def prereg_landing_page(**kwargs): """Landing page for the prereg challenge""" auth = kwargs['auth'] = Auth.from_kwargs(request.args.to_dict(), kwargs) is_logged_in = kwargs['auth'].logged_in campaign = request.path.strip('/') or 'prereg' if is_logged_in: registerable_nodes = [ node for node in auth.user.contributor_to if node.has_permission(user=auth.user, permission='admin') ] has_projects = bool(registerable_nodes) has_draft_registrations = bool(utils.drafts_for_user(auth.user, campaign).count()) else: has_projects = False has_draft_registrations = False return { 'is_logged_in': is_logged_in, 'has_draft_registrations': has_draft_registrations, 'has_projects': has_projects, 'campaign_long': utils.PREREG_CAMPAIGNS[campaign], 'campaign_short': campaign }
def after_delete(self, node, user): self.deauthorize(Auth(user=user), log=True, save=True)
def get_current_user_can_comment(self, obj): user = self.context['request'].user auth = Auth(user if not user.is_anonymous else None) return obj.node.can_comment(auth)
def test_creates_child(self, app, user, project, child, url): # test_creates_child_logged_out_user res = app.post_json_api(url, child, expect_errors=True) assert res.status_code == 401 project.reload() assert len(project.nodes) == 0 # test_creates_child_logged_in_read_contributor read_contrib = AuthUserFactory() project.add_contributor(read_contrib, permissions=permissions.READ, auth=Auth(user), save=True) res = app.post_json_api(url, child, auth=read_contrib.auth, expect_errors=True) assert res.status_code == 403 project.reload() assert len(project.nodes) == 0 # test_creates_child_logged_in_non_contributor non_contrib = AuthUserFactory() res = app.post_json_api(url, child, auth=non_contrib.auth, expect_errors=True) assert res.status_code == 403 project.reload() assert len(project.nodes) == 0 # test_creates_child_group_member_read group_mem = AuthUserFactory() group = OSFGroupFactory(creator=group_mem) project.add_osf_group(group, permissions.READ) res = app.post_json_api(url, child, auth=group_mem.auth, expect_errors=True) assert res.status_code == 403 project.update_osf_group(group, permissions.WRITE) res = app.post_json_api(url, child, auth=group_mem.auth, expect_errors=True) assert res.status_code == 201 # test_creates_child_no_type child = { 'data': { 'attributes': { 'title': 'child', 'description': 'this is a child project', 'category': 'project', } } } res = app.post_json_api(url, child, auth=user.auth, expect_errors=True) assert res.status_code == 400 assert res.json['errors'][0]['detail'] == 'This field may not be null.' assert res.json['errors'][0]['source']['pointer'] == '/data/type' # test_creates_child_incorrect_type child = { 'data': { 'type': 'Wrong type.', 'attributes': { 'title': 'child', 'description': 'this is a child project', 'category': 'project', } } } res = app.post_json_api(url, child, auth=user.auth, expect_errors=True) assert res.status_code == 409 assert res.json['errors'][0][ 'detail'] == 'This resource has a type of "nodes", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.' # test_creates_child_properties_not_nested child = { 'data': { 'attributes': { 'title': 'child', 'description': 'this is a child project' }, 'category': 'project' } } res = app.post_json_api(url, child, auth=user.auth, expect_errors=True) assert res.status_code == 400 assert res.json['errors'][0]['detail'] == 'This field may not be null.' assert res.json['errors'][0]['source']['pointer'] == '/data/type' assert res.json['errors'][1]['detail'] == 'This field is required.' assert res.json['errors'][1]['source'][ 'pointer'] == '/data/attributes/category'
def test_write_contrib_cannot_set_primary_file(self): user_two = AuthUserFactory() self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True) new_file = test_utils.create_test_file(self.preprint.node, 'openupthatwindow.pdf') data = { 'data':{ 'type': 'primary_file', 'id': self.preprint._id, 'attributes': {}, 'relationships': { 'primary_file': { 'data': { 'type': 'file', 'id': new_file._id } } } } } res = self.app.patch_json_api(self.url, data, auth=user_two.auth, expect_errors=True) assert_equal(res.status_code, 403)
def get_current_user_can_comment(self, obj): user = self.context['request'].user auth = Auth(user if not user.is_anonymous else None) if isinstance(obj.target, AbstractNode): return obj.target.can_comment(auth) return False
def private_meeting_submission(self, meeting, user): submission = ProjectFactory(title='Submission One', is_public=False) meeting.submissions.add(submission) submission.add_tag('poster', Auth(user)) return submission
def create(self, validated_data): auth = Auth(self.context['request'].user) node = self.context['view'].get_node() addon = self.context['request'].parser_context['kwargs']['provider'] return node.get_or_add_addon(addon, auth=auth)
