def setUp(self):
# create an admin user
self.admin_user = users.create_account('*****@*****.**',
username='******',
first_name='Super',
last_name='User',
superuser=True,
groups=[])
# create a test user
self.test_user = users.create_account('*****@*****.**',
username='******',
first_name='Ima',
last_name='Testuser',
superuser=False,
groups=[])
self.new_res = resource.create_resource('GenericResource',
self.admin_user,
'My Test Resource')
# get the user's id
#self.userid = User.objects.get(username=self.user).pk
self.test_group = users.create_group('MyTestGroup',
members=[self.admin_user],
owners=[self.admin_user])
def setUp(self):
# create an admin user
self.admin_user = users.create_account(
'*****@*****.**',
username='******',
first_name='Super',
last_name='User',
superuser=True,
groups=[])
# create a test user
self.test_user = users.create_account(
'*****@*****.**',
username='******',
first_name='Ima',
last_name='Testuser',
superuser=False,
groups=[])
self.new_res = resource.create_resource(
'GenericResource',
self.admin_user,
'My Test Resource'
)
# get the user's id
#self.userid = User.objects.get(username=self.user).pk
self.test_group = users.create_group(
'MyTestGroup',
members=[self.admin_user],
owners=[self.admin_user]
)
def setUp(self):
super(BasicFunction, self).setUp()
global_reset()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.alva = create_account('*****@*****.**',
username='******',
first_name='alva',
last_name='couch',
superuser=False,
groups=[])
self.george = create_account('*****@*****.**',
username='******',
first_name='george',
last_name='miller',
superuser=False,
groups=[])
self.john = create_account('*****@*****.**',
username='******',
first_name='john',
last_name='miller',
superuser=False,
groups=[])
self.admin = create_account('*****@*****.**',
username='******',
first_name='first_name_admin',
last_name='last_name_admin',
superuser=True,
groups=[])
# george creates a resource 'bikes'
self.bikes = create_resource(
resource_type='GenericResource',
owner=self.george,
title='Bikes',
metadata=[],
)
# george creates a group 'bikers'
self.bikers = self.george.uaccess\
.create_group(title='Bikers', description="We are the bikers")
# george creates a group 'harpers'
self.harpers = self.george.uaccess\
.create_group(title='Harpers', description="We are the harpers")
def setUp(self):
super(TestFolderDownloadZip, self).setUp()
self.output_path = "zips/rand/foo.zip"
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.user = create_account(
'*****@*****.**',
username='******',
first_name='Shaun',
last_name='Livingston',
superuser=False,
groups=[]
)
# create files
self.n1 = "test1.txt"
test_file = open(self.n1, 'w')
test_file.write("Test text file in test1.txt")
test_file.close()
test_file = open(self.n1, "r")
self.res = create_resource(resource_type='GenericResource',
owner=self.user,
title='Test Resource',
metadata=[], )
ResourceFile.create_folder(self.res, 'foo')
# add one file to the resource
add_resource_files(self.res.short_id, test_file, folder='foo')
def setUp(self):
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[self.group])
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group(
'MyGroup',
members=[self.user],
owners=[self.user]
)
self.res = hydroshare.create_resource(
'GenericResource',
self.user,
'My Test Resource'
)
def setUp(self):
super(TestAddResourceFiles, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.user = create_account('*****@*****.**',
username='******',
first_name='Shaun',
last_name='Livingston',
superuser=False,
groups=[])
# create files
self.n1 = "test1.txt"
self.n2 = "test2.txt"
self.n3 = "test3.txt"
test_file = open(self.n1, 'w')
test_file.write("Test text file in test1.txt")
test_file.close()
test_file = open(self.n2, 'w')
test_file.write("Test text file in test2.txt")
test_file.close()
test_file = open(self.n3, 'w')
test_file.write("Test text file in test3.txt")
test_file.close()
# open files for read and upload
self.myfile1 = open(self.n1, "r")
self.myfile2 = open(self.n2, "r")
self.myfile3 = open(self.n3, "r")
def setUp(self):
super(TestDeleteResource, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
def setUp(self):
super(TestSetAccessRules, self).setUp()
self.secondUser = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name1',
last_name='some_last_name1',
groups=[],
superuser=False)
self.testGroup = self.user.uaccess.create_group(
title="Test Group", description="Group for testing")
def setUp(self):
super(TestDeleteResource, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
def save(self, *args, **kwargs):
data = self.cleaned_data
return create_account(
email=data['email'],
username=data['username'],
first_name=data['first_name'],
last_name=data['last_name'],
superuser=False,
password=data['password'],
active=False,
)
def setUp(self):
super(TestInternalQuotaUpdateEndpoint, self).setUp()
if settings.IRODS_SERVICE_ACCOUNT_USERNAME:
# create the service account which needs to be authenticated in order to update quota
self.irods_user = users.create_account(
'*****@*****.**',
username=settings.IRODS_SERVICE_ACCOUNT_USERNAME,
password='******',
first_name='irods',
last_name='service',
