class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# BEGIN TESTS
def test_get_all_users_admin(self):
username = '******'
self.create_user(username)
res = self.testapp.get('/people', "", oauth2Header(test_manager))
self.assertEqual(len(res.json), 2)
self.assertEqual(res.json[0].get('username'), 'test_manager')
self.assertEqual(res.json[1].get('username'), 'messi')
def test_admin_post_activity_without_context(self):
from .mockers import user_status
username = '******'
self.create_user(username)
res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status), oauth2Header(test_manager))
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('username', None), 'messi')
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None), None)
def test_admin_post_activity_with_context(self):
""" doctest .. http:post:: /people/{username}/activities """
from .mockers import subscribe_context
from .mockers import user_status_context
from .mockers import create_context
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status_context), oauth2Header(test_manager))
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('username', None), 'messi')
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url'])
def test_admin_post_activity_with_context_as_actor(self):
""" doctest .. http:post:: /contexts/{hash}/activities """
from .mockers import subscribe_context
from .mockers import user_status_as_context
from .mockers import create_context
from hashlib import sha1
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.post('/contexts/%s/activities' % url_hash, json.dumps(user_status_as_context), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('hash', None), url_hash)
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url'])
def test_get_other_activities(self):
from .mockers import user_status_context
from .mockers import subscribe_context, create_context
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
self.testapp.get('/people/%s/activities' % (username), '', oauth2Header(test_manager), status=200)
def test_delete_user(self):
username = '******'
self.create_user(username)
self.testapp.delete('/people/%s' % username, '', oauth2Header(test_manager), status=204)
def test_delete_all_conversations(self):
from .mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.delete('/conversations', '', oauth2Header(test_manager), status=204)
conversations = self.testapp.get('/conversations', '', oauth2Header(sender), status=200)
self.assertEqual(len(conversations.json), 0)
user_data = self.testapp.get('/people/{}'.format(sender), '', oauth2Header(sender), status=200)
self.assertEqual(len(user_data.json['talkingIn']), 0)
def test_delete_inexistent_user(self):
username = '******'
username2 = 'xavi'
self.create_user(username)
self.testapp.delete('/people/%s' % username2, '', oauth2Header(test_manager), status=400)
def test_admin_delete_inexistent_activity(self):
fake_id = '519200000000000000000000'
self.testapp.delete('/activities/%s' % (fake_id), '', oauth2Header(test_manager), status=404)
def test_admin_get_people_activities_by_context(self):
"""
"""
from .mockers import user_status
from .mockers import context_query
from .mockers import create_context
from .mockers import subscribe_context, user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted'))
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
self.create_activity(username, user_status)
res = self.testapp.get('/people/%s/activities' % username, context_query, oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
def test_admin_get_all_activities_by_context(self):
"""
XXX This test was here to test the Manager endpoint that didn't search for recursive activities
now this is unified so this feature will have to be refactored to a preset or parameter to
disable recursivity.
The test now is fixed to pass with correct acitivity count asserts
"""
from .mockers import user_status
from .mockers import subscribe_context, subscribe_contextA
from .mockers import create_context, create_contextA
from .mockers import user_status_context, user_status_contextA
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted'))
self.admin_subscribe_user_to_context(username, subscribe_context)
url_hash = sha1(create_context['url']).hexdigest()
self.create_context(create_contextA, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted'))
self.admin_subscribe_user_to_context(username, subscribe_contextA)
url_hashA = sha1(create_contextA['url']).hexdigest()
self.create_activity(username, user_status_context)
self.create_activity(username, user_status_contextA)
self.create_activity(username, user_status)
res = self.testapp.get('/contexts/%s/activities' % url_hash, {}, oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 2)
res = self.testapp.get('/contexts/%s/activities' % url_hashA, {}, oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
# def test_admin_post_activity_with_unauthorized_context_type_as_actor(self):
# from .mockers import create_unauthorized_context
# from hashlib import sha1
# result = self.create_context(create_invalid_context, expect=201)
# url_hash = sha1(create_invalid_context['object']['url']).hexdigest()
# res = self.testapp.post('/contexts/%s/activities' % url_hash, json.dumps(user_status_context), oauth2Header(test_manager))
# result = json.loads(res.text)
# self.assertEqual(result.get('actor', None).get('hash', None), url_hash)
# self.assertEqual(result.get('object', None).get('objectType', None), 'note')
# self.assertEqual(result.get('contexts', None)[0], subscribe_context['object'])
def test_get_users_twitter_enabled(self):
""" Doctest .. http:get:: /people """
username = '******'
username2 = 'xavi'
self.create_user(username)
self.create_user(username2)
self.modify_user(username, {"twitterUsername": "******"})
res = self.testapp.get('/people', {"twitter_enabled": True}, oauth2Header(test_manager), status=200)
self.assertEqual(len(res.json), 1)
self.assertIn('twitterUsername', res.json[0])
def test_get_context_twitter_enabled(self):
from .mockers import create_context, create_contextA
self.create_context(create_context)
self.create_context(create_contextA)
self.modify_context(create_context['url'], {"twitterHashtag": "assignatura1", "twitterUsername": "******"})
res = self.testapp.get('/contexts', {"twitter_enabled": True}, oauth2Header(test_manager), status=200)
self.assertEqual(len(res.json), 1)
def test_rename_context_url(self):
from .mockers import create_context
from .mockers import subscribe_context, user_status_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted'))
self.admin_subscribe_user_to_context(username, subscribe_context)
activity = self.create_activity(username, user_status_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"url": "http://new.url"}), oauth2Header(test_manager), status=200)
# Test context is updated
new_url_hash = sha1('http://new.url').hexdigest()
res = self.testapp.get('/contexts/%s' % new_url_hash, "", oauth2Header(test_manager), status=200)
self.assertEqual(res.json['url'], 'http://new.url')
self.assertEqual(res.json['hash'], new_url_hash)
# Test user subscription is updated
res = self.testapp.get('/people/%s' % username, "", oauth2Header(test_manager), status=200)
self.assertEqual(res.json['subscribedTo'][0]['url'], 'http://new.url')
self.assertEqual(res.json['subscribedTo'][0]['hash'], new_url_hash)
# Test user original subscription activity is updated
subscription_activity = self.exec_mongo_query('activity', 'find', {'object.hash': new_url_hash, 'object.url': "http://new.url", 'actor.username': username})
self.assertNotEqual(subscription_activity, [])
self.assertEqual(subscription_activity[0]['object']['hash'], new_url_hash)
self.assertEqual(subscription_activity[0]['object']['url'], 'http://new.url')
# Test user activity is updated
res = self.testapp.get('/activities/%s' % activity.json['id'], "", oauth2Header(test_manager), status=200)
self.assertEqual(res.json['contexts'][0]['url'], 'http://new.url')
self.assertEqual(res.json['contexts'][0]['hash'], new_url_hash)
class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# BEGIN TESTS
def test_invalid_token(self):
username = '******'
res = self.testapp.post('/people/%s' % username, json.dumps({}), oauth2Header(test_manager, token='bad token'), status=401)
self.assertEqual(res.json['error_description'], 'Invalid token.')
def test_invalid_token_TEMPORARY(self):
from hashlib import sha1
from .mockers import create_context
mindundi = 'messi'
self.create_user(mindundi)
self.create_context(create_context, owner=mindundi)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi, token='bad token'), status=401)
self.assertEqual(res.json['error_description'], 'Invalid token.')
def test_invalid_scope(self):
username = '******'
headers = oauth2Header(test_manager)
headers['X-Oauth-Scope'] = 'Invalid scope'
res = self.testapp.post('/people/%s' % username, "", headers, status=401)
self.assertEqual(res.json['error_description'], 'The specified scope is not allowed for this resource.')
def test_invalid_scope_TEMPORARY(self):
from hashlib import sha1
from .mockers import create_context
mindundi = 'messi'
headers = oauth2Header(test_manager)
headers['X-Oauth-Scope'] = 'Invalid scope'
self.create_user(mindundi)
self.create_context(create_context, owner=mindundi)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), headers, status=401)
self.assertEqual(res.json['error_description'], 'The specified scope is not allowed for this resource.')
