def test_search_permissions(self):
anno = Annotation(text='Foobar', permissions={'read': []})
anno.save()
annotator.es.refresh(timesleep=0.01)
res = Annotation.search()
h.assert_equal(len(res), 1)
res = Annotation.search(_user_id='bob')
h.assert_equal(len(res), 1)
anno = Annotation(text='Foobar', permissions={'read': ['bob']})
anno.save()
annotator.es.refresh(timesleep=0.01)
res = Annotation.search()
h.assert_equal(len(res), 1)
res = Annotation.search(_user_id='alice')
h.assert_equal(len(res), 1)
res = Annotation.search(_user_id='bob')
h.assert_equal(len(res), 2)
def test_search(self):
uri1 = u'http://xyz.com'
uri2 = u'urn:uuid:xxxxx'
user = u'levin'
user2 = u'anna'
anno = Annotation(
uri=uri1,
text=uri1,
user=user,
)
anno2 = Annotation(
uri=uri1,
text=uri1 + uri1,
user=user2,
)
anno3 = Annotation(uri=uri2, text=uri2, user=user)
self.sess.add_all([anno, anno2, anno3])
self.sess.commit()
annoid = anno.id
anno2id = anno2.id
url = self.url('search_annotations')
res = self.app.get(url)
body = json.loads(res.body)
assert body['total'] == 3, body
url = self.url('search_annotations', limit=1)
res = self.app.get(url)
body = json.loads(res.body)
assert body['total'] == 3, body
assert len(body['results']) == 1
url = self.url('search_annotations', uri=uri1, all_fields=1)
res = self.app.get(url)
body = json.loads(res.body)
assert body['total'] == 2, body
out = body['results']
assert len(out) == 2
assert out[0]['uri'] == uri1
assert out[0]['id'] in [annoid, anno2id]
url = self.url('search_annotations', uri=uri1)
res = self.app.get(url)
body = json.loads(res.body)
assert body['results'][0].keys() == ['id'], body['results']
url = self.url('search_annotations', limit=-1)
res = self.app.get(url)
body = json.loads(res.body)
assert len(body['results']) == 3, body
def setup(self):
super(TestStoreAuthz, self).setup()
self.app = annotator.app.test_client()
self.anno_id = '123'
self.permissions = {
'read': ['alice', 'bob'],
'update': ['alice', 'charlie'],
'admin': ['alice']
}
ann = Annotation(id=self.anno_id,
user='******',
text='Foobar',
permissions=self.permissions)
ann.save()
self.consumer = Consumer('test-consumer-key')
save(self.consumer)
self.user = '******'
for u in ['alice', 'bob', 'charlie']:
token = auth.generate_token(self.consumer.key, u)
setattr(self, '%s_headers' % u, auth.headers_for_token(token))
def create_test_annotation(self):
anno = Annotation(uri=u'http://xyz.com',
ranges=[u'1.0 2.0'],
text=u'blah text')
self.sess.add(anno)
self.sess.commit()
anno = anno.as_dict()
return anno
def test_search(self):
uri1 = u'http://xyz.com'
uri2 = u'urn:uuid:xxxxx'
user1 = u'levin'
user2 = u'anna'
anno1 = Annotation(uri=uri1, text=uri1, user=user1)
anno2 = Annotation(uri=uri1, text=uri1 + uri1, user=user2)
anno3 = Annotation(uri=uri2, text=uri2, user=user1)
anno1.save()
anno2.save()
anno3.save()
annotator.es.refresh(timesleep=0.01)
res = Annotation.search()
h.assert_equal(len(res), 3)
# ordering (most recent first)
h.assert_equal(res[0]['text'], uri2)
res = Annotation.count()
h.assert_equal(res, 3)
res = Annotation.search(limit=1)
h.assert_equal(len(res), 1)
res = Annotation.count(limit=1)
h.assert_equal(res, 3)
res = Annotation.search(uri=uri1)
h.assert_equal(len(res), 2)
h.assert_equal(res[0]['uri'], uri1)