superuser=False)
def setUp(self):
super(TestInternalQuotaUpdateEndpoint, self).setUp()
if settings.IRODS_SERVICE_ACCOUNT_USERNAME:
# create the service account which needs to be authenticated in order to update quota
self.irods_user = users.create_account(
'*****@*****.**',
username=settings.IRODS_SERVICE_ACCOUNT_USERNAME,
password='******',
first_name='irods',
last_name='service',
superuser=False)
def save(self, *args, **kwargs):
data = self.cleaned_data
return create_account(
email=data["email"],
username=data["username"],
first_name=data["first_name"],
last_name=data["last_name"],
superuser=False,
password=data["password"],
active=False,
)
def save(self, *args, **kwargs):
data = self.cleaned_data
return create_account(
email=data['email'],
username=data['username'],
organization=data['organization'],
first_name=data['first_name'],
last_name=data['last_name'],
superuser=False,
password=data['password'],
active=False,
)
def setUp(self):
super(TestSetAccessRules, self).setUp()
self.secondUser = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name1',
last_name='some_last_name1',
groups=[],
superuser=False)
self.testGroup = self.user.uaccess.create_group(
title="Test Group",
description="Group for testing")
def setUp(self):
super(TestOauthGroup, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.client = Client()
self.user = users.create_account('*****@*****.**',
username='******',
password='******',
first_name='some_first_name1',
last_name='some_last_name1',
groups=[],
superuser=False)
self.user.set_password("abc123")
self.user2 = users.create_account('*****@*****.**',
username='******',
password='******',
first_name='some_first_name2',
last_name='some_last_name2',
groups=[],
superuser=False)
self.user2.set_password("abc123")
self.testGroup1 = self.user.uaccess.create_group(
title="Test Group", description="Group for testing")
def setUp(self):
super(TestHStore, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
self.res = resource.create_resource('GenericResource', self.user,
'My Test Resource')
def setUp(self):
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[self.group])
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group('MyGroup',
members=[self.user],
owners=[self.user])
def setUp(self):
self.hydroshare_author_group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
self.res = resource.create_resource(
'GenericResource',
self.user,
'My Test Resource'
)
def setUp(self):
# create a user
self.user = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group('MytestGroup1',
members=[self.user],
owners=[self.user])
def test_raise_no_exception(self):
# create user - has no assigned resource access privilege
authenticated_user = users.create_account(
'*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
res, authorized, user = authorize(self.request, res_id=self.res.short_id,
needed_permission=ACTION_TO_AUTHORIZE.VIEW_RESOURCE, raises_exception=False)
self.assertEquals(authorized, False)
self.assertEquals(res, self.res)
self.assertEquals(user, authenticated_user)
def setUp(self):
super(TestStorage, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False)
self.rtype = 'CompositeResource'
self.title = 'My Test resource'
self.res = resource.create_resource(self.rtype, self.user, self.title)
self.pid = self.res.short_id
def setUp(self):
self.hostname = socket.gethostname()
self.resource_url = "http://example.com/resource/{res_id}/"
self.maxDiff = None
self.client = APIClient()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False)
self.client.force_authenticate(user=self.user)
self.resources_to_delete = []
def setUp(self):
super(TestAuthorize, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user - resource owner
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
self.res = resource.create_resource(
'GenericResource',
self.user,
'My Test Resource'
)
self.request = RequestFactory().request()
def setUp(self):
self.maxDiff = None
self.client = APIClient()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.email = '*****@*****.**'
self.username = '******'
self.first_name = 'some_first_name'
self.last_name = 'some_last_name'
self.user = users.create_account(self.email,
username=self.username,
first_name=self.first_name,
last_name=self.last_name,
superuser=False)
self.client.force_authenticate(user=self.user)
def setUp(self):
# create a user
self.user = users.create_account(
"*****@*****.**",
username="******",
first_name="some_first_name",
last_name="some_last_name",
superuser=False,
groups=[],
)
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group("MytestGroup", members=[self.user], owners=[self.user])
new_res = resource.create_resource("GenericResource", self.user, "My Test Resource")
self.pid = new_res.short_id
def test_raise_no_exception(self):
# create user - has no assigned resource access privilege
authenticated_user = users.create_account('*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
res, authorized, user = authorize(
self.request,
res_id=self.res.short_id,
needed_permission=ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
raises_exception=False)
self.assertEquals(authorized, False)
