def test_deposit_delete_permissions(app, test_records_data,
login_user, test_users):
"""Test deposit delete with HTTP DELETE."""
with app.app_context():
admin = test_users['admin']
def test_delete(deposit, status, user=None):
with app.test_client() as client:
if user is not None:
login_user(user, client)
headers = [('Accept', 'application/json')]
request_res = client.delete(
url_for('b2share_deposit_rest.b2dep_item',
pid_value=deposit.pid.pid_value),
headers=headers)
assert request_res.status_code == status
creator = create_user('creator')
non_creator = create_user('non-creator')
# test with anonymous user
deposit = create_deposit(test_records_data[0], creator)
test_delete(deposit, 401)
deposit.submit()
test_delete(deposit, 401)
deposit.publish()
test_delete(deposit, 401)
# test with non creator user
deposit = create_deposit(test_records_data[0], creator)
test_delete(deposit, 403, non_creator)
deposit.submit()
test_delete(deposit, 403, non_creator)
deposit.publish()
test_delete(deposit, 403, non_creator)
# test with creator user
deposit = create_deposit(test_records_data[0], creator)
test_delete(deposit, 204, creator)
deposit = create_deposit(test_records_data[0], creator)
deposit.submit()
test_delete(deposit, 204, creator)
deposit = create_deposit(test_records_data[0], creator)
deposit.submit()
deposit.publish()
test_delete(deposit, 403, creator)
# test with admin user
deposit = create_deposit(test_records_data[0], creator)
test_delete(deposit, 204, admin)
deposit = create_deposit(test_records_data[0], creator)
deposit.submit()
test_delete(deposit, 204, admin)
deposit = create_deposit(test_records_data[0], creator)
deposit.submit()
deposit.publish()
# FIXME: handle the deletion of published deposits
test_delete(deposit, 403, admin)
def test_modify_metadata_published_record_permissions(app, test_communities,
login_user, test_users):
"""Test record's metadata modification with REST API."""
admin = test_users['admin']
with app.app_context():
creator = create_user('creator')
non_creator = create_user('non-creator')
record_data = generate_record_data(open_access=True)
community = Community.get(id=record_data['community'])
com_admin = create_user('com_admin', roles=[community.admin_role])
com_member = create_user('com_member', roles=[community.member_role])
def test_modify(status, user=None):
patch = [{
"op": "replace",
"path": "/titles",
"value": [{
'title': 'newtitle'
}]
}]
with app.test_client() as client:
_, record_pid, record = create_record(record_data, creator)
if user is not None:
login_user(user, client)
# test patching the document
headers = [('Content-Type', 'application/json-patch+json'),
('Accept', 'application/json')]
request_res = client.patch(url_for(
'b2share_records_rest.b2rec_item',
pid_value=record_pid.pid_value),
data=json.dumps(patch),
headers=headers)
assert request_res.status_code == status
# _, record_pid, record = create_record(record_data, creator)
# test putting the document
# data = dict(record)
# apply_patch(data, patch)
# headers = [('Content-Type', 'application/json'),
# ('Accept', 'application/json')]
# request_res = client.put(
# url_for('b2share_records_rest.b2rec_item',
# pid_value=record_pid.pid_value),
# data=json.dumps(data),
# headers=headers)
# assert request_res.status_code == status
# test with anonymous user
test_modify(401)
test_modify(403, non_creator)
test_modify(200, creator)
test_modify(403, com_member)
test_modify(200, com_admin)
test_modify(200, admin)
def test_deposit_publish_permissions(app, login_user, test_communities,
test_users):
"""Test deposit publication with HTTP PATCH."""
with app.app_context():
community_name = 'MyTestCommunity1'
record_data = generate_record_data(community=community_name)
admin = test_users['admin']
creator = create_user('creator')
non_creator = create_user('non-creator')
community = Community.get(name=community_name)
com_member = create_user('com_member', roles=[community.member_role])
com_admin = create_user('com_admin', roles=[community.admin_role])
def test_publish(status, user=None):
deposit = create_deposit(record_data, creator)
deposit.submit()
headers = [('Content-Type', 'application/json-patch+json'),
('Accept', 'application/json')]
with app.test_client() as client:
if user is not None:
login_user(user, client)
request_res = client.patch(url_for(
'b2share_deposit_rest.b2dep_item',
pid_value=deposit.pid.pid_value),
data=json.dumps([{
"op":
"replace",
"path":
"/publication_state",
"value":
PublicationStates.published.name
}, {
"op":
"replace",
"path":
"/titles",
"value": [{
'title': 'newtitle'
}]
}]),
headers=headers)
assert request_res.status_code == status
# test with anonymous user
test_publish(401)
test_publish(403, non_creator)
test_publish(403, creator)
test_publish(200, admin)
test_publish(403, com_member)
test_publish(200, com_admin)
def test_deposit_create_permission(app, test_users, login_user,
test_communities):
"""Test record draft creation."""
