def test_cancelling_registration_approval_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.require_approval(
self.user
)
project_registration.save()
rejection_token = project_registration.registration_approval.approval_state[self.user._id]['rejection_token']
project_registration.registration_approval.reject(self.user, rejection_token)
assert_equal(project_registration.registration_approval.state, Sanction.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
subcomponent = NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(
self):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
subcomponent = NodeFactory(creator=self.user,
parent=component,
title='Subcomponent')
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True)
rejection_token = project_registration.embargo.approval_state[
self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(
self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
def test_cannot_access_retracted_registrations_list(self):
registration = RegistrationFactory(creator=self.user, project=self.public_project)
retraction = RetractedRegistrationFactory(registration=registration, user=registration.creator)
registration.save()
url = '/{}nodes/{}/registrations/'.format(API_BASE, registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_cancelling_registration_approval_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.require_approval(
self.user
)
project_registration.save()
rejection_token = project_registration.registration_approval.approval_state[self.user._id]['rejection_token']
project_registration.registration_approval.reject(self.user, rejection_token)
assert_equal(project_registration.registration_approval.state, Sanction.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_is_public_node_register_page(self):
self.node.is_public = True
self.node.save()
reg = RegistrationFactory(project=self.node)
reg.is_public = True
reg.save()
url = reg.web_url_for('node_register_page')
res = self.app.get(url, auth=None)
assert_equal(res.status_code, http.OK)
def test_cannot_access_retracted_registrations_list(self):
registration = RegistrationFactory(creator=self.user,
project=self.public_project)
retraction = RetractedRegistrationFactory(registration=registration,
user=registration.creator)
registration.save()
url = '/{}nodes/{}/registrations/'.format(API_BASE, registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
class RegistrationWithChildNodesEmbargoModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationWithChildNodesEmbargoModelTestCase, self).setUp()
self.user = AuthUserFactory()
self.auth = self.user.auth
self.valid_embargo_end_date = datetime.datetime.utcnow() + datetime.timedelta(days=3)
self.project = ProjectFactory(title="Root", is_public=False, creator=self.user)
self.component = NodeFactory(creator=self.user, parent=self.project, title="Component")
self.subproject = ProjectFactory(creator=self.user, parent=self.project, title="Subproject")
self.subproject_component = NodeFactory(creator=self.user, parent=self.subproject, title="Subcomponent")
self.registration = RegistrationFactory(project=self.project)
# Reload the registration; else tests won't catch failures to save
self.registration.reload()
def test_approval_embargoes_descendant_nodes(self):
# Initiate embargo for parent registration
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_embargo)
# Approve parent registration's embargo
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo.embargo_end_date)
# Ensure descendant nodes are in embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.embargo_end_date)
def test_disapproval_cancels_embargo_on_descendant_nodes(self):
# Initiate embargo on parent registration
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_embargo)
# Disapprove parent registration's embargo
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_false(self.registration.is_pending_embargo)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
# Ensure descendant nodes' embargoes are cancelled
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_false(node.is_pending_embargo)
assert_false(node.embargo_end_date)
def test_is_public_node_register_page(self):
self.node.is_public = True
self.node.save()
reg = RegistrationFactory(project=self.node)
reg.is_public = True
reg.save()
url = reg.web_url_for('node_register_page')
res = self.app.get(url, auth=None)
assert_equal(res.status_code, http.OK)
def test_get_node_name(self):
user = UserFactory()
auth = Auth(user=user)
another_user = UserFactory()
another_auth = Auth(user=another_user)
# Public (Can View)
public_project = ProjectFactory(is_public=True)
collector = rubeus.NodeFileCollector(node=public_project,
auth=another_auth)
node_name = u'{0}: {1}'.format(
public_project.project_or_component.capitalize(),
sanitize.unescape_entities(public_project.title))
assert_equal(collector._get_node_name(public_project), node_name)
# Private (Can't View)
registration_private = RegistrationFactory(creator=user)
registration_private.is_public = False
registration_private.save()
collector = rubeus.NodeFileCollector(node=registration_private,
auth=another_auth)
assert_equal(collector._get_node_name(registration_private),
u'Private Registration')
content = ProjectFactory(creator=user)
node = ProjectFactory(creator=user)
forked_private = node.fork_node(auth=auth)
forked_private.is_public = False
forked_private.save()
collector = rubeus.NodeFileCollector(node=forked_private,
auth=another_auth)
assert_equal(collector._get_node_name(forked_private), u'Private Fork')
pointer_private = node.add_pointer(content, auth=auth)
pointer_private.is_public = False
pointer_private.save()
collector = rubeus.NodeFileCollector(node=pointer_private,
auth=another_auth)
assert_equal(collector._get_node_name(pointer_private),
u'Private Link')
private_project = ProjectFactory(is_public=False)
collector = rubeus.NodeFileCollector(node=private_project,
auth=another_auth)
assert_equal(collector._get_node_name(private_project),
u'Private Component')
private_node = NodeFactory(is_public=False)
collector = rubeus.NodeFileCollector(node=private_node,
auth=another_auth)
assert_equal(collector._get_node_name(private_node),
u'Private Component')
def test_check_draft_state_registered_and_deleted_and_approved(self):
reg = RegistrationFactory()
self.draft.registered_node = reg
self.draft.save()
reg.is_deleted = True
reg.save()
with mock.patch('website.project.model.DraftRegistration.is_approved', mock.PropertyMock(return_value=True)):
try:
draft_views.check_draft_state(self.draft)
except HTTPError:
self.fail()
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[self.user._id]["rejection_token"]
res = self.app.get(registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 302)
def test_draft_with_deleted_registered_node_shows_up_in_draft_list(self):
reg = RegistrationFactory(project=self.public_project)
self.draft_registration.registered_node = reg
self.draft_registration.save()
reg.is_deleted = True
reg.save()
res = self.app.get(self.url, auth=self.user.auth)
assert_equal(res.status_code, 200)
data = res.json["data"]
assert_equal(len(data), 1)
assert_equal(data[0]["attributes"]["registration_supplement"], self.schema._id)
assert_equal(data[0]["id"], self.draft_registration._id)
assert_equal(data[0]["attributes"]["registration_metadata"], {})
def test_draft_with_deleted_registered_node_shows_up_in_draft_list(self):
reg = RegistrationFactory(project=self.public_project)
self.draft_registration.registered_node = reg
self.draft_registration.save()
reg.is_deleted = True
reg.save()
res = self.app.get(self.url, auth=self.user.auth)
assert_equal(res.status_code, 200)
data = res.json['data']
assert_equal(len(data), 1)
assert_equal(data[0]['attributes']['registration_supplement'],
self.schema._id)
assert_equal(data[0]['id'], self.draft_registration._id)
assert_equal(data[0]['attributes']['registration_metadata'], {})
class TestMetadataGeneration(OsfTestCase):
def setUp(self):
OsfTestCase.setUp(self)
self.visible_contrib = AuthUserFactory()
visible_contrib2 = AuthUserFactory(given_name=u'ヽ༼ ಠ益ಠ ༽ノ',
family_name=u'ლ(´◉❥◉`ლ)')
self.invisible_contrib = AuthUserFactory()
self.node = RegistrationFactory(is_public=True)
self.identifier = Identifier(referent=self.node,
category='catid',
value='cat:7')
self.node.add_contributor(self.visible_contrib, visible=True)
self.node.add_contributor(self.invisible_contrib, visible=False)
self.node.add_contributor(visible_contrib2, visible=True)
self.node.save()
def test_metadata_for_node_only_includes_visible_contribs(self):
metadata_xml = datacite_metadata_for_node(self.node,
doi=self.identifier.value)
# includes visible contrib name
assert_in(
u'{}, {}'.format(self.visible_contrib.family_name,
self.visible_contrib.given_name), metadata_xml)
# doesn't include invisible contrib name
assert_not_in(self.invisible_contrib.family_name, metadata_xml)
assert_in(self.identifier.value, metadata_xml)
def test_metadata_for_node_has_correct_structure(self):
metadata_xml = datacite_metadata_for_node(self.node,
doi=self.identifier.value)
root = lxml.etree.fromstring(metadata_xml)
xsi_location = '{http://www.w3.org/2001/XMLSchema-instance}schemaLocation'
expected_location = 'http://datacite.org/schema/kernel-3 http://schema.datacite.org/meta/kernel-3/metadata.xsd'
assert_equal(root.attrib[xsi_location], expected_location)
identifier = root.find('{%s}identifier' % metadata.NAMESPACE)
assert_equal(identifier.attrib['identifierType'], 'DOI')
assert_equal(identifier.text, self.identifier.value)
creators = root.find('{%s}creators' % metadata.NAMESPACE)
assert_equal(len(creators.getchildren()),
len(self.node.visible_contributors))
publisher = root.find('{%s}publisher' % metadata.NAMESPACE)
assert_equal(publisher.text, 'Open Science Framework')
pub_year = root.find('{%s}publicationYear' % metadata.NAMESPACE)
assert_equal(pub_year.text, str(self.node.registered_date.year))
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(creator=self.user, parent=self.project, title="Component")
subcomponent = NodeFactory(creator=self.user, parent=component, title="Subcomponent")
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
project_registration.save()
rejection_token = project_registration.embargo.approval_state[self.user._id]["rejection_token"]
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
class TestMetadataGeneration(OsfTestCase):
def setUp(self):
OsfTestCase.setUp(self)
self.visible_contrib = AuthUserFactory()
visible_contrib2 = AuthUserFactory(given_name=u'ヽ༼ ಠ益ಠ ༽ノ', family_name=u'ლ(´◉❥◉`ლ)')
self.invisible_contrib = AuthUserFactory()
self.node = RegistrationFactory(is_public=True)
self.identifier = Identifier(referent=self.node, category='catid', value='cat:7')
self.node.add_contributor(self.visible_contrib, visible=True)
self.node.add_contributor(self.invisible_contrib, visible=False)
self.node.add_contributor(visible_contrib2, visible=True)
self.node.save()
def test_metadata_for_node_only_includes_visible_contribs(self):
metadata_xml = datacite_metadata_for_node(self.node, doi=self.identifier.value)
# includes visible contrib name
assert_in(u'{}, {}'.format(
self.visible_contrib.family_name, self.visible_contrib.given_name),
metadata_xml)
# doesn't include invisible contrib name
assert_not_in(self.invisible_contrib.family_name, metadata_xml)
assert_in(self.identifier.value, metadata_xml)
def test_metadata_for_node_has_correct_structure(self):
metadata_xml = datacite_metadata_for_node(self.node, doi=self.identifier.value)
root = lxml.etree.fromstring(metadata_xml)
xsi_location = '{http://www.w3.org/2001/XMLSchema-instance}schemaLocation'
expected_location = 'http://datacite.org/schema/kernel-3 http://schema.datacite.org/meta/kernel-3/metadata.xsd'
assert_equal(root.attrib[xsi_location], expected_location)
identifier = root.find('{%s}identifier' % metadata.NAMESPACE)
assert_equal(identifier.attrib['identifierType'], 'DOI')
assert_equal(identifier.text, self.identifier.value)
creators = root.find('{%s}creators' % metadata.NAMESPACE)
assert_equal(len(creators.getchildren()), len(self.node.visible_contributors))
publisher = root.find('{%s}publisher' % metadata.NAMESPACE)
assert_equal(publisher.text, 'Open Science Framework')
pub_year = root.find('{%s}publicationYear' % metadata.NAMESPACE)
assert_equal(pub_year.text, str(self.node.registered_date.year))
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[
self.user._id]['rejection_token']
res = self.app.get(
registration.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 302)
def test_get_node_name(self):
user = UserFactory()
auth = Auth(user=user)
another_user = UserFactory()
another_auth = Auth(user=another_user)
# Public (Can View)
public_project = ProjectFactory(is_public=True)
collector = rubeus.NodeFileCollector(node=public_project, auth=another_auth)
node_name = u"{0}: {1}".format(
public_project.project_or_component.capitalize(), sanitize.unescape_entities(public_project.title)
)
assert_equal(collector._get_node_name(public_project), node_name)
# Private (Can't View)
registration_private = RegistrationFactory(creator=user)
registration_private.is_public = False
registration_private.save()
collector = rubeus.NodeFileCollector(node=registration_private, auth=another_auth)
assert_equal(collector._get_node_name(registration_private), u"Private Registration")
content = ProjectFactory(creator=user)
node = ProjectFactory(creator=user)
forked_private = node.fork_node(auth=auth)
forked_private.is_public = False
forked_private.save()
collector = rubeus.NodeFileCollector(node=forked_private, auth=another_auth)
assert_equal(collector._get_node_name(forked_private), u"Private Fork")
pointer_private = node.add_pointer(content, auth=auth)
pointer_private.is_public = False
pointer_private.save()
collector = rubeus.NodeFileCollector(node=pointer_private, auth=another_auth)
assert_equal(collector._get_node_name(pointer_private), u"Private Link")
private_project = ProjectFactory(is_public=False)
collector = rubeus.NodeFileCollector(node=private_project, auth=another_auth)
assert_equal(collector._get_node_name(private_project), u"Private Component")
private_node = NodeFactory(is_public=False)
collector = rubeus.NodeFileCollector(node=private_node, auth=another_auth)
assert_equal(collector._get_node_name(private_node), u"Private Component")
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
registration.save()
assert_true(registration.pending_embargo)
disapproval_token = registration.embargo.approval_state[self.user._id]['disapproval_token']
res = self.app.get(
registration.web_url_for('node_registration_embargo_disapprove', token=disapproval_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.CANCELLED)
assert_false(registration.embargo_end_date)
assert_false(registration.pending_embargo)
assert_equal(res.status_code, 302)
assert_true(project._id in res.location)
def test_GET_disapprove_with_valid(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[self.user._id]['rejection_token']
res = self.app.get(
registration.registered_from.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 200)
assert_equal(project.web_url_for('view_project'), res.request.path)
class TestInstitutionRegistrationList(ApiTestCase):
def setUp(self):
super(TestInstitutionRegistrationList, self).setUp()
self.institution = InstitutionFactory()
self.registration1 = RegistrationFactory(is_public=True,
is_registration=True)
self.registration1.primary_institution = self.institution
self.registration1.save()
self.user1 = AuthUserFactory()
self.user2 = AuthUserFactory()
self.registration2 = RegistrationFactory(creator=self.user1,
is_public=False,
is_registration=True)
self.registration2.primary_institution = self.institution
self.registration2.add_contributor(self.user2, auth=Auth(self.user1))
self.registration2.save()
self.registration3 = RegistrationFactory(creator=self.user2,
is_public=False,
is_registration=True)
self.registration3.primary_institution = self.institution
self.registration3.save()
self.institution_node_url = '/{0}institutions/{1}/registrations/'.format(
API_BASE, self.institution._id)
def test_return_all_public_nodes(self):
res = self.app.get(self.institution_node_url)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_not_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_return_private_nodes_with_auth(self):
res = self.app.get(self.institution_node_url, auth=self.user1.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_return_private_nodes_mixed_auth(self):
res = self.app.get(self.institution_node_url, auth=self.user2.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_in(self.registration2._id, ids)
assert_in(self.registration3._id, ids)
class TestInstitutionRegistrationList(ApiTestCase):
def setUp(self):
super(TestInstitutionRegistrationList, self).setUp()
self.institution = InstitutionFactory()
self.registration1 = RegistrationFactory(is_public=True, is_registration=True)
