Пример #1
0
 def test_set_perms(self):
     self.insert_user("foo", developer=True, level="basic")
     user = AdsApiUser.from_dev_key("foo_dev_key")
     self.assertTrue(user.is_developer())
     self.assertEqual(user.user_rec.developer_perms, api_user.PERMISSION_LEVELS["basic"])
     user.set_perms("devel")
     user = AdsApiUser.from_dev_key("foo_dev_key")
     self.assertEqual(user.user_rec.developer_perms, api_user.PERMISSION_LEVELS["devel"])
     user.set_perms(perms={'bar': 'baz'})
     user = AdsApiUser.from_dev_key("foo_dev_key")
     self.assertEqual(user.user_rec.developer_perms, {'bar': 'baz'})
Пример #2
0
 def test_allowed_ips_2(self):
     dev_perms = api_user.PERMISSION_LEVELS['basic']
     dev_perms['allowed_ips'] = ['192.168.0.1']
     self.insert_user("foo", developer=True, dev_perms=dev_perms.copy())
     user = AdsApiUser.from_dev_key("foo_dev_key")
     with self.app.test_request_context('/'):
         self.assertTrue(user.ip_allowed('192.168.0.1'))
         self.assertFalse(user.ip_allowed('199.111.99.11'))
Пример #3
0
 def test_allowed_ips_1(self):
     """
     ip_allowed() should always be true if no 'allowed_ips' set in dev perms
     """
     self.insert_user("foo", developer=True, level='basic')
     user = AdsApiUser.from_dev_key("foo_dev_key")
     with self.app.test_request_context('/'):
         self.assertTrue(user.ip_allowed('192.168.0.1'))
Пример #4
0
 def test_empty_dev_key(self):
     """ensure that a user record with a dev_key of "" doesn't allow access to empty dev_key input"""
     
     self.insert_user("foo", developer=True)
     with canned_solr_response_data():
         user = AdsApiUser.from_dev_key("foo_dev_key")
         user.set_dev_key("")
         rv = self.client.get('/api/search/?q=black+holes&dev_key=')
         self.assertEqual(rv.status_code, 401)
Пример #5
0
 def test_default_perm_levels(self):
      
     self.insert_user("foo", developer=True, level="basic")
     u = AdsApiUser.from_dev_key("foo_dev_key")
      
     self.assertIsNone(u._max_rows_ok(99))
     self.assertIsNone(u._max_rows_ok(100))
     self.assertRaisesRegexp(AssertionError, 'rows=101 exceeds max allowed value: 100', u._max_rows_ok, 101)
      
     self.assertIsNone(u._max_start_ok(300))
     self.assertRaisesRegexp(AssertionError, 'start=10001 exceeds max allowed value: 10000', u._max_start_ok, 10001)
      
     self.assertRaisesRegexp(AssertionError, 'facets disabled', u._facets_ok, ["author"])
     self.assertRaisesRegexp(AssertionError, 'highlighting disabled', u._highlight_ok, ["title"])
     for f in config.API_SOLR_DEFAULT_FIELDS:
         self.assertIsNone(u._fields_ok(f))
     for f in config.API_SOLR_EXTRA_FIELDS:
         self.assertRaisesRegexp(AssertionError, 'disallowed field: %s' % f, u._fields_ok, f)
          
     self.insert_user("bar", developer=True, level="devel")
     u = AdsApiUser.from_dev_key("bar_dev_key")
          
     self.assertIsNone(u._max_rows_ok(200))
     self.assertRaisesRegexp(AssertionError, 'rows=201 exceeds max allowed value: 200', u._max_rows_ok, 201)
      
     self.assertIsNone(u._max_start_ok(50000))
     self.assertRaisesRegexp(AssertionError, 'start=50001 exceeds max allowed value: 50000', u._max_start_ok, 50001)
      
     self.assertIsNone(u._facets_ok(['author']))
     self.assertIsNone(u._highlight_ok(['abstract']))
      
     for f in config.API_SOLR_DEFAULT_FIELDS:
         self.assertIsNone(u._fields_ok(f))
          
     for f in config.API_SOLR_EXTRA_FIELDS:
         self.assertRaisesRegexp(AssertionError, 'disallowed field: %s' % f, u._fields_ok, f)
          
     for f in config.API_SOLR_HIGHLIGHT_FIELDS:
         self.assertIsNone(u._highlight_ok([f]))
         self.assertIsNone(u._highlight_ok(["%s:4" % f]))
         self.assertRaisesRegexp(AssertionError, 'highlight count 5 exceeds', u._highlight_ok, ["%s:5" % f])
          
