def _create_test_data(): user = User(username='******', first_name='Thomas', last_name='Atkins', email='*****@*****.**') user.save() license_ = License(name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.experimentauthor_set.create(order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.experimentauthor_set.create(order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return user, experiment
def _create_test_data(): user = User(username='******', first_name='Thomas', last_name='Atkins', email='*****@*****.**') user.save() license_ = License( name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.experimentauthor_set.create(order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.experimentauthor_set.create(order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return user, experiment
def setUp(self): self.client = Client() # old_user user_old_username = '******' # new_user user_new_username = '******' pwd = 'secret' email = '*****@*****.**' self.user_new = User.objects.create_user(user_new_username, email, pwd) self.user_old = User.objects.create_user(user_old_username, email, pwd) # create group self.group = Group.objects.create(name='test group') # add old user to group self.group.user_set.add(self.user_old) # add user auth user_auth = UserAuthentication(userProfile=UserProfile.objects.get(user=self.user_old), username= self.user_old.username, authenticationMethod='localdb') user_auth.save() # add experiments experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=self.user_old) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(self.user_old.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save()
def testRightsRequireValidOwner(self): # Create test owner without enough details username, email, password = ("testuser", "*****@*****.**", "password") user = User.objects.create_user(username, email, password) # Create test experiment and make user the owner of it experiment = Experiment(title="Text Experiment", institution_name="Test Uni", created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # Create client and login as user client = Client() login = client.login(username=username, password=password) self.assertTrue(login) # Get "Choose Rights" page, and check that we're forbidden rights_url = reverse("tardis.tardis_portal.views.choose_rights", args=[str(experiment.id)]) response = client.get(rights_url) expect(response.status_code).to_equal(403) # Fill in remaining details user.first_name = "Voltaire" # Mononymous persons are just fine user.save() # Get "Choose Rights" page, and check that we're now allowed access response = client.get(rights_url) expect(response.status_code).to_equal(200)
def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save()
def setUp(self): super(MyTardisResourceTestCase, self).setUp() self.username = '******' self.password = '******' self.user = User.objects.create_user(username=self.username, password=self.password) test_auth_service = AuthService() test_auth_service._set_user_from_dict(self.user, user_dict={ 'first_name': 'Testing', 'last_name': 'MyTardis API', 'email': '*****@*****.**' }, auth_method="None") self.user.user_permissions.add( Permission.objects.get(codename='change_dataset')) self.user.user_permissions.add( Permission.objects.get(codename='add_dataset_file')) self.user_profile = UserProfile(user=self.user).save() self.testexp = Experiment(title="test exp") self.testexp.approved = True self.testexp.created_by = self.user self.testexp.locked = False self.testexp.save() testacl = ObjectACL(content_type=self.testexp.get_ct(), object_id=self.testexp.id, pluginId=django_user, entityId=str(self.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) testacl.save()
def setUp(self): super(MyTardisResourceTestCase, self).setUp() self.username = '******' self.password = '******' self.user = User.objects.create_user(username=self.username, password=self.password) test_auth_service = AuthService() test_auth_service._set_user_from_dict( self.user, user_dict={'first_name': 'Testing', 'last_name': 'MyTardis API', 'email': '*****@*****.**'}, auth_method="None") self.user.user_permissions.add( Permission.objects.get(codename='change_dataset')) self.user.user_permissions.add( Permission.objects.get(codename='add_dataset_file')) self.user_profile = UserProfile(user=self.user).save() self.testexp = Experiment(title="test exp") self.testexp.approved = True self.testexp.created_by = self.user self.testexp.locked = False self.testexp.save() testacl = ObjectACL( content_type=self.testexp.get_ct(), object_id=self.testexp.id, pluginId=django_user, entityId=str(self.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) testacl.save()
def _create_test_experiment(user, license_): experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.experimentauthor_set.create( order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.experimentauthor_set.create( order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): # Create test owner without enough details username, email, password = ("testuser", "*****@*****.**", "password") user = User.objects.create_user(username, email, password) # Need UserAuthentication UserAuthentication(userProfile=user.userprofile, username=username, authenticationMethod="localdb").save() # Create staging dir from os import path, makedirs staging_dir = path.join(settings.STAGING_PATH, username) if not path.exists(staging_dir): makedirs(staging_dir) # Ensure that staging dir is set up properly expect(get_full_staging_path(username)).to_be_truthy() # Create test experiment and make user the owner of it experiment = Experiment(title="Text Experiment", institution_name="Test Uni", created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = Dataset(description="dataset description...") self.dataset.save() self.dataset.experiments.add(experiment) self.dataset.save() self.username, self.password = (username, password)
def _get_experiment(self, entry, user): experimentId, title, public_access = \ self._get_experiment_details(entry, user) try: try: param_name = ParameterName.objects.\ get(name=self.PARAM_EXPERIMENT_ID, \ schema=AtomImportSchemas.get_schema(Schema.EXPERIMENT)) parameter = ExperimentParameter.objects.\ get(name=param_name, string_value=experimentId) except ExperimentParameter.DoesNotExist: raise Experiment.DoesNotExist return parameter.parameterset.experiment except Experiment.DoesNotExist: experiment = Experiment(title=title, created_by=user, public_access=public_access) experiment.save() self._create_experiment_id_parameter_set(experiment, experimentId) acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=user.id, canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(filename): testfile = path.join(path.dirname(__file__), 'fixtures', filename) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() base_url = 'file://' + path.abspath(path.dirname(testfile)) location = Location.load_location({ 'name': 'test-grabber', 'url': base_url, 'type': 'external', 'priority': 10, 'transfer_provider': 'local'}) replica = Replica(datafile=datafile, url='file://'+path.abspath(testfile), protocol='file', location=location) replica.verify() replica.save() return Dataset_File.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile('data_grabber_test1.admin'), create_datafile('testfile.txt') ]
