class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # BEGIN TESTS def test_get_all_users_admin(self): username = '******' self.create_user(username) res = self.testapp.get('/people', "", oauth2Header(test_manager)) self.assertEqual(len(res.json), 2) self.assertEqual(res.json[0].get('username'), 'test_manager') self.assertEqual(res.json[1].get('username'), 'messi') def test_admin_post_activity_without_context(self): from .mockers import user_status username = '******' self.create_user(username) res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status), oauth2Header(test_manager)) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('username', None), 'messi') self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None), None) def test_admin_post_activity_with_context(self): """ doctest .. http:post:: /people/{username}/activities """ from .mockers import subscribe_context from .mockers import user_status_context from .mockers import create_context username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status_context), oauth2Header(test_manager)) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('username', None), 'messi') self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url']) def test_admin_post_activity_with_context_as_actor(self): """ doctest .. http:post:: /contexts/{hash}/activities """ from .mockers import subscribe_context from .mockers import user_status_as_context from .mockers import create_context from hashlib import sha1 self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.post('/contexts/%s/activities' % url_hash, json.dumps(user_status_as_context), oauth2Header(test_manager), status=201) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('hash', None), url_hash) self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url']) def test_get_other_activities(self): from .mockers import user_status_context from .mockers import subscribe_context, create_context username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) self.testapp.get('/people/%s/activities' % (username), '', oauth2Header(test_manager), status=200) def test_delete_user(self): username = '******' self.create_user(username) self.testapp.delete('/people/%s' % username, '', oauth2Header(test_manager), status=204) def test_delete_all_conversations(self): from .mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.delete('/conversations', '', oauth2Header(test_manager), status=204) conversations = self.testapp.get('/conversations', '', oauth2Header(sender), status=200) self.assertEqual(len(conversations.json), 0) user_data = self.testapp.get('/people/{}'.format(sender), '', oauth2Header(sender), status=200) self.assertEqual(len(user_data.json['talkingIn']), 0) def test_delete_inexistent_user(self): username = '******' username2 = 'xavi' self.create_user(username) self.testapp.delete('/people/%s' % username2, '', oauth2Header(test_manager), status=400) def test_admin_delete_inexistent_activity(self): fake_id = '519200000000000000000000' self.testapp.delete('/activities/%s' % (fake_id), '', oauth2Header(test_manager), status=404) def test_admin_get_people_activities_by_context(self): """ """ from .mockers import user_status from .mockers import context_query from .mockers import create_context from .mockers import subscribe_context, user_status_context username = '******' self.create_user(username) self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted')) self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) self.create_activity(username, user_status) res = self.testapp.get('/people/%s/activities' % username, context_query, oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) def test_admin_get_all_activities_by_context(self): """ XXX This test was here to test the Manager endpoint that didn't search for recursive activities now this is unified so this feature will have to be refactored to a preset or parameter to disable recursivity. The test now is fixed to pass with correct acitivity count asserts """ from .mockers import user_status from .mockers import subscribe_context, subscribe_contextA from .mockers import create_context, create_contextA from .mockers import user_status_context, user_status_contextA from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted')) self.admin_subscribe_user_to_context(username, subscribe_context) url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_contextA, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted')) self.admin_subscribe_user_to_context(username, subscribe_contextA) url_hashA = sha1(create_contextA['url']).hexdigest() self.create_activity(username, user_status_context) self.create_activity(username, user_status_contextA) self.create_activity(username, user_status) res = self.testapp.get('/contexts/%s/activities' % url_hash, {}, oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(len(result), 2) res = self.testapp.get('/contexts/%s/activities' % url_hashA, {}, oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) # def test_admin_post_activity_with_unauthorized_context_type_as_actor(self): # from .mockers import create_unauthorized_context # from hashlib import sha1 # result = self.create_context(create_invalid_context, expect=201) # url_hash = sha1(create_invalid_context['object']['url']).hexdigest() # res = self.testapp.post('/contexts/%s/activities' % url_hash, json.dumps(user_status_context), oauth2Header(test_manager)) # result = json.loads(res.text) # self.assertEqual(result.get('actor', None).get('hash', None), url_hash) # self.assertEqual(result.get('object', None).get('objectType', None), 'note') # self.assertEqual(result.get('contexts', None)[0], subscribe_context['object']) def test_get_users_twitter_enabled(self): """ Doctest .. http:get:: /people """ username = '******' username2 = 'xavi' self.create_user(username) self.create_user(username2) self.modify_user(username, {"twitterUsername": "******"}) res = self.testapp.get('/people', {"twitter_enabled": True}, oauth2Header(test_manager), status=200) self.assertEqual(len(res.json), 1) self.assertIn('twitterUsername', res.json[0]) def test_get_context_twitter_enabled(self): from .mockers import create_context, create_contextA self.create_context(create_context) self.create_context(create_contextA) self.modify_context(create_context['url'], {"twitterHashtag": "assignatura1", "twitterUsername": "******"}) res = self.testapp.get('/contexts', {"twitter_enabled": True}, oauth2Header(test_manager), status=200) self.assertEqual(len(res.json), 1) def test_rename_context_url(self): from .mockers import create_context from .mockers import subscribe_context, user_status_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context, permissions=dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted')) self.admin_subscribe_user_to_context(username, subscribe_context) activity = self.create_activity(username, user_status_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"url": "http://new.url"}), oauth2Header(test_manager), status=200) # Test context is updated new_url_hash = sha1('http://new.url').hexdigest() res = self.testapp.get('/contexts/%s' % new_url_hash, "", oauth2Header(test_manager), status=200) self.assertEqual(res.json['url'], 'http://new.url') self.assertEqual(res.json['hash'], new_url_hash) # Test user subscription is updated res = self.testapp.get('/people/%s' % username, "", oauth2Header(test_manager), status=200) self.assertEqual(res.json['subscribedTo'][0]['url'], 'http://new.url') self.assertEqual(res.json['subscribedTo'][0]['hash'], new_url_hash) # Test user original subscription activity is updated subscription_activity = self.exec_mongo_query('activity', 'find', {'object.hash': new_url_hash, 'object.url': "http://new.url", 'actor.username': username}) self.assertNotEqual(subscription_activity, []) self.assertEqual(subscription_activity[0]['object']['hash'], new_url_hash) self.assertEqual(subscription_activity[0]['object']['url'], 'http://new.url') # Test user activity is updated res = self.testapp.get('/activities/%s' % activity.json['id'], "", oauth2Header(test_manager), status=200) self.assertEqual(res.json['contexts'][0]['url'], 'http://new.url') self.assertEqual(res.json['contexts'][0]['hash'], new_url_hash)
class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # BEGIN TESTS def test_invalid_token(self): username = '******' res = self.testapp.post('/people/%s' % username, json.dumps({}), oauth2Header(test_manager, token='bad token'), status=401) self.assertEqual(res.json['error_description'], 'Invalid token.') def test_invalid_token_TEMPORARY(self): from hashlib import sha1 from .mockers import create_context mindundi = 'messi' self.create_user(mindundi) self.create_context(create_context, owner=mindundi) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi, token='bad token'), status=401) self.assertEqual(res.json['error_description'], 'Invalid token.') def test_invalid_scope(self): username = '******' headers = oauth2Header(test_manager) headers['X-Oauth-Scope'] = 'Invalid scope' res = self.testapp.post('/people/%s' % username, "", headers, status=401) self.assertEqual(res.json['error_description'], 'The specified scope is not allowed for this resource.') def test_invalid_scope_TEMPORARY(self): from hashlib import sha1 from .mockers import create_context mindundi = 'messi' headers = oauth2Header(test_manager) headers['X-Oauth-Scope'] = 'Invalid scope' self.create_user(mindundi) self.create_context(create_context, owner=mindundi) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), headers, status=401) self.assertEqual(res.json['error_description'], 'The specified scope is not allowed for this resource.') def test_required_user_not_found(self): from hashlib import sha1 from .mockers import create_context mindundi = 'messi' self.create_context(create_context, owner=mindundi) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=400) self.assertEqual(res.json['error_description'], 'Unknown actor identified by: messi') def test_post_activity_no_auth_headers(self): from .mockers import user_status username = '******' self.create_user(username) res = self.testapp.post('/people/%s/activities' % username, json.dumps(user_status), status=401) result = json.loads(res.text) self.assertEqual(result.get('error', None), 'Unauthorized')
class PeopleACLTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(os.path.dirname(__file__)) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.app.registry.max_store.drop_collection('users') self.app.registry.max_store.drop_collection('activity') self.app.registry.max_store.drop_collection('contexts') self.app.registry.max_store.drop_collection('security') self.app.registry.max_store.drop_collection('conversations') self.app.registry.max_store.drop_collection('messages') self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) # Add people tests def test_create_person_as_manager(self): """ Given i'm a user that has the Manager role When i try to create a person I succeed """ username = '******' self.testapp.post('/people', json.dumps({"username": username}), headers=oauth2Header(test_manager), status=201) def test_create_person_as_non_manager(self): """ Given i'm user that doesn't have the Manager role When i try to create a person I get a Forbidden exception """ username = '******' other = 'penny' self.testapp.post('/people', json.dumps({"username": other}), headers=oauth2Header(username), status=403) def test_create_person_as_oneself(self): """ Given i'm user that doesn't have the Manager role When i try to create a person I succeed """ username = '******' self.testapp.post('/people', json.dumps({"username": username}), headers=oauth2Header(username), status=201) # View profile tests def test_get_person_as_manager(self): """ Given i'm a user that has the Manager role When i try to view a user profile I succeed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.get('/people/{}'.format(username), "", headers=oauth2Header(test_manager), status=200) def test_get_person_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to view a user profile I succeed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.get('/people/{}'.format(test_manager), "", headers=oauth2Header(username), status=200) # Get all people def test_get_all_people_as_manager(self): """ Given i'm a user that has the Manager role When i try to get all people I succeed """ self.create_user(test_manager) self.testapp.get('/people', "", headers=oauth2Header(test_manager), status=200) def test_get_all_people_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to get a visible people listing I suceed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.get('/people', "", headers=oauth2Header(username), status=200) # Modify user tests def test_modify_person_as_manager(self): """ Given i'm a user that has the Manager role When i try to modify a user profile I succeed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.put('/people/{}'.format(username), "", headers=oauth2Header(test_manager), status=200) def test_modify_person_as_non_manager_neither_owner(self): """ Given i'm a user that doesn't have the Manager role When i try to modify a user profile And that person is not me I get a Forbidden Exception """ username = '******' other = 'penny' self.create_user(test_manager) self.create_user(username) self.create_user(other) self.testapp.put('/people/{}'.format(other), "", headers=oauth2Header(username), status=403) def test_modify_person_as_owner(self): """ Given i'm a user that doesn't have the Manager role When i try to modify my own profile I succeed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.put('/people/{}'.format(username), "", headers=oauth2Header(username), status=200) # Delete user tests def test_delete_person_as_manager(self): """ Given i'm a user that has the Manager role When i try to delete a user I succeed """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.delete('/people/{}'.format(username), headers=oauth2Header(test_manager), status=204) def test_delete_person_as_non_manager_neither_owner(self): """ Given i'm a user that doesn't have the Manager role When i try to delete a user I get a Forbidden Exception """ username = '******' other = 'penny' self.create_user(test_manager) self.create_user(username) self.create_user(other) self.testapp.delete('/people/{}'.format(other), headers=oauth2Header(username), status=403) def test_delete_person_as_owner(self): """ Given i'm a user that doesn't have the Manager role When i try to delete myself I get a Forbidden Exception """ username = '******' self.create_user(test_manager) self.create_user(username) self.testapp.delete('/people/{}'.format(username), headers=oauth2Header(username), status=403)
class ContextACLTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(os.path.dirname(__file__)) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.app.registry.max_store.drop_collection('users') self.app.registry.max_store.drop_collection('activity') self.app.registry.max_store.drop_collection('contexts') self.app.registry.max_store.drop_collection('security') self.app.registry.max_store.drop_collection('conversations') self.app.registry.max_store.drop_collection('messages') self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) # Add context tests def test_add_context_as_manager(self): """ Given a user that has the Manager role When i try to get create a context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201) def test_add_context_as_non_manager(self): """ Given a user that doesn't have the Manager role When i try to create a context I get a Forbidden exception """ from max.tests.mockers import create_context username = '******' self.create_user(username) self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(username), status=403) # View context tests def test_view_context_as_manager_with_acls(self): """ Given i'm a user that has the Manager role When i try to update any context I succeed And I get the acls for that context """ from max.tests.mockers import create_context self.create_user(test_manager) res = self.create_context(create_context) chash = res.json['hash'] res = self.testapp.get('/contexts/%s?show_acls=1' % chash, "", oauth2Header(test_manager), status=200) self.assertGreater(len(res.json['acls']), 0) def test_view_context_as_manager(self): """ Given i'm a user that has the Manager role When i try to update any context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.get('/contexts/%s' % chash, "", oauth2Header(test_manager), status=200) def test_view_context_as_non_manager(self): """ Given i'm a user that has the Manager role When i try to update any context I succeed """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.get('/contexts/%s' % chash, "", oauth2Header(username), status=200) # Get all contexts tests def test_get_all_contexts_as_manager(self): """ Given a user that has the Manager role When i try to get all contexts I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) self.create_context(create_context) self.testapp.get('/contexts', "", oauth2Header(test_manager), status=200) def test_get_all_contexts_as_non_manager(self): """ Given a user that doesn't have the Manager role When i try to get all contexts I get a Forbidden exception """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) self.create_context(create_context) self.testapp.get('/contexts', "", oauth2Header(username), status=403) # Modify context tests def test_modify_context_as_manager(self): """ Given i'm a user that has the Manager role When i try to update any context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(test_manager), status=200) def test_modify_context_as_manager_non_owner(self): """ Given i'm a user that has the Manager role And i'm not the owner of the context When i try to update any context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) self.create_user(test_manager2) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(test_manager2), status=200) def test_modify_context_as_owner(self): """ Given i'm a user that don't jave the Manager role And is the owner of the context When i try to update the context I succeed """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context, owner=username) chash = res.json['hash'] self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(username), status=200) def test_modify_context_as_non_owner_non_manager(self): """ Given i'm a user that don't jave the Manager role And is the owner of the context When i try to update the context I succeed """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.put('/contexts/%s' % chash, json.dumps({"twitterHashtag": "testhashtag"}), oauth2Header(username), status=403) # Delete context tests def test_delete_context_as_manager(self): """ Given a user that has the Manager role When i try to remove a context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(test_manager), status=204) def test_delete_context_as_manager_non_owner(self): """ Given a user that has the Manager role And is not the owner of the context When i try to remove a context I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) self.create_user(test_manager2) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(test_manager2), status=204) def test_delete_context_as_owner(self): """ Given a user that has doesn't have the Manager role And is the owner of the context When i try to remove a context I succeed """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context, owner=username) chash = res.json['hash'] self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(username), status=204) def test_delete_context_as_non_manager_neither_owner(self): """ Given a user that has doesn't have the Manager role And is not the owner of the context When i try to remove a context I get a Forbidden """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.delete('/contexts/%s' % (chash,), "", oauth2Header(username), status=403) # Test context authors def test_get_context_authors_as_manager(self): """ Given a user that is Manager When i try to list context activity authors I succeed """ from max.tests.mockers import create_context self.create_user(test_manager) res = self.create_context(create_context) chash = res.json['hash'] self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(test_manager), status=200) def test_get_context_authors_as_non_manager(self): """ Given a user that is not Manager When i try to list context activity authors I get a Forbidden """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context, permissions={'read': 'subscribed'}) chash = res.json['hash'] self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(username), status=403) def test_get_context_authors_as_non_manager_public_context(self): """ Given a user that is not Manager When i try to list context activity authors I get a Forbidden """ from max.tests.mockers import create_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context, permissions={'read': 'public'}) chash = res.json['hash'] self.testapp.get('/contexts/%s/activities/authors' % (chash,), "", oauth2Header(username), status=200) def test_get_count_context_authors_as_non_manager(self): """ Given a user that is not Manager When i try to list the count of context activity authors I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(test_manager) self.create_user(username) res = self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) chash = res.json['hash'] self.testapp.head('/contexts/%s/activities/authors' % (chash,), oauth2Header(username), status=200)