self.assertEquals(res, self.res)
self.assertEquals(user, authenticated_user)
def setUp(self):
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group(
'MytestGroup1',
members=[self.user],
owners=[self.user]
)
def setUp(self):
self.maxDiff = None
self.client = APIClient()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.email = '*****@*****.**'
self.username = '******'
self.first_name = 'some_first_name'
self.last_name = 'some_last_name'
self.user = users.create_account(
self.email,
username=self.username,
first_name=self.first_name,
last_name=self.last_name,
superuser=False)
self.client.force_authenticate(user=self.user)
def setUp(self):
# create a user
self.user = users.create_account('*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[])
# get the user's id
self.userid = User.objects.get(username=self.user).pk
self.group = users.create_group('MytestGroup',
members=[self.user],
owners=[self.user])
new_res = resource.create_resource('GenericResource', self.user,
'My Test Resource')
self.pid = new_res.short_id
def setUp(self):
self.hostname = socket.gethostname()
self.resource_url = "http://example.com/resource/{res_id}/"
self.maxDiff = None
self.client = APIClient()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
# create a user
self.user = users.create_account(
'*****@*****.**',
username='******',
password='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False)
self.client.force_authenticate(user=self.user)
self.client.login(username='******', password='******')
self.resources_to_delete = []
self.groups_to_delete = []
def setUp(self):
super(TestFolderDownloadZip, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.user = create_account('*****@*****.**',
username='******',
first_name='Shaun',
last_name='Livingston',
superuser=False,
groups=[])
self.res = create_resource(resource_type='CompositeResource',
owner=self.user,
title='Test Resource',
metadata=[])
ResourceFile.create_folder(self.res, 'foo')
# create files
self.n1 = "test1.txt"
test_file = open(self.n1, 'w')
test_file.write("Test text file in test1.txt")
test_file.close()
self.test_file = open(self.n1, "rb")
add_resource_files(self.res.short_id, self.test_file, folder='foo')
# copy refts file into new file to be added to the resource as an aggregation
reft_data_file = open(
'hs_core/tests/data/multi_sites_formatted_version1.0.refts.json',
'rb')
refts_file = open('multi_sites_formatted_version1.0.refts.json', 'wb')
refts_file.writelines(reft_data_file.readlines())
refts_file.close()
self.refts_file = open('multi_sites_formatted_version1.0.refts.json',
'rb')
add_resource_files(self.res.short_id, self.refts_file)
self.res.create_aggregation_xml_documents()
self.istorage = IrodsStorage()
def setUp(self):
super(TestFolderDownloadZip, self).setUp()
self.group, _ = Group.objects.get_or_create(name='Hydroshare Author')
self.user = create_account(
'*****@*****.**',
username='******',
first_name='Shaun',
last_name='Livingston',
superuser=False,
groups=[]
)
self.res = create_resource(resource_type='CompositeResource',
owner=self.user,
title='Test Resource',
metadata=[])
ResourceFile.create_folder(self.res, 'foo')
# create files
self.n1 = "test1.txt"
test_file = open(self.n1, 'w')
test_file.write("Test text file in test1.txt")
test_file.close()
self.test_file = open(self.n1, "r")
add_resource_files(self.res.short_id, self.test_file, folder='foo')
# copy refts file into new file to be added to the resource as an aggregation
reft_data_file = open('hs_core/tests/data/multi_sites_formatted_version1.0.refts.json', 'r')
refts_file = open('multi_sites_formatted_version1.0.refts.json', 'w')
refts_file.writelines(reft_data_file.readlines())
refts_file.close()
self.refts_file = open('multi_sites_formatted_version1.0.refts.json', 'r')
add_resource_files(self.res.short_id, self.refts_file)
self.res.create_aggregation_xml_documents()
def test_authorize_user(self):
# create user - has no assigned resource access privilege
authenticated_user = users.create_account('*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
common_parameters = [
# authenticated user (with no assigned access permission) has no authorization for editing a
# resource (metadata and content files)
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': False,
'exception': PermissionDenied
},
# authenticated user (with no assigned access permission) has no authorization for
# setting resource flags
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': False,
'exception': PermissionDenied
},
# authenticated user (with no assigned access permission) has no authorization for creating a
# resource version
{
'res_id': self.res.short_id,
'needed_permission':
ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False,
'exception': PermissionDenied
},
# authenticated user (with no assigned access permission) has no authorization for deleting a
# resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': False,
'exception': PermissionDenied
}
]
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
parameters = [
# authenticated user (with no assigned access permission) has no authorization for viewing
# metadata of a private resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': False,
'exception': PermissionDenied