def _create(cls, target_class, project=None, is_public=False, schema=None, data=None, archive=False, embargo=None, registration_approval=None, retraction=None, *args, **kwargs): user = None if project: user = project.creator user = kwargs.pop( 'user', None) or kwargs.get('creator') or user or UserFactory() kwargs['creator'] = user # Original project to be registered project = project or target_class(*args, **kwargs) if project.has_permission(user, 'admin'): project.add_contributor( contributor=user, permissions=permissions.CREATOR_PERMISSIONS, log=False, save=False) project.save() # Default registration parameters schema = schema or get_default_metaschema() data = data or {'some': 'data'} auth = Auth(user=user) register = lambda: project.register_node( schema=schema, auth=auth, data=data) def add_approval_step(reg): if embargo: reg.embargo = embargo elif registration_approval: reg.registration_approval = registration_approval elif retraction: reg.retraction = retraction else: reg.require_approval(reg.creator) reg.save() reg.sanction.add_authorizer(reg.creator, reg) reg.sanction.save() with patch('framework.celery_tasks.handlers.enqueue_task'): reg = register() add_approval_step(reg) if not archive: with patch.object(reg.archive_job, 'archive_tree_finished', Mock(return_value=True)): archive_job = reg.archive_job archive_job.status = ARCHIVER_SUCCESS archive_job.done = True reg.sanction.state = Sanction.APPROVED reg.sanction.save() if is_public: reg.is_public = True reg.save() return reg
def node_linking_public(self, user_two, node_private, node_public): node_linking_public = NodeFactory(is_public=True, creator=user_two) node_linking_public.add_pointer(node_private, auth=Auth(user_two)) node_linking_public.add_pointer(node_public, auth=Auth(user_two)) return node_linking_public
def node_linking_private(self, user, node_private): node_linking_private = NodeFactory(creator=user) node_linking_private.add_pointer(node_private, auth=Auth(user)) return node_linking_private
def node_contrib(self, user, user_two): node_contrib = NodeFactory(creator=user_two) node_contrib.add_contributor(user, auth=Auth(user_two)) node_contrib.save() return node_contrib
def setUp(self): super(ApiSearchTestCase, self).setUp() self.user = AuthUserFactory() self.user_one = AuthUserFactory(fullname='Kanye Omari West') self.user_one.schools = [{ 'degree': 'English', 'institution': 'Chicago State University' }] self.user_one.jobs = [{ 'title': 'Producer', 'institution': 'GOOD Music, Inc.' }] self.user_one.save() self.user_two = AuthUserFactory(fullname='Chance The Rapper') self.institution = InstitutionFactory(name='Social Experiment') self.user_two.affiliated_institutions.add(self.institution) self.user_two.save() # self.institution.save() self.project = ProjectFactory(title='The Life of Pablo', creator=self.user_one, is_public=True) self.project.set_description('Name one genius who ain\'t crazy', auth=Auth(self.user_one), save=True) self.project.add_tag('Yeezus', auth=Auth(self.user_one), save=True) self.project_two = ProjectFactory(title='Graduation', creator=self.user_one, is_public=True) self.private_project = ProjectFactory(title='Coloring Book', creator=self.user_two) self.component = NodeFactory(parent=self.project, title='Ultralight Beam', creator=self.user_two, is_public=True) self.component.set_description('This is my part, nobody else speak', auth=Auth(self.user_two), save=True) self.component.add_tag('trumpets', auth=Auth(self.user_two), save=True) self.component_two = NodeFactory(parent=self.project, title='Highlights', creator=self.user_one, is_public=True) self.private_component = NodeFactory(parent=self.project, title='Wavves', creator=self.user_one) self.file = utils.create_test_file(self.component, self.user_one, filename='UltralightBeam.mp3') self.file_two = utils.create_test_file(self.component_two, self.user_one, filename='Highlights.mp3') self.private_file = utils.create_test_file(self.private_component, self.user_one, filename='Wavves.mp3')
def test_not_has_permission_not_logged_in(self): with assert_raises(HTTPError) as exc_info: views.check_access(self.node, Auth(), 'download', None) assert_equal(exc_info.exception.code, 401)
def test_not_has_permission_logged_in(self): user2 = AuthUserFactory() with assert_raises(HTTPError) as exc_info: views.check_access(self.node, Auth(user=user2), 'download', None) assert_equal(exc_info.exception.code, 403)
def test_forked_project_no_wiki_pages(self): fork = self.project.fork_node(auth=Auth(self.user)) main() assert_equal(fork.wiki_pages_versions, {}) assert_equal(fork.wiki_pages_current, {})