self.registration1.primary_institution = self.institution
self.registration1.save()
self.user1 = AuthUserFactory()
self.user2 = AuthUserFactory()
self.registration2 = RegistrationFactory(creator=self.user1, is_public=False, is_registration=True)
self.registration2.primary_institution = self.institution
self.registration2.add_contributor(self.user2, auth=Auth(self.user1))
self.registration2.save()
self.registration3 = RegistrationFactory(creator=self.user2, is_public=False, is_registration=True)
self.registration3.primary_institution = self.institution
self.registration3.save()
self.institution_node_url = '/{0}institutions/{1}/registrations/'.format(API_BASE, self.institution._id)
def test_return_all_public_nodes(self):
res = self.app.get(self.institution_node_url)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_not_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_return_private_nodes_with_auth(self):
res = self.app.get(self.institution_node_url, auth=self.user1.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_return_private_nodes_mixed_auth(self):
res = self.app.get(self.institution_node_url, auth=self.user2.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_in(self.registration2._id, ids)
assert_in(self.registration3._id, ids)
class TestNodeWikiList(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_page(self.public_project,
self.user)
self.public_url = '/{}nodes/{}/wikis/'.format(API_BASE,
self.public_project._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(
self.private_project, self.user)
self.private_url = '/{}nodes/{}/wikis/'.format(
API_BASE, self.private_project._id)
def _set_up_registration_with_wiki_page(self):
self._set_up_private_project_with_wiki_page()
self.registration = RegistrationFactory(project=self.private_project,
user=self.user)
self.registration_wiki_id = self.registration.wiki_pages_versions[
'home'][0]
self.registration.wiki_pages_current = {
'home': self.registration_wiki_id
}
self.registration.save()
self.registration_url = '/{}registrations/{}/wikis/'.format(
API_BASE, self.registration._id)
def test_return_public_node_wikis_logged_out_user(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_public_node_wikis_logged_in_non_contributor(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_public_node_wikis_logged_in_contributor(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_private_node_wikis_logged_out_user(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'],
'Authentication credentials were not provided.')
def test_return_private_node_wikis_logged_in_non_contributor(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
def test_return_private_node_wikis_logged_in_contributor(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.private_wiki._id, wiki_ids)
def test_return_registration_wikis_logged_out_user(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'],
'Authentication credentials were not provided.')
def test_return_registration_wikis_logged_in_non_contributor(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
def test_return_registration_wikis_logged_in_contributor(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.registration_wiki_id, wiki_ids)
def test_wikis_not_returned_for_withdrawn_registration(self):
self._set_up_registration_with_wiki_page()
self.registration.is_public = True
withdrawal = self.registration.retract_registration(user=self.user,
save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.registration_url,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
class TestRegistrationRetractions(SearchTestCase):
def setUp(self):
super(TestRegistrationRetractions, self).setUp()
self.user = UserFactory(usename='Doug Bogie')
self.title = 'Red Special'
self.consolidate_auth = Auth(user=self.user)
self.project = ProjectFactory(
title=self.title,
creator=self.user,
is_public=True,
)
self.registration = RegistrationFactory(project=self.project,
title=self.title,
creator=self.user,
is_public=True,
is_registration=True)
def test_retraction_is_searchable(self):
self.registration.retract_registration(self.user)
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 1)
@mock.patch('website.project.model.Node.archiving',
mock.PropertyMock(return_value=False))
def test_pending_retraction_wiki_content_is_searchable(self):
# Add unique string to wiki
wiki_content = {'home': 'public retraction test'}
for key, value in wiki_content.items():
docs = query(value)['results']
assert_equal(len(docs), 0)
self.registration.update_node_wiki(
key,
value,
self.consolidate_auth,
)
# Query and ensure unique string shows up
docs = query(value)['results']
assert_equal(len(docs), 1)
# Query and ensure registration does show up
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 1)
# Retract registration
self.registration.retract_registration(self.user, '')
self.registration.save()
self.registration.reload()
# Query and ensure unique string in wiki doesn't show up
docs = query('category:registration AND "{}"'.format(
wiki_content['home']))['results']
assert_equal(len(docs), 1)
# Query and ensure registration does show up
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 1)
@mock.patch('website.project.model.Node.archiving',
mock.PropertyMock(return_value=False))
def test_retraction_wiki_content_is_not_searchable(self):
# Add unique string to wiki
wiki_content = {'home': 'public retraction test'}
for key, value in wiki_content.items():
docs = query(value)['results']
assert_equal(len(docs), 0)
self.registration.update_node_wiki(
key,
value,
self.consolidate_auth,
)
# Query and ensure unique string shows up
docs = query(value)['results']
assert_equal(len(docs), 1)
# Query and ensure registration does show up
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 1)
# Retract registration
self.registration.retract_registration(self.user, '')
self.registration.retraction.state = 'retracted'
self.registration.retraction.save()
self.registration.save()
self.registration.update_search()
# Query and ensure unique string in wiki doesn't show up
docs = query('category:registration AND "{}"'.format(
wiki_content['home']))['results']
assert_equal(len(docs), 0)
# Query and ensure registration does show up
docs = query('category:registration AND ' + self.title)['results']
assert_equal(len(docs), 1)
class RegistrationEmbargoViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
ensure_schemas()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project, creator=self.user)
current_month = datetime.datetime.now().strftime("%B")
current_year = datetime.datetime.now().strftime("%Y")
self.valid_make_public_payload = json.dumps(
{
u"embargoEndDate": u"Fri, 01, {month} {year} 00:00:00 GMT".format(
month=current_month, year=current_year
),
u"registrationChoice": "immediate",
u"summary": unicode(fake.sentence()),
}
)
valid_date = datetime.datetime.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps(
{
u"embargoEndDate": unicode(valid_date.strftime("%a, %d, %B %Y %H:%M:%S")) + u" GMT",
u"registrationChoice": "embargo",
u"summary": unicode(fake.sentence()),
}
)
self.invalid_embargo_date_payload = json.dumps(
{
u"embargoEndDate": u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month, year=str(int(current_year) - 1)
),
u"registrationChoice": "embargo",
u"summary": unicode(fake.sentence()),
}
)
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_register_make_public_immediately_creates_registration_approval(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_make_public_payload,
content_type="application/json",
auth=self.user.auth,
)
assert_equal(res.status_code, 201)
registration = Node.find().sort("-registered_date")[0]
assert_true(registration.is_registration)
assert_not_equal(registration.registration_approval, None)
# Regression test for https://openscience.atlassian.net/browse/OSF-5039
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(
self, mock_enqueue
):
public_project = ProjectFactory(is_public=True, creator=self.user)
component = NodeFactory(creator=self.user, parent=public_project, title="Component", is_public=True)
subproject = ProjectFactory(creator=self.user, parent=public_project, title="Subproject", is_public=True)
subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent", is_public=True)
res = self.app.post(
public_project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_make_public_payload,
content_type="application/json",
auth=self.user.auth,
)
public_project.reload()
assert_equal(res.status_code, 201)
# Last node directly registered from self.project
registration = Node.load(public_project.node__registrations[-1])
assert_true(registration.is_registration)
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue):
component = NodeFactory(creator=self.user, parent=self.project, title="Component")
subproject = ProjectFactory(creator=self.user, parent=self.project, title="Subproject")
subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent")
res = self.app.post(
self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_make_public_payload,
content_type="application/json",
auth=self.user.auth,
)
self.project.reload()
# Last node directly registered from self.project
registration = Node.load(self.project.node__registrations[-1])
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_register_embargo_is_not_public(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_embargo_payload,
content_type="application/json",
auth=self.user.auth,
)
assert_equal(res.status_code, 201)
registration = Node.find().sort("-registered_date")[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
# Regression test for https://openscience.atlassian.net/browse/OSF-5071
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue):
public_project = ProjectFactory(creator=self.user, is_public=True)
component = NodeFactory(creator=self.user, parent=public_project, title="Component", is_public=True)
subproject = ProjectFactory(creator=self.user, parent=public_project, title="Subproject", is_public=True)
subproject_component = NodeFactory(creator=self.user, parent=subproject, title="Subcomponent", is_public=True)
res = self.app.post(
public_project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_embargo_payload,
content_type="application/json",
auth=self.user.auth,
)
public_project.reload()
assert_equal(res.status_code, 201)
# Last node directly registered from self.project
registration = Node.load(public_project.node__registrations[-1])
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.invalid_embargo_date_payload,
content_type="application/json",
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 400)
@mock.patch("framework.tasks.handlers.enqueue_task")
def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque):
initial_project_logs = len(self.project.logs)
res = self.app.post(
self.project.api_url_for("node_register_template_page_post", template=u"Open-Ended_Registration"),
self.valid_embargo_payload,
content_type="application/json",
auth=self.user.auth,
)
self.project.reload()
# Logs: Created, registered, embargo initiated
assert_equal(len(self.project.logs), initial_project_logs + 1)
def test_non_contributor_GET_approval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
approval_url = self.registration.web_url_for("view_project", token=approval_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
def test_non_contributor_GET_disapproval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
approval_url = self.registration.web_url_for("view_project", token=rejection_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
ensure_schemas()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project,
creator=self.user)
current_month = datetime.datetime.now().strftime("%B")
current_year = datetime.datetime.now().strftime("%Y")
self.valid_make_public_payload = json.dumps({
u'embargoEndDate':
u'Fri, 01, {month} {year} 00:00:00 GMT'.format(month=current_month,
year=current_year),
u'registrationChoice':
'immediate',
u'summary':
unicode(fake.sentence())
})
valid_date = datetime.datetime.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps({
u'embargoEndDate':
unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice':
'embargo',
u'summary':
unicode(fake.sentence())
})
self.invalid_embargo_date_payload = json.dumps({
u'embargoEndDate':
u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month, year=str(int(current_year) - 1)),
u'registrationChoice':
'embargo',
u'summary':
unicode(fake.sentence())
})
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_immediately_creates_registration_approval(
self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth)
assert_equal(res.status_code, 201)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_not_equal(registration.registration_approval, None)
# Regression test for https://openscience.atlassian.net/browse/OSF-5039
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(
self, mock_enqueue):
public_project = ProjectFactory(is_public=True, creator=self.user)
component = NodeFactory(creator=self.user,
parent=public_project,
title='Component',
is_public=True)
subproject = ProjectFactory(creator=self.user,
parent=public_project,
title='Subproject',
is_public=True)
subproject_component = NodeFactory(creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True)
res = self.app.post(public_project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth)
public_project.reload()
assert_equal(res.status_code, 201)
# Last node directly registered from self.project
registration = Node.load(public_project.node__registrations[-1])
assert_true(registration.is_registration)
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_does_not_make_children_public(
self, mock_enqueue):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
subproject = ProjectFactory(creator=self.user,
parent=self.project,
title='Subproject')
subproject_component = NodeFactory(creator=self.user,
parent=subproject,
title='Subcomponent')
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth)
self.project.reload()
# Last node directly registered from self.project
registration = Node.load(self.project.node__registrations[-1])
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_embargo_is_not_public(self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth)
assert_equal(res.status_code, 201)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
# Regression test for https://openscience.atlassian.net/browse/OSF-5071
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_embargo_does_not_make_project_or_children_public(
self, mock_enqueue):
public_project = ProjectFactory(creator=self.user, is_public=True)
component = NodeFactory(creator=self.user,
parent=public_project,
title='Component',
is_public=True)
subproject = ProjectFactory(creator=self.user,
parent=public_project,
title='Subproject',
is_public=True)
subproject_component = NodeFactory(creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True)
res = self.app.post(public_project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth)
public_project.reload()
assert_equal(res.status_code, 201)
# Last node directly registered from self.project
registration = Node.load(public_project.node__registrations[-1])
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(
self, mock_enqueue):
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.invalid_embargo_date_payload,
content_type='application/json',
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_valid_POST_embargo_adds_to_parent_projects_log(
self, mock_enquque):
initial_project_logs = len(self.project.logs)
res = self.app.post(self.project.api_url_for(
'node_register_template_page_post',
template=u'Open-Ended_Registration'),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth)
self.project.reload()
# Logs: Created, registered, embargo initiated
assert_equal(len(self.project.logs), initial_project_logs + 1)
def test_non_contributor_GET_approval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project',
token=approval_token)
res = self.app.get(approval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
def test_non_contributor_GET_disapproval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
approval_url = self.registration.web_url_for('view_project',
token=rejection_token)
res = self.app.get(approval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoApprovalDisapprovalViewsTestCase,
self).setUp()
self.user = AuthUserFactory()
self.registration = RegistrationFactory(creator=self.user)
# node_registration_embargo_approve tests
def test_GET_from_unauthorized_user_raises_HTTPForbidden(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=unauthorized_user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(
self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[
admin2._id]['approval_token']
res = self.app.get(self.registration.web_url_for(
'view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[
admin2._id]['approval_token']
res = self.app.get(self.registration.web_url_for(
