def test_releaseapi_get_with_permission(api_rf, build_release_with_files):
release = build_release_with_files(["file.txt"])
rfile = release.files.first()
ProjectMembershipFactory(
user=release.created_by,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = release.created_by
response = ReleaseAPI.as_view()(request, release_id=release.id)
assert response.status_code == 200
rfile = release.files.first()
assert response.data == {
"files": [
{
"name": "file.txt",
"id": rfile.pk,
"url": f"/api/v2/releases/file/{rfile.id}",
"user": rfile.created_by.username,
"date": rfile.created_at.isoformat(),
"size": rfile.size,
"sha256": rfile.filehash,
"is_deleted": False,
"backend": release.backend.name,
"metadata": None,
"review": None,
}
],
}
def test_releaseworkspaceapi_get_with_permission(api_rf, build_release_with_files):
workspace = WorkspaceFactory()
backend1 = BackendFactory(slug="backend1")
backend2 = BackendFactory(slug="backend2")
user = UserFactory()
ProjectMembershipFactory(
user=user, project=workspace.project, roles=[ProjectCollaborator]
)
# two release for same filename but different content
release1 = build_release_with_files(
["file1.txt"], workspace=workspace, backend=backend1, created_by=user
)
rfile1 = release1.files.first()
release2 = build_release_with_files(
["file1.txt"], workspace=workspace, backend=backend2, created_by=user
)
rfile2 = release2.files.first()
request = api_rf.get("/")
request.user = user
response = ReleaseWorkspaceAPI.as_view()(request, workspace_name=workspace.name)
assert response.status_code == 200
assert response.data == {
"files": [
{
"name": "backend2/file1.txt",
"id": rfile2.pk,
"url": f"/api/v2/releases/file/{rfile2.id}",
"user": rfile2.created_by.username,
"date": rfile2.created_at.isoformat(),
"size": rfile2.size,
"sha256": rfile2.filehash,
"is_deleted": False,
"backend": release2.backend.name,
"metadata": None,
"review": None,
},
{
"name": "backend1/file1.txt",
"id": rfile1.pk,
"url": f"/api/v2/releases/file/{rfile1.id}",
"user": rfile1.created_by.username,
"date": rfile1.created_at.isoformat(),
"size": rfile1.size,
"sha256": rfile1.filehash,
"is_deleted": False,
"backend": release1.backend.name,
"metadata": None,
"review": None,
},
],
}
def test_userapidetail_success(api_rf):
backend = BackendFactory()
org = OrgFactory()
project = ProjectFactory(org=org)
user = UserFactory(roles=[CoreDeveloper])
OrgMembershipFactory(org=org, user=user, roles=[OrgCoordinator])
ProjectMembershipFactory(project=project,
user=user,
roles=[ProjectDeveloper])
request = api_rf.get("/", HTTP_AUTHORIZATION=backend.auth_token)
response = UserAPIDetail.as_view()(request, username=user.username)
assert response.status_code == 200
# permissions
permissions = response.data["permissions"]
assert permissions["global"] == [
"application_manage",
"backend_manage",
"org_create",
"user_manage",
]
assert permissions["orgs"] == [
# we have no permissions for OrgCoordinator yet
{
"slug": org.slug,
"permissions": [],
},
]
assert permissions["projects"] == [{
"slug":
project.slug,
"permissions": [
"job_cancel",
"job_run",
"snapshot_create",
"workspace_archive",
"workspace_create",
"workspace_toggle_notifications",
],
}]
# roles
roles = response.data["roles"]
assert roles["global"] == ["CoreDeveloper"]
assert roles["orgs"] == [{"slug": org.slug, "roles": ["OrgCoordinator"]}]
assert roles["projects"] == [{
"slug": project.slug,
"roles": ["ProjectDeveloper"]
}]
def test_snapshotcreate_unknown_files(api_rf):
workspace = WorkspaceFactory()
user = UserFactory()
ProjectMembershipFactory(
project=workspace.project, user=user, roles=[ProjectDeveloper]
)
request = api_rf.post("/", data={"file_ids": ["test"]})
request.user = user
response = SnapshotCreateAPI.as_view()(request, workspace_id=workspace.name)
assert response.status_code == 400, response.data
assert "Unknown file IDs" in response.data["detail"], response.data
def test_releaseworkspaceapi_post_create_release(api_rf, slack_messages):
user = UserFactory(roles=[OutputChecker])
workspace = WorkspaceFactory()
ProjectMembershipFactory(user=user, project=workspace.project)
backend = BackendFactory(auth_token="test", name="test-backend")
BackendMembershipFactory(backend=backend, user=user)
assert Release.objects.count() == 0
data = {
"files": [
{
"name": "file1.txt",
"url": "url",
"size": 7,
"sha256": "hash",
"date": timezone.now(),
"metadata": {},
"review": None,
}
],
"metadata": {},
"review": None,
}
request = api_rf.post(
"/",
data=data,
format="json",
HTTP_AUTHORIZATION="test",
HTTP_OS_USER=user.username,
)
response = ReleaseWorkspaceAPI.as_view()(request, workspace_name=workspace.name)
assert response.status_code == 201, response.data
assert Release.objects.count() == 1
release = Release.objects.first()
assert response["Release-Id"] == str(release.id)
assert response["Location"] == f"http://testserver{release.get_api_url()}"
assert len(slack_messages) == 1
text, channel = slack_messages[0]
assert channel == "opensafely-releases"
