def put(self, id, **kw):
"""Handler for update item. Should return full info with updates."""
product = db.get_product(id)
vendor_id = product['organization_id']
vendor = db.get_organization(vendor_id)
is_admin = (api_utils.check_user_is_foundation_admin()
or api_utils.check_user_is_vendor_admin(vendor_id))
if not is_admin:
pecan.abort(403, 'Forbidden.')
product_info = {'id': id}
if 'name' in kw:
product_info['name'] = kw['name']
if 'description' in kw:
product_info['description'] = kw['description']
if 'product_ref_id' in kw:
product_info['product_ref_id'] = kw['product_ref_id']
if 'public' in kw:
# user can mark product as public only if
# his/her vendor is public(official)
public = api_utils.str_to_bool(kw['public'])
if (vendor['type'] not in (const.OFFICIAL_VENDOR, const.FOUNDATION)
and public):
pecan.abort(403, 'Forbidden.')
product_info['public'] = public
if 'properties' in kw:
product_info['properties'] = json.dumps(kw['properties'])
db.update_product(product_info)
pecan.response.status = 200
product = db.get_product(id)
product['can_manage'] = True
return product
def test_get_by_org(self, mock_get_user):
"""Test getting products of an organization."""
org1 = db.add_organization({'name': 'test-vendor1'}, 'test-open-id')
org2 = db.add_organization({'name': 'test-vendor2'}, 'test-open-id')
prod_info = {'name': 'product1',
'description': 'product description',
'product_type': 1, 'type': 0,
'organization_id': org1['id'], 'public': True}
prod1 = db.add_product(prod_info, 'test-open-id')
prod_info['name'] = 'product2'
prod_info['organization_id'] = org2['id']
prod2 = db.add_product(prod_info, 'test-open-id')
get_response = self.get_json(self.URL +
'?organization_id=' + org1['id'])
self.assertEqual(1, len(get_response['products']))
self.assertEqual(prod1['id'], get_response['products'][0]['id'])
get_response = self.get_json(self.URL +
'?organization_id=' + org2['id'])
self.assertEqual(1, len(get_response['products']))
self.assertEqual(prod2['id'], get_response['products'][0]['id'])
# Test that non-admin can't view non-public products of an org.
db.update_product({'id': prod1['id'], 'public': False})
mock_get_user.return_value = 'some-user'
get_response = self.get_json(self.URL +
'?organization_id=' + org1['id'])
self.assertFalse(get_response['products'])
def test_get_one(self, mock_get_user):
"""Test get_one request."""
product = json.dumps(FAKE_PRODUCT)
post_response = self.post_json(self.URL, params=product)
get_response = self.get_json(self.URL + post_response.get('id'))
# some of these fields are only exposed to the owner/foundation.
self.assertIn('created_by_user', get_response)
self.assertIn('properties', get_response)
self.assertIn('created_at', get_response)
self.assertIn('updated_at', get_response)
self.assertEqual(FAKE_PRODUCT['name'], get_response['name'])
self.assertEqual(FAKE_PRODUCT['description'],
get_response['description'])
self.assertEqual(api_const.PUBLIC_CLOUD, get_response['type'])
self.assertEqual(api_const.CLOUD, get_response['product_type'])
# reset auth and check return result for anonymous
mock_get_user.return_value = None
self.assertRaises(webtest.app.AppError, self.get_json,
self.URL + post_response.get('id'))
mock_get_user.return_value = 'foo-open-id'
# Make product public.
product_info = {'id': post_response.get('id'), 'public': 1}
db.update_product(product_info)
# Test when getting product info when not owner/foundation.
get_response = self.get_json(self.URL + post_response.get('id'))
self.assertNotIn('created_by_user', get_response)
self.assertNotIn('created_at', get_response)
self.assertNotIn('updated_at', get_response)
def test_get_with_product_id(self, mock_get_user):
user_info = {
'openid': 'test-open-id',
'email': '*****@*****.**',
'fullname': 'Foo Bar'
}
db.user_save(user_info)
mock_get_user.return_value = 'test-open-id'
fake_product = {
'name': 'product name',
'description': 'product description',
'product_type': api_const.CLOUD,
}
product = json.dumps(fake_product)
response = self.post_json('/v1/products/', params=product)
product_id = response['id']
# Create a version.
version_url = '/v1/products/' + product_id + '/versions'
version = {'cpid': '123', 'version': '6.0'}
post_response = self.post_json(version_url, params=json.dumps(version))
version_id = post_response['id']