'view_project', token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
@mock.patch('flask.redirect')
def test_GET_approve_with_valid_token_redirects(self, mock_redirect):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.app.get(
self.registration.web_url_for('view_project',
token=approval_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
assert_true(
mock_redirect.called_with(
self.registration.web_url_for('view_project')))
def test_GET_from_unauthorized_user_returns_HTTPForbidden(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=unauthorized_user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(self.registration.web_url_for('view_project',
token=DUMMY_TOKEN),
auth=self.user.auth,
expect_errors=True)
self.registration.embargo.reload()
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(
self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_rejection_token = self.registration.embargo.approval_state[
admin2._id]['rejection_token']
res = self.app.get(self.registration.web_url_for(
'view_project', token=wrong_rejection_token),
auth=self.user.auth,
expect_errors=True)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[
self.user._id]['rejection_token']
res = self.app.get(
registration.web_url_for('view_project', token=rejection_token),
auth=self.user.auth,
)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 302)
@mock.patch('flask.redirect')
def test_GET_disapprove_for_existing_registration_with_valid_token_redirects_to_registration(
self, mock_redirect):
self.registration.embargo_registration(self.user,
datetime.datetime.utcnow() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
res = self.app.get(
self.registration.web_url_for('view_project',
token=rejection_token),
auth=self.user.auth,
)
self.registration.embargo.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
assert_true(
mock_redirect.called_with(
self.registration.web_url_for('view_project')))
class RegistrationEmbargoViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
ensure_schemas()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.draft = DraftRegistrationFactory(branched_from=self.project)
self.registration = RegistrationFactory(project=self.project, creator=self.user)
current_month = datetime.datetime.now().strftime("%B")
current_year = datetime.datetime.now().strftime("%Y")
self.valid_make_public_payload = json.dumps({
u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format(
month=current_month,
year=current_year
),
u'registrationChoice': 'immediate',
u'summary': unicode(fake.sentence())
})
valid_date = datetime.datetime.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps({
u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
self.invalid_embargo_date_payload = json.dumps({
u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month,
year=str(int(current_year)-1)
),
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_register_draft_without_embargo_creates_registration_approval(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
assert_equal(res.status_code, 202)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_not_equal(registration.registration_approval, None)
# Regression test for https://openscience.atlassian.net/browse/OSF-5039
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(self, mock_enqueue):
self.project.is_public = True
self.project.save()
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component',
is_public=True
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject',
is_public=True
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
assert_equal(res.status_code, 202)
assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations'))
# Last node directly registered from self.project
registration = Node.find(
Q('registered_from', 'eq', self.project)
).sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject'
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent'
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
# Last node directly registered from self.project
registration = self.project.registrations_all[-1]
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_POST_register_embargo_is_not_public(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
assert_equal(res.status_code, 202)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
# Regression test for https://openscience.atlassian.net/browse/OSF-5071
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue):
self.project.is_public = True
self.project.save()
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component',
is_public=True
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject',
is_public=True
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
assert_equal(res.status_code, 202)
assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations'))
# Last node directly registered from self.project
registration = Node.find(
Q('registered_from', 'eq', self.project)
).sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.invalid_embargo_date_payload,
content_type='application/json',
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
@mock.patch('framework.celery_tasks.handlers.enqueue_task')
def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque):
initial_project_logs = len(self.project.logs)
self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
# Logs: Created, registered, embargo initiated
assert_equal(len(self.project.logs), initial_project_logs + 1)
@mock.patch('website.project.sanctions.TokenApprovableSanction.ask')
def test_embargoed_registration_set_privacy_requests_embargo_termination(self, mock_ask):
# Initiate and approve embargo
for i in range(3):
c = AuthUserFactory()
self.registration.add_contributor(c, [permissions.ADMIN], auth=Auth(self.user))
self.registration.save()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
for user_id, embargo_tokens in self.registration.embargo.approval_state.iteritems():
approval_token = embargo_tokens['approval_token']
self.registration.embargo.approve_embargo(User.load(user_id), approval_token)
self.registration.save()
res = self.app.post(
self.registration.api_url_for('project_set_privacy', permissions='public'),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
for reg in self.registration.node_and_primary_descendants():
reg.reload()
assert_false(reg.is_public)
assert_true(reg.embargo_termination_approval)
assert_true(reg.embargo_termination_approval.is_pending_approval)
def test_cannot_request_termination_on_component_of_embargo(self):
node = ProjectFactory()
child = ProjectFactory(parent=node, creator=node.creator)
with utils.mock_archive(node, embargo=True, autocomplete=True, autoapprove=True) as reg:
with assert_raises(NodeStateError):
reg.nodes[0].request_embargo_termination(Auth(node.creator))
@mock.patch('website.mails.send_mail')
def test_embargoed_registration_set_privacy_sends_mail(self, mock_send_mail):
"""
Integration test for https://github.com/CenterForOpenScience/osf.io/pull/5294#issuecomment-212613668
"""
# Initiate and approve embargo
for i in range(3):
c = AuthUserFactory()
self.registration.add_contributor(c, [permissions.ADMIN], auth=Auth(self.user))
self.registration.save()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
for user_id, embargo_tokens in self.registration.embargo.approval_state.iteritems():
approval_token = embargo_tokens['approval_token']
self.registration.embargo.approve_embargo(User.load(user_id), approval_token)
self.registration.save()
res = self.app.post(
self.registration.api_url_for('project_set_privacy', permissions='public'),
auth=self.user.auth,
)
assert_equal(res.status_code, 200)
for admin in self.registration.admin_contributors:
assert_true(any([c[0][0] == admin.username for c in mock_send_mail.call_args_list]))
@mock.patch('website.project.sanctions.TokenApprovableSanction.ask')
def test_make_child_embargoed_registration_public_asks_all_admins_in_tree(self, mock_ask):
# Initiate and approve embargo
node = NodeFactory(creator=self.user)
c1 = AuthUserFactory()
child = NodeFactory(parent=node, creator=c1)
c2 = AuthUserFactory()
NodeFactory(parent=child, creator=c2)
registration = RegistrationFactory(project=node)
registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
for user_id, embargo_tokens in registration.embargo.approval_state.iteritems():
approval_token = embargo_tokens['approval_token']
registration.embargo.approve_embargo(User.load(user_id), approval_token)
self.registration.save()
res = self.app.post(
registration.api_url_for('project_set_privacy', permissions='public'),
auth=self.user.auth
)
assert_equal(res.status_code, 200)
asked_admins = [(admin._id, n._id) for admin, n in mock_ask.call_args[0][0]]
for admin, node in registration.get_admin_contributors_recursive():
assert_in((admin._id, node._id), asked_admins)
def test_non_contributor_GET_approval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project', token=approval_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
def test_non_contributor_GET_disapproval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
approval_url = self.registration.web_url_for('view_project', token=rejection_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
class TestWikiDetailView(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_page(self.public_project, self.user)
self.public_url = '/{}wikis/{}/'.format(API_BASE, self.public_wiki._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(self.private_project, self.user)
self.private_url = '/{}wikis/{}/'.format(API_BASE, self.private_wiki._id)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki_id = self.public_registration.wiki_pages_versions['home'][0]
self.public_registration.wiki_pages_current = {'home': self.public_registration_wiki_id}
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/'.format(API_BASE, self.public_registration_wiki_id)
def _set_up_private_registration_with_wiki_page(self):
self._set_up_private_project_with_wiki_page()
self.private_registration = RegistrationFactory(project=self.private_project, user=self.user)
self.private_registration_wiki_id = self.private_registration.wiki_pages_versions['home'][0]
self.private_registration.wiki_pages_current = {'home': self.private_registration_wiki_id}
self.private_registration.save()
self.private_registration_url = '/{}wikis/{}/'.format(API_BASE, self.private_registration_wiki_id)
def test_public_node_logged_out_user_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_public_node_logged_in_non_contributor_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_public_node_logged_in_contributor_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_private_node_logged_out_user_cannot_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
def test_private_node_logged_in_non_contributor_cannot_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_private_node_logged_in_contributor_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_private_node_user_with_anonymous_link_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
private_link = PrivateLinkFactory(anonymous=True)
private_link.nodes.append(self.private_project)
private_link.save()
url = furl.furl(self.private_url).add(query_params={'view_only': private_link.key}).url
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_private_node_user_with_view_only_link_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
private_link = PrivateLinkFactory(anonymous=False)
private_link.nodes.append(self.private_project)
private_link.save()
url = furl.furl(self.private_url).add(query_params={'view_only': private_link.key}).url
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_public_registration_logged_out_user_cannot_view_wiki(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_public_registration_logged_in_non_contributor_cannot_view_wiki(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_public_registration_contributor_can_view_wiki(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_user_cannot_view_withdrawn_registration_wikis(self):
self._set_up_public_registration_with_wiki_page()
withdrawal = self.public_registration.retract_registration(user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.public_registration_url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_private_registration_logged_out_user_cannot_view_wiki(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
def test_private_registration_logged_in_non_contributor_cannot_view_wiki(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_private_registration_contributor_can_view_wiki(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_registration_wiki_id)
def test_wiki_has_user_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['relationships']['user']['links']['related']['href']
expected_url = '/{}users/{}/'.format(API_BASE, self.user._id)
assert_equal(res.status_code, 200)
assert_equal(urlparse(url).path, expected_url)
def test_wiki_has_node_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['relationships']['node']['links']['related']['href']
expected_url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
assert_equal(res.status_code, 200)
assert_equal(urlparse(url).path, expected_url)
def test_wiki_has_comments_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['relationships']['comments']['links']['related']['href']
expected_url = '/{}nodes/{}/comments/?filter[target]={}'.format(API_BASE, self.public_project._id, self.public_wiki._id)
assert_equal(res.status_code, 200)
assert_in(expected_url, url)
def test_wiki_has_download_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['links']['download']
expected_url = '/{}wikis/{}/content/'.format(API_BASE, self.public_wiki._id)
assert_equal(res.status_code, 200)
assert_in(expected_url, url)
def test_wiki_invalid_id_not_found(self):
url = '/{}wikis/{}/'.format(API_BASE, 'abcde')
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 404)
def test_old_wiki_versions_not_returned(self):
self._set_up_public_project_with_wiki_page()
current_wiki = NodeWikiFactory(node=self.public_project, user=self.user)
old_version_id = self.public_project.wiki_pages_versions[current_wiki.page_name][-2]
old_version = NodeWikiPage.load(old_version_id)
url = '/{}wikis/{}/'.format(API_BASE, old_version._id)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 404)
class TestNodeWikiList(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_page(self.public_project, self.user)
self.public_url = '/{}nodes/{}/wikis/'.format(API_BASE, self.public_project._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(self.private_project, self.user)
self.private_url = '/{}nodes/{}/wikis/'.format(API_BASE, self.private_project._id)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki_id = self.public_registration.wiki_pages_versions['home'][0]
self.public_registration.wiki_pages_current = {'home': self.public_registration_wiki_id}
self.public_registration.save()
self.public_registration_url = '/{}registrations/{}/wikis/'.format(API_BASE, self.public_registration._id)
def _set_up_registration_with_wiki_page(self):
self._set_up_private_project_with_wiki_page()
self.registration = RegistrationFactory(project=self.private_project, user=self.user)
self.registration_wiki_id = self.registration.wiki_pages_versions['home'][0]
self.registration.wiki_pages_current = {'home': self.registration_wiki_id}
self.registration.save()
self.registration_url = '/{}registrations/{}/wikis/'.format(API_BASE, self.registration._id)
def test_return_public_node_wikis_logged_out_user(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_public_node_wikis_logged_in_non_contributor(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_public_node_wikis_logged_in_contributor(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.public_wiki._id, wiki_ids)
def test_return_private_node_wikis_logged_out_user(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
def test_return_private_node_wikis_logged_in_non_contributor(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_return_private_node_wikis_logged_in_contributor(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.private_wiki._id, wiki_ids)
def test_return_registration_wikis_logged_out_user(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
def test_return_registration_wikis_logged_in_non_contributor(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_return_registration_wikis_logged_in_contributor(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
wiki_ids = [wiki['id'] for wiki in res.json['data']]
assert_in(self.registration_wiki_id, wiki_ids)
def test_wikis_not_returned_for_withdrawn_registration(self):
self._set_up_registration_with_wiki_page()
self.registration.is_public = True
withdrawal = self.registration.retract_registration(user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.registration_url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_public_node_wikis_relationship_links(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, self.public_project._id)
expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, self.public_project._id)
assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
def test_private_node_wikis_relationship_links(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, self.private_project._id)
expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, self.private_project._id)
assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
def test_public_registration_wikis_relationship_links(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url)
expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, self.public_registration._id)
expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, self.public_registration._id)
assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
def test_private_registration_wikis_relationship_links(self):
self._set_up_registration_with_wiki_page()
res = self.app.get(self.registration_url, auth=self.user.auth)
expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, self.registration._id)
expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, self.registration._id)
assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
def test_registration_wikis_not_returned_from_nodes_endpoint(self):
self._set_up_public_project_with_wiki_page()
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_url)
node_relationships = [
node_wiki['relationships']['node']['links']['related']['href']
for node_wiki in res.json['data']
]
assert_equal(res.status_code, 200)
assert_equal(len(node_relationships), 1)
assert_in(self.public_project._id, node_relationships[0])
def test_node_wikis_not_returned_from_registrations_endpoint(self):
self._set_up_public_project_with_wiki_page()
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url)
node_relationships = [
node_wiki['relationships']['node']['links']['related']['href']
for node_wiki in res.json['data']
]
assert_equal(res.status_code, 200)
assert_equal(len(node_relationships), 1)
assert_in(self.public_registration._id, node_relationships[0])
class TestRetractRegistrations(OsfTestCase):
def setUp(self):
super(TestRetractRegistrations, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user)
self.registration.is_public = True
self.registration.retract_registration(self.user)
self.registration.save()
def test_new_retraction_should_not_be_retracted(self):
assert_false(self.registration.is_retracted)
main(dry_run=False)
assert_false(self.registration.is_retracted)
def test_should_not_retract_pending_retraction_less_than_48_hours_old(self):
# Retraction#iniation_date is read only
self.registration.retraction._fields['initiation_date'].__set__(
self.registration.retraction,
(timezone.now() - timedelta(hours=47)),
safe=True
)
# setattr(self.registration.retraction, 'initiation_date', (timezone.now() - timedelta(hours=47)))
self.registration.retraction.save()
assert_false(self.registration.is_retracted)
main(dry_run=False)
assert_false(self.registration.is_retracted)
def test_should_retract_pending_retraction_that_is_48_hours_old(self):
# Retraction#iniation_date is read only
self.registration.retraction._fields['initiation_date'].__set__(
self.registration.retraction,
(timezone.now() - timedelta(hours=48)),
safe=True
)
self.registration.retraction.save()
assert_false(self.registration.is_retracted)
main(dry_run=False)
assert_true(self.registration.is_retracted)
def test_should_retract_pending_retraction_more_than_48_hours_old(self):
# Retraction#iniation_date is read only
self.registration.retraction._fields['initiation_date'].__set__(
self.registration.retraction,
(timezone.now() - timedelta(days=365)),
safe=True
)
self.registration.retraction.save()
assert_false(self.registration.is_retracted)
main(dry_run=False)
assert_true(self.registration.is_retracted)
def test_retraction_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
# Retraction#iniation_date is read only
self.registration.retraction._fields['initiation_date'].__set__(
self.registration.retraction,
(timezone.now() - timedelta(days=365)),
safe=True
)
self.registration.retraction.save()
assert_false(self.registration.is_retracted)
main(dry_run=False)
assert_true(self.registration.is_retracted)
# Logs: Created, made public, retraction initiated, retracted approved
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 1)
class TestWikiContentView(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_page(self.public_project, self.user)
self.public_url = '/{}wikis/{}/content/'.format(API_BASE, self.public_wiki._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(self.private_project, self.user)
self.private_url = '/{}wikis/{}/content/'.format(API_BASE, self.private_wiki._id)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki_id = self.public_registration.wiki_pages_versions['home'][0]
self.public_registration.wiki_pages_current = {'home': self.public_registration_wiki_id}
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/content/'.format(API_BASE, self.public_registration_wiki_id)
def test_logged_out_user_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_non_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_out_user_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_logged_in_non_contributor_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_logged_in_contributor_can_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.private_wiki.content)
def test_user_cannot_get_withdrawn_registration_wiki_content(self):
self._set_up_public_registration_with_wiki_page()
withdrawal = self.public_registration.retract_registration(user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.public_registration_url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
class RegistrationApprovalModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationApprovalModelTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = datetime.datetime.utcnow(
) + datetime.timedelta(days=3)
def test__require_approval_saves_approval(self):
initial_count = RegistrationApproval.find().count()
self.registration._initiate_approval(self.user)
assert_equal(RegistrationApproval.find().count(), initial_count + 1)
def test__initiate_approval_does_not_create_tokens_for_unregistered_admin(
self):
unconfirmed_user = UnconfirmedUserFactory()
self.registration.contributors.append(unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user,
'admin'))
approval = self.registration._initiate_approval(self.user)
assert_true(self.user._id in approval.approval_state)
assert_false(unconfirmed_user._id in approval.approval_state)
def test_require_approval_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.require_approval(self.user)
def test_require_approval_non_registration_raises_NodeStateError(self):
self.registration.is_registration = False
self.registration.save()
with assert_raises(NodeStateError):
self.registration.require_approval(self.user, )
assert_false(self.registration.is_pending_registration)
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.registration_approval.approve(
self.user, invalid_approval_token)
assert_true(self.registration.is_pending_registration)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(self.user, )
self.registration.save()
assert_true(self.registration.is_pending_registration)
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.approve(
non_admin, approval_token)
assert_true(self.registration.is_pending_registration)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.require_approval(self.user)
self.registration.save()
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
self.registration.registration_approval.approve(
self.user, approval_token)
# adds initiated, approved, and registered logs
assert_equal(len(self.registration.registered_from.logs),
initial_project_logs + 3)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.require_approval(self.user)
self.registration.save()
# First admin approves
approval_token = self.registration.registration_approval.approval_state[
self.user._id]['approval_token']
self.registration.registration_approval.approve(
self.user, approval_token)
assert_true(self.registration.is_pending_registration)
num_of_approvals = sum([
val['has_approved'] for val in
self.registration.registration_approval.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.registration_approval.approval_state[
admin2._id]['approval_token']
self.registration.registration_approval.approve(admin2, approval_token)
assert_false(self.registration.is_pending_registration)
num_of_approvals = sum([
val['has_approved'] for val in
self.registration.registration_approval.approval_state.values()
])
assert_equal(num_of_approvals, 2)
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(
self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.registration_approval.reject(
self.user, fake.sentence())
assert_true(self.registration.is_pending_registration)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.registration_approval.reject(
non_admin, rejection_token)
assert_true(self.registration.is_pending_registration)
def test_one_disapproval_cancels_registration_approval(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user,
rejection_token)
assert_equal(self.registration.registration_approval.state,
Sanction.REJECTED)
assert_false(self.registration.is_pending_registration)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.require_approval(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.registration_approval.reject(self.user,
rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(len(registered_from.logs), initial_project_logs + 2)
def test_cancelling_registration_approval_deletes_parent_registration(
self):
self.registration.require_approval(self.user)
self.registration.save()
rejection_token = self.registration.registration_approval.approval_state[
self.user._id]['rejection_token']
self.registration.registration_approval.reject(self.user,
rejection_token)
assert_equal(self.registration.registration_approval.state,
Sanction.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_registration_approval_deletes_component_registrations(
self):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
NodeFactory(creator=self.user, parent=component, title='Subcomponent')
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.require_approval(self.user)
project_registration.save()
rejection_token = project_registration.registration_approval.approval_state[
self.user._id]['rejection_token']
project_registration.registration_approval.reject(
self.user, rejection_token)
assert_equal(project_registration.registration_approval.state,
Sanction.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_new_registration_is_pending_registration(self):
self.registration.require_approval(self.user)
self.registration.save()
assert_true(self.registration.is_pending_registration)
def test_on_complete_notify_initiator(self):
self.registration.require_approval(self.user,
notify_initiator_on_complete=True)
self.registration.save()
with mock.patch.object(PreregCallbackMixin,
'_notify_initiator') as mock_notify:
self.registration.registration_approval._on_complete(self.user)
mock_notify.assert_called()
class RegistrationRetractionApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionApprovalDisapprovalViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.registered_from = ProjectFactory(is_public=True, creator=self.user)
self.registration = RegistrationFactory(is_public=True, project=self.registered_from)
self.registration.retract_registration(self.user)
self.registration.save()
self.approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
self.corrupt_token = fake.sentence()
self.token_without_sanction = tokens.encode({
'action': 'approve_retraction',
'user_id': self.user._id,
'sanction_id': 'invalid id'
})
# node_registration_retraction_approve_tests
def test_GET_approve_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(
self.registration.web_url_for('view_project', token=self.approval_token),
auth=unauthorized_user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.UNAUTHORIZED)
def test_GET_approve_registration_without_retraction_returns_HTTPError_BAD_REQUEST(self):
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.reject(self.user, self.rejection_token)
assert_false(self.registration.is_pending_retraction)
self.registration.retraction.save()
res = self.app.get(
self.registration.web_url_for('view_project', token=self.approval_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_invalid_token_returns_HTTPError_BAD_REQUEST(self):
res = self.app.get(
self.registration.web_url_for('view_project', token=self.corrupt_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_non_existant_sanction_returns_HTTPError_BAD_REQUEST(self):
res = self.app.get(
self.registration.web_url_for('view_project', token=self.token_without_sanction),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_valid_token_returns_200(self):
res = self.app.get(
self.registration.web_url_for('view_project', token=self.approval_token),
auth=self.user.auth
)
self.registration.retraction.reload()
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_retraction)
assert_equal(res.status_code, http.OK)
# node_registration_retraction_disapprove_tests
def test_GET_disapprove_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(
self.registration.web_url_for('view_project', token=self.rejection_token),
auth=unauthorized_user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.UNAUTHORIZED)
def test_GET_disapprove_registration_without_retraction_returns_HTTPError_BAD_REQUEST(self):
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.reject(self.user, self.rejection_token)
assert_false(self.registration.is_pending_retraction)
self.registration.retraction.save()
res = self.app.get(
self.registration.web_url_for('view_project', token=self.rejection_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_disapprove_with_invalid_token_HTTPError_BAD_REQUEST(self):
res = self.app.get(
self.registration.web_url_for('view_project', token=self.corrupt_token),
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_disapprove_with_valid_token_returns_redirect(self):
res = self.app.get(
self.registration.web_url_for('view_project', token=self.rejection_token),
auth=self.user.auth,
)
self.registration.retraction.reload()
assert_false(self.registration.is_retracted)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.retraction.is_rejected)
assert_equal(res.status_code, http.OK)
class RegistrationRetractionModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionModelsTestCase, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user, is_public=True)
self.valid_justification = fake.sentence()
self.invalid_justification = fake.text(max_nb_chars=3000)
def test_set_public_registration_to_private_raises_NodeStateException(self):
self.registration.save()
with assert_raises(NodeStateError):
self.registration.set_privacy('private')
self.registration.reload()
assert_true(self.registration.is_public)
def test_initiate_retraction_saves_retraction(self):
initial_count = Retraction.find().count()
self.registration._initiate_retraction(self.user)
assert_equal(Retraction.find().count(), initial_count + 1)
def test__initiate_retraction_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
self.registration.contributors.append(unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
retraction = self.registration._initiate_retraction(self.user)
assert_true(self.user._id in retraction.approval_state)
assert_false(unconfirmed_user._id in retraction.approval_state)
def test__initiate_retraction_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
retraction = registration._initiate_retraction(registration.creator)
assert_in(project_admin._id, retraction.approval_state)
assert_in(child_admin._id, retraction.approval_state)
assert_in(grandchild_admin._id, retraction.approval_state)
assert_not_in(project_non_admin._id, retraction.approval_state)
assert_not_in(child_non_admin._id, retraction.approval_state)
# Backref tests
def test_retraction_initiator_has_backref(self):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_equal(Retraction.find(Q('initiated_by', 'eq', self.user)).count(), 1)
# Node#retract_registration tests
def test_pending_retract(self):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
assert_equal(self.registration.retraction.justification, self.valid_justification)
assert_equal(self.registration.retraction.initiated_by, self.user)
assert_equal(
self.registration.retraction.initiation_date.date(),
datetime.datetime.utcnow().date()
)
def test_retract_component_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
component = NodeFactory(is_public=True, creator=self.user, parent=project)
registration = RegistrationFactory(is_public=True, project=project)
with assert_raises(NodeStateError):
registration.nodes[0].retract_registration(self.user, self.valid_justification)
def test_long_justification_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.retract_registration(self.user, self.invalid_justification)