h.assert_equal(res[0]['id'], anno2.id)
res = Annotation.search(user=user1)
h.assert_equal(len(res), 2)
h.assert_equal(res[0]['user'], user1)
h.assert_equal(res[0]['id'], anno3.id)
res = Annotation.search(user=user1, uri=uri2)
h.assert_equal(len(res), 1)
h.assert_equal(res[0]['user'], user1)
h.assert_equal(res[0]['id'], anno3.id)
res = Annotation.count(user=user1, uri=uri2)
h.assert_equal(res, 1)
def test_delete(self):
id_ = 1
ann = Annotation(id=id_)
ann.save()
newann = Annotation.fetch(id_)
newann.delete()
noann = Annotation.fetch(id_)
assert noann == None
def setup(self):
self.uri = u'http://xyz.com'
self.ranges = [{'start': 'p 19', 'end': 'div 23'}]
self.tags = [u'abc', u'xyz']
self.anno = Annotation(uri=self.uri,
ranges=self.ranges,
note=u'It is a truth universally acknowledged',
user=u'myuserid',
tags=self.tags,
extras={u'extra1': u'extraval1'})
def test_basics(self):
user = "******"
ann = Annotation(text="Hello there", user=user)
ann['ranges'] = []
ann['ranges'].append({})
ann['ranges'].append({})
ann.save()
ann = Annotation.fetch(ann.id)
h.assert_equal(ann['text'], "Hello there")
h.assert_equal(ann['user'], "alice")
h.assert_equal(len(ann['ranges']), 2)
def test_update_other_users_annotation(self):
ann = Annotation(id=123,
user='******',
permissions={'update': []})
ann.save()
payload = json.dumps({
'id': 123,
'text': 'Foo'
})
response = self.app.put('/api/annotations/123',
data=payload,
content_type='application/json',
headers=self.bob_headers)
assert response.status_code == 200, "response should be 200 OK"
def create_annotation():
# Only registered users can create annotations
if not auth.verify_request(request):
return _failed_auth_response()
if request.json:
annotation = Annotation(_filter_input(request.json))
annotation['consumer'] = request.headers[auth.HEADER_PREFIX +
'consumer-key']
annotation['user'] = request.headers[auth.HEADER_PREFIX + 'user-id']
annotation.save()
return jsonify(annotation)
else:
return jsonify('No JSON payload sent. Annotation not created.',
status=400)
def test_save(self):
a = Annotation(name='bob')
a.save()
h.assert_in('id', a)
def test_authorize_admin_user(self):
ann = Annotation(permissions={'admin': ['bob']})
assert authorize(ann, 'admin', 'bob')
assert not authorize(ann, 'admin', 'alice')
def test_authorize_read_nouser(self):
ann = Annotation()
assert authorize(ann, 'read')
assert authorize(ann, 'read', 'bob')
def test_authorize_delete_user(self):
ann = Annotation(permissions={'delete': ['bob']})
assert authorize(ann, 'delete', 'bob')
assert not authorize(ann, 'delete', 'alice')
def test_authorize_admin_nouser(self):
ann = Annotation()
assert not authorize(ann, 'admin')
assert authorize(ann, 'admin', 'bob')
def test_authorize_delete_nouser(self):
ann = Annotation()
assert not authorize(ann, 'delete')
assert authorize(ann, 'delete', 'bob')
def test_authorize_read_user(self):
ann = Annotation(permissions={'read': ['bob']})
assert authorize(ann, 'read', 'bob')
assert not authorize(ann, 'read', 'alice')
def test_new(self):
a = Annotation()
h.assert_equal('{}', repr(a))
def _create_annotation(self, **kwargs):
ann = Annotation(**kwargs)
ann.save()
return ann
def test_fetch(self):
a = Annotation(foo='bar')
a.save()
b = Annotation.fetch(a.id)
h.assert_equal(b['foo'], 'bar')