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() def create_datafile(index): testfile = path.join(path.dirname(__file__), 'fixtures', 'jeol_sem_test%d.txt' % index) size, sha512sum = get_size_and_sha512sum(testfile) datafile = Dataset_File(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() base_url = 'file://' + path.abspath(path.dirname(testfile)) location = Location.load_location({ 'name': 'test-jeol', 'url': base_url, 'type': 'external', 'priority': 10, 'transfer_provider': 'local' }) replica = Replica(datafile=datafile, url='file://' + path.abspath(testfile), protocol='file', location=location) replica.verify() replica.save() return Dataset_File.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile(i) for i in (1, 2)]
def setUp(self): from os import path, mkdir from tempfile import mkdtemp user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.test_dir = mkdtemp() Location.force_initialize() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.experiment_path = path.join( settings.FILE_STORE_PATH, str(self.dataset.get_first_experiment().id)) self.dataset_path = path.join(self.experiment_path, str(self.dataset.id)) if not path.exists(self.experiment_path): mkdir(self.experiment_path) if not path.exists(self.dataset_path): mkdir(self.dataset_path) # write test file self.filename = 'testfile.txt' self.f1 = open(path.join(self.test_dir, self.filename), 'w') self.f1.write('Test file 1') self.f1.close() self.f1_size = path.getsize(path.join(self.test_dir, self.filename)) self.f1 = open(path.join(self.test_dir, self.filename), 'r')
def add_epn_group_acl(sender, **kwargs): try: par_name = ParameterName.objects.get( name='EPN', schema=Schema.objects.get( namespace='http://www.tardis.edu.au/schemas/as/' 'experiment/2010/09/21')) except (ParameterName.DoesNotExist, Schema.DoesNotExist): return exp_par = kwargs['instance'] if exp_par.name != par_name: return exp = exp_par.parameterset.experiment try: epn = exp_par.string_value # create vbl group acl = ObjectACL.objects.filter( content_type=exp.get_ct(), object_id=exp.id, pluginId='vbl_group', entityId=epn, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) if len(acl) == 0: acl = ObjectACL( content_type=exp.get_ct(), object_id=exp.id, pluginId='vbl_group', entityId=epn, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) acl.save() except Exception: logger.exception('trouble creating EPN ACL') try: beamline_group = "BEAMLINE_MX" group, created = Group.objects.get_or_create(name=beamline_group) # beamline group ObjectACL.objects.get_or_create( content_type=exp.get_ct(), object_id=exp.id, pluginId=django_group, entityId=str(group.id), canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) # finally, always add acl for admin group group, created = Group.objects.get_or_create(name='admin') ObjectACL.objects.get_or_create( content_type=exp.get_ct(), object_id=exp.id, pluginId=django_group, entityId=str(group.id), isOwner=True, canRead=True, aclOwnershipType=ObjectACL.SYSTEM_OWNED) except Exception: logger.exception('trouble creating beamline and admin ACLs')
def setUp(self): from os import path, mkdir from tempfile import mkdtemp user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.test_dir = mkdtemp() Location.force_initialize() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.experiment_path = path.join(settings.FILE_STORE_PATH, str(self.dataset.get_first_experiment().id)) self.dataset_path = path.join(self.experiment_path, str(self.dataset.id)) if not path.exists(self.experiment_path): mkdir(self.experiment_path) if not path.exists(self.dataset_path): mkdir(self.dataset_path) # write test file self.filename = 'testfile.txt' self.f1 = open(path.join(self.test_dir, self.filename), 'w') self.f1.write('Test file 1') self.f1.close() self.f1_size = path.getsize(path.join(self.test_dir, self.filename)) self.f1 = open(path.join(self.test_dir, self.filename), 'r')
def create_draft_publication(user, publication_title, publication_description): # Note: Maybe this logic can be taken from the tardis_portal/views.py? experiment = Experiment(created_by=user, title=publication_title, description=publication_description) experiment.save() ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(user.id), canRead=True, canWrite=False, canDelete=False, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() ObjectACL(content_object=experiment, pluginId=django_group, entityId=str( Group.objects.get_or_create( name=getattr( settings, 'PUBLICATION_OWNER_GROUP', default_settings.PUBLICATION_OWNER_GROUP))[0].id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() publication_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_SCHEMA_ROOT', default_settings.PUBLICATION_SCHEMA_ROOT)) # Attach draft schema draft_publication_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_DRAFT_SCHEMA', default_settings.PUBLICATION_DRAFT_SCHEMA)) ExperimentParameterSet(schema=draft_publication_schema, experiment=experiment).save() # Attach root schema and blank form_state parameter publication_root_schema = Schema.objects.get( namespace=getattr(settings, 'PUBLICATION_SCHEMA_ROOT', default_settings.PUBLICATION_SCHEMA_ROOT)) publication_root_parameter_set = ExperimentParameterSet( schema=publication_schema, experiment=experiment) publication_root_parameter_set.save() form_state_param_name = ParameterName.objects.get( schema=publication_root_schema, name='form_state') ExperimentParameter(name=form_state_param_name, parameterset=publication_root_parameter_set).save() return experiment
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId='django_user', entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description='dataset description...') dataset.save() dataset.experiments.add(experiment) dataset.save() base_path = path.join(path.dirname(__file__), 'fixtures') s_box = StorageBox.get_default_storage(location=base_path) def create_datafile(index): testfile = path.join(base_path, 'middleware_test%d.txt' % index) size, sha512sum = get_size_and_sha512sum(testfile) datafile = DataFile(dataset=dataset, filename=path.basename(testfile), size=size, sha512sum=sha512sum) datafile.save() dfo = DataFileObject( datafile=datafile, storage_box=s_box, uri=path.basename(testfile)) dfo.save() if index != 1: dfo.verified = False dfo.save(update_fields=['verified']) return DataFile.objects.get(pk=datafile.pk) self.dataset = dataset self.datafiles = [create_datafile(i) for i in (1, 2)]