self.registration.save()
self.registration.reload()
assert_is_none(self.registration.retraction)
def test_retract_private_registration_raises_NodeStateError(self):
self.registration.is_public = False
with assert_raises(NodeStateError):
self.registration.retract_registration(self.user, self.valid_justification)
self.registration.save()
self.registration.reload()
assert_is_none(self.registration.retraction)
def test_retract_public_non_registration_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
project.save()
with assert_raises(NodeStateError):
project.retract_registration(self.user, self.valid_justification)
project.reload()
assert_is_none(project.retraction)
def test_retraction_of_registration_pending_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
(datetime.date.today() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_retraction_of_registration_in_active_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
(datetime.date.today() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
# Retraction#approve_retraction_tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionApprovalToken):
self.registration.retraction.approve_retraction(self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.retraction.approve_retraction(non_admin, approval_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_approval_with_one_admin_retracts(self):
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_retracted)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
# Logs: Created, registered, retraction initiated, retraction approved
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 2)
def test_retraction_of_registration_pending_embargo_cancels_embargo(self):
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_approval_of_registration_with_embargo_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
# Logs: Created, registered, embargo initiated, retraction initiated, retraction approved, embargo cancelled
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 4)
def test_retraction_of_registration_in_active_embargo_cancels_embargo(self):
self.registration.is_public = True
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_two_approvals_with_two_admins_retracts(self):
self.admin2 = UserFactory()
self.registration.contributors.append(self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
# First admin approves
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.retraction.approval_state[self.admin2._id]['approval_token']
self.registration.retraction.approve_retraction(self.admin2, approval_token)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 2)
assert_true(self.registration.is_retracted)
def test_one_approval_with_two_admins_stays_pending(self):
self.admin2 = UserFactory()
self.registration.contributors.append(self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([val['has_approved'] for val in self.registration.retraction.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Retraction#disapprove_retraction tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.retraction.disapprove_retraction(self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.retraction.disapprove_retraction(non_admin, rejection_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_disapproval_cancels_retraction(self):
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.disapprove_retraction(self.user, rejection_token)
assert_true(self.registration.retraction.is_rejected)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(self.user, rejection_token)
# Logs: Created, registered, retraction initiated, retraction cancelled
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 2)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin, parent=project, is_public=False)
grandchild = NodeFactory(creator=grandchild_admin, parent=child, is_public=False) # noqa
registration = RegistrationFactory(project=project)
registration._initiate_retraction(self.user)
registration.retraction._on_complete(self.user)
for each in registration.node_and_primary_descendants():
assert_true(each.is_public)
# Retraction property tests
def test_new_retraction_is_pending_retraction(self):
self.registration.retract_registration(self.user)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
class TestWithdrawnRegistrations(NodeCRUDTestCase):
def setUp(self):
super(TestWithdrawnRegistrations, self).setUp()
self.registration = RegistrationFactory(creator=self.user, project=self.public_project)
self.withdrawn_registration = WithdrawnRegistrationFactory(registration=self.registration, user=self.registration.creator)
self.public_pointer_project = ProjectFactory(is_public=True)
self.public_pointer = self.public_project.add_pointer(self.public_pointer_project,
auth=Auth(self.user),
save=True)
self.withdrawn_url = '/{}registrations/{}/'.format(API_BASE, self.registration._id)
self.withdrawn_registration.justification = 'We made a major error.'
self.withdrawn_registration.save()
def test_can_access_withdrawn_contributors(self):
url = '/{}registrations/{}/contributors/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 200)
def test_cannot_access_withdrawn_children(self):
url = '/{}registrations/{}/children/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_comments(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_comment = CommentFactory(node=self.public_project, user=self.user)
url = '/{}registrations/{}/comments/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_can_access_withdrawn_contributor_detail(self):
url = '/{}registrations/{}/contributors/{}/'.format(API_BASE, self.registration._id, self.user._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 200)
def test_cannot_return_a_withdrawn_registration_at_node_detail_endpoint(self):
url = '/{}nodes/{}/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_cannot_delete_a_withdrawn_registration(self):
url = '/{}registrations/{}/'.format(API_BASE, self.registration._id)
res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True)
self.registration.reload()
assert_equal(res.status_code, 405)
def test_cannot_access_withdrawn_files_list(self):
url = '/{}registrations/{}/files/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_node_links_detail(self):
url = '/{}registrations/{}/node_links/{}/'.format(API_BASE, self.registration._id, self.public_pointer._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_node_links_list(self):
url = '/{}registrations/{}/node_links/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_node_logs(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
url = '/{}registrations/{}/logs/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_registrations_list(self):
self.registration.save()
url = '/{}registrations/{}/registrations/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_withdrawn_registrations_display_limited_fields(self):
registration = self.registration
res = self.app.get(self.withdrawn_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
expected_attributes = {
'title': registration.title,
'description': registration.description,
'date_created': registration.date_created.isoformat(),
'date_registered': registration.registered_date.isoformat(),
'withdrawal_justification': registration.retraction.justification,
'public': None,
'category': None,
'date_modified': None,
'registration': True,
'fork': None,
'collection': None,
'tags': None,
'withdrawn': True,
'pending_withdrawal': None,
'pending_registration_approval': None,
'pending_embargo_approval': None,
'embargo_end_date': None,
'registered_meta': None,
'current_user_permissions': None,
'registration_supplement': registration.registered_schema[0].name
}
for attribute in expected_attributes:
assert_equal(expected_attributes[attribute], attributes[attribute])
contributors = urlparse(res.json['data']['relationships']['contributors']['links']['related']['href']).path
assert_equal(contributors, '/{}registrations/{}/contributors/'.format(API_BASE, registration._id))
assert_not_in('children', res.json['data']['relationships'])
assert_not_in('comments', res.json['data']['relationships'])
assert_not_in('node_links', res.json['data']['relationships'])
assert_not_in('registrations', res.json['data']['relationships'])
assert_not_in('parent', res.json['data']['relationships'])
assert_not_in('forked_from', res.json['data']['relationships'])
assert_not_in('files', res.json['data']['relationships'])
assert_not_in('logs', res.json['data']['relationships'])
assert_not_in('primary_institution', res.json['data']['relationships'])
assert_not_in('registered_by', res.json['data']['relationships'])
assert_not_in('registered_from', res.json['data']['relationships'])
assert_not_in('root', res.json['data']['relationships'])
def test_field_specific_related_counts_ignored_if_hidden_field_on_withdrawn_registration(self):
url = '/{}registrations/{}/?related_counts=children'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_not_in('children', res.json['data']['relationships'])
assert_in('contributors', res.json['data']['relationships'])
def test_field_specific_related_counts_retrieved_if_visible_field_on_withdrawn_registration(self):
url = '/{}registrations/{}/?related_counts=contributors'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['relationships']['contributors']['links']['related']['meta']['count'], 1)
class TestMigrateRegistrations(OsfTestCase):
def setUp(self):
super(TestMigrateRegistrations, self).setUp()
# Create registration with correct settings
self.registration = RegistrationFactory()
self.registration.registered_from.piwik_site_id = 1
self.registration.registered_from.save()
self.registration.piwik_site_id = 2
self.registration.save()
# Create registration with duplicated piwik_site_id
self.broken_registration = RegistrationFactory()
self.broken_registration.registered_from.piwik_site_id = 3
self.broken_registration.registered_from.save()
self.broken_registration.piwik_site_id = 3
self.broken_registration.save()
responses.start()
responses.add(
responses.GET,
'{host}index.php?module=API&method=SitesManager.getAllSites&format=JSON&token_auth={auth_token}'.format(
host=PIWIK_HOST,
auth_token=PIWIK_ADMIN_TOKEN,
),
status=200,
content_type='application/json',
body=json.dumps({
'1': {'name': 'Node: ' + self.registration.registered_from._id},
'2': {'name': 'Node: ' + self.registration._id},
'3': {'name': 'Node: ' + self.broken_registration.registered_from._id},
'4': {'name': 'Node: ' + self.broken_registration._id},
}),
match_querystring=True,
)
def tearDown(self):
super(TestMigrateRegistrations, self).tearDown()
Node.remove()
responses.stop()
responses.reset()
piwik_cache._cache = None
def test_get_broken_registrations(self):
nodes = list(get_broken_registrations())
assert_equal(1, len(nodes))
assert_equal(
self.broken_registration,
nodes[0]
)
def test_fix_registrations(self):
assert_equal(
1,
fix_nodes(get_broken_registrations())
)
# invalidate m-odm cache
Node._clear_caches()
broken_nodes = list(get_broken_registrations())
assert_equal(0, len(broken_nodes))
assert_is_none(
self.broken_registration.piwik_site_id
)
assert_is_not_none(
self.broken_registration.registered_from.piwik_site_id
)
class TestRetractRegistrations(OsfTestCase):
def setUp(self):
super(TestRetractRegistrations, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user)
self.registration.embargo_registration(
self.user,
timezone.now() + timedelta(days=10))
self.registration.save()
def test_new_embargo_should_be_unapproved(self):
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
main(dry_run=False)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
def test_should_not_activate_pending_embargo_less_than_48_hours_old(self):
# Embargo#iniation_date is read only
self.registration.embargo._fields['initiation_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(hours=47)),
safe=True)
self.registration.embargo.save()
assert_false(self.registration.embargo_end_date)
main(dry_run=False)
assert_false(self.registration.embargo_end_date)
def test_should_activate_pending_embargo_that_is_48_hours_old(self):
# Embargo#iniation_date is read only
self.registration.embargo._fields['initiation_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(hours=48)),
safe=True)
self.registration.embargo.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
main(dry_run=False)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
def test_should_activate_pending_embargo_more_than_48_hours_old(self):
# Embargo#iniation_date is read only
self.registration.embargo._fields['initiation_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(days=365)),
safe=True)
self.registration.embargo.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
main(dry_run=False)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
def test_embargo_past_end_date_should_be_completed(self):
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
self.registration.save()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
# Embargo#iniation_date is read only
self.registration.embargo._fields['end_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(days=1)),
safe=True)
self.registration.embargo.save()
assert_false(self.registration.is_public)
main(dry_run=False)
assert_true(self.registration.is_public)
assert_false(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
assert_equal(self.registration.embargo.state, 'completed')
def test_embargo_before_end_date_should_not_be_completed(self):
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
self.registration.save()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
# Embargo#iniation_date is read only
self.registration.embargo._fields['end_date'].__set__(
self.registration.embargo, (timezone.now() + timedelta(days=1)),
safe=True)
self.registration.embargo.save()
assert_false(self.registration.is_public)
main(dry_run=False)
assert_false(self.registration.is_public)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_embargo_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
# Embargo#iniation_date is read only
self.registration.embargo._fields['initiation_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(days=365)),
safe=True)
self.registration.embargo.save()
main(dry_run=False)
# Logs: Created, made public, registered, embargo initiated, embargo approved
embargo_approved_log = self.registration.registered_from.logs[
initial_project_logs + 1]
assert_equal(len(self.registration.registered_from.logs),
initial_project_logs + 1)
assert_equal(embargo_approved_log.params['node'],
self.registration.registered_from._id)
def test_embargo_completion_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
self.registration.save()
# Embargo#iniation_date is read only
self.registration.embargo._fields['end_date'].__set__(
self.registration.embargo, (timezone.now() - timedelta(days=1)),
safe=True)
self.registration.embargo.save()
main(dry_run=False)
# Logs: Created, made public, registered, embargo initiated, embargo approved, embargo completed
embargo_completed_log = self.registration.registered_from.logs[
initial_project_logs + 1]
assert_equal(len(self.registration.registered_from.logs),
initial_project_logs + 2)
assert_equal(embargo_completed_log.params['node'],
self.registration.registered_from._id)
class RegistrationEmbargoModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoModelsTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = datetime.datetime.utcnow(
) + datetime.timedelta(days=3)
# Node#_initiate_embargo tests
def test__initiate_embargo_saves_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(self.user,
self.valid_embargo_end_date,
for_existing_registration=True)
assert_equal(Embargo.find().count(), initial_count + 1)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(
self):
unconfirmed_user = UnconfirmedUserFactory()
self.registration.contributors.append(unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user,
'admin'))
embargo = self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True)
assert_true(self.user._id in embargo.approval_state)
assert_false(unconfirmed_user._id in embargo.approval_state)
def test__initiate_embargo_with_save_does_save_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True,
)
assert_equal(Embargo.find().count(), initial_count + 1)
# Backref tests
def test_embargo_initiator_has_backref(self):
self.registration.embargo_registration(self.user,
self.valid_embargo_end_date)
self.registration.save()
self.registration.reload()
assert_equal(len(self.user.embargo__embargoed),
Embargo.find(Q('initiated_by', 'eq', self.user)).count())
# Node#embargo_registration tests
def test_embargo_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.embargo_registration(self.user,
self.valid_embargo_end_date)
def test_embargo_end_date_in_past_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(
self.user, datetime.datetime(1999, 1, 1))
def test_embargo_end_date_today_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(self.user,