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
with app.app_context():
community_name = 'MyTestCommunity1'
record_data = generate_record_data(community=community_name)
community_id = test_communities[community_name]
community = Community.get(community_id)
creator = create_user('creator')
need = create_deposit_need_factory(str(community_id))
allowed = create_user('allowed', permissions=[need])
com_member = create_user('com_member', roles=[community.member_role])
com_admin = create_user('com_admin', roles=[community.admin_role])
def restrict_creation(restricted):
community.update({'restricted_submission':restricted})
db.session.commit()
def test_creation(expected_code, user=None):
with app.test_client() as client:
if user is not None:
login_user(user, client)
draft_create_res = client.post(
url_for('b2share_records_rest.b2rec_list'),
data=json.dumps(record_data),
headers=headers
)
assert draft_create_res.status_code == expected_code
# test creating a deposit with anonymous user
restrict_creation(False)
test_creation(401)
restrict_creation(True)
test_creation(401)
# test creating a deposit with a logged in user
restrict_creation(False)
test_creation(201, creator)
restrict_creation(True)
test_creation(403, creator)
# test with a use who is allowed
test_creation(201, allowed)
# test with a community member and admin
test_creation(201, com_member)
test_creation(201, com_admin)
def test_record_content(app, test_communities,
login_user, test_users):
"""Test record read with REST API."""
uploaded_files = {
'myfile1.dat': b'contents1',
'myfile2.dat': b'contents2'
}
admin = test_users['admin']
with app.app_context():
creator = create_user('creator')
non_creator = create_user('non-creator')
record_data = generate_record_data()
_, record_pid, record = create_record(
record_data, creator, files=uploaded_files
)
with app.test_client() as client:
login_user(creator, client)
headers = [('Accept', 'application/json')]
request_res = client.get(
url_for('b2share_records_rest.b2rec_item',
pid_value=record_pid.pid_value),
headers=headers)
assert request_res.status_code == 200
request_data = json.loads(
request_res.get_data(as_text=True))
assert 'created' in request_data
expected_metadata = build_expected_metadata(
record_data,
PublicationStates.published.name,
owners=[creator.id],
PID=request_data['metadata'].get('ePIC_PID'),
DOI=request_data['metadata'].get('DOI'),
)
assert request_data['metadata'] == expected_metadata
# check that the link to the bucket is correctly generated
expected_bucket_link = url_for_bucket(record.files.bucket)
assert request_data['links']['files'] == expected_bucket_link
# test self link
subtest_self_link(request_data,
request_res.headers,
client)
def test_deposit_modify_published_permissions(app, login_user,
test_communities, test_users):
"""Test deposit edition after its publication.
FIXME: This test should evolve when we allow deposit edition.
"""
with app.app_context():
community_name = 'MyTestCommunity1'
record_data = generate_record_data(community=community_name)
admin = test_users['admin']
creator = create_user('creator')
non_creator = create_user('non-creator')
community = Community.get(name=community_name)
com_member = create_user('com_member', roles=[community.member_role])
com_admin = create_user('com_admin', roles=[community.admin_role])
deposit = create_deposit(record_data, creator)
deposit.submit()
deposit.publish()
def test_edit(status, user=None):
headers = [('Content-Type', 'application/json-patch+json'),
('Accept', 'application/json')]
with app.test_client() as client:
if user is not None:
login_user(user, client)
request_res = client.patch(url_for(
'b2share_deposit_rest.b2dep_item',
pid_value=deposit.pid.pid_value),
data=json.dumps([{
"op":
"replace",
"path":
"/publication_state",
"value":
PublicationStates.draft.name
}]),
headers=headers)
assert request_res.status_code == status
# test with anonymous user
test_edit(401)
test_edit(403, non_creator)
test_edit(403, creator)
test_edit(403, admin)
test_edit(403, com_member)
test_edit(403, com_admin)
def test_community(app, test_communities):
"""Initialize member and admin of a community."""