def test_urls_with_some_content(self): # Things that might tend to be in a real live system user = '******' pwd = User.objects.make_random_password() user = User.objects.create(username=user, email='*****@*****.**', first_name="Test", last_name="User") user.set_password(pwd) user.save() experiment = Experiment.objects.create( title="Test Experiment", created_by=user, public_access=Experiment.PUBLIC_ACCESS_FULL) experiment.save() acl = ObjectACL(pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, canWrite=True, canDelete=True, isOwner=True) acl.save() dataset = Dataset(description="test dataset") dataset.save() dataset.experiments.add(experiment) dataset.save() # Test everything works c = Client() c.login(username=user, password=pwd) urls = ['/about/', '/stats/'] urls += ['/experiment/list/%s' % part for part in ('mine', 'shared', 'public')] # urls += ['/experiment/%s/' % part # for part in ('search',)] urls += ['/experiment/view/%d/' % experiment.id] urls += ['/ajax/experiment/%d/%s' % (experiment.id, tabpane) for tabpane in ('description', 'datasets', 'rights')] urls += ['/ajax/datafile_list/%d/' % dataset.id] urls += ['/ajax/dataset_metadata/%d/' % dataset.id] for u in urls: response = c.get(u) ensure(response.status_code, 200, "%s should have returned 200 but returned %d" % (u, response.status_code)) redirect_urls = ['/experiment/list', '/experiment/view/'] for u in redirect_urls: response = c.get(u) expect(response.status_code).to_equal(302)
def create_experiment(request, template_name='tardis_portal/create_experiment.html'): """Create a new experiment view. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param template_name: the path of the template to render :type template_name: string :rtype: :class:`django.http.HttpResponse` """ c = { 'subtitle': 'Create Experiment', 'user_id': request.user.id, } if request.method == 'POST': form = ExperimentForm(request.POST) if form.is_valid(): full_experiment = form.save(commit=False) # group/owner assignment stuff, soon to be replaced experiment = full_experiment['experiment'] experiment.created_by = request.user full_experiment.save_m2m() # add defaul ACL acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(request.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() request.POST = {'status': "Experiment Created."} return HttpResponseSeeAlso( reverse('tardis_portal.view_experiment', args=[str(experiment.id)]) + "#created") c['status'] = "Errors exist in form." c["error"] = 'true' else: form = ExperimentForm(extra=1) c['form'] = form c['default_institution'] = settings.DEFAULT_INSTITUTION return HttpResponse(render_response_index(request, template_name, c))
def create_experiment(request, template_name='tardis_portal/create_experiment.html'): """Create a new experiment view. :param request: a HTTP Request instance :type request: :class:`django.http.HttpRequest` :param template_name: the path of the template to render :type template_name: string :rtype: :class:`django.http.HttpResponse` """ c = { 'subtitle': 'Create Experiment', 'user_id': request.user.id, } if request.method == 'POST': form = ExperimentForm(request.POST) if form.is_valid(): full_experiment = form.save(commit=False) # group/owner assignment stuff, soon to be replaced experiment = full_experiment['experiment'] experiment.created_by = request.user full_experiment.save_m2m() # add defaul ACL acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(request.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() request.POST = {'status': "Experiment Created."} return HttpResponseSeeAlso(reverse('tardis_portal.view_experiment', args=[str(experiment.id)]) + "#created") c['status'] = "Errors exist in form." c["error"] = 'true' else: form = ExperimentForm(extra=1) c['form'] = form c['default_institution'] = settings.DEFAULT_INSTITUTION return HttpResponse(render_response_index(request, template_name, c))
def setUp(self): self.ns = { 'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/' } user, client = _create_user_and_login() license_ = License( name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = { 'code': '010107', 'name': 'Mathematical Logic, Set Theory, Lattices and Universal Algebra', 'uri': 'http://purl.org/asc/1297.0/2008/for/010107' } try: response = client.post(\ reverse('tardis.apps.anzsrc_codes.views.'\ +'list_or_create_for_code', args=[experiment.id]), data=json.dumps(params), content_type='application/json') except: # no internet most likely from nose.plugins.skip import SkipTest raise SkipTest # Check related info was created expect(response.status_code).to_equal(201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def setUp(self): # Load schemas for test from django.core.management import call_command call_command('loaddata', 'as_schemas') self.client = Client() self.experiments = [] try: user = User.objects.get(username='******') except User.DoesNotExist: user = User.objects.create_user('test', '', 'test') user.save() self.userprofile = user.userprofile # base_path = path.abspath(path.dirname(__file__)) experiment = Experiment(title='SAXS Test', created_by=user) experiment.save() acl = ObjectACL(pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, canWrite=True, canDelete=True, isOwner=True) acl.save() self.experiments += [experiment] schema = Schema.objects.get(type=Schema.DATAFILE, subtype='saxs') parameter = ParameterName.objects.get(schema=schema, name='io') parameter.is_searchable = True parameter.save() self.io_param_name = parameter.getUniqueShortName() schema = Schema.objects.get(type=Schema.DATASET, subtype='saxs') parameter = ParameterName.objects.get(schema=schema, name='frqimn') parameter.is_searchable = True parameter.save() self.frqimn_param_name = parameter.getUniqueShortName() new_schema = Schema() new_schema.namespace = 'testschemawithduplicatename' new_schema.save() new_param = ParameterName( schema=new_schema, name='title', full_name='Duplicate title parametername', is_searchable=True) new_param.save()
def create_experiment(i): experiment = Experiment(title="Text Experiment #%d" % i, institution_name="Test Uni", created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() return experiment
def setUp(self): from os import path, mkdir from tempfile import mkdtemp user = "******" pwd = "secret" email = "" self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.test_dir = mkdtemp() self.exp = Experiment(title="test exp1", institution_name="monash", created_by=self.user) self.exp.save() acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = Dataset(description="dataset description...") self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() path_parts = [ settings.FILE_STORE_PATH, "%s-%s" % (quote(self.dataset.description, safe="") or "untitled", self.dataset.id), ] self.dataset_path = path.join(*path_parts) if not path.exists(self.dataset_path): mkdir(self.dataset_path) # write test file self.filename = "testfile.txt" self.f1 = open(path.join(self.test_dir, self.filename), "w") self.f1.write("Test file 1") self.f1.close() self.f1_size = path.getsize(path.join(self.test_dir, self.filename)) self.f1 = open(path.join(self.test_dir, self.filename), "r")
