def test_dataverse_get_user_accounts(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.external_accounts.append(create_external_account())
self.user.save()
url = api_url_for('dataverse_get_user_accounts')
res = self.app.get(url, auth=self.user.auth)
accounts = res.json['accounts']
assert_equal(len(accounts), 2)
serializer = DataverseSerializer(user_settings=self.user_settings)
assert_equal(
accounts[0], serializer.serialize_account(external_account),
)
def test_dataverse_root_not_published(self, mock_files, mock_connection):
mock_connection.return_value = create_mock_connection()
mock_files.return_value = []
self.project.set_privacy('public')
self.project.save()
alias = self.node_settings.dataverse_alias
doi = self.node_settings.dataset_doi
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
self.node_settings.set_auth(external_account, self.user)
self.node_settings.dataverse_alias = alias
self.node_settings.dataset_doi = doi
self.node_settings.save()
url = api_url_for('dataverse_root_folder_public',
pid=self.project._primary_key)
# Contributor gets draft, no options
res = self.app.get(url, auth=self.user.auth)
assert_true(res.json[0]['permissions']['edit'])
assert_false(res.json[0]['hasPublishedFiles'])
assert_equal(res.json[0]['version'], 'latest')
# Non-contributor gets nothing
user2 = AuthUserFactory()
res = self.app.get(url, auth=user2.auth)
assert_equal(res.json, [])
def test_set_auth(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
# this should not affect settings implicitly
original_doi = self.node_settings.dataset_doi
self.node_settings.set_auth(
external_account=external_account,
user=self.user
)
# this instance is updated
assert_equal(
self.node_settings.external_account,
external_account
)
assert_equal(
self.node_settings.user_settings,
self.user_settings
)
assert_equal(
self.node_settings.dataset_doi,
original_doi
)
# user_settings was updated
assert_true(
self.user_settings.verify_oauth_access(
node=self.project,
external_account=external_account,
)
)
def test_dataverse_root_not_published(self, mock_files, mock_connection):
mock_connection.return_value = create_mock_connection()
mock_files.return_value = []
self.project.set_privacy('public')
self.project.save()
alias = self.node_settings.dataverse_alias
doi = self.node_settings.dataset_doi
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
self.node_settings.set_auth(external_account, self.user)
self.node_settings.dataverse_alias = alias
self.node_settings.dataset_doi = doi
self.node_settings.save()
url = api_url_for('dataverse_root_folder_public',
pid=self.project._primary_key)
# Contributor gets draft, no options
res = self.app.get(url, auth=self.user.auth)
assert_true(res.json[0]['permissions']['edit'])
assert_false(res.json[0]['hasPublishedFiles'])
assert_equal(res.json[0]['version'], 'latest')
# Non-contributor gets nothing
user2 = AuthUserFactory()
res = self.app.get(url, auth=user2.auth)
assert_equal(res.json, [])
def test_dataverse_get_user_accounts(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.external_accounts.append(create_external_account())
self.user.save()
url = api_url_for('dataverse_get_user_accounts')
res = self.app.get(url, auth=self.user.auth)
accounts = res.json['accounts']
assert_equal(len(accounts), 2)
serializer = DataverseSerializer(user_settings=self.user_settings)
assert_equal(
accounts[0],
serializer.serialize_account(external_account),
)
def test_set_auth(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
# this should not affect settings implicitly
original_doi = self.node_settings.dataset_doi
self.node_settings.set_auth(
external_account=external_account,
user=self.user
)
# this instance is updated
assert_equal(
self.node_settings.external_account,
external_account
)
assert_equal(
self.node_settings.user_settings,
self.user_settings
)
assert_equal(
self.node_settings.dataset_doi,
original_doi
)
# user_settings was updated
assert_true(
self.user_settings.verify_oauth_access(
node=self.project,
external_account=external_account,
)
)
def test_set_auth_wrong_user(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
with assert_raises(PermissionsError):
self.node_settings.set_auth(external_account=external_account,
user=UserFactory())