def test_required_user_not_found(self):
from hashlib import sha1
from .mockers import create_context
mindundi = 'messi'
self.create_context(create_context, owner=mindundi)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=400)
self.assertEqual(res.json['error_description'], 'Unknown actor identified by: messi')
def test_post_activity_no_auth_headers(self):
from .mockers import user_status
username = '******'
self.create_user(username)
res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status), status=401)
result = json.loads(res.text)
self.assertEqual(result.get('error', None), 'Unauthorized')
class PeopleACLTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(os.path.dirname(__file__))
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.app.registry.max_store.drop_collection('users')
self.app.registry.max_store.drop_collection('activity')
self.app.registry.max_store.drop_collection('contexts')
self.app.registry.max_store.drop_collection('security')
self.app.registry.max_store.drop_collection('conversations')
self.app.registry.max_store.drop_collection('messages')
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
# Add people tests
def test_create_person_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to create a person
I succeed
"""
username = '******'
self.testapp.post('/people', json.dumps({"username": username}), headers=oauth2Header(test_manager), status=201)
def test_create_person_as_non_manager(self):
"""
Given i'm user that doesn't have the Manager role
When i try to create a person
I get a Forbidden exception
"""
username = '******'
other = 'penny'
self.testapp.post('/people', json.dumps({"username": other}), headers=oauth2Header(username), status=403)
def test_create_person_as_oneself(self):
"""
Given i'm user that doesn't have the Manager role
When i try to create a person
I succeed
"""
username = '******'
self.testapp.post('/people', json.dumps({"username": username}), headers=oauth2Header(username), status=201)
# View profile tests
def test_get_person_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to view a user profile
I succeed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.get('/people/{}'.format(username), "", headers=oauth2Header(test_manager), status=200)
def test_get_person_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to view a user profile
I succeed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.get('/people/{}'.format(test_manager), "", headers=oauth2Header(username), status=200)
# Get all people
def test_get_all_people_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to get all people
I succeed
"""
self.create_user(test_manager)
self.testapp.get('/people', "", headers=oauth2Header(test_manager), status=200)
def test_get_all_people_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to get a visible people listing
I suceed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.get('/people', "", headers=oauth2Header(username), status=200)
# Modify user tests
def test_modify_person_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to modify a user profile
I succeed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.put('/people/{}'.format(username), "", headers=oauth2Header(test_manager), status=200)
def test_modify_person_as_non_manager_neither_owner(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to modify a user profile
And that person is not me
I get a Forbidden Exception
"""
username = '******'
other = 'penny'
self.create_user(test_manager)
self.create_user(username)
self.create_user(other)
self.testapp.put('/people/{}'.format(other), "", headers=oauth2Header(username), status=403)
def test_modify_person_as_owner(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to modify my own profile
I succeed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.put('/people/{}'.format(username), "", headers=oauth2Header(username), status=200)
# Delete user tests
def test_delete_person_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to delete a user
I succeed
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.delete('/people/{}'.format(username), headers=oauth2Header(test_manager), status=204)
def test_delete_person_as_non_manager_neither_owner(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to delete a user
I get a Forbidden Exception
"""
username = '******'
other = 'penny'
self.create_user(test_manager)
self.create_user(username)
self.create_user(other)
self.testapp.delete('/people/{}'.format(other), headers=oauth2Header(username), status=403)
def test_delete_person_as_owner(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to delete myself
I get a Forbidden Exception
"""
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.testapp.delete('/people/{}'.format(username), headers=oauth2Header(username), status=403)
class ContextACLTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(os.path.dirname(__file__))
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.app.registry.max_store.drop_collection('users')
self.app.registry.max_store.drop_collection('activity')
self.app.registry.max_store.drop_collection('contexts')
self.app.registry.max_store.drop_collection('security')
self.app.registry.max_store.drop_collection('conversations')
self.app.registry.max_store.drop_collection('messages')
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
# Add context tests
def test_add_context_as_manager(self):
"""
Given a user that has the Manager role
When i try to get create a context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201)
def test_add_context_as_non_manager(self):
"""
Given a user that doesn't have the Manager role
When i try to create a context
I get a Forbidden exception
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(username)
self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(username), status=403)
# View context tests
def test_view_context_as_manager_with_acls(self):
"""
Given i'm a user that has the Manager role
When i try to update any context
I succeed
And I get the acls for that context
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
res = self.create_context(create_context)
chash = res.json['hash']
res = self.testapp.get('/contexts/%s?show_acls=1' % chash, "", oauth2Header(test_manager), status=200)
self.assertGreater(len(res.json['acls']), 0)
def test_view_context_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to update any context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.get('/contexts/%s' % chash, "", oauth2Header(test_manager), status=200)
def test_view_context_as_non_manager(self):
"""
Given i'm a user that has the Manager role
When i try to update any context
I succeed
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.get('/contexts/%s' % chash, "", oauth2Header(username), status=200)
# Get all contexts tests
def test_get_all_contexts_as_manager(self):
"""
Given a user that has the Manager role
When i try to get all contexts
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
self.create_context(create_context)
self.testapp.get('/contexts', "", oauth2Header(test_manager), status=200)
def test_get_all_contexts_as_non_manager(self):
"""
Given a user that doesn't have the Manager role
When i try to get all contexts
I get a Forbidden exception
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
self.create_context(create_context)
self.testapp.get('/contexts', "", oauth2Header(username), status=403)
# Modify context tests
def test_modify_context_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to update any context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(test_manager), status=200)
def test_modify_context_as_manager_non_owner(self):
"""
Given i'm a user that has the Manager role
And i'm not the owner of the context
When i try to update any context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
self.create_user(test_manager2)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(test_manager2), status=200)
def test_modify_context_as_owner(self):
"""
Given i'm a user that don't jave the Manager role
And is the owner of the context
When i try to update the context
I succeed
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context, owner=username)
chash = res.json['hash']
self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(username), status=200)
def test_modify_context_as_non_owner_non_manager(self):
"""
Given i'm a user that don't jave the Manager role
And is the owner of the context
When i try to update the context
I succeed
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(username), status=403)
# Delete context tests
def test_delete_context_as_manager(self):
"""
Given a user that has the Manager role
When i try to remove a context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(test_manager), status=204)
def test_delete_context_as_manager_non_owner(self):
"""
Given a user that has the Manager role
And is not the owner of the context
When i try to remove a context
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
self.create_user(test_manager2)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(test_manager2), status=204)
def test_delete_context_as_owner(self):
"""
Given a user that has doesn't have the Manager role
And is the owner of the context
When i try to remove a context
I succeed
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context, owner=username)
chash = res.json['hash']
self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(username), status=204)
def test_delete_context_as_non_manager_neither_owner(self):
"""
Given a user that has doesn't have the Manager role
And is not the owner of the context
When i try to remove a context
I get a Forbidden
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(username), status=403)
# Test context authors
def test_get_context_authors_as_manager(self):
"""
Given a user that is Manager
When i try to list context activity authors
I succeed
"""
from max.tests.mockers import create_context
self.create_user(test_manager)
res = self.create_context(create_context)
chash = res.json['hash']
self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(test_manager), status=200)
def test_get_context_authors_as_non_manager(self):
"""
Given a user that is not Manager
When i try to list context activity authors
I get a Forbidden
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context, permissions={'read': 'subscribed'})
chash = res.json['hash']
self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(username), status=403)
def test_get_context_authors_as_non_manager_public_context(self):
"""
Given a user that is not Manager
When i try to list context activity authors
I get a Forbidden
"""
from max.tests.mockers import create_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context, permissions={'read': 'public'})
chash = res.json['hash']
self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(username), status=200)
def test_get_count_context_authors_as_non_manager(self):
"""
Given a user that is not Manager
When i try to list the count of context activity authors
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(test_manager)
self.create_user(username)
res = self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
chash = res.json['hash']
self.testapp.head('/contexts/%s/activities/authors' % (chash,), oauth2Header(username), status=200)
class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# BEGIN TESTS
def test_create_context(self):
""" doctests .. http:post:: /contexts"""
from .mockers import create_context
new_context = dict(create_context)
self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201)
def test_create_context_creator_is_admin(self):
"""
Given a admin user
When I create a context
Then the creator of the context is the admin user
"""
from .mockers import create_context
res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201)
self.assertEqual(res.json['creator'], test_manager)
def test_create_context_default_fields(self):
"""
Given an admin user
When I create a context
Then non-required fields with defaults are set
"""
from .mockers import create_context
res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201)
self.assertIn('permissions', res.json)
self.assertIn('tags', res.json)
self.assertIn('objectType', res.json)
self.assertEqual(res.json['objectType'], 'context')
def test_post_activity_with_public_context(self):
""" Post an activity to a context which allows everyone to read and write
"""
from .mockers import subscribe_context, create_context
from .mockers import user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.create_activity(username, user_status_context)
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('username', None), 'messi')
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url'])
def test_post_activity_with_private_read_write_context(self):
""" Post an activity to a context which needs the user to be subscribed to read and write
and we have previously subscribed the user.