CommunityRef = namedtuple(
'CommunityRef',
['name', 'id', 'admin_role_id', 'member_role_id', 'admin', 'member'])
with app.app_context():
community_name = 'MyTestCommunity1'
community = CommunityAPI.get(name=community_name)
admin_role_id = community.admin_role.id
member_role_id = community.member_role.id
com_admin = create_user('com_admin', roles=[community.admin_role])
com_member = create_user('com_member', roles=[community.member_role])
db.session.commit()
return CommunityRef(community_name, community.id, admin_role_id,
member_role_id, com_admin, com_member)
def test_unassign_community_roles(app, test_users, test_community, login_user):
with app.app_context():
community = Community.get(id=test_community.id)
com_admin = create_user('test_community_admin',
roles=[community.admin_role])
db.session.commit()
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
with app.app_context():
with app.test_client() as client:
# send the request as global admin
login_user(test_users['admin'], client)
res = client.delete(url_for(
'invenio_accounts_rest.assign_role',
user_id=com_admin.id,
role_id=test_community.admin_role_id,
),
headers=headers)
assert res.status_code == 204
with app.app_context():
user_roles = User.query.get(com_admin.id).roles
assert test_community.admin_role_id \
not in [role.id for role in user_roles]
def test_invalid_get(app, login_user, communities_permissions):
"""Test INVALID community get request (GET .../communities/<id>)."""
with app.app_context():
# create user allowed to GET all records
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).read_permission(True, None)
db.session.commit()
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
unknown_uuid = uuid.uuid4()
# check that GET with non existing id will return 404
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.get(url_for('b2share_communities.communities_item',
community_id=str(unknown_uuid)),
headers=headers)
assert res.status_code == 404
# create community
created_community = Community.create_community(
**community_metadata)
community_id = created_community.id
db.session.commit()
login_user(allowed_user, client)
# check that GET with non accepted format will return 406
headers = [('Accept', 'video/mp4')]
res = client.get(url_for('b2share_communities.communities_item',
community_id=community_id),
headers=headers)
assert res.status_code == 406
def test_valid_delete(app, login_user, communities_permissions):
"""Test VALID community delete request (DELETE .../communities/<id>)."""
with app.app_context():
# create community
created_community = Community.create_community(**community_metadata)
community_id = created_community.id
# create allowed user
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).delete_permission(
True, community_id)
db.session.commit()
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.delete(url_for('b2share_communities.communities_item',
community_id=community_id),
headers=headers)
assert res.status_code == 204
with app.app_context():
# check database state
with pytest.raises(CommunityDeletedError):
Community.get(community_id)
community = Community.get(community_id, with_deleted=True)
assert community.deleted
# check that one community has been created
assert len(CommunityModel.query.all()) == 1
def test_account_read_permission(app, test_users, test_community, login_user):
"""Test permission of listing user accounts."""
with app.app_context():
read_user = create_user('read_user')
url = url_for('invenio_accounts_rest.user', user_id=read_user.id)
db.session.commit()
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def account_read(user, expected_code):
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.get(url, headers=headers)
assert res.status_code == expected_code
# anonymous users can't read accounts
account_read(None, 401)
# authenticated users can't read other users' account
account_read(test_users['normal'], 403)
# community members cannot read other users' account
account_read(test_community.member, 403)
# users can read their own account
account_read(read_user, 200)
# community admins can list all users
account_read(test_community.admin, 200)
# admin is allowed to read all accounts
account_read(test_users['admin'], 200)
def make_record(test_records_data):
creator = create_user('creator')
_, pid, record = create_record(test_records_data[0], creator)
record['_files'] = [{
'bucket':
"15163455-650b-45e5-9b9f-6cf2ef70a08f",
'checksum':
"md5:4653e51dc9b73e020167299ac607e0e1",
'key':
"file1.pptx",
'size':
26289470,
'version_id':
"389fff57-e6d7-4434-9a44-ca17297be22f",
'ePIC_PID':
"http://hdl.handle.net/1234/15163455-650b-45e5-9b9f-6cf2ef70a08f"
}, {
'bucket':
"51163455-650b-45e5-9b9f-6cf2ef70a08f",
'checksum':
"md5:4adfe51dc9b73e020167299ac607e0e1",
'key':
"file2.pptx",
'size':
1,
'version_id':
"698fff57-e6d7-4434-9a44-ca17297be22f",
'ePIC_PID':
"http://hdl.handle.net/1234/51163455-650b-45e5-9b9f-6cf2ef70a08f"
}]
return pid, record
def assign_role(role_id, user=None, expected_status_code=200):
"""Test assigning a role to a user.