def test_connect_from_settings_or_401(self, mock_connect):
node_settings = AddonDataverseNodeSettings()
node_settings.external_account = create_external_account(
self.host, self.token,
)
connection = connect_from_settings_or_401(node_settings)
assert_true(connection)
mock_connect.assert_called_once_with(self.host, self.token)
def test_connect_from_settings_or_401(self, mock_connect):
node_settings = AddonDataverseNodeSettings()
node_settings.external_account = create_external_account(
self.host, self.token,
)
connection = connect_from_settings_or_401(node_settings)
assert_true(connection)
mock_connect.assert_called_once_with(self.host, self.token)
def test_add_user_auth_not_in_user_external_accounts(self):
external_account = create_external_account()
with assert_raises(HTTPError) as e:
self.provider.add_user_auth(
self.node_settings,
self.user,
external_account._id,
)
assert_equal(e.status_code, http.FORBIDDEN)
def test_set_auth_wrong_user(self):
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
with assert_raises(PermissionsError):
self.node_settings.set_auth(
external_account=external_account,
user=UserFactory()
)
def _prep_auth_case(self):
self.node = ProjectFactory()
self.user = self.node.creator
self.external_account = create_external_account()
self.user.external_accounts.append(self.external_account)
self.user.save()
self.user_settings = self.user.get_or_add_addon('mendeley')
def _prep_auth_case(self):
self.node = ProjectFactory()
self.user = self.node.creator
self.external_account = create_external_account()
self.user.external_accounts.append(self.external_account)
self.user.save()
self.user_settings = self.user.get_or_add_addon('mendeley')
def test_add_user_auth_not_in_user_external_accounts(self):
external_account = create_external_account()
with assert_raises(HTTPError) as e:
self.provider.add_user_auth(
self.node_settings,
self.user,
external_account._id,
)
assert_equal(e.status_code, http.FORBIDDEN)
def setUp(self):
super(TestDataverseSerializerConfig, self).setUp()
self.host = 'my.host.name'
self.external_account = create_external_account(self.host)
self.user.external_accounts.append(self.external_account)
self.node_settings.set_auth(self.external_account, self.user)
self.serializer = DataverseSerializer(
user_settings=self.user_settings,
node_settings=self.node_settings,
)
def test_connect_from_settings_or_401_forbidden(self, mock_connection):
mock_connection.side_effect = UnauthorizedError()
node_settings = AddonDataverseNodeSettings()
node_settings.external_account = create_external_account(
self.host, self.token,
)
with assert_raises(HTTPError) as e:
connect_from_settings_or_401(node_settings)
mock_connection.assert_called_once_with(self.host, self.token)
assert_equal(e.exception.code, 401)
def test_connect_from_settings_or_401_forbidden(self, mock_connection):
mock_connection.side_effect = UnauthorizedError()
node_settings = AddonDataverseNodeSettings()
node_settings.external_account = create_external_account(
self.host, self.token,
)
with assert_raises(HTTPError) as e:
connect_from_settings_or_401(node_settings)
mock_connection.assert_called_once_with(self.host, self.token)
assert_equal(e.exception.code, 401)
def test_has_auth(self):
# No auth by default
assert_false(self.node_settings.has_auth)
# Append an external account
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.node_settings.set_auth(external_account, self.user)
assert_true(self.node_settings.has_auth)
# Node settings configuration should have no effect
self.node_settings.dataset_doi = None
assert_true(self.node_settings.has_auth)
def test_has_auth(self):
# No auth by default
assert_false(self.node_settings.has_auth)
# Append an external account
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.node_settings.set_auth(external_account, self.user)
assert_true(self.node_settings.has_auth)
# Node settings configuration should have no effect
self.node_settings.dataset_doi = None
assert_true(self.node_settings.has_auth)
def test_add_user_auth(self, mock_connect):
mock_connect.return_value = create_mock_connection()
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
self.provider.add_user_auth(
self.node_settings,
self.user,
external_account._id,
)
assert_equal(self.node_settings.external_account, external_account)