"""
from .mockers import subscribe_context, create_context
from .mockers import user_status_context
from hashlib import sha1
username = '******'
self.create_user(username)
url_hash = sha1(create_context['url']).hexdigest()
context_permissions = dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted')
self.create_context(create_context, permissions=context_permissions)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.create_activity(username, user_status_context)
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('username', None), 'messi')
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url'])
return url_hash, username, user_status_context
def test_post_activity_with_private_read_context(self):
""" Try to post an activity to a context which needs the user to be subscribed to read
but needs to explicitly give write permission on the user to post and we have previously
subscribed the user but not given write permission.
"""
from .mockers import subscribe_context, create_context
from .mockers import user_status_context
username = '******'
self.create_user(username)
context_permissions = dict(read='subscribed', write='restricted', subscribe='restricted', invite='restricted')
self.create_context(create_context, permissions=context_permissions)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context, expect=403)
def test_add_public_context(self):
from hashlib import sha1
from .mockers import create_context
res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
url_hash = sha1(create_context['url']).hexdigest()
self.assertEqual(result.get('hash', None), url_hash)
def test_add_invalid_context(self):
from .mockers import create_invalid_context
self.create_context(create_invalid_context, expect=400)
def test_add_uri_context_without_displayName(self):
"""
Add a Uri context without a displayName and check that the default displayName is set
with the url from the uri object
"""
from .mockers import create_context_without_displayname
res = self.create_context(create_context_without_displayname, expect=201)
result = json.loads(res.text)
self.assertEqual(result.get('displayName', None), create_context_without_displayname['url'])
def test_add_public_context_with_all_params(self):
from hashlib import sha1
from .mockers import create_context_full
res = self.testapp.post('/contexts', json.dumps(create_context_full), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
url_hash = sha1(create_context_full['url']).hexdigest()
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('displayName', None), create_context_full['displayName'])
self.assertEqual(result.get('twitterHashtag', None), create_context_full['twitterHashtag'])
self.assertEqual(result.get('twitterUsername', None), create_context_full['twitterUsername'])
def test_context_exists(self):
""" doctest .. http:get:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
url_hash = sha1(create_context['url']).hexdigest()
self.create_context(create_context)
res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
def test_context_informs_all_permissions(self):
""" doctest .. http:get:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
from max import DEFAULT_CONTEXT_PERMISSIONS
url_hash = sha1(create_context['url']).hexdigest()
self.create_context(create_context)
res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
self.assertItemsEqual(result['permissions'].keys(), DEFAULT_CONTEXT_PERMISSIONS.keys())
def test_create_context_that_already_exists(self):
""" doctest .. http:get:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201)
res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=200)
self.assertEqual(res.json.get('hash', None), url_hash)
def test_modify_context(self):
""" doctest .. http:put:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('twitterHashtag', None), 'assignatura1')
def test_modify_context_with_owner(self):
""" doctest .. http:put:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
mindundi = 'messi'
self.create_user(mindundi)
self.create_context(create_context, owner=mindundi)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('twitterHashtag', None), 'assignatura1')
def test_modify_context_forbidden(self):
""" doctest .. http:put:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
mindundi = 'messi'
self.create_user(mindundi)
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=403)
def test_modify_inexistent_context(self):
""" doctest .. http:put:: /contexts/{hash} """
url_hash = '0000000000000'
self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(test_manager), status=404)
@httpretty.activate
@patch('tweepy.API', MockTweepyAPI)
def test_modify_context_with_twitter_username(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1", "twitterUsername": "******"}), oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('twitterHashtag', None), 'assignatura1')
self.assertEqual(result.get('twitterUsername', None), 'maxupcnet')
self.assertEqual(result.get('twitterUsernameId', None), '526326641')
def test_get_context_tags(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.get('/contexts/%s/tags' % url_hash, "", oauth2Header(test_manager), status=200)
self.assertEqual(res.json, ['Assignatura'])
def test_update_context_tags_updates_existing_tags(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200)
self.assertEqual(res.json, ['Assignatura', 'prova'])
def test_update_context_tags_updates_existing_activites_tags(self):
from hashlib import sha1
from .mockers import create_context, subscribe_context, user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200)
res = self.testapp.get('/contexts/%s/activities' % url_hash, "", oauth2Header(username), status=200)
self.assertEqual(res.json[0]['contexts'][0]['tags'], ['Assignatura', 'prova'])
def test_update_context_tags_updates_existing_subscription_tags(self):
from hashlib import sha1
from .mockers import create_context, subscribe_context, user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200)
res = self.testapp.get('/people/%s' % username, "", oauth2Header(username), status=200)
self.assertEqual(res.json['subscribedTo'][0]['tags'], ['Assignatura', 'prova'])
def test_clear_context_tags(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.delete('/contexts/%s/tags' % url_hash, "", oauth2Header(test_manager), status=200)
self.assertEqual(res.json, [])
def test_remove_context_tag(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200)
self.testapp.delete('/contexts/%s/tags/%s' % (url_hash, 'Assignatura'), "", oauth2Header(test_manager), status=204)
def test_modify_context_displayName_updates_subscription(self):
from hashlib import sha1
from .mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions=dict(read='subscribed', write='restricted', subscribe='restricted', invite='restricted'))
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
url_hash = sha1(create_context['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"displayName": "New Name"}), oauth2Header(test_manager), status=200)
res = self.testapp.get('/people/%s/subscriptions' % username, '', oauth2Header(username), status=200)
self.assertEqual(res.json[0]['displayName'], 'New Name')
def test_modify_context_unsetting_property(self):
from hashlib import sha1
from .mockers import create_context
self.create_context(create_context)
url_hash = sha1(create_context['url']).hexdigest()
self.modify_context(create_context['url'], {"twitterHashtag": "assignatura1", "twitterUsername": "******"})
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "", "twitterUsername": ""}), oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('twitterHashtag', None), None)
self.assertEqual(result.get('twitterUsername', None), None)
self.assertEqual(result.get('twitterUsernameId', None), None)
def test_delete_context(self):
""" doctest .. http:delete:: /contexts/{hash} """
from hashlib import sha1
from .mockers import create_context
url_hash = sha1(create_context['url']).hexdigest()
self.create_context(create_context)
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
def test_deleted_context_is_really_deleted(self):
from hashlib import sha1
from .mockers import create_context
url_hash = sha1(create_context['url']).hexdigest()
self.create_context(create_context)
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=404)
result = json.loads(res.text)
self.assertEqual(result.get('error', None), 'ObjectNotFound')
def test_delete_inexistent_context(self):
""" doctest .. http:delete:: /contexts/{hash} """
url_hash = '00000000000000'
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=404)
def test_delete_only_deleted_specified_context(self):
from hashlib import sha1
from .mockers import create_context, create_contextA
self.create_context(create_context)
self.create_context(create_contextA)
url_hash = sha1(create_context['url']).hexdigest()
url_hashA = sha1(create_contextA['url']).hexdigest()
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
res = self.testapp.get('/contexts/%s' % url_hashA, "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('hash', None), url_hashA)
def test_delete_context_removes_subscription_from_user(self):
"""
"""
from hashlib import sha1
from .mockers import subscribe_context, subscribe_contextA
from .mockers import create_context, create_contextA
from .mockers import user_status_context, user_status_contextA
username = '******'
self.create_user(username)
self.create_context(create_context)
self.create_context(create_contextA)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.admin_subscribe_user_to_context(username, subscribe_contextA)
self.create_activity(username, user_status_context)
self.create_activity(username, user_status_contextA)
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
res = self.testapp.get('/people/%s' % username, "", oauth2Header(username))
result = json.loads(res.text)
self.assertEqual(result.get('username', None), 'messi')
self.assertEqual(len(result.get('subscribedTo', [])), 1)
self.assertEqual(result.get('subscribedTo', [])[0]['url'], subscribe_contextA['object']['url'])
def test_user_cannot_see_activity_from_deleted_context(self):
"""
"""
from hashlib import sha1
from .mockers import subscribe_context
from .mockers import create_context
from .mockers import user_status_context
from .mockers import context_query
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
self.testapp.get('/contexts/%s/activities' % (context_query['context']), '', oauth2Header(username), status=404)