Args:
- role_id: id of the role to assign.
- user: user whose identity will be used when assigning the role.
- expected_status_code: expected status code of the request.
"""
with app.app_context():
test_user = create_user('test_user{}'.format(counter[0]))
counter[0] += 1
db.session.commit()
url = url_for(
'invenio_accounts_rest.assign_role',
user_id=test_user.id,
role_id=role_id,
)
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.put(url, headers=headers)
assert res.status_code == expected_status_code
# check that the user roles didn't change
if expected_status_code != 200:
with app.app_context():
user_roles = User.query.get(test_user.id).roles
assert role_id not in [role.id for role in user_roles]
def test_deposit(app, test_communities, login_user, authentication):
"""Test record submission with classic login and access token."""
with app.app_context():
allowed_user = create_user('allowed')
scopes = current_oauth2server.scope_choices()
allowed_token = Token.create_personal('allowed_token',
allowed_user.id,
scopes=[s[0] for s in scopes])
# application authentication token header
allowed_headers = [('Authorization',
'Bearer {}'.format(allowed_token.access_token))]
other_user = create_user('other')
other_token = Token.create_personal('other_token',
other_user.id,
scopes=[s[0] for s in scopes])
# application authentication token header
other_headers = [('Authorization',
'Bearer {}'.format(other_token.access_token))]
community_name = 'MyTestCommunity1'
community = Community.get(name=community_name)
com_admin = create_user('com_admin', roles=[community.admin_role])
com_admin_token = Token.create_personal('com_admin_token',
com_admin.id,
scopes=[s[0] for s in scopes])
# application authentication token header
com_admin_headers = [
('Authorization', 'Bearer {}'.format(com_admin_token.access_token))
]
test_records_data = [
generate_record_data(community=community_name)
for idx in range(1, 3)
]
db.session.commit()
if authentication == 'user/password':
subtest_deposit(app, test_communities, allowed_user, other_user,
com_admin, [], [], [], login_user, test_records_data)
else:
subtest_deposit(app, test_communities, allowed_user, other_user,
com_admin, allowed_headers, other_headers,
com_admin_headers, lambda u, c: 42, test_records_data)
def test_submission_error(app, test_communities, login_user):
with app.app_context():
# FIXME test permissions
with app.test_client() as client:
the_owner = create_user('TheOwner')
db.session.commit()
login_user(the_owner, client)
record_json = make_record_json()
def test_create_access_control(app, login_user, communities_permissions):
"""Test community creation with differnet access rights."""
with app.app_context():
allowed_user = create_user('allowed')
not_allowed_user = create_user('not allowed')
communities_permissions(allowed_user.id).create_permission(True)
db.session.commit()
# test without login
with app.app_context():
with app.test_client() as client:
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.post(url_for('b2share_communities.communities_list'),
data=json.dumps(community_metadata),
headers=headers)
assert res.status_code == 401
assert len(CommunityModel.query.all()) == 0
# test not allowed user
with app.app_context():
with app.test_client() as client:
login_user(not_allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.post(url_for('b2share_communities.communities_list'),
data=json.dumps(community_metadata),
headers=headers)
assert res.status_code == 403
assert len(CommunityModel.query.all()) == 0
# test allowed user
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.post(url_for('b2share_communities.communities_list'),
data=json.dumps(community_metadata),
headers=headers)
assert res.status_code == 201
assert len(CommunityModel.query.all()) == 1
def test_records_type_helpers(app, test_records_data):
"""Test record util functions retrieving the record type."""