# Create a test and associate it to the product version and user.
results = json.dumps(FAKE_TESTS_RESULT)
post_response = self.post_json('/v1/results', params=results)
test_id = post_response['test_id']
test_info = {'id': test_id, 'product_version_id': version_id}
db.update_test_result(test_info)
db.save_test_result_meta_item(test_id, api_const.USER, 'test-open-id')
url = self.URL + '?page=1&product_id=' + product_id
# Test GET.
response = self.get_json(url)
self.assertEqual(1, len(response['results']))
self.assertEqual(test_id, response['results'][0]['id'])
# Test unauthorized.
mock_get_user.return_value = 'test-foo-id'
response = self.get_json(url, expect_errors=True)
self.assertEqual(403, response.status_code)
# Make product public.
product_info = {'id': product_id, 'public': 1}
db.update_product(product_info)
# Test result is not shared yet, so no tests should return.
response = self.get_json(url)
self.assertFalse(response['results'])
# Share the test run.
db.save_test_result_meta_item(test_id, api_const.SHARED_TEST_RUN, 1)
response = self.get_json(url)
self.assertEqual(1, len(response['results']))
self.assertEqual(test_id, response['results'][0]['id'])
def test_get_with_product_id(self, mock_get_user):
user_info = {
'openid': 'test-open-id',
'email': '*****@*****.**',
'fullname': 'Foo Bar'
}
db.user_save(user_info)
mock_get_user.return_value = 'test-open-id'
fake_product = {
'name': 'product name',
'description': 'product description',
'product_type': api_const.CLOUD,
}
product = json.dumps(fake_product)
response = self.post_json('/v1/products/', params=product)
product_id = response['id']
# Create a version.
version_url = '/v1/products/' + product_id + '/versions'
version = {'cpid': '123', 'version': '6.0'}
post_response = self.post_json(version_url, params=json.dumps(version))
version_id = post_response['id']
# Create a test and associate it to the product version and user.
results = json.dumps(FAKE_TESTS_RESULT)
post_response = self.post_json('/v1/results', params=results)
test_id = post_response['test_id']
test_info = {'id': test_id, 'product_version_id': version_id}
db.update_test(test_info)
db.save_test_meta_item(test_id, api_const.USER, 'test-open-id')
url = self.URL + '?page=1&product_id=' + product_id
# Test GET.
response = self.get_json(url)
self.assertEqual(1, len(response['results']))
self.assertEqual(test_id, response['results'][0]['id'])
# Test unauthorized.
mock_get_user.return_value = 'test-foo-id'
response = self.get_json(url, expect_errors=True)
self.assertEqual(403, response.status_code)
# Make product public.
product_info = {'id': product_id, 'public': 1}
db.update_product(product_info)
# Test result is not shared yet, so no tests should return.
response = self.get_json(url)
self.assertFalse(response['results'])
# Share the test run.
db.save_test_meta_item(test_id, api_const.SHARED_TEST_RUN, 1)
response = self.get_json(url)
self.assertEqual(1, len(response['results']))
self.assertEqual(test_id, response['results'][0]['id'])
def test_get_one(self, mock_get_user):
"""Test get_one request."""
product = json.dumps(FAKE_PRODUCT)
post_response = self.post_json(self.URL, params=product)
get_response = self.get_json(self.URL + post_response.get('id'))
# some of these fields are only exposed to the owner/foundation.
self.assertIn('created_by_user', get_response)
self.assertIn('properties', get_response)
self.assertIn('created_at', get_response)
self.assertIn('updated_at', get_response)
self.assertEqual(FAKE_PRODUCT['name'],
get_response['name'])
self.assertEqual(FAKE_PRODUCT['description'],
get_response['description'])
self.assertEqual(api_const.PUBLIC_CLOUD,
get_response['type'])
self.assertEqual(api_const.CLOUD,
get_response['product_type'])
# reset auth and check return result for anonymous
mock_get_user.return_value = None
self.assertRaises(webtest.app.AppError,
self.get_json,
self.URL + post_response.get('id'))
mock_get_user.return_value = 'foo-open-id'
# Make product public.
product_info = {'id': post_response.get('id'), 'public': 1}
db.update_product(product_info)
# Test when getting product info when not owner/foundation.
get_response = self.get_json(self.URL + post_response.get('id'))
self.assertNotIn('created_by_user', get_response)
self.assertNotIn('created_at', get_response)
self.assertNotIn('updated_at', get_response)