datetime.datetime.utcnow())
def test_embargo_end_date_in_far_future_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(
self.user, datetime.datetime(2099, 1, 1))
def test_embargo_with_valid_end_date_starts_pending_embargo(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
def test_embargo_public_project_makes_private_pending_embargo(self):
self.registration.is_public = True
assert_true(self.registration.is_public)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.is_public)
def test_embargo_non_registration_raises_NodeStateError(self):
self.registration.is_registration = False
self.registration.save()
with assert_raises(NodeStateError):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
assert_false(self.registration.is_pending_embargo)
# Embargo#approve_embargo tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.embargo.approve_embargo(self.user,
invalid_approval_token)
assert_true(self.registration.is_pending_embargo)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.embargo.approve_embargo(non_admin,
approval_token)
assert_true(self.registration.is_pending_embargo)
def test_one_approval_with_one_admin_embargoes(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
# Logs: Created, registered, embargo initiated, embargo approved
assert_equal(len(self.registration.registered_from.logs),
initial_project_logs + 2)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
# First admin approves
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.is_pending_embargo)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.embargo.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.embargo.approval_state[
admin2._id]['approval_token']
self.registration.embargo.approve_embargo(admin2, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.embargo.approval_state.values()
])
assert_equal(num_of_approvals, 2)
# Embargo#disapprove_embargo tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(
self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.embargo.disapprove_embargo(
self.user, fake.sentence())
assert_true(self.registration.is_pending_embargo)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.embargo.disapprove_embargo(
non_admin, rejection_token)
assert_true(self.registration.is_pending_embargo)
def test_one_disapproval_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user,
rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.embargo.disapprove_embargo(self.user,
rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(len(registered_from.logs), initial_project_logs + 2)
def test_cancelling_embargo_deletes_parent_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user,
rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
subcomponent = NodeFactory(creator=self.user,
parent=component,
title='Subcomponent')
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
project_registration.save()
rejection_token = project_registration.embargo.approval_state[
self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(
self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_cancelling_embargo_for_existing_registration_does_not_delete_registration(
self):
self.registration.embargo_registration(self.user,
datetime.datetime.utcnow() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user,
rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(
self):
component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
subcomponent = NodeFactory(creator=self.user,
parent=component,
title='Subcomponent')
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True)
rejection_token = project_registration.embargo.approval_state[
self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(
self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
# Embargo property tests
def test_new_registration_is_pending_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(
self.registration.is_pending_embargo_for_existing_registration)
def test_existing_registration_is_not_pending_registration(self):
self.registration.embargo_registration(self.user,
datetime.datetime.utcnow() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_false(
self.registration.is_pending_embargo_for_existing_registration)
class RegistrationEmbargoModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoModelsTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = datetime.datetime.utcnow() + datetime.timedelta(days=3)
# Node#_initiate_embargo tests
def test__initiate_embargo_saves_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(self.user, self.valid_embargo_end_date, for_existing_registration=True)
assert_equal(Embargo.find().count(), initial_count + 1)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
self.registration.contributors.append(unconfirmed_user)
self.registration.add_permission(unconfirmed_user, "admin", save=True)
assert_true(self.registration.has_permission(unconfirmed_user, "admin"))
embargo = self.registration._initiate_embargo(
self.user, self.valid_embargo_end_date, for_existing_registration=True
)
assert_true(self.user._id in embargo.approval_state)
assert_false(unconfirmed_user._id in embargo.approval_state)
def test__initiate_embargo_with_save_does_save_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(self.user, self.valid_embargo_end_date, for_existing_registration=True)
assert_equal(Embargo.find().count(), initial_count + 1)
# Backref tests
def test_embargo_initiator_has_backref(self):
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
self.registration.save()
self.registration.reload()
assert_equal(len(self.user.embargo__embargoed), Embargo.find(Q("initiated_by", "eq", self.user)).count())
# Node#embargo_registration tests
def test_embargo_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, "admin")
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
def test_embargo_end_date_in_past_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(self.user, datetime.datetime(1999, 1, 1))
def test_embargo_end_date_today_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow())
def test_embargo_end_date_in_far_future_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(self.user, datetime.datetime(2099, 1, 1))
def test_embargo_with_valid_end_date_starts_pending_embargo(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
def test_embargo_public_project_makes_private_pending_embargo(self):
self.registration.is_public = True
assert_true(self.registration.is_public)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.is_public)
def test_embargo_non_registration_raises_NodeStateError(self):
self.registration.is_registration = False
self.registration.save()
with assert_raises(NodeStateError):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
assert_false(self.registration.is_pending_embargo)
# Embargo#approve_embargo tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
invalid_approval_token = "not a real token"
with assert_raises(InvalidSanctionApprovalToken):
self.registration.embargo.approve_embargo(self.user, invalid_approval_token)
assert_true(self.registration.is_pending_embargo)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
with assert_raises(PermissionsError):
self.registration.embargo.approve_embargo(non_admin, approval_token)
assert_true(self.registration.is_pending_embargo)
def test_one_approval_with_one_admin_embargoes(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
self.registration.embargo.approve_embargo(self.user, approval_token)
# Logs: Created, registered, embargo initiated, embargo approved
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 2)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, "admin", save=True)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
# First admin approves
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.is_pending_embargo)
num_of_approvals = sum([val["has_approved"] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.embargo.approval_state[admin2._id]["approval_token"]
self.registration.embargo.approve_embargo(admin2, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
num_of_approvals = sum([val["has_approved"] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 2)
# Embargo#disapprove_embargo tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.embargo.disapprove_embargo(self.user, fake.sentence())
assert_true(self.registration.is_pending_embargo)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
with assert_raises(PermissionsError):
self.registration.embargo.disapprove_embargo(non_admin, rejection_token)
assert_true(self.registration.is_pending_embargo)
def test_one_disapproval_cancels_embargo(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
registered_from = self.registration.registered_from
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(len(registered_from.logs), initial_project_logs + 2)
def test_cancelling_embargo_deletes_parent_registration(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(creator=self.user, parent=self.project, title="Component")
subcomponent = NodeFactory(creator=self.user, parent=component, title="Subcomponent")
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
project_registration.save()
rejection_token = project_registration.embargo.approval_state[self.user._id]["rejection_token"]
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_cancelling_embargo_for_existing_registration_does_not_delete_registration(self):
self.registration.embargo_registration(
self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(creator=self.user, parent=self.project, title="Component")
subcomponent = NodeFactory(creator=self.user, parent=component, title="Subcomponent")
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]["rejection_token"]
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
# Embargo property tests
def test_new_registration_is_pending_registration(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo_for_existing_registration)
def test_existing_registration_is_not_pending_registration(self):
self.registration.embargo_registration(
self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True
)
self.registration.save()
assert_false(self.registration.is_pending_embargo_for_existing_registration)
class RegistrationWithChildNodesEmbargoModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationWithChildNodesEmbargoModelTestCase, self).setUp()
self.user = AuthUserFactory()
self.auth = self.user.auth
self.valid_embargo_end_date = datetime.datetime.utcnow(
) + datetime.timedelta(days=3)
self.project = ProjectFactory(title='Root',
is_public=False,
creator=self.user)
self.component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
self.subproject = ProjectFactory(creator=self.user,
parent=self.project,
title='Subproject')
self.subproject_component = NodeFactory(creator=self.user,
parent=self.subproject,
title='Subcomponent')
self.registration = RegistrationFactory(project=self.project)
# Reload the registration; else tests won't catch failures to save
self.registration.reload()
def test_approval_embargoes_descendant_nodes(self):
# Initiate embargo for parent registration
self.registration.embargo_registration(self.user,
self.valid_embargo_end_date)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_embargo)
# Approve parent registration's embargo
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo.embargo_end_date)
# Ensure descendant nodes are in embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.embargo_end_date)
def test_disapproval_cancels_embargo_on_descendant_nodes(self):
# Initiate embargo on parent registration
self.registration.embargo_registration(self.user,
self.valid_embargo_end_date)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_embargo)
# Disapprove parent registration's embargo
rejection_token = self.registration.embargo.approval_state[
self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user,
rejection_token)
assert_false(self.registration.is_pending_embargo)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
# Ensure descendant nodes' embargoes are cancelled
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_false(node.is_pending_embargo)
assert_false(node.embargo_end_date)
class RegistrationEmbargoApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoApprovalDisapprovalViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.registration = RegistrationFactory(creator=self.user)
# node_registration_embargo_approve tests
def test_GET_from_unauthorized_user_raises_HTTPForbidden(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 403)
def test_GET_approve_registration_without_embargo_raises_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, "admin", save=True)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]["approval_token"]
res = self.app.get(
self.registration.web_url_for("view_project", token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 400)
def test_GET_approve_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, "admin", save=True)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_approval_token = self.registration.embargo.approval_state[admin2._id]["approval_token"]
res = self.app.get(
self.registration.web_url_for("view_project", token=wrong_approval_token),
auth=self.user.auth,
expect_errors=True,
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
@mock.patch("flask.redirect")
def test_GET_approve_with_valid_token_redirects(self, mock_redirect):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]["approval_token"]
self.app.get(self.registration.web_url_for("view_project", token=approval_token), auth=self.user.auth)
self.registration.embargo.reload()
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
assert_true(mock_redirect.called_with(self.registration.web_url_for("view_project")))
def test_GET_from_unauthorized_user_returns_HTTPForbidden(self):
unauthorized_user = AuthUserFactory()
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN),
auth=unauthorized_user.auth,
expect_errors=True,
)
assert_equal(res.status_code, 403)
def test_GET_disapprove_registration_without_embargo_HTTPBad_Request(self):
assert_false(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True
)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_invalid_token_returns_HTTPBad_Request(self):
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.get(
self.registration.web_url_for("view_project", token=DUMMY_TOKEN), auth=self.user.auth, expect_errors=True
)
self.registration.embargo.reload()
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_wrong_admins_token_returns_HTTPBad_Request(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, "admin", save=True)
self.registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
self.registration.save()
assert_true(self.registration.is_pending_embargo)
wrong_rejection_token = self.registration.embargo.approval_state[admin2._id]["rejection_token"]
res = self.app.get(
self.registration.web_url_for("view_project", token=wrong_rejection_token),
auth=self.user.auth,
expect_errors=True,
)
assert_true(self.registration.is_pending_embargo)
assert_equal(res.status_code, 400)
def test_GET_disapprove_with_valid_token_returns_redirect_to_parent(self):
project = ProjectFactory(creator=self.user)
registration = RegistrationFactory(project=project)
registration.embargo_registration(self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10))
registration.save()
assert_true(registration.is_pending_embargo)
rejection_token = registration.embargo.approval_state[self.user._id]["rejection_token"]
res = self.app.get(registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth)
registration.embargo.reload()
assert_equal(registration.embargo.state, Embargo.REJECTED)
assert_false(registration.is_pending_embargo)
assert_equal(res.status_code, 302)
@mock.patch("flask.redirect")
def test_GET_disapprove_for_existing_registration_with_valid_token_redirects_to_registration(self, mock_redirect):
self.registration.embargo_registration(
self.user, datetime.datetime.utcnow() + datetime.timedelta(days=10), for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]["rejection_token"]
res = self.app.get(self.registration.web_url_for("view_project", token=rejection_token), auth=self.user.auth)
self.registration.embargo.reload()
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
assert_true(mock_redirect.called_with(self.registration.web_url_for("view_project")))
class RegistrationEmbargoViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
ensure_schemas()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.draft = DraftRegistrationFactory(branched_from=self.project)
self.registration = RegistrationFactory(project=self.project, creator=self.user)
current_month = datetime.datetime.now().strftime("%B")
current_year = datetime.datetime.now().strftime("%Y")
self.valid_make_public_payload = json.dumps({
u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format(
month=current_month,
year=current_year
),
u'registrationChoice': 'immediate',
