def setup(self):
self.user = factories.User()
self.dataset = factories.Dataset()
def _before(self):
self.follower = factories.User(name="follower")
self.followee = self._create_dataset("followee")
self.FOLLOWER_CLASS(self.follower["id"], self.followee["id"]).save()
self._create_deleted_models()
def test_user_delete_by_unauthorized_user(self, app):
user = factories.User()
url = url_for("user.delete", id=user["id"])
extra_environ = {"REMOTE_USER": "******"}
app.post(url, status=403, extra_environ=extra_environ)
def test_user_update_with_short_password(self):
user = factories.User()
user['password'] = '******' # This password is too short.
assert_raises(logic.ValidationError, helpers.call_action,
'user_update', **user)
def test_user_id_or_name_exists():
user = factories.User(name="username")
v = validators.user_id_or_name_exists(user["id"], _make_context())
assert v == user["id"]
v = validators.user_id_or_name_exists(user["name"], _make_context())
assert v == user["name"]
def test_get_pending_requests_not_authorized(self):
user = core_factories.User(name='user', id='user')
context = {'model': model, 'user': '******'}
with assert_raises(toolkit.NotAuthorized):
requests = helpers.get_pending_requests(all_fields=True)
def test_get_linked_datasets_for_form_none(self):
user = core_factories.User()
context = {'model': model, 'user': user['name']}
linked_datasets = get_linked_datasets_for_form(context=context,
user_id=user['id'])
assert_equals(linked_datasets, [])
def test_approve_emails(self):
model.repo.rebuild_db()
dataset = factories.Dataset(author='test author')
user = factories.User()
env = {'REMOTE_USER': user['name'].encode('ascii')}
# Should redirect back to dataset page
response = self.app.get(url_for(
controller='ckanext.ands.controller:DatasetDoiController',
action='dataset_doi',
id=dataset['name']),
extra_environ=env)
for field in doi_request_fields:
response.mustcontain(field)
form = response.forms['dataset-doi']
for field in form.fields:
if field != 'save':
form.set(field, 'test')
with patch.object(ckanext.ands.controller,
'mail_recipient') as mock_mail:
response = form.submit('submit', extra_environ=env)
assert_equal(mock_mail.mock_calls, [
call(
'Dataportal support',
config.get('ckanext.ands.support_emails'),
'DataPortal Support: Request to publish dataset',
u'A DOI has been requested\n\nDataset: http://test.ckan.net/dataset/{}\n\n'
u'Paper Title: test\nConference Title: test\nAuthor List: test\nDOI Title: test\n'
u'DOI Description: test\nOptional Message: test'.format(
dataset['name']))
])
# Now approve it
sysadmin = factories.Sysadmin()
env = {'REMOTE_USER': sysadmin['name'].encode('ascii')}
url = url_for(
controller='ckanext.ands.controller:DatasetDoiController',
action='dataset_doi_admin',
id=dataset['name'])
mock_response = Mock(content=json.dumps(
dict(response=dict(responsecode='MT001', doi='testdoi'))))
mock_post = Mock(return_value=mock_response)
with patch.object(requests, 'post', new=mock_post):
with patch.object(ckanext.ands.controller,
'mail_recipient') as mock_mail:
response = self.app.post(url, {'xml': 'test'},
extra_environ=env)
assert_equal(mock_mail.mock_calls, [
call(
u'Mr. Test User', user['email'],
'DataPortal DOI Request approved',
u'A DOI you requested has been approved\n\nDataset: http://test.ckan.net/dataset/{}'
.format(dataset['id']))
])
response = response.follow(extra_environ=env)
# Shouldn't appear as already created
response.mustcontain(no='Approve DOI')
response.mustcontain(no='Request DOI')
response.mustcontain('Cite this as')
def test_group_doesnt_exist(self, app):
user = factories.User()
env = {"REMOTE_USER": six.ensure_str(user["name"])}
url = url_for("group.edit", id="doesnt_exist")
app.get(url=url, extra_environ=env, status=404)
def test_user_factory(self):
user1 = factories.User()
user2 = factories.User()
assert_not_equals(user1['id'], user2['id'])
def test_user_created(self):
created = mock.Mock()
with signals.user_created.connected_to(created):