def setUp(self): self.ns = { 'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/' } user, client = _create_user_and_login() license_ = License(name='Creative Commons Attribution-NoDerivs ' '2.5 Australia', url='http://creativecommons.org/licenses/by-nd/' '2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = { 'type': 'website', 'identifier': 'https://www.google.com/', 'title': 'Google', 'notes': 'This is a note.' } response = client.post(\ reverse('tardis.apps.related_info.views.' + 'list_or_create_related_info', args=[experiment.id]), data=json.dumps(params), content_type='application/json') # Check related info was created self.assertEqual(response.status_code, 201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def setUp(self): self.hostname = '127.0.0.1' self.username = '******' self.password = '******' email = '' self.user = User.objects.create_user(self.username, email, self.password) self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL(content_object=self.exp, pluginId='django_user', entityId=str(self.user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) self.acl.save() self.dataset = Dataset(description='test dataset1') self.dataset.save() self.dataset.experiments.set([self.exp]) self.dataset.save() def _build(dataset, filename, url): datafile_content = b"\n".join( [b'some data %d' % i for i in range(1000)]) filesize = len(datafile_content) datafile = DataFile(dataset=dataset, filename=filename, size=filesize) datafile.save() dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.file_object = BytesIO(datafile_content) dfo.save() return datafile saved_setting = settings.REQUIRE_DATAFILE_CHECKSUMS try: settings.REQUIRE_DATAFILE_CHECKSUMS = False _build(self.dataset, 'file.txt', 'path/file.txt') finally: settings.REQUIRE_DATAFILE_CHECKSUMS = saved_setting
def create_experiment(i): experiment = Experiment(title='Text Experiment #%d' % i, institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() return experiment
def setUp(self): """ setting up essential objects, copied from tests above """ user = "******" pwd = "secret" email = "" self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title="test exp1", institution_name="monash", created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description="dataset description...") self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() self.testschema = Schema( namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True ) self.testschema.save() self.dfps = DatafileParameterSet(datafile=self.datafile, schema=self.testschema) self.dfps.save()
def add_experiment_access_group(request, experiment_id, groupname): canRead = request.GET.get('canRead') == 'true' canWrite = request.GET.get('canWrite') == 'true' canDelete = request.GET.get('canDelete') == 'true' isOwner = request.GET.get('isOwner') == 'true' try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return HttpResponse('Experiment (id=%d) does not exist' % (experiment_id)) try: group = Group.objects.get(name=groupname) except Group.DoesNotExist: return HttpResponse('Group %s does not exist' % (groupname)) acl = ObjectACL.objects.filter( content_type=experiment.get_ct(), object_id=experiment.id, pluginId='django_group', entityId=str(group.id), aclOwnershipType=ObjectACL.OWNER_OWNED) if acl.count() > 0: # An ACL already exists for this experiment/group. return HttpResponse('Could not create group %s ' '(It is likely that it already exists)' % (groupname)) acl = ObjectACL(content_object=experiment, pluginId='django_group', entityId=str(group.id), canRead=canRead, canWrite=canWrite, canDelete=canDelete, isOwner=isOwner, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() c = {'group': group, 'group_acl': acl, 'experiment_id': experiment_id} return HttpResponse(render_response_index( request, 'tardis_portal/ajax/add_group_result.html', c))
def setUp(self): self.ns = {'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/'} user, client = _create_user_and_login() license_ = License(name='Creative Commons Attribution-NoDerivs 2.5 Australia', url='http://creativecommons.org/licenses/by-nd/2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = {'code': '010107', 'name': 'Mathematical Logic, Set Theory, Lattices and Universal Algebra', 'uri': 'http://purl.org/asc/1297.0/2008/for/010107'} try: response = client.post(\ reverse('tardis.apps.anzsrc_codes.views.'\ +'list_or_create_for_code', args=[experiment.id]), data=json.dumps(params), content_type='application/json') except: # no internet most likely from nose.plugins.skip import SkipTest raise SkipTest # Check related info was created expect(response.status_code).to_equal(201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def setUp(self): self.ns = {'r': 'http://ands.org.au/standards/rif-cs/registryObjects', 'o': 'http://www.openarchives.org/OAI/2.0/'} user, client = _create_user_and_login() license_ = License(name='Creative Commons Attribution-NoDerivs ' '2.5 Australia', url='http://creativecommons.org/licenses/by-nd/' '2.5/au/', internal_description='CC BY 2.5 AU', allows_distribution=True) license_.save() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=True, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() params = {'type': 'website', 'identifier': 'https://www.google.com/', 'title': 'Google', 'notes': 'This is a note.'} response = client.post(\ reverse('tardis.apps.related_info.views.' + 'list_or_create_related_info', args=[experiment.id]), data=json.dumps(params), content_type='application/json') # Check related info was created self.assertEqual(response.status_code, 201) self.acl = acl self.client = client self.experiment = experiment self.params = params
def generate_experiment(datasets=[], users=[]): from tardis.tardis_portal.models import Experiment, ObjectACL experiment = Experiment(created_by=users[0]) experiment.save() for ds in datasets: ds.experiments.add(experiment) ds.save() for user in users: acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): user, client = _create_user_and_login() experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.save() acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=False, canRead=True, canWrite=False, canDelete=False, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() self.client = client self.experiment = experiment
def setUp(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Need UserAuthentication UserAuthentication(userProfile=profile, username=username, authenticationMethod='localdb').save() # Create staging dir from os import path, makedirs staging_dir = path.join(settings.STAGING_PATH, username) if not path.exists(staging_dir): makedirs(staging_dir) # Ensure that staging dir is set up properly expect(get_full_staging_path(username)).to_be_truthy() Location.force_initialize() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() self.dataset = \ Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(experiment) self.dataset.save() self.username, self.password = (username, password)