def test_user_cannot_see_own_activity_from_deleted_context_in_timeline(self):
"""
"""
from hashlib import sha1
from .mockers import subscribe_context
from .mockers import create_context
from .mockers import user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.create_activity(username, user_status_context)
url_hash = sha1(create_context['url']).hexdigest()
self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204)
res = self.testapp.get('/people/%s/timeline' % username, {}, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 0)
def test_add_private_rw_context(self):
from hashlib import sha1
from .mockers import create_context_private_rw
res = self.testapp.post('/contexts', json.dumps(create_context_private_rw), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
url_hash = sha1(create_context_private_rw['url']).hexdigest()
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('permissions', None), create_context_private_rw['permissions'])
def test_add_private_r_context(self):
from hashlib import sha1
from .mockers import create_context_private_r
res = self.testapp.post('/contexts', json.dumps(create_context_private_r), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
url_hash = sha1(create_context_private_r['url']).hexdigest()
self.assertEqual(result.get('hash', None), url_hash)
self.assertEqual(result.get('permissions', None), create_context_private_r['permissions'])
def test_check_permissions_on_subscribed_rw_context(self):
from .mockers import create_context_private_rw, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context_private_rw)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.testapp.get('/people/%s' % username, "", oauth2Header(username))
result = json.loads(res.text)
self.assertEqual(len(result.get('subscribedTo', [])), 1)
self.assertEqual(result.get('subscribedTo', {})[0]['url'], subscribe_context['object']['url'])
self.assertEqual('read' in result.get('subscribedTo', {})[0]['permissions'], True)
self.assertEqual('write' in result.get('subscribedTo', {})[0]['permissions'], True)
def test_check_permissions_on_subscribed_write_restricted_context(self):
from .mockers import create_context_private_r, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.testapp.get('/people/%s' % username, "", oauth2Header(username))
result = json.loads(res.text)
self.assertEqual(len(result.get('subscribedTo', [])), 1)
self.assertEqual(result.get('subscribedTo', {})[0]['url'], subscribe_context['object']['url'])
self.assertEqual('read' in result.get('subscribedTo', {})[0]['permissions'], True)
self.assertEqual('write' not in result.get('subscribedTo', {})[0]['permissions'], True)
def test_post_on_subscribed_write_restricted_context_without_write_permission(self):
from .mockers import create_context_private_r, subscribe_context, user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.create_activity(username, user_status_context, expect=403)
def test_post_on_subscribed_rw_context(self):
from .mockers import create_context_private_rw, subscribe_context, user_status_context
username = '******'
self.create_user(username)
self.create_context(create_context_private_rw)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.create_activity(username, user_status_context)
result = json.loads(res.text)
self.assertEqual(result.get('actor', None).get('username', None), 'messi')
self.assertEqual(result.get('object', None).get('objectType', None), 'note')
self.assertEqual(result.get('contexts', None)[0]['url'], user_status_context['contexts'][0]['url'])
def test_grant_write_permission_on_write_restricted_context(self):
""" doctest .. http:put:: /contexts/{hash}/permissions/{username}/{permission} """
from .mockers import create_context_private_r, subscribe_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
chash = sha1(create_context_private_r['url']).hexdigest()
permission = 'write'
res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201)
result = json.loads(res.text)
self.assertEqual('read' in result['permissions'], True)
self.assertEqual('write' in result['permissions'], True)
def test_revoke_write_permission_on_write_restricted_context(self):
""" doctest .. http:delete:: /contexts/{hash}/permissions/{username}/{permission} """
from .mockers import create_context_private_r, subscribe_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
chash = sha1(create_context_private_r['url']).hexdigest()
permission = 'write'
res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201)
res = self.testapp.delete('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201)
result = json.loads(res.text)
self.assertEqual('read' in result['permissions'], True)
self.assertEqual('write' not in result['permissions'], True)
def test_grant_write_permission_on_non_subscribed_context(self):
from .mockers import create_context_private_r
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
chash = sha1(create_context_private_r['url']).hexdigest()
permission = 'write'
self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=404)
def test_grant_invalid_permission_on_subscribed_context(self):
from .mockers import create_context_private_r, subscribe_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
chash = sha1(create_context_private_r['url']).hexdigest()
permission = 'badpermission'
res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=400)
result = json.loads(res.text)
self.assertEqual(result.get('error', None), 'InvalidPermission')
def test_reset_user_subscription_to_default_permissions(self):
from .mockers import create_context_private_r, subscribe_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
chash = sha1(create_context_private_r['url']).hexdigest()
permission = 'write'
self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201)
res = self.testapp.post('/contexts/%s/permissions/%s/defaults' % (chash, username), "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual('read' in result['permissions'], True)
self.assertEqual('write' in result['permissions'], False)
def test_get_context_subscriptions(self):
from .mockers import create_contextA, subscribe_contextA
from .mockers import create_context_private_r, subscribe_context
from hashlib import sha1
username = '******'
self.create_user(username)
self.create_context(create_contextA)
self.create_context(create_context_private_r)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.admin_subscribe_user_to_context(username, subscribe_contextA)
chash = sha1(create_context_private_r['url']).hexdigest()
res = self.testapp.get('/contexts/%s/subscriptions' % (chash), "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get('username', ''), 'messi')
self.assertEqual(result[0].get('hash', ''), chash)
def test_create_context_with_upload_url(self):
""" """
from .mockers import create_context_with_uploadurl
new_context = dict(create_context_with_uploadurl)
res = self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201)
self.assertTrue(res.json.get('uploadURL'))
class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# BEGIN TESTS
def test_add_public_context_with_valid_parameters_that_needs_formating(self):
"""
Test formatters acting correctly by testing the extraction of the "@" and "#"
on receiving a twitter @username and #hashtag containing extra chars (@,# and trailing/leading whitespace)
"""
from .mockers import create_context_full
new_context = dict(create_context_full)
new_context['twitterUsername'] = '******' % create_context_full['twitterUsername']
new_context['twitterHashtag'] = ' #%s' % create_context_full['twitterHashtag']
res = self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201)
result = json.loads(res.text)
self.assertEqual(result.get('twitterUsername', None), create_context_full['twitterUsername'])
self.assertEqual(result.get('twitterHashtag', None), create_context_full['twitterHashtag'])
def test_modify_public_context_with_valid_parameters_that_need_formating(self):
"""
Test validation failure on receiving a invalid twitter username
"""
from .mockers import create_context_full
from hashlib import sha1
res = self.testapp.post('/contexts', json.dumps(create_context_full), oauth2Header(test_manager), status=201)
url_hash = sha1(create_context_full['url']).hexdigest()
res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterUsername": "******", "twitterHashtag": "#atenea"}), oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get('twitterUsername', None), 'maxupcnet')
self.assertEqual(result.get('twitterHashtag', None), 'atenea')
def test_add_public_context_with_bad_twitter_username(self):
"""
Test validation failure on receiving a invalid twitter username
"""
from .mockers import create_context_full
bad_context = dict(create_context_full)
bad_context['twitterUsername'] = '******'
res = self.testapp.post('/contexts', json.dumps(bad_context), oauth2Header(test_manager), status=400)
result = json.loads(res.text)
self.assertEqual(result.get('error', None), 'ValidationError')
def test_add_public_context_with_bad_hashtag(self):
"""
Test validation failure on receiving a invalid twitter hashtag
"""
from .mockers import create_context_full
bad_context = dict(create_context_full)
bad_context['twitterHashtag'] = '##badhashtag'
res = self.testapp.post('/contexts', json.dumps(bad_context), oauth2Header(test_manager), status=400)
result = json.loads(res.text)
self.assertEqual(result.get('error', None), 'ValidationError')
class SubscriptionsACLTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(os.path.dirname(__file__))
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.app.registry.max_store.drop_collection('users')
self.app.registry.max_store.drop_collection('activity')
self.app.registry.max_store.drop_collection('contexts')
self.app.registry.max_store.drop_collection('security')
self.app.registry.max_store.drop_collection('conversations')
self.app.registry.max_store.drop_collection('messages')
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# Create subscription tests
def test_subscribe_user_to_context_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to get subscribe another user to a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
def test_subscribe_user_to_context_as_context_owner(self):
"""
Given i'm a user that doesn't have the Manager role
And i'm the owner of the context
When i try to subscribe another user to a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, owner=username)