},
# authenticated user (with no assigned access permission) has no authorization for viewing a
# private resource (both metadata and content files
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': False,
'exception': PermissionDenied
}
] + common_parameters
self._run_tests(self.request, parameters)
# test for discoverable resource
self.res.raccess.discoverable = True
self.res.raccess.public = False
self.res.raccess.save()
parameters = [
# authenticated user (with no assigned access permission) has no authorization for resource view
# (metadata and content files) for a discoverable resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': False,
'exception': PermissionDenied
},
# authenticated (with no assigned access permission) user has authorization for resource metadata
# only view for a discoverable resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True,
'exception': None
}
] + common_parameters
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
parameters = [
# authenticated user (with no assigned access permission) has authorization for resource view
# (metadata and content files) for a public or published resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True,
'exception': None
},
# authenticated user (with no assigned access permission)has authorization for resource metadata
# only view for a public or published resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True,
'exception': None
}
] + common_parameters
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
def test_authorize_viewer(self):
# create view_user
view_user = users.create_account(
'*****@*****.**',
username='******',
first_name='view_first_name',
last_name='view_last_name',
superuser=False,
groups=[])
self.request.user = view_user
parameters = [
# resource viewer has authorization for resource metadata view
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True, 'exception': None},
# resource viewer has authorization for resource view (metadata and content files)
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True, 'exception': None},
# resource viewer has no authorization for editing a resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': False, 'exception': PermissionDenied},
# resource viewer has no authorization for changing resource flags
# (e.g., public, published/immutable, shareable etc)
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': False, 'exception': PermissionDenied},
# resource viewer has no authorization for deleting a resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': False, 'exception': PermissionDenied},
# resource viewer has no authorization for creating a resource version
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False, 'exception': PermissionDenied}
]
# grant view_user view permission
self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW)
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
self._run_tests(self.request, parameters)
# test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
def test_authorize_superuser(self):
# create super user
super_user = users.create_account(
'*****@*****.**',
username='******',
first_name='super_first_name',
last_name='super_last_name',
superuser=True,
groups=[])
self.request.user = super_user
common_parameters = [
# super user has authorization for resource metadata view for a resource
# that is private or discoverable or public or published
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True, 'exception': None},
# super user has authorization for resource view (both metadata and content files)for a resource
# that is private or discoverable or public or published
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True, 'exception': None},
# super user has authorization for editing a resource that is private or discoverable or public
# or published
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': True, 'exception': None},
# super user has authorization for deleting a resource that is private or discoverable or public
# or published
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': True, 'exception': None},
# super user has no authorization for creating a resource version
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False, 'exception': PermissionDenied}
]
parameters = [
# super user has authorization for setting resource flags (e.g., public,
# published/immutable, shareable etc) for a private, public or discoverable resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': True, 'exception': None},
] + common_parameters
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
self._run_tests(self.request, parameters)
# test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.res.raccess.discoverable = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
parameters = [
# super user has authorization for setting resource flags (e.g., public,
# published/immutable, shareable etc) for a published resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': True, 'exception': None},
] + common_parameters
self._run_tests(self.request, parameters)