factories.User()
assert created.call_count == 1
def token():
user = factories.User()
token = ApiToken(user[u"id"])
Session.add(token)
Session.commit()
return token
def test_authed_user_show(self):
fred = factories.User(name="fred")
fred["capacity"] = "editor"
context = {"user": None, "model": model}
assert helpers.call_auth("user_show", context=context, id=fred["id"])
def test_auth_user_show(self):
fred = factories.User(name="fred")
fred["capacity"] = "editor"
context = {"user": None, "model": model}
with pytest.raises(logic.NotAuthorized):
helpers.call_auth("user_show", context=context, id=fred["id"])
def setup_class(cls):
super(TestStatsPlugin, cls).setup_class()
model.repo.rebuild_db()
user = factories.User(name='bob')
org_users = [{'name': user['name'], 'capacity': 'editor'}]
org1 = factories.Organization(name='org1', users=org_users)
group2 = factories.Group()
tag1 = {'name': 'tag1'}
tag2 = {'name': 'tag2'}
factories.Dataset(name='test1',
owner_org=org1['id'],
tags=[tag1],
user=user)
factories.Dataset(name='test2',
owner_org=org1['id'],
groups=[{
'name': group2['name']
}],
tags=[tag1],
user=user)
factories.Dataset(name='test3',
owner_org=org1['id'],
groups=[{
'name': group2['name']
}],
tags=[tag1, tag2],
user=user,
private=True)
factories.Dataset(name='test4', user=user)
# hack revision timestamps to be this date
week1 = datetime.datetime(2011, 1, 5)
for rev in model.Session.query(model.Revision):
rev.timestamp = week1 + datetime.timedelta(seconds=1)
# week 2
rev = model.repo.new_revision()
rev.author = 'bob'
rev.timestamp = datetime.datetime(2011, 1, 12)
model.Package.by_name(u'test2').delete()
model.repo.commit_and_remove()
# week 3
rev = model.repo.new_revision()
rev.author = 'sandra'
rev.timestamp = datetime.datetime(2011, 1, 19)
model.Package.by_name(u'test3').title = 'Test 3'
model.repo.commit_and_remove()
rev = model.repo.new_revision()
rev.author = 'sandra'
rev.timestamp = datetime.datetime(2011, 1, 20)
model.Package.by_name(u'test4').title = 'Test 4'
model.repo.commit_and_remove()
# week 4
rev = model.repo.new_revision()
rev.author = 'bob'
rev.timestamp = datetime.datetime(2011, 1, 26)
model.Package.by_name(u'test3').notes = 'Test 3 notes'
model.repo.commit_and_remove()
def setup(self):
super(TestOrganizationRead, self).setup()
self.app = helpers._get_test_app()
self.user = factories.User()
self.user_env = {'REMOTE_USER': self.user['name'].encode('ascii')}
self.organization = factories.Organization(user=self.user)
def test_get_linked_datasets_for_display_none(self):
user = core_factories.User()
context = {'model': model, 'user': user['name']}
linked_datasets = get_linked_datasets_for_display('', context=context)
assert_equals(linked_datasets, [])
def test_edit_user_as_wrong_user(self, app, user):
user_one = factories.User(password="******")
env = {"Authorization": user["token"]}
app.get(url_for("user.edit", id=user_one["name"]), extra_environ=env, status=403)
def test_get_data_container(self):
user = core_factories.User()
context = {'model': model, 'user': user['name']}
container = factories.DataContainer(title='container1')
result = helpers.get_data_container(container['id'], context=context)
assert_equals(result['title'], container['title'])
def test_user_delete_by_unauthorized_user(self, app, user):
user_one = factories.User()
url = url_for("user.delete", id=user_one["id"])
env = {"Authorization": user["token"]}
app.post(url, extra_environ=env, status=403)
def test_request_data_container_not_allowed_root_parent(self):
user = core_factories.User()
context = _create_context(user)
org_dict = _create_org_dict(user)
assert_raises(toolkit.NotAuthorized, call_auth, 'organization_create',
context, **org_dict)
def test_group_doesnt_exist(self):
app = self._get_test_app()
user = factories.User()
env = {'REMOTE_USER': user['name'].encode('ascii')}
url = url_for('group.edit', id='doesnt_exist')
app.get(url=url, extra_environ=env, status=404)