self.user_subscribe_user_to_context(other, subscribe_context, auth_user=username, expect=201)
def test_self_subscribe_to_public_context_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to subscribe myself to a public subscription context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'subscribe': 'public'})
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
def test_self_subscribe_to_restricted_context_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to subscribe myself to a restricted subscription context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'subscribe': 'restricted'})
self.user_subscribe_user_to_context(username, subscribe_context, expect=403)
def test_subscribe_user_to_restricted_context_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to subscribe another user to a restricted subscription context
I get a Forbidden exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'subscribe': 'restricted'})
self.user_subscribe_user_to_context(username, subscribe_context, expect=403)
def test_subscribe_user_to_public_context_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to subscribe another user to a public subscription context
I get a Forbidden exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'subscribe': 'public'})
self.user_subscribe_user_to_context(other, subscribe_context, auth_user=username, expect=403)
# Unsubscribe tests
def test_unsubscribe_user_from_context_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to unsubscribe another user from to a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'})
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_unsubscribe_user_from_context(username, chash, expect=204)
def test_unsubscribe_user_from_context_as_context_owner(self):
"""
Given i'm a user that doesn't have the Manager role
And i'm the owner of the context
When i try to unsubscribe another user from to a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username)
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.user_unsubscribe_user_from_context(other, chash, auth_user=username, expect=204)
def test_self_unsubscribe_user_from_context_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to unsubscribe another user from to a context
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'})
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.user_unsubscribe_user_from_context(username, chash, auth_user=other, expect=403)
def test_unsubscribe_user_from_context_allowed_unsubscribe_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
And i have permission to unsubscribe myself
When i try to unsubscribe myself from the context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'unsubscribe': 'subscribed'})
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_unsubscribe_user_from_context(username, chash, expect=204)
def test_unsubscribe_another_user_from_context_allowed_unsubscribe_as_non_manager(self):
"""
Given i'm a user that doesn't have the Manager role
And i have permission to unsubscribe myself
When i try to unsubscribe other person from the context
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'subscribed'})
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.user_unsubscribe_user_from_context(username, chash, auth_user=other, expect=403)
# Get context subscriptions
def test_get_context_subscriptions_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to get all subscriptions from a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'})
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(test_manager), status=200)
def test_get_context_subscriptions_as_owner(self):
"""
Given i'm a user that doesn't have the Manager role
And i'm the owner of the context
When i try to get all subscriptions from a context
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username)
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(username), status=200)
def test_get_context_subscriptions_as_non_manager_neither_owner(self):
"""
Given i'm a user that doesn't have the Manager role
And i'm not the owner of the context
When i try to get all subscriptions from a context
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username)
chash = sha1(subscribe_context['object']['url']).hexdigest()
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(other), status=403)
def test_get_user_subscriptions_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to get all subscriptions from a user
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'})
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(test_manager), status=200)
def test_get_own_user_subscriptions(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to get all my subscriptions
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(username), status=200)
def test_get_user_subscriptions_as_non_manager_neither_own(self):
"""
Given i'm a user that doesn't have the Manager role
When i try to get all subscriptions from another user
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(other), status=403)
# Test Grant subscription permissions
def test_grant_permission_on_subscription_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to grant a permission on a user's suscription
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'read': 'subscribed'})
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
permission = 'write'
self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, username, permission), "", oauth2Header(test_manager), status=201)
def test_grant_permission_on_subscription_as_context_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm the owner of the context
When i try to grant a permission on a user's suscription
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
permission = 'write'
self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(username), status=201)
def test_grant_permission_on_subscription_as_non_manager_nor_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm not the owner of the context
When i try to grant a permission on a user's suscription
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
permission = 'write'
self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(other), status=403)
# Test revoke subscription permissions
def test_revoke_permission_on_subscription_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to revoke a permission on a user's suscription
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'read': 'subscribed'})
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
permission = 'write'
self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, username, permission), "", oauth2Header(test_manager), status=201)
def test_revoke_permission_on_subscription_as_context_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm the owner of the context
When i try to revoke a permission on a user's suscription
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
permission = 'write'
self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(username), status=201)
def test_revoke_permission_on_subscription_as_non_manager_nor_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm not the owner of the context
When i try to revoke a permission on a user's suscription
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
permission = 'write'
self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(other), status=403)
# Test revoke subscription permissions
def test_reset_permission_defaults_on_subscription_as_manager(self):
"""
Given i'm a user that has the Manager role
When i try to reset all permission on a user's suscription to defaults
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
self.create_user(username)
self.create_context(create_context, permissions={'read': 'subscribed'})
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, username), "", oauth2Header(test_manager), status=200)
def test_reset_permission_defaults_on_subscription_as_context_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm the owner of the context
When i try to reset all permission on a user's suscription to defaults
I succeed
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, other), "", oauth2Header(username), status=200)
def test_reset_permission_defaults_on_subscription_as_non_manager_nor_owner(self):
"""
Given i'm a user that don't have the Manager role
And i'm not the owner of the context
When i try to reset all permission on a user's suscription to defaults
I get a Forbidden Exception
"""
from max.tests.mockers import create_context, subscribe_context
url_hash = sha1(create_context['url']).hexdigest()
username = '******'
other = 'penny'
self.create_user(username)
self.create_user(other)
self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username)
self.admin_subscribe_user_to_context(other, subscribe_context, expect=201)
self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, other), "", oauth2Header(other), status=403)
class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp("config:tests.ini", relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch("requests.post", new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
def tearDown(self):
import pyramid.testing
pyramid.testing.tearDown()
# BEGIN TESTS
def test_create_user(self):
username = "******"
self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201)
return username
def test_create_user_missing_username(self):
self.testapp.post("/people", json.dumps({}), oauth2Header(test_manager), status=400)
def test_create_user_creator_is_admin(self):
"""
Given an admin user
When I create a user
Then the creator must be the admin user
"""
username = "******"
res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201)
self.assertEqual(res.json["creator"], test_manager)
def test_create_user_default_fields(self):
"""
Given an admin user
When I create a user
Then non-required fields with defaults are set
"""
username = "******"
res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201)
self.assertIn("objectType", res.json)
self.assertIn("following", res.json)
self.assertIn("subscribedTo", res.json)
self.assertEqual(res.json["objectType"], "person")
def test_create_user_not_manager(self):
username = "******"
self.testapp.post("/people/%s" % username, "", oauth2Header("imnotallowed"), status=403)
def test_user_exist(self):
username = "******"
self.create_user(username)
res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get("username", None), "messi")
def test_create_same_user_case_insensitive(self):