def test_authorize_user(self):
# create user - has no assigned resource access privilege
authenticated_user = users.create_account(
'*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
common_parameters = [
# authenticated user (with no assigned access permission) has no authorization for editing a
# resource (metadata and content files)
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': False, 'exception': PermissionDenied},
# authenticated user (with no assigned access permission) has no authorization for
# setting resource flags
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': False, 'exception': PermissionDenied},
# authenticated user (with no assigned access permission) has no authorization for creating a
# resource version
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False, 'exception': PermissionDenied},
# authenticated user (with no assigned access permission) has no authorization for deleting a
# resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': False, 'exception': PermissionDenied}
]
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
parameters = [
# authenticated user (with no assigned access permission) has no authorization for viewing
# metadata of a private resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': False, 'exception': PermissionDenied},
# authenticated user (with no assigned access permission) has no authorization for viewing a
# private resource (both metadata and content files
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': False, 'exception': PermissionDenied}
] + common_parameters
self._run_tests(self.request, parameters)
# test for discoverable resource
self.res.raccess.discoverable = True
self.res.raccess.public = False
self.res.raccess.save()
parameters = [
# authenticated user (with no assigned access permission) has no authorization for resource view
# (metadata and content files) for a discoverable resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': False, 'exception': PermissionDenied},
# authenticated (with no assigned access permission) user has authorization for resource metadata
# only view for a discoverable resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True, 'exception': None}
] + common_parameters
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
parameters = [
# authenticated user (with no assigned access permission) has authorization for resource view
# (metadata and content files) for a public or published resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True, 'exception': None},
# authenticated user (with no assigned access permission)has authorization for resource metadata
# only view for a public or published resource
{'res_id': self.res.short_id, 'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True, 'exception': None}
] + common_parameters
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
def test_default_parameters(self):
# default permission is view
# >> test private resource
self.assertFalse(self.res.raccess.public)
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
super_user = users.create_account(
'*****@*****.**',
username='******',
first_name='super_first_name',
last_name='super_last_name',
superuser=True,
groups=[])
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
edit_user = users.create_account(
'*****@*****.**',
username='******',
first_name='edit_first_name',
last_name='edit_last_name',
superuser=False,
groups=[])
self.request.user = edit_user
# grant edit_user edit permission
self.user.uaccess.share_resource_with_user(self.res, edit_user, PrivilegeCodes.CHANGE)
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
view_user = users.create_account(
'*****@*****.**',
username='******',
first_name='view_first_name',
last_name='view_last_name',
superuser=False,
groups=[])
self.request.user = view_user
# grant view_user view permission
self.user.uaccess.share_resource_with_user(self.res, view_user, PrivilegeCodes.VIEW)
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user with no granted permission
authenticated_user = users.create_account(
'*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# test anonymous user
self.request.user = AnonymousUser()
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# >> test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.res.raccess.discoverable = True
self.res.raccess.public = False
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# test anonymous user
self.request.user = AnonymousUser()
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# >> test for public resource
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test anonymous user
self.request.user = AnonymousUser()
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# >> test for published resource
self.assertFalse(self.res.raccess.published)
self.res.raccess.published = False
self.res.raccess.immutable = True
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test anonymous user
self.request.user = AnonymousUser()
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
def test_get_resources_by_type(self):
# This tests the ability to filter resources by type
# Note: print statements are for debugging assertion failures only
print '**********************\n' * 5