u'summary': unicode(fake.sentence())
})
valid_date = datetime.datetime.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps({
u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
self.invalid_embargo_date_payload = json.dumps({
u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month,
year=str(int(current_year)-1)
),
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_register_draft_without_embargo_creates_registration_approval(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
assert_equal(res.status_code, 202)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_not_equal(registration.registration_approval, None)
# Regression test for https://openscience.atlassian.net/browse/OSF-5039
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_immediately_creates_private_pending_registration_for_public_project(self, mock_enqueue):
self.project.is_public = True
self.project.save()
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component',
is_public=True
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject',
is_public=True
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
assert_equal(res.status_code, 202)
assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations'))
# Last node directly registered from self.project
registration = Node.find(
Q('registered_from', 'eq', self.project)
).sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_make_public_does_not_make_children_public(self, mock_enqueue):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject'
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent'
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_make_public_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
# Last node directly registered from self.project
registration = Node.load(self.project.node__registrations[-1])
assert_false(registration.is_public)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_embargo_is_not_public(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
assert_equal(res.status_code, 202)
registration = Node.find().sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
# Regression test for https://openscience.atlassian.net/browse/OSF-5071
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_register_embargo_does_not_make_project_or_children_public(self, mock_enqueue):
self.project.is_public = True
self.project.save()
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component',
is_public=True
)
subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject',
is_public=True
)
subproject_component = NodeFactory(
creator=self.user,
parent=subproject,
title='Subcomponent',
is_public=True
)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
assert_equal(res.status_code, 202)
assert_equal(res.json['urls']['registrations'], self.project.web_url_for('node_registrations'))
# Last node directly registered from self.project
registration = Node.find(
Q('registered_from', 'eq', self.project)
).sort('-registered_date')[0]
assert_true(registration.is_registration)
assert_false(registration.is_public)
assert_true(registration.is_pending_embargo_for_existing_registration)
assert_is_not_none(registration.embargo)
for node in registration.get_descendants_recursive():
assert_true(node.is_registration)
assert_false(node.is_public)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_POST_invalid_embargo_end_date_returns_HTTPBad_Request(self, mock_enqueue):
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.invalid_embargo_date_payload,
content_type='application/json',
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
@mock.patch('framework.tasks.handlers.enqueue_task')
def test_valid_POST_embargo_adds_to_parent_projects_log(self, mock_enquque):
initial_project_logs = len(self.project.logs)
res = self.app.post(
self.project.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.valid_embargo_payload,
content_type='application/json',
auth=self.user.auth
)
self.project.reload()
# Logs: Created, registered, embargo initiated
assert_equal(len(self.project.logs), initial_project_logs + 1)
def test_non_contributor_GET_approval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project', token=approval_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
def test_non_contributor_GET_disapproval_returns_HTTPError(self):
non_contributor = AuthUserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
approval_url = self.registration.web_url_for('view_project', token=rejection_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(http.FORBIDDEN, res.status_code)
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.embargo_end_date)
class RegistrationEmbargoModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationEmbargoModelsTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = datetime.datetime.utcnow() + datetime.timedelta(days=3)
# Node#_initiate_embargo tests
def test__initiate_embargo_saves_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_equal(Embargo.find().count(), initial_count + 1)
def test_state_can_be_set_to_complete(self):
embargo = EmbargoFactory()
embargo.state = Embargo.COMPLETED
embargo.save() # should pass validation
assert_equal(embargo.state, Embargo.COMPLETED)
def test__initiate_embargo_does_not_create_tokens_for_unregistered_admin(self):
unconfirmed_user = UnconfirmedUserFactory()
self.registration.contributors.append(unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user, 'admin'))
embargo = self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_true(self.user._id in embargo.approval_state)
assert_false(unconfirmed_user._id in embargo.approval_state)
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(project.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
embargo = project._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def test__initiate_embargo_with_save_does_save_embargo(self):
initial_count = Embargo.find().count()
self.registration._initiate_embargo(
self.user,
self.valid_embargo_end_date,
for_existing_registration=True,
)
assert_equal(Embargo.find().count(), initial_count + 1)
# Backref tests
def test_embargo_initiator_has_backref(self):
self.registration.embargo_registration(
self.user,
self.valid_embargo_end_date
)
self.registration.save()
self.registration.reload()
assert_equal(len(self.user.embargo__embargoed),
Embargo.find(Q('initiated_by', 'eq', self.user)).count())
# Node#embargo_registration tests
def test_embargo_from_non_admin_raises_PermissionsError(self):
self.registration.remove_permission(self.user, 'admin')
self.registration.save()
self.registration.reload()
with assert_raises(PermissionsError):
self.registration.embargo_registration(self.user, self.valid_embargo_end_date)
def test_embargo_end_date_in_past_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(
self.user,
datetime.datetime(1999, 1, 1)
)
def test_embargo_end_date_today_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow()
)
def test_embargo_end_date_in_far_future_raises_ValidationValueError(self):
with assert_raises(ValidationValueError):
self.registration.embargo_registration(
self.user,
datetime.datetime(2099, 1, 1)
)
def test_embargo_with_valid_end_date_starts_pending_embargo(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
def test_embargo_public_project_makes_private_pending_embargo(self):
self.registration.is_public = True
assert_true(self.registration.is_public)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
assert_false(self.registration.is_public)
def test_embargo_non_registration_raises_NodeStateError(self):
self.registration.is_registration = False
self.registration.save()
with assert_raises(NodeStateError):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
assert_false(self.registration.is_pending_embargo)
# Embargo#approve_embargo tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
invalid_approval_token = 'not a real token'
with assert_raises(InvalidSanctionApprovalToken):
self.registration.embargo.approve_embargo(self.user, invalid_approval_token)
assert_true(self.registration.is_pending_embargo)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.embargo.approve_embargo(non_admin, approval_token)
assert_true(self.registration.is_pending_embargo)
def test_one_approval_with_one_admin_embargoes(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
# Logs: Created, registered, embargo initiated, embargo approved
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 2)
def test_one_approval_with_two_admins_stays_pending(self):
admin2 = UserFactory()
self.registration.contributors.append(admin2)
self.registration.add_permission(admin2, 'admin', save=True)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
# First admin approves
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, approval_token)
assert_true(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.embargo.approval_state[admin2._id]['approval_token']
self.registration.embargo.approve_embargo(admin2, approval_token)
assert_true(self.registration.embargo_end_date)
assert_false(self.registration.is_pending_embargo)
num_of_approvals = sum([val['has_approved'] for val in self.registration.embargo.approval_state.values()])
assert_equal(num_of_approvals, 2)
# Embargo#disapprove_embargo tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.embargo.disapprove_embargo(self.user, fake.sentence())
assert_true(self.registration.is_pending_embargo)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.embargo.disapprove_embargo(non_admin, rejection_token)
assert_true(self.registration.is_pending_embargo)
def test_one_disapproval_cancels_embargo(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_pending_embargo)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = len(self.registration.registered_from.logs)
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
registered_from = self.registration.registered_from
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
# Logs: Created, registered, embargo initiated, embargo cancelled
assert_equal(len(registered_from.logs), initial_project_logs + 2)
def test_cancelling_embargo_deletes_parent_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_true(self.registration.is_deleted)
def test_cancelling_embargo_deletes_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
subcomponent = NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
project_registration.save()
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_true(project_registration.is_deleted)
assert_true(component_registration.is_deleted)
assert_true(subcomponent_registration.is_deleted)
def test_cancelling_embargo_for_existing_registration_does_not_delete_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
rejection_token = self.registration.embargo.approval_state[self.user._id]['rejection_token']
self.registration.embargo.disapprove_embargo(self.user, rejection_token)
assert_equal(self.registration.embargo.state, Embargo.REJECTED)
assert_false(self.registration.is_deleted)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
subcomponent = NodeFactory(
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration.nodes[0]
subcomponent_registration = component_registration.nodes[0]
project_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
# Embargo property tests
def test_new_registration_is_pending_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.registration.save()
assert_true(self.registration.is_pending_embargo_for_existing_registration)
def test_existing_registration_is_not_pending_registration(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_false(self.registration.is_pending_embargo_for_existing_registration)
def test_on_complete_notify_initiator(self):
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
notify_initiator_on_complete=True
)
self.registration.save()
with mock.patch.object(PreregCallbackMixin, '_notify_initiator') as mock_notify:
self.registration.embargo._on_complete(self.user)
mock_notify.assert_called()
class TestWithdrawnRegistrations(NodeCRUDTestCase):
def setUp(self):
super(TestWithdrawnRegistrations, self).setUp()
self.registration = RegistrationFactory(creator=self.user, project=self.public_project)
self.withdrawn_registration = WithdrawnRegistrationFactory(registration=self.registration, user=self.registration.creator)
self.public_pointer_project = ProjectFactory(is_public=True)
self.public_pointer = self.public_project.add_pointer(self.public_pointer_project,
auth=Auth(self.user),
save=True)
self.withdrawn_url = '/{}registrations/{}/'.format(API_BASE, self.registration._id)
self.withdrawn_registration.justification = 'We made a major error.'
self.withdrawn_registration.save()
def test_can_access_withdrawn_contributors(self):
url = '/{}registrations/{}/contributors/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 200)
def test_cannot_access_withdrawn_children(self):
url = '/{}registrations/{}/children/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_comments(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_comment = CommentFactory(node=self.public_project, user=self.user)
url = '/{}registrations/{}/comments/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_can_access_withdrawn_contributor_detail(self):
url = '/{}registrations/{}/contributors/{}/'.format(API_BASE, self.registration._id, self.user._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 200)
def test_cannot_return_a_withdrawn_registration_at_node_detail_endpoint(self):
url = '/{}nodes/{}/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_cannot_delete_a_withdrawn_registration(self):
url = '/{}registrations/{}/'.format(API_BASE, self.registration._id)
res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True)
self.registration.reload()
assert_equal(res.status_code, 405)
def test_cannot_access_withdrawn_files_list(self):
url = '/{}registrations/{}/files/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_node_links_detail(self):
url = '/{}registrations/{}/node_links/{}/'.format(API_BASE, self.registration._id, self.public_pointer._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
def test_cannot_access_withdrawn_node_links_list(self):
url = '/{}registrations/{}/node_links/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_node_logs(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
url = '/{}registrations/{}/logs/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_cannot_access_withdrawn_registrations_list(self):
self.registration.save()
url = '/{}registrations/{}/registrations/'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_withdrawn_registrations_display_limited_fields(self):
registration = self.registration
res = self.app.get(self.withdrawn_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
attributes = res.json['data']['attributes']
expected_attributes = {
'title': registration.title,
'description': registration.description,
'date_created': registration.date_created.isoformat(),
'date_registered': registration.registered_date.isoformat(),
'withdrawal_justification': registration.retraction.justification,
'public': None,
'category': None,
'date_modified': None,
'registration': True,
'fork': None,
'collection': None,
'tags': None,
'withdrawn': True,
'pending_withdrawal': None,
'pending_registration_approval': None,
'pending_embargo_approval': None,
'embargo_end_date': None,
'registered_meta': None,
'current_user_permissions': None,
'registration_supplement': registration.registered_schema[0].name
}
for attribute in expected_attributes:
assert_equal(expected_attributes[attribute], attributes[attribute])
contributors = urlparse(res.json['data']['relationships']['contributors']['links']['related']['href']).path
assert_equal(contributors, '/{}registrations/{}/contributors/'.format(API_BASE, registration._id))
assert_not_in('children', res.json['data']['relationships'])
assert_not_in('comments', res.json['data']['relationships'])
assert_not_in('node_links', res.json['data']['relationships'])
assert_not_in('registrations', res.json['data']['relationships'])
assert_not_in('parent', res.json['data']['relationships'])
assert_not_in('forked_from', res.json['data']['relationships'])
assert_not_in('files', res.json['data']['relationships'])
assert_not_in('logs', res.json['data']['relationships'])
assert_not_in('registered_by', res.json['data']['relationships'])
assert_not_in('registered_from', res.json['data']['relationships'])
assert_not_in('root', res.json['data']['relationships'])
def test_field_specific_related_counts_ignored_if_hidden_field_on_withdrawn_registration(self):
url = '/{}registrations/{}/?related_counts=children'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_not_in('children', res.json['data']['relationships'])
assert_in('contributors', res.json['data']['relationships'])
def test_field_specific_related_counts_retrieved_if_visible_field_on_withdrawn_registration(self):
url = '/{}registrations/{}/?related_counts=contributors'.format(API_BASE, self.registration._id)