class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # BEGIN TESTS def test_create_context(self): """ doctests .. http:post:: /contexts""" from .mockers import create_context new_context = dict(create_context) self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201) def test_create_context_creator_is_admin(self): """ Given a admin user When I create a context Then the creator of the context is the admin user """ from .mockers import create_context res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201) self.assertEqual(res.json['creator'], test_manager) def test_create_context_default_fields(self): """ Given an admin user When I create a context Then non-required fields with defaults are set """ from .mockers import create_context res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201) self.assertIn('permissions', res.json) self.assertIn('tags', res.json) self.assertIn('objectType', res.json) self.assertEqual(res.json['objectType'], 'context') def test_post_activity_with_public_context(self): """ Post an activity to a context which allows everyone to read and write """ from .mockers import subscribe_context, create_context from .mockers import user_status_context username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.create_activity(username, user_status_context) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('username', None), 'messi') self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url']) def test_post_activity_with_private_read_write_context(self): """ Post an activity to a context which needs the user to be subscribed to read and write and we have previously subscribed the user. """ from .mockers import subscribe_context, create_context from .mockers import user_status_context from hashlib import sha1 username = '******' self.create_user(username) url_hash = sha1(create_context['url']).hexdigest() context_permissions = dict(read='subscribed', write='subscribed', subscribe='restricted', invite='restricted') self.create_context(create_context, permissions=context_permissions) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.create_activity(username, user_status_context) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('username', None), 'messi') self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None)[0]['url'], subscribe_context['object']['url']) return url_hash, username, user_status_context def test_post_activity_with_private_read_context(self): """ Try to post an activity to a context which needs the user to be subscribed to read but needs to explicitly give write permission on the user to post and we have previously subscribed the user but not given write permission. """ from .mockers import subscribe_context, create_context from .mockers import user_status_context username = '******' self.create_user(username) context_permissions = dict(read='subscribed', write='restricted', subscribe='restricted', invite='restricted') self.create_context(create_context, permissions=context_permissions) self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context, expect=403) def test_add_public_context(self): from hashlib import sha1 from .mockers import create_context res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201) result = json.loads(res.text) url_hash = sha1(create_context['url']).hexdigest() self.assertEqual(result.get('hash', None), url_hash) def test_add_invalid_context(self): from .mockers import create_invalid_context self.create_context(create_invalid_context, expect=400) def test_add_uri_context_without_displayName(self): """ Add a Uri context without a displayName and check that the default displayName is set with the url from the uri object """ from .mockers import create_context_without_displayname res = self.create_context(create_context_without_displayname, expect=201) result = json.loads(res.text) self.assertEqual(result.get('displayName', None), create_context_without_displayname['url']) def test_add_public_context_with_all_params(self): from hashlib import sha1 from .mockers import create_context_full res = self.testapp.post('/contexts', json.dumps(create_context_full), oauth2Header(test_manager), status=201) result = json.loads(res.text) url_hash = sha1(create_context_full['url']).hexdigest() self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('displayName', None), create_context_full['displayName']) self.assertEqual(result.get('twitterHashtag', None), create_context_full['twitterHashtag']) self.assertEqual(result.get('twitterUsername', None), create_context_full['twitterUsername']) def test_context_exists(self): """ doctest .. http:get:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_context) res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) def test_context_informs_all_permissions(self): """ doctest .. http:get:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context from max import DEFAULT_CONTEXT_PERMISSIONS url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_context) res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertItemsEqual(result['permissions'].keys(), DEFAULT_CONTEXT_PERMISSIONS.keys()) def test_create_context_that_already_exists(self): """ doctest .. http:get:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context url_hash = sha1(create_context['url']).hexdigest() self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=201) res = self.testapp.post('/contexts', json.dumps(create_context), oauth2Header(test_manager), status=200) self.assertEqual(res.json.get('hash', None), url_hash) def test_modify_context(self): """ doctest .. http:put:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('twitterHashtag', None), 'assignatura1') def test_modify_context_with_owner(self): """ doctest .. http:put:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context mindundi = 'messi' self.create_user(mindundi) self.create_context(create_context, owner=mindundi) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('twitterHashtag', None), 'assignatura1') def test_modify_context_forbidden(self): """ doctest .. http:put:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context mindundi = 'messi' self.create_user(mindundi) self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(mindundi), status=403) def test_modify_inexistent_context(self): """ doctest .. http:put:: /contexts/{hash} """ url_hash = '0000000000000' self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1"}), oauth2Header(test_manager), status=404) @httpretty.activate @patch('tweepy.API', MockTweepyAPI) def test_modify_context_with_twitter_username(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "assignatura1", "twitterUsername": "******"}), oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('twitterHashtag', None), 'assignatura1') self.assertEqual(result.get('twitterUsername', None), 'maxupcnet') self.assertEqual(result.get('twitterUsernameId', None), '526326641') def test_get_context_tags(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.get('/contexts/%s/tags' % url_hash, "", oauth2Header(test_manager), status=200) self.assertEqual(res.json, ['Assignatura']) def test_update_context_tags_updates_existing_tags(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200) self.assertEqual(res.json, ['Assignatura', 'prova']) def test_update_context_tags_updates_existing_activites_tags(self): from hashlib import sha1 from .mockers import create_context, subscribe_context, user_status_context username = '******' self.create_user(username) self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200) res = self.testapp.get('/contexts/%s/activities' % url_hash, "", oauth2Header(username), status=200) self.assertEqual(res.json[0]['contexts'][0]['tags'], ['Assignatura', 'prova']) def test_update_context_tags_updates_existing_subscription_tags(self): from hashlib import sha1 from .mockers import create_context, subscribe_context, user_status_context username = '******' self.create_user(username) self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200) res = self.testapp.get('/people/%s' % username, "", oauth2Header(username), status=200) self.assertEqual(res.json['subscribedTo'][0]['tags'], ['Assignatura', 'prova']) def test_clear_context_tags(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.delete('/contexts/%s/tags' % url_hash, "", oauth2Header(test_manager), status=200) self.assertEqual(res.json, []) def test_remove_context_tag(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() self.testapp.put('/contexts/%s/tags' % url_hash, json.dumps(['prova']), oauth2Header(test_manager), status=200) self.testapp.delete('/contexts/%s/tags/%s' % (url_hash, 'Assignatura'), "", oauth2Header(test_manager), status=204) def test_modify_context_displayName_updates_subscription(self): from hashlib import sha1 from .mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions=dict(read='subscribed', write='restricted', subscribe='restricted', invite='restricted')) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) url_hash = sha1(create_context['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"displayName": "New Name"}), oauth2Header(test_manager), status=200) res = self.testapp.get('/people/%s/subscriptions' % username, '', oauth2Header(username), status=200) self.assertEqual(res.json[0]['displayName'], 'New Name') def test_modify_context_unsetting_property(self): from hashlib import sha1 