def _create(cls, target_class, *args, **kwargs): update_task_patcher = mock.patch( 'website.preprints.tasks.on_preprint_updated.si') update_task_patcher.start() finish = kwargs.pop('finish', True) is_published = kwargs.pop('is_published', True) instance = cls._build(target_class, *args, **kwargs) doi = kwargs.pop('doi', None) license_details = kwargs.pop('license_details', None) filename = kwargs.pop('filename', None) or 'preprint_file.txt' subjects = kwargs.pop('subjects', None) or [[SubjectFactory()._id]] instance.node.preprint_article_doi = doi instance.reviews_state = kwargs.pop('reviews_state', 'initial') user = kwargs.pop('creator', None) or instance.node.creator if not instance.node.is_contributor(user): instance.node.add_contributor( contributor=user, permissions=permissions.CREATOR_PERMISSIONS, log=False, save=True) preprint_file = OsfStorageFile.create( node=instance.node, path='/{}'.format(filename), name=filename, materialized_path='/{}'.format(filename)) preprint_file.save() from addons.osfstorage import settings as osfstorage_settings preprint_file.create_version( user, { 'object': '06d80e', 'service': 'cloud', osfstorage_settings.WATERBUTLER_RESOURCE: 'osf', }, { 'size': 1337, 'contentType': 'img/png' }).save() if finish: auth = Auth(user) instance.set_primary_file(preprint_file, auth=auth, save=True) instance.set_subjects(subjects, auth=auth) if license_details: instance.set_preprint_license(license_details, auth=auth) create_task_patcher = mock.patch( 'website.preprints.tasks.get_and_set_preprint_identifiers.si') mock_create_identifier = create_task_patcher.start() if is_published: mock_create_identifier.side_effect = sync_set_identifiers( instance) instance.set_published(is_published, auth=auth) create_task_patcher.stop() if not instance.is_published: instance.node._has_abandoned_preprint = True instance.node.save() instance.save() return instance
def test_bulk_creates_children_child_logged_in_write_contributor(self, app, user, project, child_one, child_two, url): write_contrib = AuthUserFactory() project.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], auth=Auth(user), save=True) res = app.post_json_api(url, {'data': [child_one, child_two]}, auth=write_contrib.auth, bulk=True) assert res.status_code == 201 assert res.json['data'][0]['attributes']['title'] == child_one['attributes']['title'] assert res.json['data'][0]['attributes']['description'] == child_one['attributes']['description'] assert res.json['data'][0]['attributes']['category'] == child_one['attributes']['category'] assert res.json['data'][1]['attributes']['title'] == child_two['attributes']['title'] assert res.json['data'][1]['attributes']['description'] == child_two['attributes']['description'] assert res.json['data'][1]['attributes']['category'] == child_two['attributes']['category'] project.reload() child_id = res.json['data'][0]['id'] child_two_id = res.json['data'][1]['id'] nodes = project.nodes assert child_id == nodes[0]._id assert child_two_id == nodes[1]._id assert AbstractNode.load(child_id).logs.latest().action == NodeLog.PROJECT_CREATED assert nodes[1].logs.latest().action == NodeLog.PROJECT_CREATED
def private_pointer(self, user, private_project, private_pointer_project): return private_project.add_pointer(private_pointer_project, auth=Auth(user), save=True)
def _create(cls, target_class, project=None, is_public=False, schema=None, draft_registration=None, archive=False, embargo=None, registration_approval=None, retraction=None, provider=None, *args, **kwargs): user = None if project: user = project.creator user = kwargs.pop( 'user', None) or kwargs.get('creator') or user or AuthUserFactory() kwargs['creator'] = user provider = provider or models.RegistrationProvider.get_default() # Original project to be registered project = project or target_class(*args, **kwargs) if project.is_admin_contributor(user): project.add_contributor( contributor=user, permissions=permissions.CREATOR_PERMISSIONS, log=False, save=False) project.save() if draft_registration: schema = draft_registration.registration_schema else: schema = schema or get_default_metaschema() # Default registration parameters parent_registration = kwargs.get('parent') if parent_registration: schema = parent_registration.registration_schema draft_registration = parent_registration.draft_registration.get() if not draft_registration: draft_registration = DraftRegistrationFactory( branched_from=project, initator=user, registration_schema=schema, provider=provider, ) auth = Auth(user=user) register = lambda: project.register_node(schema=schema, auth=auth, draft_registration= draft_registration, provider=provider, parent=parent_registration) def add_approval_step(reg): if embargo: reg.embargo = embargo elif registration_approval: reg.registration_approval = registration_approval elif retraction: reg.retraction = retraction else: reg.require_approval(reg.creator) reg.save() reg.sanction.add_authorizer(reg.creator, reg) reg.sanction.save() with patch('framework.celery_tasks.handlers.enqueue_task'): reg = register() add_approval_step(reg) if not archive: with patch.object(reg.archive_job, 'archive_tree_finished', Mock(return_value=True)): archive_job = reg.archive_job archive_job.status = ARCHIVER_SUCCESS archive_job.done = True archive_job.save() reg.sanction.state = Sanction.APPROVED reg.sanction.save() if is_public: reg.is_public = True reg.files_count = reg.registered_from.files.filter( deleted_on__isnull=True).count() draft_registration.registered_node = reg draft_registration.save() reg.save() return reg