def test_user_update_with_null_password(self):
user = factories.User()
user['password'] = None
assert_raises(logic.ValidationError, helpers.call_action,
'user_update', **user)
def setup(self):
super(TestGroupDelete, self).setup()
self.app = helpers._get_test_app()
self.user = factories.User()
self.user_env = {'REMOTE_USER': self.user['name'].encode('ascii')}
self.group = factories.Group(user=self.user)
def _before(self):
self.follower = factories.User(name="follower")
self.followee = self._create_group("followee")
self.FOLLOWER_CLASS(self.follower["id"], self.followee["id"]).save()
self._create_deleted_models()
model.repo.commit_and_remove()
def test_search_sql_enforces_private(self):
user1 = factories.User()
user2 = factories.User()
user3 = factories.User()
ctx1 = {u'user': user1['name'], u'ignore_auth': False}
ctx2 = {u'user': user2['name'], u'ignore_auth': False}
ctx3 = {u'user': user3['name'], u'ignore_auth': False}
org1 = factories.Organization(
user=user1,
users=[{u'name': user3['name'], u'capacity': u'member'}])
org2 = factories.Organization(
user=user2,
users=[{u'name': user3['name'], u'capacity': u'member'}])
ds1 = factories.Dataset(owner_org=org1['id'], private=True)
ds2 = factories.Dataset(owner_org=org2['id'], private=True)
r1 = helpers.call_action(
u'datastore_create',
resource={u'package_id': ds1['id']},
fields=[{u'id': u'spam', u'type': u'text'}])
r2 = helpers.call_action(
u'datastore_create',
resource={u'package_id': ds2['id']},
fields=[{u'id': u'ham', u'type': u'text'}])
sql1 = 'SELECT spam FROM "{0}"'.format(r1['resource_id'])
sql2 = 'SELECT ham FROM "{0}"'.format(r2['resource_id'])
sql3 = 'SELECT spam, ham FROM "{0}", "{1}"'.format(
r1['resource_id'], r2['resource_id'])
assert_raises(
p.toolkit.NotAuthorized,
helpers.call_action,
'datastore_search_sql',
context=ctx2,
sql=sql1)
assert_raises(
p.toolkit.NotAuthorized,
helpers.call_action,
'datastore_search_sql',
context=ctx1,
sql=sql2)
assert_raises(
p.toolkit.NotAuthorized,
helpers.call_action,
'datastore_search_sql',
context=ctx1,
sql=sql3)
assert_raises(
p.toolkit.NotAuthorized,
helpers.call_action,
'datastore_search_sql',
context=ctx2,
sql=sql3)
helpers.call_action(
'datastore_search_sql',
context=ctx1,
sql=sql1)
helpers.call_action(
'datastore_search_sql',
context=ctx2,
sql=sql2)
helpers.call_action(
'datastore_search_sql',
context=ctx3,
sql=sql3)
def _get_user_edit_page(app):
user = factories.User()
env = {"REMOTE_USER": six.ensure_str(user["name"])}
response = app.get(url=url_for("user.edit"), extra_environ=env)
return env, response, user
def setup(self):
super(TestOrganizationNew, self).setup()
self.app = helpers._get_test_app()
self.user = factories.User()
self.user_env = {'REMOTE_USER': self.user['name'].encode('ascii')}
self.organization_new_url = url_for('organization.new')
def test_perform_reset_user_password_link_key_incorrect(self, app):
user = factories.User()
url = url_for("user.perform_reset", id=user["id"], key="randomness")
app.get(url, status=403)
def test_token_revoke(self):
user = factories.User()
token = helpers.call_action(
u"api_token_create",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
name="token-name",
)["token"]
token2 = helpers.call_action(
u"api_token_create",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
name="token-name-2",
)["token"]
tokens = helpers.call_action(
u"api_token_list",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
)
assert len(tokens) == 2
helpers.call_action(
u"api_token_revoke",
context={
u"model": model,
u"user": user[u"name"]
},
token=token,
)
tokens = helpers.call_action(
u"api_token_list",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
)
assert len(tokens) == 1
helpers.call_action(
u"api_token_revoke",
context={
u"model": model,
u"user": user[u"name"]
},
jti=api_token.decode(token2)[u"jti"],
)
tokens = helpers.call_action(
u"api_token_list",
context={
u"model": model,
u"user": user[u"name"]
},
user=user[u"name"],
)
assert len(tokens) == 0