with app.app_context():
creator = create_user('creator')
deposit = create_deposit(test_records_data[0], creator)
deposit.submit()
deposit.publish()
_, record = deposit.fetch_published()
assert is_deposit(deposit.model)
assert not is_deposit(record.model)
assert is_publication(record.model)
assert not is_publication(deposit.model)
def test_invalid_put(app, login_user, communities_permissions):
"""Test INVALID community put request (PUT .../communities/<id>)."""
with app.app_context():
# create allowed user
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).update_permission(True, None)
db.session.commit()
with app.test_client() as client:
login_user(allowed_user, client)
unknown_uuid = uuid.uuid4()
# check that PUT with non existing id will return 404
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.put(url_for('b2share_communities.communities_item',
community_id=unknown_uuid),
data=json.dumps(patched_community_metadata),
headers=headers)
assert res.status_code == 404
# create community
created_community = Community.create_community(
**community_metadata)
community_id = created_community.id
db.session.commit()
# check that PUT with non accepted format will return 406
headers = [('Content-Type', 'application/json'),
('Accept', 'video/mp4')]
res = client.put(url_for('b2share_communities.communities_item',
community_id=community_id),
data=json.dumps(patched_community_metadata),
headers=headers)
assert res.status_code == 406
# check that PUT with non-json Content-Type will return 415
headers = [('Content-Type', 'video/mp4'),
('Accept', 'application/json')]
res = client.put(url_for('b2share_communities.communities_item',
community_id=community_id),
data=json.dumps(patched_community_metadata),
headers=headers)
assert res.status_code == 415
# check that PUT with invalid json will return 400
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.put(url_for('b2share_communities.communities_item',
community_id=community_id),
data='{invalid-json',
headers=headers)
assert res.status_code == 400
def test_verify_checksum_in_deposit(app, test_communities, login_user,
test_users):
"""Test uploading and reading deposit files."""
with app.app_context():
creator = create_user('creator')
uploaded_files = {
'myfile1.dat': b'contents1',
'myfile2.dat': b'contents2',
'replaced.dat': b'old_content',
}
test_record_data = generate_record_data()
deposit = create_deposit(test_record_data, creator, uploaded_files)
uploaded_file_name = 'additional.dat'
uploaded_file_content = b'additional content'
headers = [('Accept', '*/*')]
with app.test_client() as client:
login_user(creator, client)
# try uploading a new file
file_url = url_for_file(deposit.files.bucket.id,
uploaded_file_name)
client.put(file_url,
input_stream=BytesIO(uploaded_file_content),
headers=headers)
uploaded_files[uploaded_file_name] = uploaded_file_content
# get file content by its uri
file_instance = deposit.files['replaced.dat'].obj.file
file_reader = urlopen('file://' + file_instance.uri)
content = file_reader.read()
assert content == b'old_content'
# first make it writeable
file_instance.writable = True
file_instance.set_contents(BytesIO(b'test'))
db.session.add(file_instance)
db.session.commit()
# changing the contents this way should be okay
# as the checksum is updated after writing
verify_checksum.apply([str(file_instance.id)])
assert file_instance.last_check
# directly changing the contents at the uri though
# will cause verify_checksum to change the last_check to
# False as the checksum will be different now
with open(file_instance.uri, 'w') as file_writer:
file_writer.write('modified content')
verify_checksum.apply([str(file_instance.id)])
assert not file_instance.last_check
def test_deposit_files(app, test_communities, login_user, test_users):
"""Test uploading and reading deposit files."""