assert f"{user.get_staff_url()}|{user.name}>" in text
assert f"{release.get_absolute_url()}|release>" in text
assert f"{workspace.get_absolute_url()}|{workspace.name}>" in text
assert backend.name in text
def test_releasefileapi_with_deleted_file(api_rf):
rfile = ReleaseFileFactory(deleted_at=timezone.now(), deleted_by=UserFactory())
user = UserFactory()
ProjectMembershipFactory(
user=user,
project=rfile.release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 404, response.data
def test_releaseworkspaceapi_post_release_already_exists(api_rf):
user = UserFactory(roles=[OutputChecker])
release = ReleaseFactory()
rfile = ReleaseFileFactory(
release=release,
created_by=user,
name="file.txt",
filehash="hash",
)
BackendMembershipFactory(backend=release.backend, user=user)
ProjectMembershipFactory(project=release.workspace.project, user=user)
data = {
"files": [
{
"name": rfile.name,
"url": "url",
"size": 7,
"sha256": rfile.filehash,
"date": timezone.now(),
"metadata": {},
"review": None,
}
],
"metadata": {},
"review": {},
}
request = api_rf.post(
"/",
data=data,
format="json",
HTTP_AUTHORIZATION=release.backend.auth_token,
HTTP_OS_USER=user.username,
)
response = ReleaseWorkspaceAPI.as_view()(
request, workspace_name=release.workspace.name
)
assert response.status_code == 400
assert "file.txt" in response.data["detail"]
assert "already been uploaded" in response.data["detail"]
def test_snapshotcreate_with_existing_snapshot(api_rf, build_release_with_files):
workspace = WorkspaceFactory()
release = build_release_with_files(["file1.txt"])
snapshot = SnapshotFactory(workspace=workspace)
snapshot.files.set(release.files.all())
user = UserFactory()
ProjectMembershipFactory(
project=workspace.project, user=user, roles=[ProjectDeveloper]
)
request = api_rf.post("/", data={"file_ids": [release.files.first().pk]})
request.user = user
response = SnapshotCreateAPI.as_view()(request, workspace_id=workspace.name)
assert response.status_code == 400, response.data
msg = "A release with the current files already exists"
assert msg in response.data["detail"], response.data
def test_releasefileapi_with_permission(api_rf, build_release_with_files):
release = build_release_with_files(["file1.txt"])
rfile = release.files.first()
user = UserFactory()
# logged in, with permission
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 200
assert b"".join(response.streaming_content) == rfile.absolute_path().read_bytes()
assert response.headers["Content-Type"] == "text/plain"
def test_releaseworkspaceapi_post_with_bad_json(api_rf):
user = UserFactory(roles=[OutputChecker])
workspace = WorkspaceFactory()
ProjectMembershipFactory(user=user, project=workspace.project)
backend = BackendFactory(auth_token="test")
BackendMembershipFactory(backend=backend, user=user)
request = api_rf.post(
"/",
content_type="application/json",
data=json.dumps({}),
HTTP_CONTENT_DISPOSITION="attachment; filename=release.zip",
HTTP_AUTHORIZATION="test",
HTTP_OS_USER=user.username,
)
response = ReleaseWorkspaceAPI.as_view()(request, workspace_name=workspace.name)
assert response.status_code == 400
def test_snapshotcreate_with_permission(api_rf, build_release_with_files):
workspace = WorkspaceFactory()
release = build_release_with_files(
[
"file1.txt",
"file2.txt",
"file3.txt",
"file4.txt",
"file5.txt",
],
workspace=workspace,
)
user = UserFactory()
ProjectMembershipFactory(
project=workspace.project, user=user, roles=[ProjectDeveloper]
)
data = {
"file_ids": [
release.files.get(name="file1.txt").pk,
release.files.get(name="file3.txt").pk,
release.files.get(name="file5.txt").pk,
],
}
request = api_rf.post("/", data)
request.user = user
response = SnapshotCreateAPI.as_view()(request, workspace_id=workspace.name)
assert response.status_code == 201
workspace.refresh_from_db()
assert workspace.snapshots.count() == 1
snapshot_file_ids = set_from_qs(workspace.snapshots.first().files.all())
current_file_ids = set_from_qs(workspace.files.all())
assert snapshot_file_ids <= current_file_ids
def test_releasefileapi_with_nginx_redirect(api_rf, build_release_with_files):
release = build_release_with_files(["file.txt"])
rfile = release.files.first()
user = UserFactory()
# test nginx configuration
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/", HTTP_RELEASES_REDIRECT="/storage")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 200
assert (
response.headers["X-Accel-Redirect"]
== f"/storage/{release.workspace.name}/releases/{release.id}/file.txt"
)
def test_releasefileapi_with_no_file_on_disk(api_rf, build_release):
release = build_release(["file1.txt"])
rfile = ReleaseFileFactory(
release=release,
workspace=release.workspace,
name="file1.txt",
uploaded_at=None,
)
user = UserFactory()
ProjectMembershipFactory(
user=user,
project=release.workspace.project,
roles=[ProjectCollaborator],
)
request = api_rf.get("/")
request.user = user
response = ReleaseFileAPI.as_view()(request, file_id=rfile.id)
assert response.status_code == 404, response.data