assert_equal(self.node_settings.user_settings, self.user_settings)
def test_add_user_auth(self, mock_connect):
mock_connect.return_value = create_mock_connection()
external_account = create_external_account()
self.user.external_accounts.append(external_account)
self.user.save()
self.provider.add_user_auth(
self.node_settings,
self.user,
external_account._id,
)
assert_equal(self.node_settings.external_account, external_account)
assert_equal(self.node_settings.user_settings, self.user_settings)
def test_user_config_get(self):
url = api_url_for('dataverse_user_config_get')
res = self.app.get(url, auth=self.user.auth)
result = res.json.get('result')
assert_false(result['userHasAuth'])
assert_in('hosts', result)
assert_in('create', result['urls'])
# userHasAuth is true with external accounts
self.user.external_accounts.append(create_external_account())
self.user.save()
res = self.app.get(url, auth=self.user.auth)
result = res.json.get('result')
assert_true(result['userHasAuth'])
def test_user_config_get(self):
url = api_url_for('dataverse_user_config_get')
res = self.app.get(url, auth=self.user.auth)
result = res.json.get('result')
assert_false(result['userHasAuth'])
assert_in('hosts', result)
assert_in('create', result['urls'])
# userHasAuth is true with external accounts
self.user.external_accounts.append(create_external_account())
self.user.save()
res = self.app.get(url, auth=self.user.auth)
result = res.json.get('result')
assert_true(result['userHasAuth'])
def test_verify_oauth_access_no_metadata(self):
self._prep_auth_case()
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
self.user_settings.save()
assert_true(
self.user_settings.verify_oauth_access(
node=self.node, external_account=self.external_account))
assert_false(
self.user_settings.verify_oauth_access(
node=self.node, external_account=create_external_account()))
def test_has_auth_false(self):
# No auth by default
assert_false(self.node_settings.has_auth)
# both external_account and user_settings must be set to have auth
external_account = create_external_account()
self.node_settings.external_account = external_account
assert_false(self.node_settings.has_auth)
self.node_settings.external_account = None
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
# set_auth must be called to have auth
self.node_settings.external_account = external_account
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
def test_has_auth_false(self):
# No auth by default
assert_false(self.node_settings.has_auth)
# both external_account and user_settings must be set to have auth
external_account = create_external_account()
self.node_settings.external_account = external_account
assert_false(self.node_settings.has_auth)
self.node_settings.external_account = None
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
# set_auth must be called to have auth
self.node_settings.external_account = external_account
self.node_settings.user_settings = self.user_settings
assert_false(self.node_settings.has_auth)
def test_serialize_settings_helper_non_owner(self, mock_connection):
mock_connection.return_value = create_mock_connection()
# Non-owner user without add-on
serializer = DataverseSerializer(node_settings=self.node_settings)
result = serializer.serialized_node_settings
assert_equal(result['nodeHasAuth'], self.node_settings.has_auth)
assert_false(result['userHasAuth'])
assert_false(result['userIsOwner'])
# Non-owner user with add-on
stranger = AuthUserFactory()
stranger.add_addon('dataverse')
stranger.external_accounts.append(create_external_account())
serializer.user_settings = stranger.get_addon('dataverse')
result = serializer.serialized_node_settings
assert_equal(result['nodeHasAuth'], self.node_settings.has_auth)
assert_true(result['userHasAuth'])
assert_false(result['userIsOwner'])
def test_verify_oauth_access_no_metadata(self):
self._prep_auth_case()
self.user_settings.grant_oauth_access(
node=self.node,
external_account=self.external_account,
)
self.user_settings.save()
assert_true(
self.user_settings.verify_oauth_access(
node=self.node,
external_account=self.external_account
)
)
assert_false(
self.user_settings.verify_oauth_access(
node=self.node,
external_account=create_external_account()
)
)