def has_perm(self, user_obj, perm, obj=None): ''' main method, calls other methods based on permission type queried ''' if not user_obj.is_authenticated(): allowed_tokens = getattr(user_obj, 'allowed_tokens', []) user_obj = AnonymousUser() user_obj.allowed_tokens = allowed_tokens if obj is None: return False try: perm_label, perm_type = perm.split('.') perm_action, perm_ct = perm_type.split('_') except: return False if perm_label != self.app_label: return False ct = ContentType.objects.get_for_model(obj) if ct.name != perm_ct: return False method_name = '_has_%s_perm' % perm_action # run any custom perms per model, continue if not None # allows complete overriding of standard authorisation, eg for public # experiments model_spec_perm = getattr(obj, method_name, lambda *args, **kwargs: None)(user_obj) if type(model_spec_perm) == bool: return model_spec_perm #get_acls obj_acls = ObjectACL.objects.filter( content_type=ct, object_id=obj.id).filter( self.get_perm_bool(perm_action)).filter( ObjectACL.get_effective_query()) query = Q(pluginId='django_user', entityId=str(user_obj.id)) if user_obj.is_authenticated(): for name, group in user_obj.get_profile().ext_groups: query |= Q(pluginId=name, entityId=str(group)) else: # the only authorisation available for anonymous users is tokenauth tgp = TokenGroupProvider() for name, group in tgp.getGroups(user_obj): query |= Q(pluginId=name, entityId=str(group)) return obj_acls.filter(query).count() > 0
def testRightsRequireValidOwner(self): # Create test owner without enough details username, email, password = ('testuser', '*****@*****.**', 'password') user = User.objects.create_user(username, email, password) profile = UserProfile(user=user, isDjangoAccount=True) profile.save() # Create test experiment and make user the owner of it experiment = Experiment(title='Text Experiment', institution_name='Test Uni', created_by=user) experiment.save() acl = ObjectACL( pluginId=django_user, entityId=str(user.id), content_object=experiment, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() # Create client and login as user client = Client() login = client.login(username=username, password=password) self.assertTrue(login) # Get "Choose Rights" page, and check that we're forbidden rights_url = reverse('tardis.tardis_portal.views.choose_rights', args=[str(experiment.id)]) response = client.get(rights_url) expect(response.status_code).to_equal(403) # Fill in remaining details user.first_name = "Voltaire" # Mononymous persons are just fine user.save() # Get "Choose Rights" page, and check that we're now allowed access response = client.get(rights_url) expect(response.status_code).to_equal(200)
def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.testschema = Schema(namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True) self.testschema.save() self.dfps = DatafileParameterSet(dataset_file=self.dataset_file, schema=self.testschema) self.dfps.save()
def hydrate_m2m(self, bundle): ''' create ACL before any related objects are created in order to use ACL permissions for those objects. ''' if getattr(bundle.obj, 'id', False): experiment = bundle.obj # TODO: unify this with the view function's ACL creation, # maybe through an ACL toolbox. acl = ObjectACL(content_type=experiment.get_ct(), object_id=experiment.id, pluginId=django_user, entityId=str(bundle.request.user.id), canRead=True, canWrite=True, canDelete=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return super(ExperimentResource, self).hydrate_m2m(bundle)
def _create_test_experiment(user, license_): experiment = Experiment(title='Norwegian Blue', description='Parrot + 40kV', created_by=user) experiment.public_access = Experiment.PUBLIC_ACCESS_FULL experiment.license = license_ experiment.save() experiment.author_experiment_set.create( order=0, author="John Cleese", url="http://nla.gov.au/nla.party-1") experiment.author_experiment_set.create( order=1, author="Michael Palin", url="http://nla.gov.au/nla.party-2") acl = ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() return experiment
def setUp(self): """ setting up essential objects, copied from tests above """ Location.force_initialize() self.location = Location.get_location('local') user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = UserProfile(user=self.user).save() self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.dataset_file = Dataset_File(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.dataset_file.save() self.replica = Replica(datafile=self.dataset_file, url="http://foo", location=self.location, verified=False) self.replica.save()
def testCantEditLockedExperiment(self): login = self.client3.login(username=self.user3.username, password='******') self.assertTrue(login) # user3 has acl to write to experiment3 acl = ObjectACL( pluginId=django_user, entityId=str(self.user3.id), content_object=self.experiment3, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() response = self.client3.get('/experiment/edit/%i/' % (self.experiment3.id)) self.assertEqual(response.status_code, 403) response = self.client3.post( '/experiment/edit/%i/' % (self.experiment3.id), { 'anything': True, }) self.assertEqual(response.status_code, 403) acl.delete() self.client3.logout()
def testCantEditLockedExperiment(self): login = self.client3.login(username=self.user3.username, password='******') self.assertTrue(login) # user3 has acl to write to experiment3 acl = ObjectACL( pluginId=django_user, entityId=str(self.user3.id), content_object=self.experiment3, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() response = self.client3.get('/experiment/edit/%i/' % (self.experiment3.id)) self.assertEqual(response.status_code, 403) response = self.client3.post('/experiment/edit/%i/' % (self.experiment3.id), {'anything': True, }) self.assertEqual(response.status_code, 403) acl.delete() self.client3.logout()
def setUp(self): self.hostname = '127.0.0.1' self.username = '******' self.password = '******' email = '' self.user = User.objects.create_user( self.username, email, self.password) self.exp = Experiment( title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( content_object=self.exp, pluginId='django_user', entityId=str(self.user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) self.acl.save() self.dataset = Dataset(description='test dataset1') self.dataset.save() self.dataset.experiments.set([self.exp]) self.dataset.save() def _build(dataset, filename, url): datafile_content = u"\n".join([u'some data %d' % i for i in range(1000)]) filesize = len(datafile_content) datafile = DataFile( dataset=dataset, filename=filename, size=filesize) datafile.save() dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.file_object = StringIO(datafile_content) dfo.save() return datafile saved_setting = settings.REQUIRE_DATAFILE_CHECKSUMS try: settings.REQUIRE_DATAFILE_CHECKSUMS = False df_file = _build(self.dataset, 'file.txt', 'path/file.txt') finally: settings.REQUIRE_DATAFILE_CHECKSUMS = saved_setting