def public_pointer(self, user, public_project, public_pointer_project): return public_project.add_pointer(public_pointer_project, auth=Auth(user), save=True)
def test_create_from_node_existing(self, user): node = factories.ProjectFactory(creator=user) member = factories.AuthUserFactory() osf_group = factories.OSFGroupFactory(creator=user) osf_group.make_member(member, auth=Auth(user)) node.add_osf_group(osf_group, ADMIN) write_contrib = factories.AuthUserFactory() subject = factories.SubjectFactory() institution = factories.InstitutionFactory() user.affiliated_institutions.add(institution) title = 'A Study of Elephants' description = 'Loxodonta africana' category = 'Methods and Materials' node.set_title(title, Auth(user)) node.set_description(description, Auth(user)) node.category = category node.add_contributor(write_contrib, permissions=WRITE) GPL3 = NodeLicense.objects.get(license_id='GPL3') NEW_YEAR = '2014' COPYLEFT_HOLDERS = ['Richard Stallman'] node.set_node_license( { 'id': GPL3.license_id, 'year': NEW_YEAR, 'copyrightHolders': COPYLEFT_HOLDERS }, auth=Auth(user), save=True) node.add_tag('savanna', Auth(user)) node.add_tag('taxonomy', Auth(user)) node.set_subjects([[subject._id]], auth=Auth(node.creator)) node.affiliated_institutions.add(institution) node.save() draft = DraftRegistration.create_from_node( node=node, user=user, schema=factories.get_default_metaschema(), ) # Assert existing metadata-like node attributes are copied to the draft assert draft.title == title assert draft.description == description assert draft.category == category assert user in draft.contributors.all() assert write_contrib not in draft.contributors.all() assert member not in draft.contributors.all() assert not draft.has_permission(member, 'read') assert draft.get_permissions(user) == [READ, WRITE, ADMIN] assert draft.get_permissions(write_contrib) == [] assert draft.node_license.license_id == GPL3.license_id assert draft.node_license.name == GPL3.name assert draft.node_license.copyright_holders == COPYLEFT_HOLDERS draft_tags = draft.tags.values_list('name', flat=True) assert 'savanna' in draft_tags assert 'taxonomy' in draft_tags assert subject in draft.subjects.all() assert institution in draft.affiliated_institutions.all() assert draft.branched_from == node
def node_public(self, registration): node_public = NodeFactory(is_public=True) node_public.add_pointer(registration, auth=Auth(node_public.creator)) node_public.save() return node_public
def test_noncontrib_cannot_set_subjects(self): user_two = AuthUserFactory() self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True) assert_not_equal(self.preprint.subjects[0], self.subject._id) update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [[self.subject._id]]}) res = self.app.patch_json_api(self.url, update_subjects_payload, auth=user_two.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_not_equal(self.preprint.subjects[0], self.subject._id)
def private_project(self, user, pointer): private_project = ProjectFactory() private_project.add_contributor(user, permissions=[permissions.READ, permissions.WRITE]) private_project.add_pointer(pointer, auth=Auth(user), save=True) private_project.save() return private_project
def auth(user): return Auth(user)
def pointer_public(self, user, project_public, project_pointer_public): return project_public.add_pointer(project_pointer_public, auth=Auth(user), save=True)
def private_project(self, user, pointer): private_project = ProjectFactory(creator=user) private_project.add_pointer(pointer, auth=Auth(user), save=True) return private_project
def get_can_edit(self, obj): user = self.context['request'].user if user.is_anonymous: return False return obj.user._id == user._id and obj.node.can_comment(Auth(user))
def test_remind_prereg_presend_submitted(self, mock_mail, mock_archive, user, prereg): prereg.register(Auth(user)) prereg.save() mail = self.queue_mail(mail=PREREG_REMINDER, user=user, draft_id=prereg._id) assert not mail.send_mail()
def test_cannot_register_draft_that_has_already_been_registered(self, mock_enqueue, app, user, payload, draft_registration, url_registrations): draft_registration.register(auth=Auth(user), save=True) res = app.post_json_api(url_registrations, payload, auth=user.auth, expect_errors=True) assert res.status_code == 403 assert res.json['errors'][0]['detail'] == 'This draft has already been registered and cannot be modified.'