with app.app_context():
admin = test_users['admin']
creator = create_user('creator')
uploaded_files = {
'myfile1.dat': b'contents1',
'myfile2.dat': b'contents2',
'replaced.dat': b'old_content',
}
test_record_data = generate_record_data()
# test with anonymous user
deposit = create_deposit(test_record_data, creator, uploaded_files)
uploaded_file_name = 'additional.dat'
uploaded_file_content = b'additional content'
# Test file upload
headers = [('Accept', '*/*')]
with app.test_client() as client:
login_user(creator, client)
# try uploading a new file
file_url = url_for_file(deposit.files.bucket.id, uploaded_file_name)
file_put_res = client.put(
file_url,
input_stream=BytesIO(uploaded_file_content),
headers=headers
)
uploaded_files[uploaded_file_name] = uploaded_file_content
# try replacing an existing file
file_url = url_for_file(deposit.files.bucket.id, 'replaced.dat')
file_put_res = client.put(
file_url,
input_stream=BytesIO(b'new_content'),
headers=headers
)
uploaded_files['replaced.dat'] = b'new_content'
# try removing a file
file_url2 = url_for_file(deposit.files.bucket.id, 'myfile2.dat')
file_put_res = client.delete(
file_url2,
input_stream=BytesIO(uploaded_file_content),
headers=headers
)
del uploaded_files['myfile2.dat']
# check that the files can be retrieved properly
subtest_file_bucket_content(client, deposit.files.bucket,
uploaded_files)
def test_users_get(app, test_users, login_user):
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def get_user():
req = client.get(url_for('b2share_users.current_user'),
headers=headers)
assert req.status_code == 200
return json.loads(req.get_data(as_text=True))
with app.app_context():
with app.test_client() as client:
# test get info of anonymous user
user_info = get_user()
assert user_info == {}
# test getting info for logged in user
user = test_users['normal']
login_user(user, client)
user_info = get_user()
expected = {
'email': user.email,
'id': user.id,
'name': user.email,
'roles': []
}
assert user_info == expected
with app.app_context():
with app.test_client() as client:
# test getting info for logged in user with roles
some_role = create_role('some_role')
user_with_role = create_user('user_with_role', roles=[some_role])
login_user(user_with_role, client)
user_info = get_user()
expected = {
'email':
user_with_role.email,
'id':
user_with_role.id,
'name':
user_with_role.email,
'roles': [{
'id': some_role.id,
'description': some_role.description,
'name': some_role.name,
}]
}
assert user_info == expected
def test_invalid_delete(app, login_user, communities_permissions):
"""Test INVALID community delete request (DELETE .../communities/<id>)."""
with app.app_context():
# create allowed user
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).delete_permission(True, None)
db.session.commit()
with app.test_client() as client:
login_user(allowed_user, client)
unknown_uuid = uuid.uuid4()
# check that GET with non existing id will return 404
headers = [('Accept', 'application/json')]
res = client.delete(url_for('b2share_communities.communities_item',
community_id=unknown_uuid),
headers=headers)
assert res.status_code == 404
def test_valid_create(app, login_user, communities_permissions):
"""Test VALID community creation request (POST .../communities/)."""
with app.app_context():
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).create_permission(True)
communities_permissions(allowed_user.id).read_permission(True)
db.session.commit()
with app.test_client() as client:
with app.app_context():
login_user(allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.post(url_for('b2share_communities.communities_list',
_external=False),
data=json.dumps(community_metadata),
headers=headers)
assert res.status_code == 201
# check that the returned community matches the given data
response_data = json.loads(res.get_data(as_text=True))
for field, value in community_metadata.items():
assert response_data[field] == value
# check that an internal community returned id and that it contains
# the same data
assert 'id' in response_data.keys()
assert response_data['id'] == str(
Community.get(name=community_metadata['name']).id)
headers = res.headers
community_id = response_data['id']
with app.app_context():
communities_permissions(allowed_user.id).read_permission(
True, community_id)
db.session.commit()
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
# check that the returned self link returns the same data
subtest_self_link(response_data, headers, client)
assert headers['Location'] == response_data['links']['self']
# check that one community has been created
assert len(CommunityModel.query.all()) == 1
def test_create_not_allowed_disabled_access_control(app, login_user,
communities_permissions):
"""Test community creation with ACL disabled and not allowed user."""
with app.app_context():
not_allowed_user = create_user('not allowed')
db.session.commit()
# test not allowed user
with app.app_context():
with app.test_client() as client:
login_user(not_allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.post(url_for('b2share_communities.communities_list'),
data=json.dumps(community_metadata),
headers=headers)
assert res.status_code == 201
assert len(CommunityModel.query.all()) == 1
def test_record_publish_with_external_pids(
app, login_user,
records_data_with_external_pids): #test_users, test_communities
"""Test record external files and handle allocation."""