def _create_datafile(): user = User.objects.create_user('testuser', '*****@*****.**', 'pwd') user.save() full_access = Experiment.PUBLIC_ACCESS_FULL experiment = Experiment.objects.create(title="IIIF Test", created_by=user, public_access=full_access) experiment.save() ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() dataset = Dataset() dataset.save() dataset.experiments.add(experiment) dataset.save() # Create new Datafile tempfile = TemporaryUploadedFile('iiif_stored_file', None, None, None) with Image(filename='magick:rose') as img: img.format = 'tiff' img.save(file=tempfile.file) tempfile.file.flush() datafile = DataFile(dataset=dataset, size=os.path.getsize(tempfile.file.name), filename='iiif_named_file', mimetype='image/tiff') compute_md5 = getattr(settings, 'COMPUTE_MD5', True) compute_sha512 = getattr(settings, 'COMPUTE_SHA512', True) checksums = compute_checksums(open(tempfile.file.name, 'r'), compute_md5=compute_md5, compute_sha512=compute_sha512) if compute_md5: datafile.md5sum = checksums['md5sum'] if compute_sha512: datafile.sha512sum = checksums['sha512sum'] datafile.save() datafile.file_object = tempfile return datafile
def _create_datafile(): user = User.objects.create_user('testuser', '*****@*****.**', 'pwd') user.save() UserProfile(user=user).save() Location.force_initialize() full_access = Experiment.PUBLIC_ACCESS_FULL experiment = Experiment.objects.create(title="IIIF Test", created_by=user, public_access=full_access) experiment.save() ObjectACL(content_object=experiment, pluginId='django_user', entityId=str(user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED).save() dataset = Dataset() dataset.save() dataset.experiments.add(experiment) dataset.save() # Create new Datafile tempfile = TemporaryUploadedFile('iiif_stored_file', None, None, None) with Image(filename='magick:rose') as img: img.format = 'tiff' img.save(file=tempfile.file) tempfile.file.flush() datafile = Dataset_File(dataset=dataset, size=os.path.getsize(tempfile.file.name), filename='iiif_named_file') replica = Replica(datafile=datafile, url=write_uploaded_file_to_dataset(dataset, tempfile), location=Location.get_default_location()) replica.verify(allowEmptyChecksums=True) datafile.save() replica.datafile = datafile replica.save() return datafile
def has_perm(self, user_obj, perm, obj=None): ''' main method, calls other methods based on permission type queried ''' if not user_obj.is_authenticated(): allowed_tokens = getattr(user_obj, 'allowed_tokens', []) user_obj = AnonymousUser() user_obj.allowed_tokens = allowed_tokens if obj is None: return False try: perm_label, perm_type = perm.split('.') # the following is necessary because of the ridiculous naming # of 'Dataset_File'...... type_list = perm_type.split('_') perm_action = type_list[0] perm_ct = '_'.join(type_list[1:]) except: return False if perm_label != self.app_label: return False ct = ContentType.objects.get_for_model(obj) if ct.model != perm_ct: return False method_name = '_has_%s_perm' % perm_action # run any custom perms per model, continue if not None # allows complete overriding of standard authorisation, eg for public # experiments model_spec_perm = getattr(obj, method_name, lambda *args, **kwargs: None)(user_obj) if type(model_spec_perm) == bool: return model_spec_perm elif model_spec_perm is not None: # pass auth to a different object, if False try this ACL # works when returned object is parent. # makes it impossible to 'hide' child objects if type(model_spec_perm) not in (list, set, QuerySet): model_spec_perm = [model_spec_perm] for msp in model_spec_perm: new_ct = ContentType.objects.get_for_model(msp) new_perm = '%s.%s_%s' % (perm_label, perm_action, new_ct) if user_obj.has_perm(new_perm, msp): return True #get_acls obj_acls = ObjectACL.objects\ .filter(content_type=ct, object_id=obj.id)\ .filter(self.get_perm_bool(perm_action))\ .filter(ObjectACL.get_effective_query()) query = Q(pluginId='django_user', entityId=str(user_obj.id)) if user_obj.is_authenticated(): for name, group in user_obj.get_profile().ext_groups: query |= Q(pluginId=name, entityId=str(group)) else: # the only authorisation available for anonymous users is tokenauth tgp = TokenGroupProvider() for group in tgp.getGroups(user_obj): query |= Q(pluginId=tgp.name, entityId=str(group)) return obj_acls.filter(query).count() > 0
def add_experiment_access_user(request, experiment_id, username): canRead = False canWrite = False canDelete = False isOwner = False if 'canRead' in request.GET: if request.GET['canRead'] == 'true': canRead = True if 'canWrite' in request.GET: if request.GET['canWrite'] == 'true': canWrite = True if 'canDelete' in request.GET: if request.GET['canDelete'] == 'true': canDelete = True if 'isOwner' in request.GET: if request.GET['isOwner'] == 'true': isOwner = True authMethod = request.GET['authMethod'] user = auth_service.getUser(authMethod, username) if user is None or username == settings.TOKEN_USERNAME: return HttpResponse('User %s does not exist.' % (username)) try: experiment = Experiment.objects.get(pk=experiment_id) except Experiment.DoesNotExist: return HttpResponse('Experiment (id=%d) does not exist.' % (experiment.id)) acl = ObjectACL.objects.filter( content_type=experiment.get_ct(), object_id=experiment.id, pluginId=django_user, entityId=str(user.id), aclOwnershipType=ObjectACL.OWNER_OWNED) if acl.count() == 0: acl = ObjectACL(content_object=experiment, pluginId=django_user, entityId=str(user.id), canRead=canRead, canWrite=canWrite, canDelete=canDelete, isOwner=isOwner, aclOwnershipType=ObjectACL.OWNER_OWNED) acl.save() c = {'authMethod': authMethod, 'user': user, 'user_acl': acl, 'username': username, 'experiment_id': experiment_id} return HttpResponse(render_response_index( request, 'tardis_portal/ajax/add_user_result.html', c)) return HttpResponse('User already has experiment access.')
class SFTPTest(TestCase): def setUp(self): self.hostname = '127.0.0.1' self.username = '******' self.password = '******' email = '' self.user = User.objects.create_user(self.username, email, self.password) self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL(content_object=self.exp, pluginId='django_user', entityId=str(self.user.id), isOwner=True, canRead=True, canWrite=True, canDelete=True, aclOwnershipType=ObjectACL.OWNER_OWNED) self.acl.save() self.dataset = Dataset(description='test dataset1') self.dataset.save() self.dataset.experiments.set([self.exp]) self.dataset.save() def _build(dataset, filename, url): datafile_content = b"\n".join( [b'some data %d' % i for i in range(1000)]) filesize = len(datafile_content) datafile = DataFile(dataset=dataset, filename=filename, size=filesize) datafile.save() dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.file_object = BytesIO(datafile_content) dfo.save() return datafile saved_setting = settings.REQUIRE_DATAFILE_CHECKSUMS try: settings.REQUIRE_DATAFILE_CHECKSUMS = False _build(self.dataset, 'file.txt', 'path/file.txt') finally: settings.REQUIRE_DATAFILE_CHECKSUMS = saved_setting def test_sftp(self): path_mapper = make_mapper(settings.DEFAULT_PATH_MAPPER, rootdir=None) server = flexmock(user=self.user) sftp_interface = MyTSFTPServerInterface(server=server) sftp_interface.session_started() exp_sftp_folders = sftp_interface.list_folder('/home/%s/experiments/' % self.username) exp_sftp_folder_names = sorted( [sftp_folder.filename for sftp_folder in exp_sftp_folders]) exp_folder_names = sorted( [path_mapper(exp) for exp in Experiment.safe.all(self.user)]) self.assertEqual(exp_sftp_folder_names, exp_folder_names) ds_sftp_folders = sftp_interface.list_folder( '/home/%s/experiments/%s/' % (self.username, path_mapper(self.exp))) ds_sftp_folder_names = sorted( [sftp_folder.filename for sftp_folder in ds_sftp_folders]) self.assertEqual( ds_sftp_folder_names, ['00_all_files', path_mapper(self.dataset)]) sftp_files = sftp_interface.list_folder( '/home/%s/experiments/%s/%s/' % (self.username, path_mapper(self.exp), path_mapper(self.dataset))) sftp_filenames = sorted( [sftp_file.filename for sftp_file in sftp_files]) self.assertEqual(sftp_filenames, ['file.txt']) server_interface = MyTServerInterface() self.assertEqual( server_interface.check_auth_password(self.username, self.password), AUTH_SUCCESSFUL) # should fail if user is inactive self.user.is_active = False self.user.save() self.assertEqual( server_interface.check_auth_password(self.username, self.password), AUTH_FAILED) self.user.is_active = True self.user.save() def test_sftp_key_connect(self): server_interface = MyTServerInterface() pub_key_str = ( "AAAAB3NzaC1yc2EAAAADAQABAAAAgQCzvWE391K1pyBvePGpwDWMboSLIp" "5L5sMq+bXPPeJPSLOm9dnm8XexZOpeg14UpsYcmrkzVPeooaqz5PqtaHO46CdK11dS" "cs2a8PLnavGkJRf25/PDXxlHkiZXXbAfW+6t5aVJxSJ4Jt4FV0aDqMaaYxy4ikw6da" "BCkvug2OZQqQ==") priv_key_str = """-----BEGIN RSA PRIVATE KEY----- MIICXgIBAAKBgQCzvWE391K1pyBvePGpwDWMboSLIp5L5sMq+bXPPeJPSLOm9dnm 8XexZOpeg14UpsYcmrkzVPeooaqz5PqtaHO46CdK11dScs2a8PLnavGkJRf25/PD XxlHkiZXXbAfW+6t5aVJxSJ4Jt4FV0aDqMaaYxy4ikw6daBCkvug2OZQqQIDAQAB AoGASpK9XlIQD+wqafWdFpf3368O8QdI9CbnPNJkG3sKhWidmR0R7l6rEX/UOah5 hUn4km+jfWe4ZU/GGmNbmkznDdOWspDKs7eeYl7saeRzuX2CdTVvrdU7qmD5+JLk mXlWWd6rgRIfrFYXYeDVd8p6/kPR4SJe7dTTHuEKKIt9njECQQDhMqjyoNxftpl4 +mwQu0ZDLCZ4afDCGcsf73W3oSmqLyf401vQ6KAp/PmfxqGXY0ewGMzUJn9LFOyP WOGcDFglAkEAzFL/DI3SYmsvLMt6/vK4qwEwSiJU8byUBj3CL3eL0xjn895GXPzb 9CUMu0fz60Tn7UhbohynPLmQ2w6npbZ9NQJBAN+uujGFpl9LuFV6KCzWV4wRJoUk dYfWpvQpnfuvkPsBq+pzxhdTeQM7y5bwbUE509MOTyXKt1WUiwQ3fKDLgiECQQCb Z4zhSYT4ojlRQrqb6pSWS+Mkn5QoAJw9Wv+1BqHsvwa8rxSpaREKUpuqXgGhsdkM 2noHhO+V+jW4xx6vpWr5AkEAgHoSbQUR5uY8ib3N3mNowVi9NhvBN1FkwGStM9W8 QKHf8Ha+rOx3B7Dbljc+Xdpcn9VyRmDlSqzX9aCkr18mNg== -----END RSA PRIVATE KEY-----""" private_key = RSAKey.from_private_key(file_obj=StringIO(priv_key_str)) # Fail if public key not registered self.assertEqual( server_interface.check_auth_publickey(self.username, private_key), AUTH_FAILED) SFTPPublicKey.objects.create(user=self.user, name="TestKey", key_type="ssh-rsa", public_key=pub_key_str) # Succeed if public key is registered self.assertEqual( server_interface.check_auth_publickey(self.username, private_key), AUTH_SUCCESSFUL) # Should fail if user is inactive self.user.is_active = False self.user.save() self.assertEqual( server_interface.check_auth_publickey(self.username, private_key), AUTH_FAILED) self.user.is_active = True self.user.save() @patch('webpack_loader.loader.WebpackLoader.get_bundle') def test_sftp_dynamic_docs_experiment(self, mock_webpack_get_bundle): factory = RequestFactory() request = factory.get( '/sftp_access/?object_type=experiment&object_id=%s' % self.exp.id) request.user = self.user response = sftp_access(request) path_mapper = make_mapper(settings.DEFAULT_PATH_MAPPER, rootdir=None) self.assertIn( b"sftp://tardis_user1@testserver:2200" b"/home/tardis_user1/experiments/%s" % path_mapper(self.exp).encode(), response.content) self.assertNotEqual(mock_webpack_get_bundle.call_count, 0) @patch('webpack_loader.loader.WebpackLoader.get_bundle') def test_sftp_dynamic_docs_dataset(self, mock_webpack_get_bundle): factory = RequestFactory() request = factory.get( '/sftp_access/?object_type=dataset&object_id=%s' % self.dataset.id) request.user = self.user response = sftp_access(request) path_mapper = make_mapper(settings.DEFAULT_PATH_MAPPER, rootdir=None) self.assertIn( b"sftp://tardis_user1@testserver:2200" b"/home/tardis_user1/experiments/%s/%s" % (path_mapper( self.exp).encode(), path_mapper(self.dataset).encode()), response.content) self.assertNotEqual(mock_webpack_get_bundle.call_count, 0) def test_cybderduck_connection_window(self): factory = RequestFactory() request = factory.get('/sftp_access/cyberduck/connection.png') request.user = self.user response = cybderduck_connection_window(request) self.assertEqual(response.status_code, 200)
def test_datafile(self, mock_send_task): def _build(dataset, filename, url=None): datafile = DataFile(dataset=dataset, filename=filename) datafile.save() if url is None: datafile.file_object = StringIO(u'bla') return datafile dfo = DataFileObject( datafile=datafile, storage_box=datafile.get_default_storage_box(), uri=url) dfo.save() # Tests are run with CELERY_ALWAYS_EAGER = True, # so saving a DFO will trigger an immediate attempt # to verify the DFO which will trigger an attempt # to apply filters because we are overriding the # USE_FILTERS setting to True in this test: self.assertNotEqual(mock_send_task.call_count, 0) return datafile exp = Experiment(title='test exp1', institution_name='monash', approved=True, created_by=self.user, public_access=Experiment.PUBLIC_ACCESS_NONE) exp.save() acl = ObjectACL( pluginId='django_user', entityId=str(self.user.id), content_object=exp, canRead=True, canWrite=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) acl.save() dataset = Dataset(description="dataset description...\nwith; issues") dataset.save() dataset.experiments.add(exp) dataset.save() save1 = settings.REQUIRE_DATAFILE_SIZES save2 = settings.REQUIRE_DATAFILE_CHECKSUMS saved_render_image_size_limit = getattr(settings, 'RENDER_IMAGE_SIZE_LIMIT', 0) try: settings.REQUIRE_DATAFILE_SIZES = False settings.REQUIRE_DATAFILE_CHECKSUMS = False df_file = _build(dataset, 'file.txt', 'path/file.txt') first_id = df_file.id self.assertEqual(df_file.filename, 'file.txt') self.assertEqual(df_file.file_objects.all()[0].uri, 'path/file.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id, trailing_slash())) # Test string representation of DataFileObject: dfo = df_file.get_preferred_dfo() self.assertEqual( str(dfo), "Box: %s, URI: %s, verified: %s" % (str(dfo.storage_box), dfo.uri, str(dfo.verified))) # Test constructing absolute file path: self.assertEqual( df_file.get_absolute_filepath(), os.path.join(settings.DEFAULT_STORAGE_BASE_DIR, dfo.uri)) # get_as_temporary_file() doesn't work for a StringIO file object: if not os.path.exists(os.path.dirname(dfo.get_full_path())): os.makedirs(os.path.dirname(dfo.get_full_path())) with open(dfo.get_full_path(), 'w') as file_obj: file_obj.write(u'bla') # Test ability to check out a temporary copy of file: with df_file.get_as_temporary_file() as temp_file_obj: self.assertEqual(temp_file_obj.read().decode(), u'bla') self.assertFalse(df_file.has_image()) # Test checking online status, i.e. whether the DataFile # has at least one verified DataFileObject in a non-tape # storage box: self.assertTrue(df_file.is_online) DataFileObject.objects.get(datafile=df_file).delete() # This behaviour is documented in the is_online property # method's docstring, i.e. is_online is expected to be # True for a DataFile without any