self.project.update_node_wiki('home', 'updated content', Auth(self.user)) self.project.save() url = self.project.web_url_for('project_wiki_compare', wname='home', wver=1) res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_project_wiki_compare_with_invalid_wname(self): url = self.project.web_url_for('project_wiki_compare', wname='this-doesnt-exist', wver=1) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) def test_wiki_page_creation_strips_whitespace(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1080 # wname has a trailing space url = self.project.web_url_for('project_wiki_edit', wname='cupcake ') res = self.app.post(url, { 'content': 'blah' }, auth=self.user.auth).follow() assert_equal(res.status_code, 200) self.project.reload() wiki = self.project.get_wiki_page('cupcake') assert_is_not_none(wiki) def test_wiki_validate_name(self): url = self.project.api_url_for('project_wiki_validate_name', wname='Capslock') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) def test_wiki_validate_name_cannot_create_home(self): url = self.project.api_url_for('project_wiki_validate_name', wname='home') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_wiki_validate_name_mixed_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_not_in('capslock', self.project.wiki_pages_current) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) def test_project_wiki_validate_name_diplay_correct_capitalization(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CaPsLoCk') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_in('CaPsLoCk', res) def test_project_wiki_validate_name_conflict_different_casing(self): url = self.project.api_url_for('project_wiki_validate_name', wname='CAPSLOCK') res = self.app.get(url, auth=self.user.auth) assert_equal(res.status_code, 200) self.project.update_node_wiki('CaPsLoCk', 'hello', self.consolidate_auth) assert_in('capslock', self.project.wiki_pages_current) url = self.project.api_url_for('project_wiki_validate_name', wname='capslock') res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 409) def test_project_dashboard_shows_no_wiki_content_text(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 project = ProjectFactory(creator=self.user) url = project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in('No wiki content', res) def test_project_dashboard_wiki_wname_get_shows_non_ascii_characters(self): # Regression test for: # https://github.com/CenterForOpenScience/openscienceframework.org/issues/1104 text = u'你好' self.project.update_node_wiki('home', text, Auth(self.user)) # can view wiki preview from project dashboard url = self.project.web_url_for('view_project') res = self.app.get(url, auth=self.user.auth) assert_in(text, res) def test_project_wiki_home_api_route(self): url = self.project.api_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) # TODO: should this route exist? it redirects you to the web_url_for, not api_url_for. # page_url = self.project.api_url_for('project_wiki_page', wname='home') # assert_in(page_url, res.location) def test_project_wiki_home_web_route(self): page_url = self.project.web_url_for('project_wiki_page', wname='home', _guid=True) url = self.project.web_url_for('project_wiki_home') res = self.app.get(url, auth=self.user.auth) assert_equals(res.status_code, 302) assert_in(page_url, res.location) def test_wiki_id_url_get_returns_302_and_resolves(self): name = 'page by id' self.project.update_node_wiki(name, 'some content', Auth(self.project.creator)) page = self.project.get_wiki_page(name) page_url = self.project.web_url_for('project_wiki_page', wname=page.page_name, _guid=True) url = self.project.web_url_for('project_wiki_id_page', wid=page._primary_key, _guid=True) res = self.app.get(url) assert_equal(res.status_code, 302) assert_in(page_url, res.location) res = res.follow() assert_equal(res.status_code, 200) assert_in(page_url, res.request.url) def test_wiki_id_url_get_returns_404(self): url = self.project.web_url_for('project_wiki_id_page', wid='12345', _guid=True) res = self.app.get(url, expect_errors=True) assert_equal(res.status_code, 404) def test_home_is_capitalized_in_web_view(self): url = self.project.web_url_for('project_wiki_home', wid='home', _guid=True) res = self.app.get(url, auth=self.user.auth).follow(auth=self.user.auth) page_name_elem = res.html.find('span', {'id': 'pageName'}) assert_in('Home', page_name_elem.text)
class TestNodeLinkDetail(ApiTestCase): def setUp(self): super(TestNodeLinkDetail, self).setUp() self.user = AuthUserFactory() self.private_project = ProjectFactory(creator=self.user, is_public=False) self.pointer_project = ProjectFactory(creator=self.user, is_public=False) self.pointer = self.private_project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True) self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.private_project._id, self.pointer._id) self.user_two = AuthUserFactory() self.public_project = ProjectFactory(creator=self.user, is_public=True) self.public_pointer_project = ProjectFactory(is_public=True) self.public_pointer = self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user), save=True) self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id) def test_returns_embedded_public_node_pointer_detail_logged_out(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') res_json = res.json['data'] embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_returns_public_node_pointer_detail_logged_in(self): res = self.app.get(self.public_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.public_pointer_project._id) def test_returns_private_node_pointer_detail_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 200) target_node = res.json['data']['embeds']['target_node'] assert_in('errors', target_node) assert_equal(target_node['errors'][0]['detail'], 'Authentication credentials were not provided.') def test_returns_private_node_pointer_detail_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) res_json = res.json['data'] assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') embedded = res_json['embeds']['target_node']['data']['id'] assert_equal(embedded, self.pointer_project._id) def test_returns_private_node_pointer_detail_logged_in_non_contributor(self): res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True) assert_equal(res.status_code, 200) target_node = res.json['data']['embeds']['target_node'] assert_in('errors', target_node) assert_equal(target_node['errors'][0]['detail'], 'You do not have permission to perform this action.') def test_self_link_points_to_node_link_detail_url(self): res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) url = res.json['data']['links']['self'] assert_in(self.public_url, url) def test_node_links_bad_version(self): url = '{}?version=2.1'.format(self.public_url) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404) assert_equal(res.json['errors'][0]['detail'], 'This feature is deprecated as of version 2.1')