from .mockers import create_context self.create_context(create_context) url_hash = sha1(create_context['url']).hexdigest() self.modify_context(create_context['url'], {"twitterHashtag": "assignatura1", "twitterUsername": "******"}) res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterHashtag": "", "twitterUsername": ""}), oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('twitterHashtag', None), None) self.assertEqual(result.get('twitterUsername', None), None) self.assertEqual(result.get('twitterUsernameId', None), None) def test_delete_context(self): """ doctest .. http:delete:: /contexts/{hash} """ from hashlib import sha1 from .mockers import create_context url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_context) self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) def test_deleted_context_is_really_deleted(self): from hashlib import sha1 from .mockers import create_context url_hash = sha1(create_context['url']).hexdigest() self.create_context(create_context) self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) res = self.testapp.get('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=404) result = json.loads(res.text) self.assertEqual(result.get('error', None), 'ObjectNotFound') def test_delete_inexistent_context(self): """ doctest .. http:delete:: /contexts/{hash} """ url_hash = '00000000000000' self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=404) def test_delete_only_deleted_specified_context(self): from hashlib import sha1 from .mockers import create_context, create_contextA self.create_context(create_context) self.create_context(create_contextA) url_hash = sha1(create_context['url']).hexdigest() url_hashA = sha1(create_contextA['url']).hexdigest() self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) res = self.testapp.get('/contexts/%s' % url_hashA, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('hash', None), url_hashA) def test_delete_context_removes_subscription_from_user(self): """ """ from hashlib import sha1 from .mockers import subscribe_context, subscribe_contextA from .mockers import create_context, create_contextA from .mockers import user_status_context, user_status_contextA username = '******' self.create_user(username) self.create_context(create_context) self.create_context(create_contextA) self.admin_subscribe_user_to_context(username, subscribe_context) self.admin_subscribe_user_to_context(username, subscribe_contextA) self.create_activity(username, user_status_context) self.create_activity(username, user_status_contextA) url_hash = sha1(create_context['url']).hexdigest() self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) res = self.testapp.get('/people/%s' % username, "", oauth2Header(username)) result = json.loads(res.text) self.assertEqual(result.get('username', None), 'messi') self.assertEqual(len(result.get('subscribedTo', [])), 1) self.assertEqual(result.get('subscribedTo', [])[0]['url'], subscribe_contextA['object']['url']) def test_user_cannot_see_activity_from_deleted_context(self): """ """ from hashlib import sha1 from .mockers import subscribe_context from .mockers import create_context from .mockers import user_status_context from .mockers import context_query username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) url_hash = sha1(create_context['url']).hexdigest() self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) self.testapp.get('/contexts/%s/activities' % (context_query['context']), '', oauth2Header(username), status=404) def test_user_cannot_see_own_activity_from_deleted_context_in_timeline(self): """ """ from hashlib import sha1 from .mockers import subscribe_context from .mockers import create_context from .mockers import user_status_context username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) self.create_activity(username, user_status_context) url_hash = sha1(create_context['url']).hexdigest() self.testapp.delete('/contexts/%s' % url_hash, "", oauth2Header(test_manager), status=204) res = self.testapp.get('/people/%s/timeline' % username, {}, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 0) def test_add_private_rw_context(self): from hashlib import sha1 from .mockers import create_context_private_rw res = self.testapp.post('/contexts', json.dumps(create_context_private_rw), oauth2Header(test_manager), status=201) result = json.loads(res.text) url_hash = sha1(create_context_private_rw['url']).hexdigest() self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('permissions', None), create_context_private_rw['permissions']) def test_add_private_r_context(self): from hashlib import sha1 from .mockers import create_context_private_r res = self.testapp.post('/contexts', json.dumps(create_context_private_r), oauth2Header(test_manager), status=201) result = json.loads(res.text) url_hash = sha1(create_context_private_r['url']).hexdigest() self.assertEqual(result.get('hash', None), url_hash) self.assertEqual(result.get('permissions', None), create_context_private_r['permissions']) def test_check_permissions_on_subscribed_rw_context(self): from .mockers import create_context_private_rw, subscribe_context username = '******' self.create_user(username) self.create_context(create_context_private_rw) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.testapp.get('/people/%s' % username, "", oauth2Header(username)) result = json.loads(res.text) self.assertEqual(len(result.get('subscribedTo', [])), 1) self.assertEqual(result.get('subscribedTo', {})[0]['url'], subscribe_context['object']['url']) self.assertEqual('read' in result.get('subscribedTo', {})[0]['permissions'], True) self.assertEqual('write' in result.get('subscribedTo', {})[0]['permissions'], True) def test_check_permissions_on_subscribed_write_restricted_context(self): from .mockers import create_context_private_r, subscribe_context username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.testapp.get('/people/%s' % username, "", oauth2Header(username)) result = json.loads(res.text) self.assertEqual(len(result.get('subscribedTo', [])), 1) self.assertEqual(result.get('subscribedTo', {})[0]['url'], subscribe_context['object']['url']) self.assertEqual('read' in result.get('subscribedTo', {})[0]['permissions'], True) self.assertEqual('write' not in result.get('subscribedTo', {})[0]['permissions'], True) def test_post_on_subscribed_write_restricted_context_without_write_permission(self): from .mockers import create_context_private_r, subscribe_context, user_status_context username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.create_activity(username, user_status_context, expect=403) def test_post_on_subscribed_rw_context(self): from .mockers import create_context_private_rw, subscribe_context, user_status_context username = '******' self.create_user(username) self.create_context(create_context_private_rw) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.create_activity(username, user_status_context) result = json.loads(res.text) self.assertEqual(result.get('actor', None).get('username', None), 'messi') self.assertEqual(result.get('object', None).get('objectType', None), 'note') self.assertEqual(result.get('contexts', None)[0]['url'], user_status_context['contexts'][0]['url']) def test_grant_write_permission_on_write_restricted_context(self): """ doctest .. http:put:: /contexts/{hash}/permissions/{username}/{permission} """ from .mockers import create_context_private_r, subscribe_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) chash = sha1(create_context_private_r['url']).hexdigest() permission = 'write' res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201) result = json.loads(res.text) self.assertEqual('read' in result['permissions'], True) self.assertEqual('write' in result['permissions'], True) def test_revoke_write_permission_on_write_restricted_context(self): """ doctest .. http:delete:: /contexts/{hash}/permissions/{username}/{permission} """ from .mockers import create_context_private_r, subscribe_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) chash = sha1(create_context_private_r['url']).hexdigest() permission = 'write' res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201) res = self.testapp.delete('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201) result = json.loads(res.text) self.assertEqual('read' in result['permissions'], True) self.assertEqual('write' not in result['permissions'], True) def test_grant_write_permission_on_non_subscribed_context(self): from .mockers import create_context_private_r from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context_private_r) chash = sha1(create_context_private_r['url']).hexdigest() permission = 'write' self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=404) def test_grant_invalid_permission_on_subscribed_context(self): from .mockers import create_context_private_r, subscribe_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) chash = sha1(create_context_private_r['url']).hexdigest() permission = 'badpermission' res = self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=400) result = json.loads(res.text) self.assertEqual(result.get('error', None), 'InvalidPermission') def test_reset_user_subscription_to_default_permissions(self): from .mockers import create_context_private_r, subscribe_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) chash = sha1(create_context_private_r['url']).hexdigest() permission = 'write' self.testapp.put('/contexts/%s/permissions/%s/%s' % (chash, username, permission), "", oauth2Header(test_manager), status=201) res = self.testapp.post('/contexts/%s/permissions/%s/defaults' % (chash, username), "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual('read' in result['permissions'], True) self.assertEqual('write' in result['permissions'], False) def test_get_context_subscriptions(self): from .mockers import create_contextA, subscribe_contextA from .mockers import create_context_private_r, subscribe_context from hashlib import sha1 username = '******' self.create_user(username) self.create_context(create_contextA) self.create_context(create_context_private_r) self.admin_subscribe_user_to_context(username, subscribe_context) self.admin_subscribe_user_to_context(username, subscribe_contextA) chash = sha1(create_context_private_r['url']).hexdigest() res = self.testapp.get('/contexts/%s/subscriptions' % (chash), "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result[0].get('username', ''), 'messi') self.assertEqual(result[0].get('hash', ''), chash) def test_create_context_with_upload_url(self): """ """ from .mockers import create_context_with_uploadurl new_context = dict(create_context_with_uploadurl) res = self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201) self.assertTrue(res.json.get('uploadURL'))