DataFileObjects: self.assertTrue(df_file.is_online) # Test method for getting MIME type: self.assertEqual(df_file.get_mimetype(), "text/plain") df_file.mimetype = "" # DataFile's save automatically updates the mimetype, # and we want to test get_mimetype without a mimetype: models.Model.save(df_file) self.assertEqual(df_file.get_mimetype(), "text/plain") df_file.filename = "file.unknown-extension" models.Model.save(df_file) self.assertEqual(df_file.get_mimetype(), "application/octet-stream") # Test method for getting view URL for file types which can # be displayed in the browser. # First test a file of unknown MIME type: self.assertIsNone(df_file.get_view_url()) # Now test for a text/plain file: df_file.filename = "file.txt" df_file.save() self.assertEqual(df_file.mimetype, "text/plain") self.assertEqual(df_file.get_view_url(), "/datafile/view/%s/" % df_file.id) # This setting will prevent files larger than 2 bytes # from being rendered in the browser: settings.RENDER_IMAGE_SIZE_LIMIT = 2 df_file.size = 3 df_file.save() self.assertIsNone(df_file.get_view_url()) df_file = _build(dataset, 'file1.txt', 'path/file1.txt') self.assertEqual(df_file.filename, 'file1.txt') self.assertEqual(df_file.file_objects.all()[0].uri, 'path/file1.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 1, trailing_slash())) df_file = _build(dataset, 'file2.txt', 'path/file2#txt') self.assertEqual(df_file.filename, 'file2.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 2, trailing_slash())) df_file = _build(dataset, 'f.txt', 'http://localhost:8080/filestore/f.txt') self.assertEqual(df_file.filename, 'f.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 3, trailing_slash())) df_file = _build(dataset, 'f-bad-ds.txt') self.assertEqual(df_file.filename, 'f-bad-ds.txt') self.assertEqual(df_file.dataset, dataset) self.assertEqual(df_file.size, None) self.assertEqual( df_file.get_download_url(), '/api/v1/dataset_file/%d/download%s' % (first_id + 4, trailing_slash())) pattern = re.compile('\n|;') self.assertFalse(pattern.search(df_file.file_objects.first().uri)) # check that can't save negative byte sizes with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = True DataFile(dataset=dataset, filename='lessthanempty.txt', size=-1).save() # Now check the 'REQUIRE' config params with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = True settings.REQUIRE_DATAFILE_CHECKSUMS = False DataFile(dataset=dataset, filename='foo.txt', md5sum='bad').save() with self.assertRaises(Exception): settings.REQUIRE_DATAFILE_SIZES = False settings.REQUIRE_DATAFILE_CHECKSUMS = True DataFile(dataset=dataset, filename='foo.txt', size=1).save() finally: settings.REQUIRE_DATAFILE_SIZES = save1 settings.REQUIRE_DATAFILE_CHECKSUMS = save2 settings.RENDER_IMAGE_SIZE_LIMIT = saved_render_image_size_limit
class ContextualViewTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() self.testschema = Schema(namespace="http://test.com/test/schema", name="Test View", type=Schema.DATAFILE, hidden=True) self.testschema.save() self.dfps = DatafileParameterSet(datafile=self.datafile, schema=self.testschema) self.dfps.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.datafile.delete() self.testschema.delete() self.dfps.delete() self.acl.delete() def testDetailsDisplay(self): """ test display of view for an existing schema and no display for an undefined one. """ from tardis.tardis_portal.views import display_datafile_details request = flexmock(user=self.user, groups=[("testgroup", flexmock())]) with self.settings(DATAFILE_VIEWS=[( "http://test.com/test/schema", "/test/url"), ("http://does.not.exist", "/false/url")]): response = display_datafile_details(request, datafile_id=self.datafile.id) self.assertEqual(response.status_code, 200) self.assertTrue("/ajax/parameters/" in response.content) self.assertTrue("/test/url" in response.content) self.assertFalse("/false/url" in response.content)
class ViewTemplateContextsTest(TestCase): def setUp(self): """ setting up essential objects, copied from tests above """ user = '******' pwd = 'secret' email = '' self.user = User.objects.create_user(user, email, pwd) self.userProfile = self.user.userprofile self.exp = Experiment(title='test exp1', institution_name='monash', created_by=self.user) self.exp.save() self.acl = ObjectACL( pluginId=django_user, entityId=str(self.user.id), content_object=self.exp, canRead=True, isOwner=True, aclOwnershipType=ObjectACL.OWNER_OWNED, ) self.acl.save() self.dataset = Dataset(description='dataset description...') self.dataset.save() self.dataset.experiments.add(self.exp) self.dataset.save() self.datafile = DataFile(dataset=self.dataset, size=42, filename="foo", md5sum="junk") self.datafile.save() def tearDown(self): self.user.delete() self.exp.delete() self.dataset.delete() self.datafile.delete() self.acl.delete() def testExperimentView(self): """ test some template context parameters for an experiment view """ from tardis.tardis_portal.views import ExperimentView from django.http import HttpRequest import sys # Default behavior views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] context = { 'organization': ['test', 'test2'], 'default_organization': 'test', 'default_format': 'tar', 'protocol': [['tgz', '/download/experiment/1/tgz/'], ['tar', '/download/experiment/1/tar/']] } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent) context = { 'organization': ['classic', 'test', 'test2'], 'default_organization': 'classic', 'default_format': 'tar', 'protocol': [['tar', '/download/experiment/1/tar/']] } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_experiment.html", _ContextMatcher(context)) view_fn = ExperimentView.as_view() response = view_fn(request, experiment_id=self.exp.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING") def testDatasetView(self): """ test some context parameters for a dataset view """ from tardis.tardis_portal.views import DatasetView from django.http import HttpRequest import sys views_module = flexmock(sys.modules['tardis.tardis_portal.views']) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] context = {'default_organization': 'test', 'default_format': 'tar'} views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) # Behavior with USER_AGENT_SENSING enabled and a request.user_agent saved_setting = getattr(settings, "USER_AGENT_SENSING", None) try: setattr(settings, "USER_AGENT_SENSING", True) request = HttpRequest() request.method = 'GET' request.user = self.user request.groups = [] mock_agent = _MiniMock(os=_MiniMock(family="Macintosh")) setattr(request, 'user_agent', mock_agent) context = { 'default_organization': 'classic', 'default_format': 'tar' } views_module.should_call('render_response_index'). \ with_args(_AnyMatcher(), "tardis_portal/view_dataset.html", _ContextMatcher(context)) view_fn = DatasetView.as_view() response = view_fn(request, dataset_id=self.dataset.id) self.assertEqual(response.status_code, 200) finally: if saved_setting is not None: setattr(settings, "USER_AGENT_SENSING", saved_setting) else: delattr(settings, "USER_AGENT_SENSING")