print '******* STDOUT *******'
print '**********************\n' * 5
group, _ = Group.objects.get_or_create(name='Hydroshare Author')
print 'Created Group : '+str(group)
# create a user
user = users.create_account(
'*****@*****.**',
username='******',
first_name='some_first_name',
last_name='some_last_name',
superuser=False,
groups=[group])
# get the user's id
userid = User.objects.get(username=user).pk
print 'UserID : '+ str(userid)
group = users.create_group('MyGroup',members=[user],owners=[user])
print 'Assigned User To Group'
# create a generic resource
new_res = resource.create_resource(
'GenericResource',user,'My Test GenericResource Resource')
pid = new_res.short_id
print 'Created GenericResource, PID : '+str(pid)
# create a raster resource
new_res = resource.create_resource(
'RefTimeSeries',user,'My Test RefTimeSeries Resource')
pid = new_res.short_id
print 'Created RefTimeSeries 1, PID : '+str(pid)
# create a raster resource
new_res = resource.create_resource(
'RefTimeSeries',user,'My Test RefTimeSeries Resource2')
pid = new_res.short_id
print 'Created RefTimeSeries 2, PID : '+str(pid)
# create a rhyssys resource
new_res = resource.create_resource(
'InstResource',user,'My Test InstResource Resource')
pid = new_res.short_id
print 'Created InstResource, PID : '+str(pid)
res_types_all = hydroshare.get_resource_list(user=user)
print '\nQuery All Resources: '
print 'Resource Type \t:\t Number of Resources Found'
print '------------- \t:\t -------------------------'
for k,v in res_types_all.iteritems():
print k.__name__+ '\t:\t '+ str(len(res_types_all[k]))
res_names = [r.__name__ for r in res_types_all]
self.assertTrue('GenericResource' in res_names)
self.assertTrue('RefTimeSeries' in res_names)
self.assertTrue('InstResource' in res_names)
res_types_one = hydroshare.get_resource_list(
user=user,types=['GenericResource'])
print '\nQuery One Resource: '
print 'Resource Type \t:\t Number of Resources Found'
print '------------- \t:\t -------------------------'
for k,v in res_types_one.iteritems():
print k.__name__+ '\t:\t '+ str(len(res_types_one[k]))
res_names = [r.__name__ for r in res_types_one]
self.assertTrue('GenericResource' in res_names)
self.assertTrue('RefTimeSeries' not in res_names)
self.assertTrue('InstResource' not in res_names)
res_types_multiple = hydroshare.get_resource_list(
user=user,types=['GenericResource','RefTimeSeries'])
print '\nQuery Multiple Resources: '
print 'Resource Type \t:\t Number of Resources Found'
print '------------- \t:\t -------------------------'
for k,v in res_types_multiple.iteritems():
print k.__name__+ '\t:\t '+ str(len(res_types_multiple[k]))
res_names = [r.__name__ for r in res_types_multiple]
self.assertTrue('GenericResource' in res_names)
self.assertTrue('RefTimeSeries' in res_names)
self.assertTrue('InstResource' not in res_names)
# delete the resource
resource.delete_resource(pid)
def test_authorize_viewer(self):
# create view_user
view_user = users.create_account('*****@*****.**',
username='******',
first_name='view_first_name',
last_name='view_last_name',
superuser=False,
groups=[])
self.request.user = view_user
parameters = [
# resource viewer has authorization for resource metadata view
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True,
'exception': None
},
# resource viewer has authorization for resource view (metadata and content files)
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True,
'exception': None
},
# resource viewer has no authorization for editing a resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': False,
'exception': PermissionDenied
},
# resource viewer has no authorization for changing resource flags
# (e.g., public, published/immutable, shareable etc)
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': False,
'exception': PermissionDenied
},
# resource viewer has no authorization for deleting a resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': False,
'exception': PermissionDenied
},
# resource viewer has no authorization for creating a resource version
{
'res_id': self.res.short_id,
'needed_permission':
ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False,
'exception': PermissionDenied
}
]
# grant view_user view permission
self.user.uaccess.share_resource_with_user(self.res, view_user,
PrivilegeCodes.VIEW)
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
self._run_tests(self.request, parameters)
# test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
def test_authorize_superuser(self):
# create super user
super_user = users.create_account('*****@*****.**',
username='******',
first_name='super_first_name',
last_name='super_last_name',
superuser=True,
groups=[])
self.request.user = super_user
common_parameters = [
# super user has authorization for resource metadata view for a resource
# that is private or discoverable or public or published
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_METADATA,
'success': True,
'exception': None
},
# super user has authorization for resource view (both metadata and content files)for a resource
# that is private or discoverable or public or published
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.VIEW_RESOURCE,