username = "******"
username_case = "Messi"
self.create_user(username)
res = self.testapp.post("/people/%s" % username_case, "", oauth2Header(test_manager), status=200)
result = json.loads(res.text)
self.assertEqual(result.get("username", None), "messi")
def test_get_user(self):
""" Doctest .. http:get:: /people/{username} """
username = "******"
self.create_user(username)
res = self.testapp.get("/people/%s" % username, "", oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result.get("username", None), "messi")
self.assertIn("username", result)
self.assertIn("displayName", result)
self.assertIn("objectType", result)
self.assertGreater(len(result.keys()), 3)
def test_get_user_as_someone_else(self):
""" Doctest .. http:get:: /people/{username} """
username = "******"
usernamenotme = "xavi"
self.create_user(username)
self.create_user(usernamenotme)
res = self.testapp.get("/people/%s" % username, "", oauth2Header(usernamenotme), status=200)
result = json.loads(res.text)
self.assertEqual(result.get("username", None), "messi")
self.assertIn("username", result)
self.assertIn("displayName", result)
self.assertIn("objectType", result)
self.assertIn("published", result)
self.assertEqual(len(result.keys()), 4)
def test_get_user_case_insensitive(self):
""" Doctest .. http:get:: /people/{username} """
username = "******"
self.create_user(username)
res = self.testapp.get("/people/%s" % "MESSI", "", oauth2Header(username))
result = json.loads(res.text)
self.assertEqual(result.get("username", None), "messi")
def test_get_users_by_query_on_username(self):
""" Doctest .. http:get:: /people """
username = "******"
self.create_user(username)
res = self.testapp.get("/people", json.dumps({"username": username}), oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
self.assertEqual(result[0].get("username", ""), username)
self.assertEqual(len(result[0].keys()), 4) # Check how many fields each result has
def test_get_users_by_query_on_displayName(self):
""" Doctest .. http:get:: /people """
username = "******"
self.create_user(username, displayName="Lionel Messi")
res = self.testapp.get("/people", json.dumps({"username": "******"}), oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
self.assertEqual(result[0].get("username", ""), username)
self.assertEqual(len(result[0].keys()), 4) # Check how many fields each result has
def test_get_non_existent_user(self):
username = "******"
res = self.testapp.get("/people/%s" % username, "", oauth2Header(username), status=400)
result = json.loads(res.text)
self.assertEqual(result.get("error", None), "UnknownUserError")
def test_modify_user_one_parameter(self):
username = "******"
self.create_user(username)
res = self.testapp.put(
"/people/%s" % username, json.dumps({"displayName": "Lionel Messi"}), oauth2Header(username)
)
result = json.loads(res.text)
self.assertEqual(result.get("displayName", None), "Lionel Messi")
def test_modify_user_several_parameters(self):
""" Doctest .. http:put:: /people/{username} """
username = "******"
self.create_user(username)
res = self.testapp.put(
"/people/%s" % username,
json.dumps({"displayName": "Lionel Messi", "twitterUsername": "******"}),
oauth2Header(username),
)
result = json.loads(res.text)
self.assertEqual(result.get("displayName", None), "Lionel Messi")
self.assertEqual(result.get("twitterUsername", None), "leomessi")
def test_modify_user_several_parameters_twice(self):
username = "******"
self.create_user(username)
self.modify_user(username, {"displayName": "Lionel Messi"})
res = self.testapp.put(
"/people/%s" % username, json.dumps({"twitterUsername": "******"}), oauth2Header(username)
)
result = json.loads(res.text)
self.assertEqual(result.get("displayName", None), "Lionel Messi")
self.assertEqual(result.get("twitterUsername", None), "leomessi")
def test_modify_non_existent_user(self):
username = "******"
res = self.testapp.put(
"/people/%s" % username, json.dumps({"displayName": "Lionel Messi"}), oauth2Header(username), status=400
)
result = json.loads(res.text)
self.assertEqual(result.get("error", None), "UnknownUserError")
def test_get_all_users_with_regex(self):
username = "******"
self.create_user(username)
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_username_full(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_username_starting(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_username_ending(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_username_partial(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_displayName_with_case(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_displayName_accented(self):
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(result[0].get("username", ""), username)
def test_search_users_filter_displayName_non_accented(self):
"""
Accented username or displayname parts can only be searched with the accent provided.
"""
username = "******"
self.create_user(username, displayName="Sheldon Cooper Coupé")
query = {"username": "******"}
res = self.testapp.get("/people", query, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 0)
def test_get_all_users_with_regex_weird(self):
username1 = "victor.fernandez"
self.create_user(username1)
username2 = "victor.fernandez.altable"
self.create_user(username2)
query = {"username": username1}
res = self.testapp.get("/people", query, oauth2Header(username1), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 2)
query = {"username": username2}
res = self.testapp.get("/people", query, oauth2Header(username2), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
def test_create_own_user(self):
username = "******"
self.testapp.post("/people/%s" % username, "", oauth2Header(username), status=201)
class ConversationsACLTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(os.path.dirname(__file__))
self.app = loadapp('config:tests.ini', relative_to=conf_dir)
self.app.registry.max_store.drop_collection('users')
self.app.registry.max_store.drop_collection('activity')
self.app.registry.max_store.drop_collection('contexts')
self.app.registry.max_store.drop_collection('security')
self.app.registry.max_store.drop_collection('conversations')
self.app.registry.max_store.drop_collection('messages')
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch('requests.post', new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# Add conversations tests
def test_create_new_conversation(self):
"""
Given i'm a regular user
When I try to create a new conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
def test_create_new_conversation_as_manager(self):
"""
Given i'm a Manager
When I try to create a new conversation
And i'm not in the participants list
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(test_manager), status=201)
# View conversation tests
def test_view_conversation_as_manager(self):
"""
Given i'm a Manager
When I try to view an existing conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(test_manager), status=200)
def test_view_conversation_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to view an existing conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(sender), status=200)
def test_view_conversation_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to view an existing conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(recipient), status=200)
def test_view_conversation_as_anyone_else(self):
"""
Given i'm a regular user
And i'm not in the conversation
When I try to view an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(recipient2), status=403)
# View conversation subscription tests
def test_view_conversation_subscription_as_manager(self):
"""
Given i'm a Manager
When I try to view an existing conversation subscription
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(test_manager), status=200)
def test_view_conversation_subscription_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to view an existing conversation subscription
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=200)
def test_view_conversation_subscription_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to view my conversation subscription
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=200)
def test_view_conversation_subscription_as_other_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to view other's conversation subscription
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403)
def test_view_conversation_subscription_as_anyone_else(self):
"""
Given i'm a regular user
And i'm not in the conversation
When I try to view an existing conversation subscription
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.get('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient2), status=403)
# Get all conversations tests
def test_list_all_conversations(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to list all conversations
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.get('/conversations', '', oauth2Header(sender), status=200)
# Modify conversation tests
def test_modify_conversation_as_manager(self):
"""
Given i'm a Manager
When I try to modify a conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(test_manager), status=200)
def test_modify_conversation_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to modify a conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(sender), status=200)
def test_modify_conversation_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to modify a conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(recipient), status=403)
def test_modify_conversation_as_anyone_else(self):
"""
Given i'm a regular user
And i'm not in the conversation
When I try to modify a conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(recipient2), status=403)
# Delete conversation tests
def test_delete_conversation_as_manager(self):
"""
Given i'm a Manager
When I try to delete a conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(test_manager), status=204)
def test_delete_conversation_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to delete a conversation
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(sender), status=204)
def test_delete_conversation_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to delete a conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(recipient), status=403)
def test_delete_conversation_as_anyone_else(self):
"""
Given i'm a regular user
And i'm not in the conversation