class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # BEGIN TESTS def test_add_public_context_with_valid_parameters_that_needs_formating(self): """ Test formatters acting correctly by testing the extraction of the "@" and "#" on receiving a twitter @username and #hashtag containing extra chars (@,# and trailing/leading whitespace) """ from .mockers import create_context_full new_context = dict(create_context_full) new_context['twitterUsername'] = '******' % create_context_full['twitterUsername'] new_context['twitterHashtag'] = ' #%s' % create_context_full['twitterHashtag'] res = self.testapp.post('/contexts', json.dumps(new_context), oauth2Header(test_manager), status=201) result = json.loads(res.text) self.assertEqual(result.get('twitterUsername', None), create_context_full['twitterUsername']) self.assertEqual(result.get('twitterHashtag', None), create_context_full['twitterHashtag']) def test_modify_public_context_with_valid_parameters_that_need_formating(self): """ Test validation failure on receiving a invalid twitter username """ from .mockers import create_context_full from hashlib import sha1 res = self.testapp.post('/contexts', json.dumps(create_context_full), oauth2Header(test_manager), status=201) url_hash = sha1(create_context_full['url']).hexdigest() res = self.testapp.put('/contexts/%s' % url_hash, json.dumps({"twitterUsername": "******", "twitterHashtag": "#atenea"}), oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get('twitterUsername', None), 'maxupcnet') self.assertEqual(result.get('twitterHashtag', None), 'atenea') def test_add_public_context_with_bad_twitter_username(self): """ Test validation failure on receiving a invalid twitter username """ from .mockers import create_context_full bad_context = dict(create_context_full) bad_context['twitterUsername'] = '******' res = self.testapp.post('/contexts', json.dumps(bad_context), oauth2Header(test_manager), status=400) result = json.loads(res.text) self.assertEqual(result.get('error', None), 'ValidationError') def test_add_public_context_with_bad_hashtag(self): """ Test validation failure on receiving a invalid twitter hashtag """ from .mockers import create_context_full bad_context = dict(create_context_full) bad_context['twitterHashtag'] = '##badhashtag' res = self.testapp.post('/contexts', json.dumps(bad_context), oauth2Header(test_manager), status=400) result = json.loads(res.text) self.assertEqual(result.get('error', None), 'ValidationError')
class SubscriptionsACLTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(os.path.dirname(__file__)) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.app.registry.max_store.drop_collection('users') self.app.registry.max_store.drop_collection('activity') self.app.registry.max_store.drop_collection('contexts') self.app.registry.max_store.drop_collection('security') self.app.registry.max_store.drop_collection('conversations') self.app.registry.max_store.drop_collection('messages') self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # Create subscription tests def test_subscribe_user_to_context_as_manager(self): """ Given i'm a user that has the Manager role When i try to get subscribe another user to a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) def test_subscribe_user_to_context_as_context_owner(self): """ Given i'm a user that doesn't have the Manager role And i'm the owner of the context When i try to subscribe another user to a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, owner=username) self.user_subscribe_user_to_context(other, subscribe_context, auth_user=username, expect=201) def test_self_subscribe_to_public_context_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to subscribe myself to a public subscription context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'subscribe': 'public'}) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) def test_self_subscribe_to_restricted_context_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to subscribe myself to a restricted subscription context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'subscribe': 'restricted'}) self.user_subscribe_user_to_context(username, subscribe_context, expect=403) def test_subscribe_user_to_restricted_context_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to subscribe another user to a restricted subscription context I get a Forbidden exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'subscribe': 'restricted'}) self.user_subscribe_user_to_context(username, subscribe_context, expect=403) def test_subscribe_user_to_public_context_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to subscribe another user to a public subscription context I get a Forbidden exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'subscribe': 'public'}) self.user_subscribe_user_to_context(other, subscribe_context, auth_user=username, expect=403) # Unsubscribe tests def test_unsubscribe_user_from_context_as_manager(self): """ Given i'm a user that has the Manager role When i try to unsubscribe another user from to a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_unsubscribe_user_from_context(username, chash, expect=204) def test_unsubscribe_user_from_context_as_context_owner(self): """ Given i'm a user that doesn't have the Manager role And i'm the owner of the context When i try to unsubscribe another user from to a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.user_unsubscribe_user_from_context(other, chash, auth_user=username, expect=204) def test_self_unsubscribe_user_from_context_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role When i try to unsubscribe another user from to a context I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.user_unsubscribe_user_from_context(username, chash, auth_user=other, expect=403) def test_unsubscribe_user_from_context_allowed_unsubscribe_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role And i have permission to unsubscribe myself When i try to unsubscribe myself from the context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'unsubscribe': 'subscribed'}) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_unsubscribe_user_from_context(username, chash, expect=204) def test_unsubscribe_another_user_from_context_allowed_unsubscribe_as_non_manager(self): """ Given i'm a user that doesn't have the Manager role And i have permission to unsubscribe myself When i try to unsubscribe other person from the context I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'subscribed'}) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.user_unsubscribe_user_from_context(username, chash, auth_user=other, expect=403) # Get context subscriptions def test_get_context_subscriptions_as_manager(self): """ Given i'm a user that has the Manager role When i try to get all subscriptions from a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(test_manager), status=200) def test_get_context_subscriptions_as_owner(self): """ Given i'm a user that doesn't have the Manager role And i'm the owner of the context When i try to get all subscriptions from a context I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(username), status=200) def test_get_context_subscriptions_as_non_manager_neither_owner(self): """ Given i'm a user that doesn't have the Manager role And i'm not the owner of the context When i try to get all subscriptions from a context I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username) chash = sha1(subscribe_context['object']['url']).hexdigest() self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.testapp.get('/contexts/{}/subscriptions'.format(chash), "", headers=oauth2Header(other), status=403) def test_get_user_subscriptions_as_manager(self): """ Given i'm a user that has the Manager role When i try to get all subscriptions from a user I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(test_manager), status=200) def test_get_own_user_subscriptions(self): """ Given i'm a user that doesn't have the Manager role When i try to get all my subscriptions I succeed """ from max.tests.mockers import create_context, subscribe_context username = '******' self.create_user(username) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(username), status=200) def test_get_user_subscriptions_as_non_manager_neither_own(self): """ Given i'm a user that doesn't have the Manager role When i try to get all subscriptions from another user I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'unsubscribe': 'restricted'}, owner=username) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.get('/people/{}/subscriptions'.format(username), "", headers=oauth2Header(other), status=403) # Test Grant subscription permissions def test_grant_permission_on_subscription_as_manager(self): """ Given i'm a user that has the Manager role When i try to grant a permission on a user's suscription I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' self.create_user(username) self.create_context(create_context, permissions={'read': 'subscribed'}) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) permission = 'write' self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, username, permission), "", oauth2Header(test_manager), status=201) def test_grant_permission_on_subscription_as_context_owner(self): """ Given i'm a user that don't have the Manager role And i'm the owner of the context When i try to grant a permission on a user's suscription I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) permission = 'write' self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(username), status=201) def test_grant_permission_on_subscription_as_non_manager_nor_owner(self): """ Given i'm a user that don't have the Manager role And i'm not the owner of the context When i try to grant a permission on a user's suscription I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) permission = 'write' self.testapp.put('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(other), status=403) # Test revoke subscription permissions def test_revoke_permission_on_subscription_as_manager(self): """ Given i'm a user that has the Manager role When i try to revoke a permission on a user's suscription I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' self.create_user(username) self.create_context(create_context, permissions={'read': 'subscribed'}) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) permission = 'write' self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, username, permission), "", oauth2Header(test_manager), status=201) def test_revoke_permission_on_subscription_as_context_owner(self): """ Given i'm a user that don't have the Manager role And i'm the owner of the context When i try to revoke a permission on a user's suscription I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) permission = 'write' self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(username), status=201) def test_revoke_permission_on_subscription_as_non_manager_nor_owner(self): """ Given i'm a user that don't have the Manager role And i'm not the owner of the context When i try to revoke a permission on a user's suscription I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) permission = 'write' self.testapp.delete('/contexts/%s/permissions/%s/%s?permanent=1' % (url_hash, other, permission), "", oauth2Header(other), status=403) # Test revoke subscription permissions def test_reset_permission_defaults_on_subscription_as_manager(self): """ Given i'm a user that has the Manager role When i try to reset all permission on a user's suscription to defaults I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' self.create_user(username) self.create_context(create_context, permissions={'read': 'subscribed'}) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, username), "", oauth2Header(test_manager), status=200) def test_reset_permission_defaults_on_subscription_as_context_owner(self): """ Given i'm a user that don't have the Manager role And i'm the owner of the context When i try to reset all permission on a user's suscription to defaults I succeed """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, other), "", oauth2Header(username), status=200) def test_reset_permission_defaults_on_subscription_as_non_manager_nor_owner(self): """ Given i'm a user that don't have the Manager role And i'm not the owner of the context When i try to reset all permission on a user's suscription to defaults I get a Forbidden Exception """ from max.tests.mockers import create_context, subscribe_context url_hash = sha1(create_context['url']).hexdigest() username = '******' other = 'penny' self.create_user(username) self.create_user(other) self.create_context(create_context, permissions={'read': 'subscribed'}, owner=username) self.admin_subscribe_user_to_context(other, subscribe_context, expect=201) self.testapp.post('/contexts/%s/permissions/%s/defaults' % (url_hash, other), "", oauth2Header(other), status=403)
class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp("config:tests.ini", relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch("requests.post", new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) def tearDown(self): import pyramid.testing pyramid.testing.tearDown() # BEGIN TESTS def test_create_user(self): username = "******" self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201) return username def test_create_user_missing_username(self): self.testapp.post("/people", json.dumps({}), oauth2Header(test_manager), status=400) def test_create_user_creator_is_admin(self): """ Given an admin user When I create a user Then the creator must be the admin user """ username = "******" res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201) self.assertEqual(res.json["creator"], test_manager) def test_create_user_default_fields(self): """ Given an admin user When I create a user Then non-required fields with defaults are set """ username = "******" res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=201) self.assertIn("objectType", res.json) self.assertIn("following", res.json) self.assertIn("subscribedTo", res.json) self.assertEqual(res.json["objectType"], "person") def test_create_user_not_manager(self): username = "******" self.testapp.post("/people/%s" % username, "", oauth2Header("imnotallowed"), status=403) def test_user_exist(self): username = "******" self.create_user(username) res = self.testapp.post("/people/%s" % username, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get("username", None), "messi") def test_create_same_user_case_insensitive(self): username = "******" username_case = "Messi" self.create_user(username) res = self.testapp.post("/people/%s" % username_case, "", oauth2Header(test_manager), status=200) result = json.loads(res.text) self.assertEqual(result.get("username", None), "messi") def test_get_user(self): """ Doctest .. http:get:: /people/{username} """ username = "******" self.create_user(username) res = self.testapp.get("/people/%s" % username, "", oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result.get("username", None), "messi") self.assertIn("username", result) self.assertIn("displayName", result) self.assertIn("objectType", result) self.assertGreater(len(result.keys()), 3) def test_get_user_as_someone_else(self): """ Doctest .. http:get:: /people/{username} """ username = "******" usernamenotme = "xavi" self.create_user(username) self.create_user(usernamenotme) res = self.testapp.get("/people/%s" % username, "", oauth2Header(usernamenotme), status=200) result = json.loads(res.text) self.assertEqual(result.get("username", None), "messi") self.assertIn("username", result) self.assertIn("displayName", result) self.assertIn("objectType", result) self.assertIn("published", result) self.assertEqual(len(result.keys()), 4) def test_get_user_case_insensitive(self): """ Doctest .. http:get:: /people/{username} """ username = "******" self.create_user(username) res = self.testapp.get("/people/%s" % "MESSI", "", oauth2Header(username)) result = json.loads(res.text) self.assertEqual(result.get("username", None), "messi") def test_get_users_by_query_on_username(self): """ Doctest .. http:get:: /people """ username = "******" self.create_user(username) res = self.testapp.get("/people", json.dumps({"username": username}), oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) self.assertEqual(result[0].get("username", ""), username) self.assertEqual(len(result[0].keys()), 4) # Check how many fields each result has def test_get_users_by_query_on_displayName(self): """ Doctest .. http:get:: /people """ username = "******" self.create_user(username, displayName="Lionel Messi") res = self.testapp.get("/people", json.dumps({"username": "******"}), oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) self.assertEqual(result[0].get("username", ""), username) self.assertEqual(len(result[0].keys()), 4) # Check how many fields each result has def test_get_non_existent_user(self): username = "******" res = self.testapp.get("/people/%s" % username, "", oauth2Header(username), status=400) result = json.loads(res.text) self.assertEqual(result.get("error", None), "UnknownUserError") def test_modify_user_one_parameter(self): username = "******" self.create_user(username) res = self.testapp.put( "/people/%s" % username, json.dumps({"displayName": "Lionel Messi"}), oauth2Header(username) ) result = json.loads(res.text) self.assertEqual(result.get("displayName", None), "Lionel Messi") def test_modify_user_several_parameters(self): """ Doctest .. http:put:: /people/{username} """ username = "******" self.create_user(username) res = self.testapp.put( "/people/%s" % username, json.dumps({"displayName": "Lionel Messi", "twitterUsername": "******"}), oauth2Header(username), ) result = json.loads(res.text) self.assertEqual(result.get("displayName", None), "Lionel Messi") self.assertEqual(result.get("twitterUsername", None), "leomessi") def test_modify_user_several_parameters_twice(self): username = "******" self.create_user(username) self.modify_user(username, {"displayName": "Lionel Messi"}) res = self.testapp.put( "/people/%s" % username, json.dumps({"twitterUsername": "******"}), oauth2Header(username) ) result = json.loads(res.text) self.assertEqual(result.get("displayName", None), "Lionel Messi") self.assertEqual(result.get("twitterUsername", None), "leomessi") def test_modify_non_existent_user(self): username = "******" res = self.testapp.put( "/people/%s" % username, json.dumps({"displayName": "Lionel Messi"}), oauth2Header(username), status=400 ) result = json.loads(res.text) self.assertEqual(result.get("error", None), "UnknownUserError") def test_get_all_users_with_regex(self): username = "******" self.create_user(username) query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_username_full(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_username_starting(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_username_ending(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_username_partial(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_displayName_with_case(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_displayName_accented(self): username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(result[0].get("username", ""), username) def test_search_users_filter_displayName_non_accented(self): """ Accented username or displayname parts can only be searched with the accent provided. """ username = "******" self.create_user(username, displayName="Sheldon Cooper Coupé") query = {"username": "******"} res = self.testapp.get("/people", query, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 0) def test_get_all_users_with_regex_weird(self): username1 = "victor.fernandez" self.create_user(username1) username2 = "victor.fernandez.altable" self.create_user(username2) query = {"username": username1} res = self.testapp.get("/people", query, oauth2Header(username1), status=200) result = json.loads(res.text) self.assertEqual(len(result), 2) query = {"username": username2} res = self.testapp.get("/people", query, oauth2Header(username2), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) def test_create_own_user(self): username = "******" self.testapp.post("/people/%s" % username, "", oauth2Header(username), status=201)
class ConversationsACLTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(os.path.dirname(__file__)) self.app = loadapp('config:tests.ini', relative_to=conf_dir) self.app.registry.max_store.drop_collection('users') self.app.registry.max_store.drop_collection('activity') self.app.registry.max_store.drop_collection('contexts') self.app.registry.max_store.drop_collection('security') self.app.registry.max_store.drop_collection('conversations') self.app.registry.max_store.drop_collection('messages') self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch('requests.post', new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # Add conversations tests def test_create_new_conversation(self): """ Given i'm a regular user When I try to create a new conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) def test_create_new_conversation_as_manager(self): """ Given i'm a Manager When I try to create a new conversation And i'm not in the participants list Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) self.testapp.post('/conversations', json.dumps(message), oauth2Header(test_manager), status=201) # View conversation tests def test_view_conversation_as_manager(self): """ Given i'm a Manager When I try to view an existing conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(test_manager), status=200) def test_view_conversation_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to view an existing conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(sender), status=200) def test_view_conversation_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to view an existing conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(recipient), status=200) def test_view_conversation_as_anyone_else(self): """ Given i'm a regular user And i'm not in the conversation When I try to view an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/conversations/{}'.format(cid), '', oauth2Header(recipient2), status=403) # View conversation subscription tests def test_view_conversation_subscription_as_manager(self): """ Given i'm a Manager When I try to view an existing conversation subscription Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(test_manager), status=200) def test_view_conversation_subscription_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to view an existing conversation subscription Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=200) def test_view_conversation_subscription_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to view my conversation subscription Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=200) def test_view_conversation_subscription_as_other_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to view other's conversation subscription Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403) def test_view_conversation_subscription_as_anyone_else(self): """ Given i'm a regular user And i'm not in the conversation When I try to view an existing conversation subscription Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.get('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient2), status=403) # Get all conversations tests def test_list_all_conversations(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to list all conversations Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.get('/conversations', '', oauth2Header(sender), status=200) # Modify conversation tests def test_modify_conversation_as_manager(self): """ Given i'm a Manager When I try to modify a conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(test_manager), status=200) def test_modify_conversation_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to modify a conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(sender), status=200) def test_modify_conversation_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to modify a conversation Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(recipient), status=403) def test_modify_conversation_as_anyone_else(self): """ Given i'm a regular user And i'm not in the conversation When I try to modify a conversation Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}'.format(cid), '{"displayName": "Nou nom"}', oauth2Header(recipient2), status=403) # Delete conversation tests def test_delete_conversation_as_manager(self): """ Given i'm a Manager When I try to delete a conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(test_manager), status=204) def test_delete_conversation_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to delete a conversation Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(sender), status=204) def test_delete_conversation_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to delete a conversation Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(recipient), status=403) def test_delete_conversation_as_anyone_else(self): """ Given i'm a regular user And i'm not in the conversation When I try to delete a conversation Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/conversations/{}'.format(cid), '', oauth2Header(recipient2), status=403) # Purge conversations tests def test_delete_all_conversations_as_manager(self): """ Given i'm a Manager When I try to purge all existing conversations Then I succeed """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.delete('/conversations', '', oauth2Header(test_manager), status=204) def test_delete_all_conversations_as_anyone_else(self): """ Given i'm a regular user When I try to purge all existing conversations Then I get a Forbidden Exception """ from max.tests.mockers import message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) self.testapp.delete('/conversations', '', oauth2Header(sender), status=403) # Add participant to conversation tests def test_add_participant_as_manager(self): """ Given i'm a Manager When I try to add a new participant to an existing conversation Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' recipient3 = 'melendi' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) self.create_user(recipient3) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(test_manager), status=201) def test_add_participant_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to add a new participant to an existing conversation Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' recipient3 = 'melendi' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) self.create_user(recipient3) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(sender), status=201) def test_add_participant_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to add a new participant to an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' recipient3 = 'melendi' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) self.create_user(recipient3) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(recipient), status=403) def test_auto_join(self): """ Given i'm a regular user When I try to add myself as a new participant to an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' recipient3 = 'melendi' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) self.create_user(recipient3) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.post('/people/{}/conversations/{}'.format(recipient3, cid), '', oauth2Header(recipient2), status=403) # Delete participant to group conversation tests def test_delete_participant_as_manager(self): """ Given i'm a Manager When I try to delete a new participant from an existing conversation Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(test_manager), status=204) def test_delete_participant_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to delete a participant from an existing conversation Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient2, cid), '', oauth2Header(sender), status=204) def test_delete_participant_as_participant(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to delete a participant from an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403) def test_leave_as_owner(self): """ Given i'm the owner of the conversation When I try to leave an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=403) def test_leave(self): """ Given i'm a regular user When I try to leave an existing conversation Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=204) # Delete participant to two people conversation tests def test_delete_participant_as_manager_in_two_people_conversation(self): """ Given i'm a Manager When I try to delete a new participant from an existing conversation Then I succeed """ from max.tests.mockers import message as creation_message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(test_manager), status=204) def test_delete_participant_as_owner_in_two_people_conversation(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to delete a participant from an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import message as creation_message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(sender), status=403) def test_delete_participant_as_participant_in_two_people_conversation(self): """ Given i'm a regular user And i'm a regular conversation participant When I try to delete a participant from an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import message as creation_message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(recipient), status=403) def test_leave_as_owner_in_two_people_conversation(self): """ Given i'm the owner of the conversation When I try to leave an existing conversation Then I get a Forbidden Exception """ from max.tests.mockers import message as creation_message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(sender, cid), '', oauth2Header(sender), status=204) def test_leave_in_two_people_conversation(self): """ Given i'm a regular user When I try to leave an existing conversation Then I succeed """ from max.tests.mockers import message as creation_message sender = 'messi' recipient = 'xavi' self.create_user(sender) self.create_user(recipient) res = self.testapp.post('/conversations', json.dumps(creation_message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.delete('/people/{}/conversations/{}'.format(recipient, cid), '', oauth2Header(recipient), status=204) # Transfer ownership tests def test_transfer_ownership_as_manager(self): """ Given i'm a Manager When I try to transfer a conversation to another user Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(test_manager), status=200) def test_transfer_ownership_as_owner(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to transfer a conversation to another user Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(sender), status=200) def test_transfer_ownership_as_participant(self): """ Given i'm a regular user And i'm the owner of the conversation When I try to transfer a conversation to another user Then I succeed """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(recipient), status=403) def test_transfer_ownership_as_anyone_else(self): """ Given i'm a regular user And i'm not in the conversation When I try to transfer a conversation to another user Then I get a Forbidden Exception """ from max.tests.mockers import group_message as message sender = 'messi' recipient = 'xavi' recipient2 = 'shakira' self.create_user(sender) self.create_user(recipient) self.create_user(recipient2) res = self.testapp.post('/conversations', json.dumps(message), oauth2Header(sender), status=201) cid = str(res.json['contexts'][0]['id']) self.testapp.put('/conversations/{}/owner'.format(cid), json.dumps({'actor': {'username': recipient}}), oauth2Header(recipient2), status=403)