uploaded_files = {'myfile1.dat': b'contents1', 'myfile2.dat': b'contents2'}
with app.app_context():
app.config.update({'FAKE_EPIC_PID': True})
creator = create_user('creator')
external_pids = records_data_with_external_pids['external_pids']
record_data = generate_record_data(external_pids=external_pids)
_, record_pid, record = create_record(record_data,
creator,
files=uploaded_files)
with app.test_client() as client:
login_user(creator, client)
headers = [('Accept', 'application/json')]
request_res = client.get(url_for('b2share_records_rest.b2rec_item',
pid_value=record_pid.pid_value),
headers=headers)
assert request_res.status_code == 200
record = json.loads(request_res.get_data(as_text=True))
assert len(
record['files']) == len(external_pids) + len(uploaded_files)
for f in record['files']:
assert f['ePIC_PID']
if f['key'] in uploaded_files:
# uploaded (internal) file
assert '0000' in f[
'ePIC_PID'] # freshly allocated fake pid
else:
# external file
assert f['b2safe']
x_pid = [
rec for rec in external_pids if rec['key'] == f['key']
][0]
assert f['ePIC_PID'] == x_pid['ePIC_PID']
def test_valid_put(app, login_user, communities_permissions):
"""Test VALID community put request (PUT .../communities/<id>)."""
with app.app_context():
# create community
created_community = Community.create_community(**community_metadata)
community_id = created_community.id
# create allowed user
allowed_user = create_user('allowed')
communities_permissions(allowed_user.id).update_permission(
True, community_id)
communities_permissions(allowed_user.id).read_permission(
True, community_id)
db.session.commit()
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
res = client.put(url_for('b2share_communities.communities_item',
community_id=community_id),
data=json.dumps(patched_community_metadata),
headers=headers)
assert res.status_code == 200
# check that the returned community matches the given data
response_data = json.loads(res.get_data(as_text=True))
for field, value in patched_community_metadata.items():
assert response_data[field] == value
# check that an internal community returned id and that it contains
# the same data
assert 'id' in response_data.keys()
assert response_data['id'] == str(
Community.get(name=patched_community_metadata['name']).id)
headers = res.headers
with app.app_context():
with app.test_client() as client:
login_user(allowed_user, client)
# check that the returned self link returns the same data
subtest_self_link(response_data, headers, client)
def assign_role(role_id):
with app.app_context():
test_user = create_user('test_user{}'.format(role_id))
url = url_for(
'invenio_accounts_rest.assign_role',
user_id=test_user.id,
role_id=role_id,
)
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
with app.test_client() as client:
# send the request as global admin
login_user(test_users['admin'], client)
res = client.put(url, headers=headers)
assert res.status_code == 200
with app.app_context():
user_roles = User.query.get(test_user.id).roles
assert role_id in [role.id for role in user_roles]
def account_update_sub(patch_content, content_type):
with app.app_context():
test_user = create_user('test_user{}'.format(counter[0]))
counter[0] += 1
url = url_for(
'invenio_accounts_rest.user',
user_id=test_user.id,
)
headers = [('Content-Type', content_type),
('Accept', 'application/json')]
with app.test_client() as client:
# send the request as global admin
login_user(test_users['admin'], client)
res = client.patch(url,
headers=headers,
data=json.dumps(patch_content))
assert res.status_code == expected_code
if expected_code == 200:
request_data = json.loads(res.get_data(as_text=True))
assert request_data[field] == value
def test_account_roles_search_permission(app, test_users, test_community,
login_user):
"""Test permission of listing user accounts."""
with app.app_context():
read_user = create_user('read_user')
url = url_for('invenio_accounts_rest.user_roles_list',
user_id=read_user.id)
db.session.commit()
headers = [('Content-Type', 'application/json'),
('Accept', 'application/json')]
def roles_read(user, expected_code):
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.get(url, headers=headers)
assert res.status_code == expected_code
# anonymous users can't read other users' roles
roles_read(None, 401)
# any authenticated user can read other users' roles
roles_read(test_users['normal'], 200)
def account_update_sub(patch_content, content_type):
with app.app_context():
if modified_user is None:
test_user = create_user('test_user{}'.format(counter[0]))
else:
test_user = modified_user
counter[0] += 1
url = url_for(
'invenio_accounts_rest.user',
user_id=test_user.id,
)
db.session.commit()
headers = [('Content-Type', content_type),
('Accept', 'application/json')]
with app.test_client() as client:
if user is not None:
login_user(user, client)
res = client.patch(url,
headers=headers,
data=json.dumps(patch_content))
assert res.status_code == expected_code