'success': True,
'exception': None
},
# super user has authorization for editing a resource that is private or discoverable or public
# or published
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.EDIT_RESOURCE,
'success': True,
'exception': None
},
# super user has authorization for deleting a resource that is private or discoverable or public
# or published
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.DELETE_RESOURCE,
'success': True,
'exception': None
},
# super user has no authorization for creating a resource version
{
'res_id': self.res.short_id,
'needed_permission':
ACTION_TO_AUTHORIZE.CREATE_RESOURCE_VERSION,
'success': False,
'exception': PermissionDenied
}
]
parameters = [
# super user has authorization for setting resource flags (e.g., public,
# published/immutable, shareable etc) for a private, public or discoverable resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': True,
'exception': None
},
] + common_parameters
# test for private resource
self.assertFalse(self.res.raccess.public)
self.assertFalse(self.res.raccess.discoverable)
self._run_tests(self.request, parameters)
# test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.res.raccess.discoverable = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for public resource
self.assertTrue(self.res.raccess.discoverable)
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
self._run_tests(self.request, parameters)
# test for immutable/published resource
self.assertFalse(self.res.raccess.immutable)
self.assertFalse(self.res.raccess.published)
self.assertTrue(self.res.raccess.public)
self.res.raccess.immutable = True
self.res.raccess.published = True
self.res.raccess.save()
parameters = [
# super user has authorization for setting resource flags (e.g., public,
# published/immutable, shareable etc) for a published resource
{
'res_id': self.res.short_id,
'needed_permission': ACTION_TO_AUTHORIZE.SET_RESOURCE_FLAG,
'success': True,
'exception': None
},
] + common_parameters
self._run_tests(self.request, parameters)
def test_default_parameters(self):
# default permission is view
# >> test private resource
self.assertFalse(self.res.raccess.public)
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
super_user = users.create_account('*****@*****.**',
username='******',
first_name='super_first_name',
last_name='super_last_name',
superuser=True,
groups=[])
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
edit_user = users.create_account('*****@*****.**',
username='******',
first_name='edit_first_name',
last_name='edit_last_name',
superuser=False,
groups=[])
self.request.user = edit_user
# grant edit_user edit permission
self.user.uaccess.share_resource_with_user(self.res, edit_user,
PrivilegeCodes.CHANGE)
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
view_user = users.create_account('*****@*****.**',
username='******',
first_name='view_first_name',
last_name='view_last_name',
superuser=False,
groups=[])
self.request.user = view_user
# grant view_user view permission
self.user.uaccess.share_resource_with_user(self.res, view_user,
PrivilegeCodes.VIEW)
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user with no granted permission
authenticated_user = users.create_account('*****@*****.**',
username='******',
first_name='user_first_name',
last_name='user_last_name',
superuser=False,
groups=[])
self.request.user = authenticated_user
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# test anonymous user
self.request.user = AnonymousUser()
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# >> test for discoverable resource
self.assertFalse(self.res.raccess.discoverable)
self.res.raccess.discoverable = True
self.res.raccess.public = False
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# test anonymous user
self.request.user = AnonymousUser()
with self.assertRaises(PermissionDenied):
authorize(self.request, res_id=self.res.short_id)
# >> test for public resource
self.assertFalse(self.res.raccess.public)
self.res.raccess.discoverable = False
self.res.raccess.public = True
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test anonymous user
self.request.user = AnonymousUser()
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# >> test for published resource
self.assertFalse(self.res.raccess.published)
self.res.raccess.published = False
self.res.raccess.immutable = True
self.res.raccess.save()
# test owner
self.request.user = self.user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test super user
self.request.user = super_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test edit user
self.request.user = edit_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test view user
self.request.user = view_user
_, authorized, _ = authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test authenticated user
self.request.user = authenticated_user
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
# test anonymous user
self.request.user = AnonymousUser()
authorize(self.request, res_id=self.res.short_id)
self.assertTrue(authorized)