When I try to delete a conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(recipient2), status=403)
# Purge conversations tests
def test_delete_all_conversations_as_manager(self):
"""
Given i'm a Manager
When I try to purge all existing conversations
Then I succeed
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.delete('/conversations', '', oauth2Header(test_manager), status=204)
def test_delete_all_conversations_as_anyone_else(self):
"""
Given i'm a regular user
When I try to purge all existing conversations
Then I get a Forbidden Exception
"""
from max.tests.mockers import message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
self.testapp.delete('/conversations', '', oauth2Header(sender), status=403)
# Add participant to conversation tests
def test_add_participant_as_manager(self):
"""
Given i'm a Manager
When I try to add a new participant to an existing conversation
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
recipient3 = 'melendi'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
self.create_user(recipient3)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(test_manager), status=201)
def test_add_participant_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to add a new participant to an existing conversation
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
recipient3 = 'melendi'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
self.create_user(recipient3)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(sender), status=201)
def test_add_participant_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to add a new participant to an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
recipient3 = 'melendi'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
self.create_user(recipient3)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(recipient), status=403)
def test_auto_join(self):
"""
Given i'm a regular user
When I try to add myself as a new participant to an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
recipient3 = 'melendi'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
self.create_user(recipient3)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(recipient2), status=403)
# Delete participant to group conversation tests
def test_delete_participant_as_manager(self):
"""
Given i'm a Manager
When I try to delete a new participant from an existing conversation
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(test_manager), status=204)
def test_delete_participant_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to delete a participant from an existing conversation
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient2, cid), '', oauth2Header(sender), status=204)
def test_delete_participant_as_participant(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to delete a participant from an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403)
def test_leave_as_owner(self):
"""
Given i'm the owner of the conversation
When I try to leave an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=403)
def test_leave(self):
"""
Given i'm a regular user
When I try to leave an existing conversation
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=204)
# Delete participant to two people conversation tests
def test_delete_participant_as_manager_in_two_people_conversation(self):
"""
Given i'm a Manager
When I try to delete a new participant from an existing conversation
Then I succeed
"""
from max.tests.mockers import message as creation_message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(test_manager), status=204)
def test_delete_participant_as_owner_in_two_people_conversation(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to delete a participant from an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message as creation_message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(sender), status=403)
def test_delete_participant_as_participant_in_two_people_conversation(self):
"""
Given i'm a regular user
And i'm a regular conversation participant
When I try to delete a participant from an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message as creation_message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403)
def test_leave_as_owner_in_two_people_conversation(self):
"""
Given i'm the owner of the conversation
When I try to leave an existing conversation
Then I get a Forbidden Exception
"""
from max.tests.mockers import message as creation_message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=204)
def test_leave_in_two_people_conversation(self):
"""
Given i'm a regular user
When I try to leave an existing conversation
Then I succeed
"""
from max.tests.mockers import message as creation_message
sender = 'messi'
recipient = 'xavi'
self.create_user(sender)
self.create_user(recipient)
res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=204)
# Transfer ownership tests
def test_transfer_ownership_as_manager(self):
"""
Given i'm a Manager
When I try to transfer a conversation to another user
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(test_manager), status=200)
def test_transfer_ownership_as_owner(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to transfer a conversation to another user
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(sender), status=200)
def test_transfer_ownership_as_participant(self):
"""
Given i'm a regular user
And i'm the owner of the conversation
When I try to transfer a conversation to another user
Then I succeed
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(recipient), status=403)
def test_transfer_ownership_as_anyone_else(self):
"""
Given i'm a regular user
And i'm not in the conversation
When I try to transfer a conversation to another user
Then I get a Forbidden Exception
"""
from max.tests.mockers import group_message as message
sender = 'messi'
recipient = 'xavi'
recipient2 = 'shakira'
self.create_user(sender)
self.create_user(recipient)
self.create_user(recipient2)
res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201)
cid = str(res.json['contexts'][0]['id'])
self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(recipient2), status=403)
class FunctionalTests(unittest.TestCase, MaxTestBase):
def setUp(self):
conf_dir = os.path.dirname(__file__)
self.app = loadapp("config:tests.ini", relative_to=conf_dir)
self.reset_database(self.app)
self.app.registry.max_store.security.insert(test_default_security)
self.patched_post = patch("requests.post", new=partial(mock_post, self))
self.patched_post.start()
self.testapp = MaxTestApp(self)
self.create_user(test_manager)
# BEGIN TESTS
def test_subscribe_user_to_context(self):
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"),
)
self.testapp.post(
"/people/%s/subscriptions" % username, json.dumps(subscribe_context), oauth2Header(test_manager), status=201
)
def test_subscribe_to_context(self):
""" doctest .. http:post:: /people/{username}/subscriptions """
from .mockers import subscribe_context
from .mockers import user_status_context
from .mockers import create_context
username = "******"
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
res = self.create_activity(username, user_status_context)
result = json.loads(res.text)
self.assertEqual(result.get("actor", None).get("username", None), "messi")
self.assertEqual(result.get("object", None).get("objectType", None), "note")
self.assertEqual(result.get("contexts", None)[0]["url"], subscribe_context["object"]["url"])
def test_subscribe_to_context_already_subscribed(self):
from .mockers import subscribe_context
from .mockers import user_status_context
from .mockers import create_context
username = "******"
self.create_user(username)
self.create_context(create_context)
self.admin_subscribe_user_to_context(username, subscribe_context)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=200)
res = self.create_activity(username, user_status_context)
result = json.loads(res.text)
self.assertEqual(result.get("actor", None).get("username", None), "messi")
self.assertEqual(result.get("object", None).get("objectType", None), "note")
self.assertEqual(result.get("contexts", None)[0]["url"], subscribe_context["object"]["url"])
def test_subscribe_to_inexistent_context(self):
from .mockers import subscribe_context
username = "******"
self.create_user(username)
res = self.admin_subscribe_user_to_context(username, subscribe_context, expect=404)
result = json.loads(res.text)
self.assertEqual(result.get("error", None), "ObjectNotFound")
def test_get_all_subscribed_contexts_for_user(self):
""" doctest .. http:get:: /people/{username}/subscriptions """
from .mockers import create_context
from .mockers import subscribe_contextA, create_contextA
from .mockers import subscribe_contextB, create_contextB
username = "******"
username_not_me = "xavi"
self.create_user(username)
self.create_user(username_not_me)
self.create_context(
create_context,
permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"),
)
self.create_context(
create_contextA,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.create_context(
create_contextB,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_contextA)
self.admin_subscribe_user_to_context(username_not_me, subscribe_contextA)
self.admin_subscribe_user_to_context(username, subscribe_contextB)
res = self.testapp.get("/people/%s/subscriptions" % username, "", oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 2)
self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A")
self.assertEqual(result[1].get("url"), "http://atenea.upc.edu/B")
def test_get_all_subscribed_contexts_for_user_by_tag(self):
""" doctest .. http:get:: /people/{username}/subscriptions """
from .mockers import create_context
from .mockers import subscribe_contextA, create_contextA
from .mockers import subscribe_contextB, create_contextB
username = "******"
username_not_me = "xavi"
self.create_user(username)
self.create_user(username_not_me)
self.create_context(
create_context,
permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"),
)
self.create_context(
create_contextA,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.create_context(
create_contextB,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_contextA)
self.admin_subscribe_user_to_context(username_not_me, subscribe_contextA)
self.admin_subscribe_user_to_context(username, subscribe_contextB)
res = self.testapp.get(
"/people/%s/subscriptions" % username, {"tags": ["Assignatura"]}, oauth2Header(username), status=200