res = self.app.get(url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['relationships']['contributors']['links']['related']['meta']['count'], 1)
class TestNodeCount(OsfTestCase):
def setUp(self):
super(TestNodeCount, self).setUp()
self.user = UserFactory()
# 3 Projects - Public, Private, Private Component
self.public_project = ProjectFactory(is_public=True)
self.private_project = ProjectFactory(is_public=False)
self.private_component = ProjectFactory(parent=self.private_project)
# 5 Registrations - Public, Public Registrations of Private Proj + Component, Embargoed, Withdrawn
self.public_registration = RegistrationFactory(project=self.public_project, is_public=True)
self.registration_of_components = RegistrationFactory(project=self.private_project, is_public=True)
registration_of_component = self.private_component.registrations_all[0]
registration_of_component.is_public = True
registration_of_component.save()
self.embargoed_registration = RegistrationFactory(project=self.public_project, creator=self.user)
self.embargoed_registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10)
)
self.embargoed_registration.save()
self.reg_to_be_withdrawn = RegistrationFactory(project=self.public_project)
self.withdrawn_registration = WithdrawnRegistrationFactory(
registration=self.reg_to_be_withdrawn,
user=self.reg_to_be_withdrawn.creator
)
# Add Deleted Nodes
self.deleted_node = ProjectFactory(is_deleted=True)
self.deleted_node2 = ProjectFactory(is_deleted=True)
self.date = datetime.datetime.utcnow() - datetime.timedelta(1)
modify_node_dates_in_mongo(self.date - datetime.timedelta(0.1))
self.results = NodeSummary().get_events(self.date.date())[0]
def tearDown(self):
super(TestNodeCount, self).tearDown()
Node.remove()
User.remove()
def test_get_node_count(self):
nodes = self.results['nodes']
assert_equal(nodes['total'], 8) # 3 Projects, 5 Registrations
assert_equal(nodes['public'], 1) # 1 Project
assert_equal(nodes['private'], 2) # 1 Project, 1 Component
def test_get_project_count(self):
projects = self.results['projects']
assert_equal(projects['total'], 2)
assert_equal(projects['public'], 1)
assert_equal(projects['private'], 1)
def test_get_registered_nodes_count(self):
registered_nodes = self.results['registered_nodes']
assert_equal(registered_nodes['total'], 5)
assert_equal(registered_nodes['public'], 4) # 3 Registrations, 1 Withdrawn registration
assert_equal(registered_nodes['withdrawn'], 1)
assert_equal(registered_nodes['embargoed'], 1)
def test_get_registered_projects_count(self):
registered_projects = self.results['registered_projects']
assert_equal(registered_projects['total'], 4) # Not including a Registration Component
assert_equal(registered_projects['public'], 3)
assert_equal(registered_projects['withdrawn'], 1)
assert_equal(registered_projects['embargoed'], 1)
class RegistrationWithChildNodesRetractionModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationWithChildNodesRetractionModelTestCase, self).setUp()
self.user = AuthUserFactory()
self.auth = self.user.auth
self.project = ProjectFactory(is_public=True, creator=self.user)
self.component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
self.subproject = ProjectFactory(
creator=self.user,
parent=self.project,
title='Subproject'
)
self.subproject_component = NodeFactory(
creator=self.user,
parent=self.subproject,
title='Subcomponent'
)
self.registration = RegistrationFactory(project=self.project, is_public=True)
# Reload the registration; else tests won't catch failures to svae
self.registration.reload()
def test_approval_retracts_descendant_nodes(self):
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending registration
descendants = self.registration.get_descendants_recursive()
for node in descendants:
node.save()
assert_true(node.is_pending_retraction)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_retracted)
# Ensure descendant nodes are retracted
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
def test_disapproval_cancels_retraction_on_descendant_nodes(self):
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending registration
descendants = self.registration.get_descendants_recursive()
for node in descendants:
node.save()
assert_true(node.is_pending_retraction)
# Disapprove parent registration's retraction
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(self.user, rejection_token)
assert_false(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
assert_true(self.registration.retraction.is_rejected)
# Ensure descendant nodes' retractions are cancelled
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_false(node.is_pending_retraction)
assert_false(node.is_retracted)
def test_approval_cancels_pending_embargoes_on_descendant_nodes(self):
# Initiate embargo for registration
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_retraction)
assert_true(node.is_pending_embargo)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_embargo)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
assert_false(node.is_pending_embargo)
def test_approval_cancels_active_embargoes_on_descendant_nodes(self):
# Initiate embargo for registration
self.registration.embargo_registration(
self.user,
datetime.datetime.utcnow() + datetime.timedelta(days=10),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Approve embargo for registration
embargo_approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user, embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_retraction)
assert_true(node.embargo_end_date)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
self.registration.retraction.approve_retraction(self.user, approval_token)
assert_true(self.registration.is_retracted)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
class TestWikiContentView(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_page(self.public_project,
self.user)
self.public_url = '/{}wikis/{}/content/'.format(
API_BASE, self.public_wiki._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(
self.private_project, self.user)
self.private_url = '/{}wikis/{}/content/'.format(
API_BASE, self.private_wiki._id)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(
project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki_id = self.public_registration.wiki_pages_versions[
'home'][0]
self.public_registration.wiki_pages_current = {
'home': self.public_registration_wiki_id
}
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/content/'.format(
API_BASE, self.public_registration_wiki_id)
def test_logged_out_user_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_non_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_out_user_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_logged_in_non_contributor_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def test_logged_in_contributor_can_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.private_wiki.content)
def test_user_cannot_get_withdrawn_registration_wiki_content(self):
self._set_up_public_registration_with_wiki_page()
withdrawal = self.public_registration.retract_registration(
user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.public_registration_url,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
class RegistrationRetractionViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.registered_from = ProjectFactory(creator=self.user, is_public=True)
self.registration = RegistrationFactory(project=self.registered_from, is_public=True)
self.retraction_post_url = self.registration.api_url_for('node_registration_retraction_post')
self.retraction_get_url = self.registration.web_url_for('node_registration_retraction_get')
self.justification = fake.sentence()
def test_GET_retraction_page_when_pending_retraction_returns_HTTPError_BAD_REQUEST(self):
self.registration.retract_registration(self.user)
self.registration.save()
res = self.app.get(
self.retraction_get_url,
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_POST_retraction_to_private_registration_returns_HTTPError_FORBIDDEN(self):
self.registration.is_public = False
self.registration.save()
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.FORBIDDEN)
self.registration.reload()
assert_is_none(self.registration.retraction)
@mock.patch('website.mails.send_mail')
def test_POST_retraction_does_not_send_email_to_unregistered_admins(self, mock_send_mail):
unreg = UnregUserFactory()
self.registration.add_contributor(
unreg,
auth=Auth(self.user),
permissions=['read', 'write', 'admin']
)
self.registration.save()
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
# Only the creator gets an email; the unreg user does not get emailed
assert_equal(mock_send_mail.call_count, 1)
def test_POST_pending_embargo_returns_HTTPError_HTTPOK(self):
self.registration.embargo_registration(
self.user,
(datetime.datetime.utcnow() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_true(self.registration.is_pending_retraction)
def test_POST_active_embargo_returns_HTTPOK(self):
self.registration.embargo_registration(
self.user,
(datetime.datetime.utcnow() + datetime.timedelta(days=10)),
for_existing_registration=True
)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[self.user._id]['approval_token']
self.registration.embargo.approve(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_true(self.registration.is_pending_retraction)
def test_POST_retraction_by_non_admin_retract_HTTPError_UNAUTHORIZED(self):
res = self.app.post_json(self.retraction_post_url, expect_errors=True)
assert_equals(res.status_code, http.UNAUTHORIZED)
self.registration.reload()
assert_is_none(self.registration.retraction)
@mock.patch('website.mails.send_mail')
def test_POST_retraction_without_justification_returns_HTTPOK(self, mock_send):
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_true(self.registration.is_pending_retraction)
assert_is_none(self.registration.retraction.justification)
@mock.patch('website.mails.send_mail')
def test_valid_POST_retraction_adds_to_parent_projects_log(self, mock_send):
initial_project_logs = len(self.registration.registered_from.logs)
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
self.registration.registered_from.reload()
# Logs: Created, registered, retraction initiated
assert_equal(len(self.registration.registered_from.logs), initial_project_logs + 1)
@mock.patch('website.mails.send_mail')
def test_valid_POST_retraction_when_pending_retraction_raises_400(self, mock_send):
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, 400)
@mock.patch('website.mails.send_mail')
def test_valid_POST_calls_send_mail_with_username(self, mock_send):
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
assert_true(mock_send.called)
args, kwargs = mock_send.call_args
assert_true(self.user.username in args)
def test_non_contributor_GET_approval_returns_HTTPError_UNAUTHORIZED(self):
non_contributor = AuthUserFactory()
self.registration.retract_registration(self.user)
approval_token = self.registration.retraction.approval_state[self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project', token=approval_token)
res = self.app.get(approval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_contributor_GET_disapproval_returns_HTTPError_UNAUTHORIZED(self):
non_contributor = AuthUserFactory()
self.registration.retract_registration(self.user)
rejection_token = self.registration.retraction.approval_state[self.user._id]['rejection_token']
disapproval_url = self.registration.web_url_for('view_project', token=rejection_token)
res = self.app.get(disapproval_url, auth=non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
class TestRegistrationUpdate(ApiTestCase):
def setUp(self):
self.maxDiff = None
super(TestRegistrationUpdate, self).setUp()
self.user = AuthUserFactory()
self.user_two = AuthUserFactory()
self.user_three = AuthUserFactory()
self.public_project = ProjectFactory(title="Project One",
is_public=True,
creator=self.user)
self.private_project = ProjectFactory(title="Project Two",
is_public=False,
creator=self.user)
self.public_registration = RegistrationFactory(
project=self.public_project, creator=self.user, is_public=True)
self.private_registration = RegistrationFactory(
project=self.private_project, creator=self.user)
self.public_url = '/{}registrations/{}/'.format(
API_BASE, self.public_registration._id)
self.private_url = '/{}registrations/{}/'.format(
API_BASE, self.private_registration._id)
self.private_registration.add_contributor(
self.user_two, permissions=[permissions.READ])
self.private_registration.add_contributor(
self.user_three, permissions=[permissions.WRITE])
self.private_registration.save()
self.payload = {
"data": {
"id": self.private_registration._id,
"type": "registrations",
"attributes": {
"public": True,
}
}
}
def test_update_private_registration_logged_out(self):
res = self.app.put_json_api(self.private_url,
self.payload,
expect_errors=True)
assert_equal(res.status_code, 401)
def test_update_private_registration_logged_in_admin(self):
res = self.app.put_json_api(self.private_url,
self.payload,
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['public'], True)
def test_update_private_registration_logged_in_read_only_contributor(self):
res = self.app.put_json_api(self.private_url,
self.payload,
auth=self.user_two.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def test_update_private_registration_logged_in_read_write_contributor(
self):
res = self.app.put_json_api(self.private_url,
self.payload,
auth=self.user_three.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
def test_update_public_registration_to_private(self):
payload = {
"data": {
"id": self.public_registration._id,
"type": "registrations",
"attributes": {
"public": False,
}
}
}
res = self.app.put_json_api(self.public_url,
payload,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(
res.json['errors'][0]['detail'],
'Registrations can only be turned from private to public.')
def test_public_field_has_invalid_value(self):
payload = {
"data": {
"id": self.public_registration._id,
"type": "registrations",
"attributes": {
"public": "Yes"
}
}
}
res = self.app.put_json_api(self.public_url,
payload,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['detail'],
'"Yes" is not a valid boolean.')
def test_fields_other_than_public_are_ignored(self):
payload = {
"data": {
"id": self.private_registration._id,
"type": "registrations",
"attributes": {
"public": True,
"category": "instrumentation",
"title": "New title",
"description": "New description"
}
}
}
res = self.app.put_json_api(self.private_url,
payload,
auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['attributes']['public'], True)
assert_equal(res.json['data']['attributes']['category'], 'project')
assert_equal(res.json['data']['attributes']['description'],
self.private_registration.description)
assert_equal(res.json['data']['attributes']['title'],
self.private_registration.title)
def test_type_field_must_match(self):
payload = {
"data": {
"id": self.private_registration._id,
"type": "nodes",
"attributes": {
"public": True,
"category": "instrumentation",
"title": "New title",
"description": "New description"
}
}
}
res = self.app.put_json_api(self.private_url,
payload,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 409)
def test_id_field_must_match(self):
payload = {
"data": {
"id": '12345',
"type": "registrations",
"attributes": {
"public": True,
"category": "instrumentation",
"title": "New title",
"description": "New description"
}
}
}
res = self.app.put_json_api(self.private_url,
payload,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 409)
def test_turning_private_registrations_public(self):
node1 = ProjectFactory(creator=self.user, is_public=False)
node2 = ProjectFactory(creator=self.user, is_public=False)
node1.is_registration = True
node1.registered_from = node2
node1.registered_date = node1.date_modified
node1.save()
payload = {
"data": {
"id": node1._id,
"type": "registrations",
"attributes": {
"public": True,
}
}
}
url = '/{}registrations/{}/'.format(API_BASE, node1._id)
res = self.app.put_json_api(url, payload, auth=self.user.auth)
assert_equal(res.json['data']['attributes']['public'], True)
def test_registration_fields_are_read_only(self):
writeable_fields = [
'type', 'public', 'draft_registration', 'registration_choice',
'lift_embargo'
]
for field in RegistrationSerializer._declared_fields:
reg_field = RegistrationSerializer._declared_fields[field]
if field not in writeable_fields:
assert_equal(getattr(reg_field, 'read_only', False), True)
def test_registration_detail_fields_are_read_only(self):
writeable_fields = [
'type', 'public', 'draft_registration', 'registration_choice',
'lift_embargo'
]
for field in RegistrationDetailSerializer._declared_fields:
reg_field = RegistrationSerializer._declared_fields[field]
if field not in writeable_fields:
assert_equal(getattr(reg_field, 'read_only', False), True)
def test_user_cannot_delete_registration(self):
res = self.app.delete_json_api(self.private_url,
expect_errors=True,
auth=self.user.auth)
assert_equal(res.status_code, 405)