     for f in config.API_SOLR_FACET_FIELDS.keys():
         self.assertIsNone(u._facets_ok([f]))
Пример #6
0
 def test_dev_user(self):
     
     self.insert_user("a")
     
     user = AdsApiUser.from_dev_key("b_dev_key")
     self.assertIsNone(user)
     
     self.insert_user("b")
     user = AdsApiUser.from_dev_key("b_dev_key")
     self.assertIsNone(user)
     
     self.insert_user("c", developer=True)
     user = AdsApiUser.from_dev_key("c_dev_key")
     self.assertIsNotNone(user)
     self.assertTrue(user.is_developer())
     self.assertEqual("c_name", user.name)
     
     self.insert_user("d", developer=True, dev_perms={"foo": 1})
     user = AdsApiUser.from_dev_key("d_dev_key")
     self.assertIsNotNone(user)
     self.assertIn("foo", user.get_dev_perms())
Пример #7
0
 def test_allowed_ips_4(self):
     """
     once more with an real ip value use case
     """
     dev_perms = api_user.PERMISSION_LEVELS['collab']
     dev_perms['allowed_ips'] = ['131.142.184.0/24','131.142.185.0/24']
     self.insert_user("foo", developer=True, dev_perms=dev_perms.copy())
     user = AdsApiUser.from_dev_key("foo_dev_key")
     with self.app.test_request_context('/'):
         self.assertTrue(user.ip_allowed('131.142.184.21'))
         self.assertTrue(user.ip_allowed('131.142.185.101'))
         self.assertFalse(user.ip_allowed('131.142.186.190'))
Пример #8
0
 def test_returned_fields(self):
     self.insert_user("foo", developer=True, level="basic")
     api_user = AdsApiUser.from_dev_key("foo_dev_key")
      
     rv = self.client.get('/api/search/?q=black+holes&dev_key=foo_dev_key')
     resp = json.loads(rv.data)
     allowed_fields = api_user.get_allowed_fields()
     for f in resp['results']['docs'][0].keys():
         self.assertIn(f, allowed_fields)
          
     rv = self.client.get('/api/search/?q=black+holes&dev_key=foo_dev_key&fl=abstract,title')
     resp = json.loads(rv.data)
     expected_fields = ['abstract','title'] + config.SOLR_SEARCH_REQUIRED_FIELDS
     self.assertEqual(set(resp['results']['docs'][0].keys()), set(expected_fields))
Пример #9
0
    def test_returned_highlights(self):
        self.insert_user("foo", developer=True, level="devel")
        api_user = AdsApiUser.from_dev_key("foo_dev_key")
        
        regex = re.compile('<em>\(?black', re.IGNORECASE)

        rv = self.client.get('/api/search/?q=abstract:\"black+holes\"&dev_key=foo_dev_key&hl=abstract&rows=1')
        resp = json.loads(rv.data)
        for doc in resp['results']['docs']:
            self.assertIn('highlights', doc)
            self.assertIn('abstract', doc['highlights'])
            self.assertTrue(regex.search(doc['highlights']['abstract'][0]))
            
        rv = self.client.get('/api/search/?q=abstract:\"black+holes\"&dev_key=foo_dev_key&hl=abstract:2')
        resp = json.loads(rv.data)
        maxh = 0
        for doc in resp['results']['docs']:
            self.assertIn('highlights', doc)
            self.assertIn('abstract', doc['highlights'])
            self.assertTrue(regex.search(doc['highlights']['abstract'][0]))
            if len(doc['highlights']['abstract']) > maxh:
                maxh = len(doc['highlights']['abstract'])
        
        self.assertTrue(maxh == 2, "Twere were too few/many hightlights returned, requested=2, returned=%s" % maxh )
        
        # multiple fields
        rv = self.client.get('/api/search/?q=\"black+holes\"+AND+bibcode:2014MNRAS.440L.121D&qf=body+abstract&dev_key=foo_dev_key&hl=abstract:1&hl=body:3')
        resp = json.loads(rv.data)
        for doc in resp['results']['docs']:
            self.assertIn('highlights', doc)
            self.assertIn('abstract', doc['highlights'])
            self.assertTrue(regex.search(doc['highlights']['abstract'][0]))
            self.assertIn('body', doc['highlights'])
            self.assertTrue(regex.search(doc['highlights']['body'][0]))
            self.assertTrue(len(doc['highlights']['abstract']) == 1, "Too many highlights")
            self.assertTrue(len(doc['highlights']['body']) == 3, "Too few highlights")    
Пример #10
0
 def DP(perms):
     u = AdsApiUser.from_dev_key("foo_dev_key")
     u.set_perms(perms=perms)
     return u