)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A")
def test_get_all_subscribed_contexts_tagged_for_user(self):
""" doctest .. http:get:: /people/{username}/subscriptions """
from .mockers import subscribe_contextA, create_contextA
from .mockers import subscribe_contextB, create_contextB
username = "******"
self.create_user(username)
self.create_context(
create_contextA,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.create_context(
create_contextB,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_contextA)
self.admin_subscribe_user_to_context(username, subscribe_contextB)
res = self.testapp.get(
"/people/%s/subscriptions" % username, {"tags": ["Assignatura"]}, oauth2Header(username), status=200
)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A")
def test_get_subscriptions_from_another_user(self):
"""
Given a plain user
When I try to get another user subscriptions list
Then i get an Forbidden error
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
username2 = "xavi"
self.create_user(username2)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username2), status=403)
def test_subcribe_to_restricted_context_as_plain_user(self):
"""
Given a plain user
When I subscribe to a public subscription context
Then i get an Forbidden error
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=403)
def test_subscribe_to_public_context_as_plain_user(self):
"""
Given a plain user
When I subscribe to a public subscription context
Then the subscription is created
And I will be able to unsubscribe in the future
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
res = self.testapp.post(
"/people/%s/subscriptions" % username, json.dumps(subscribe_context), oauth2Header(username), status=201
)
res = self.testapp.get("/people/%s/subscriptions" % username, "", oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertIn("unsubscribe", result[0]["permissions"])
def test_subscribe_to_public_context_as_plain_user_already_subscribed(self):
"""
Given a plain user
When I subscribe to a public subscription context
And I am already subscribed
Then the subscription is returned
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
self.user_subscribe_user_to_context(username, subscribe_context, expect=200)
def test_list_all_public_subcribable_contexts(self):
"""
Given a plain user
When i look for public contexts
Then i get a list with only the public ones
"""
from .mockers import create_context, create_contextA
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.create_context(
create_contextA,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
res = self.testapp.get("/contexts/public", {}, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 1)
def test_unsubscribe_from_inexistent_subscription_as_plain_user(self):
"""
Given a plain user
When I try to unsubscribe from a context
And I'm not subscribed to that context
Then I get a not found error
"""
from .mockers import create_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
url_hash = sha1(create_context["url"]).hexdigest()
self.testapp.delete(
"/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(username), status=403
)
def test_unsubscribe_from_inexistent_subscription_as_admin(self):
"""
As an admin user
When I try to unsubscribe a user from a context
And the user is not subscribed to that context
Then I get a not found error
"""
from .mockers import create_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
url_hash = sha1(create_context["url"]).hexdigest()
self.testapp.delete(
"/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(test_manager), status=404
)
def test_unsubscribe_from_restricted_context_as_plain_user(self):
"""
Given a plain user
When I try to unsubscribe from a restricted subscription context
Then i get an authorization error
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
url_hash = sha1(create_context["url"]).hexdigest()
self.testapp.delete(
"/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(username), status=403
)
def test_unsubscribe_from_restricted_context_as_admin(self):
"""
Given a admin user
When I try to unsubscribe a plain user from a restricted subscription context
Then the user is not subscribed to the context anymore
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
url_hash = sha1(create_context["url"]).hexdigest()
self.testapp.delete(
"/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(test_manager), status=204
)
res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 0)
def test_unsubscribe_from_public_context_as_plain_user(self):
"""
Given a plain user
When I try to unsubscribe from a public subscription context
Then I am not subscribed to the context anymore
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
url_hash = sha1(create_context["url"]).hexdigest()
self.user_unsubscribe_user_from_context(username, url_hash, expect=204)
res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 0)
def test_unsubscribe_from_public_context_as_admin(self):
"""
Given a admin user
When I try to unsubscribe a plain user from a public subscription context
Then I am not subscribed to the context anymore
"""
from .mockers import create_context
from .mockers import subscribe_context
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
url_hash = sha1(create_context["url"]).hexdigest()
self.admin_unsubscribe_user_from_context(username, url_hash, expect=204)
res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200)
result = json.loads(res.text)
self.assertEqual(len(result), 0)
def test_change_context_with_same_permissions(self):
"""
Create a public context, user subscribes to context.
Try to update the context with the same permissions.
Permissions remain the same
NOTE: Test added to catch a bug where modifying a context with the same
permissions would crash on a mongodb empty query
"""
from .mockers import create_context
from .mockers import subscribe_context
url_hash = sha1(create_context["url"]).hexdigest()
username = "******"
self.create_user(username)
permissions = dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted")
self.create_context(create_context, permissions=permissions)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
data = json.dumps({"permissions": permissions})
res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200)
self.assertEqual(res.json["permissions"]["read"], "subscribed")
self.assertEqual(res.json["permissions"]["write"], "subscribed")
self.assertEqual(res.json["permissions"]["subscribe"], "public")
self.assertEqual(res.json["permissions"]["invite"], "restricted")
def test_change_public_context_to_restricted(self):
"""
Create a public context, user subscribes to context.
Change the context to write=restricted, and user fails to write in the context.
"""
from .mockers import create_context
from .mockers import subscribe_context
from .mockers import user_status_context
url_hash = sha1(create_context["url"]).hexdigest()
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
data = json.dumps({"permissions": {"write": "restricted"}})
res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200)
self.assertEqual(res.json["permissions"]["read"], "subscribed")
self.assertEqual(res.json["permissions"]["write"], "restricted")
res = self.create_activity(username, user_status_context, expect=403)
def test_change_public_context_to_restricted_preserve_granted_write_permission(self):
"""
Create a public context, user subscribes to context.
Extra grant write permission to the user
Change the context to write=restricted, and user still have the write permission
"""
from .mockers import create_context
from .mockers import subscribe_context
from .mockers import user_status_context
url_hash = sha1(create_context["url"]).hexdigest()
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"),
)
self.user_subscribe_user_to_context(username, subscribe_context, expect=201)
permission = "write"
res = self.testapp.put(
"/contexts/%s/permissions/%s/%s?permanent=1" % (url_hash, username, permission),
"",
oauth2Header(test_manager),
status=201,
)
data = json.dumps({"permissions": {"write": "restricted"}})
res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200)
self.assertEqual(res.json["permissions"]["read"], "subscribed")
self.assertEqual(res.json["permissions"]["write"], "restricted")
res = self.create_activity(username, user_status_context, expect=201)
def test_change_restricted_context_to_susbcribed(self):
"""
Create a write restricted context, admin subscribes the user to context, but he cannot write
Change the context to write subscribed, and user can write to context
"""
from .mockers import create_context
from .mockers import subscribe_context
from .mockers import user_status_context
url_hash = sha1(create_context["url"]).hexdigest()
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="restricted", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
data = json.dumps({"permissions": {"write": "subscribed"}})
res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200)
self.assertEqual(res.json["permissions"]["read"], "subscribed")
self.assertEqual(res.json["permissions"]["write"], "subscribed")
res = self.create_activity(username, user_status_context, expect=201)
def test_change_restricted_context_to_susbcribed_maintain_write_veto(self):
"""
Create a write restricted context, admin subscribes the user to context, but he cannot write.
Admin also adds a persistent "don't write" veto to this user.
Change the context to write subscribed, and user still can't write.
"""
from .mockers import create_context
from .mockers import subscribe_context
from .mockers import user_status_context
url_hash = sha1(create_context["url"]).hexdigest()
username = "******"
self.create_user(username)
self.create_context(
create_context,
permissions=dict(read="subscribed", write="restricted", subscribe="restricted", invite="restricted"),
)
self.admin_subscribe_user_to_context(username, subscribe_context, expect=201)
permission = "write"
res = self.testapp.delete(
"/contexts/%s/permissions/%s/%s?permanent=1" % (url_hash, username, permission),
"",
oauth2Header(test_manager),
status=201,
)
data = json.dumps({"permissions": {"write": "subscribed"}})
res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200)
self.assertEqual(res.json["permissions"]["read"], "subscribed")
self.assertEqual(res.json["permissions"]["write"], "subscribed")
res = self.create_activity(username, user_status_context, expect=403)