class FunctionalTests(unittest.TestCase, MaxTestBase): def setUp(self): conf_dir = os.path.dirname(__file__) self.app = loadapp("config:tests.ini", relative_to=conf_dir) self.reset_database(self.app) self.app.registry.max_store.security.insert(test_default_security) self.patched_post = patch("requests.post", new=partial(mock_post, self)) self.patched_post.start() self.testapp = MaxTestApp(self) self.create_user(test_manager) # BEGIN TESTS def test_subscribe_user_to_context(self): from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"), ) self.testapp.post( "/people/%s/subscriptions" % username, json.dumps(subscribe_context), oauth2Header(test_manager), status=201 ) def test_subscribe_to_context(self): """ doctest .. http:post:: /people/{username}/subscriptions """ from .mockers import subscribe_context from .mockers import user_status_context from .mockers import create_context username = "******" self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) res = self.create_activity(username, user_status_context) result = json.loads(res.text) self.assertEqual(result.get("actor", None).get("username", None), "messi") self.assertEqual(result.get("object", None).get("objectType", None), "note") self.assertEqual(result.get("contexts", None)[0]["url"], subscribe_context["object"]["url"]) def test_subscribe_to_context_already_subscribed(self): from .mockers import subscribe_context from .mockers import user_status_context from .mockers import create_context username = "******" self.create_user(username) self.create_context(create_context) self.admin_subscribe_user_to_context(username, subscribe_context) self.admin_subscribe_user_to_context(username, subscribe_context, expect=200) res = self.create_activity(username, user_status_context) result = json.loads(res.text) self.assertEqual(result.get("actor", None).get("username", None), "messi") self.assertEqual(result.get("object", None).get("objectType", None), "note") self.assertEqual(result.get("contexts", None)[0]["url"], subscribe_context["object"]["url"]) def test_subscribe_to_inexistent_context(self): from .mockers import subscribe_context username = "******" self.create_user(username) res = self.admin_subscribe_user_to_context(username, subscribe_context, expect=404) result = json.loads(res.text) self.assertEqual(result.get("error", None), "ObjectNotFound") def test_get_all_subscribed_contexts_for_user(self): """ doctest .. http:get:: /people/{username}/subscriptions """ from .mockers import create_context from .mockers import subscribe_contextA, create_contextA from .mockers import subscribe_contextB, create_contextB username = "******" username_not_me = "xavi" self.create_user(username) self.create_user(username_not_me) self.create_context( create_context, permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"), ) self.create_context( create_contextA, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.create_context( create_contextB, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_contextA) self.admin_subscribe_user_to_context(username_not_me, subscribe_contextA) self.admin_subscribe_user_to_context(username, subscribe_contextB) res = self.testapp.get("/people/%s/subscriptions" % username, "", oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 2) self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A") self.assertEqual(result[1].get("url"), "http://atenea.upc.edu/B") def test_get_all_subscribed_contexts_for_user_by_tag(self): """ doctest .. http:get:: /people/{username}/subscriptions """ from .mockers import create_context from .mockers import subscribe_contextA, create_contextA from .mockers import subscribe_contextB, create_contextB username = "******" username_not_me = "xavi" self.create_user(username) self.create_user(username_not_me) self.create_context( create_context, permissions=dict(read="public", write="restricted", subscribe="restricted", invite="restricted"), ) self.create_context( create_contextA, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.create_context( create_contextB, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_contextA) self.admin_subscribe_user_to_context(username_not_me, subscribe_contextA) self.admin_subscribe_user_to_context(username, subscribe_contextB) res = self.testapp.get( "/people/%s/subscriptions" % username, {"tags": ["Assignatura"]}, oauth2Header(username), status=200 ) result = json.loads(res.text) self.assertEqual(len(result), 1) self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A") def test_get_all_subscribed_contexts_tagged_for_user(self): """ doctest .. http:get:: /people/{username}/subscriptions """ from .mockers import subscribe_contextA, create_contextA from .mockers import subscribe_contextB, create_contextB username = "******" self.create_user(username) self.create_context( create_contextA, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.create_context( create_contextB, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_contextA) self.admin_subscribe_user_to_context(username, subscribe_contextB) res = self.testapp.get( "/people/%s/subscriptions" % username, {"tags": ["Assignatura"]}, oauth2Header(username), status=200 ) result = json.loads(res.text) self.assertEqual(len(result), 1) self.assertEqual(result[0].get("url"), "http://atenea.upc.edu/A") def test_get_subscriptions_from_another_user(self): """ Given a plain user When I try to get another user subscriptions list Then i get an Forbidden error """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) username2 = "xavi" self.create_user(username2) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username2), status=403) def test_subcribe_to_restricted_context_as_plain_user(self): """ Given a plain user When I subscribe to a public subscription context Then i get an Forbidden error """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=403) def test_subscribe_to_public_context_as_plain_user(self): """ Given a plain user When I subscribe to a public subscription context Then the subscription is created And I will be able to unsubscribe in the future """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) res = self.testapp.post( "/people/%s/subscriptions" % username, json.dumps(subscribe_context), oauth2Header(username), status=201 ) res = self.testapp.get("/people/%s/subscriptions" % username, "", oauth2Header(username), status=200) result = json.loads(res.text) self.assertIn("unsubscribe", result[0]["permissions"]) def test_subscribe_to_public_context_as_plain_user_already_subscribed(self): """ Given a plain user When I subscribe to a public subscription context And I am already subscribed Then the subscription is returned """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) self.user_subscribe_user_to_context(username, subscribe_context, expect=200) def test_list_all_public_subcribable_contexts(self): """ Given a plain user When i look for public contexts Then i get a list with only the public ones """ from .mockers import create_context, create_contextA username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.create_context( create_contextA, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) res = self.testapp.get("/contexts/public", {}, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 1) def test_unsubscribe_from_inexistent_subscription_as_plain_user(self): """ Given a plain user When I try to unsubscribe from a context And I'm not subscribed to that context Then I get a not found error """ from .mockers import create_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) url_hash = sha1(create_context["url"]).hexdigest() self.testapp.delete( "/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(username), status=403 ) def test_unsubscribe_from_inexistent_subscription_as_admin(self): """ As an admin user When I try to unsubscribe a user from a context And the user is not subscribed to that context Then I get a not found error """ from .mockers import create_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) url_hash = sha1(create_context["url"]).hexdigest() self.testapp.delete( "/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(test_manager), status=404 ) def test_unsubscribe_from_restricted_context_as_plain_user(self): """ Given a plain user When I try to unsubscribe from a restricted subscription context Then i get an authorization error """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) url_hash = sha1(create_context["url"]).hexdigest() self.testapp.delete( "/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(username), status=403 ) def test_unsubscribe_from_restricted_context_as_admin(self): """ Given a admin user When I try to unsubscribe a plain user from a restricted subscription context Then the user is not subscribed to the context anymore """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) url_hash = sha1(create_context["url"]).hexdigest() self.testapp.delete( "/people/%s/subscriptions/%s" % (username, url_hash), {}, oauth2Header(test_manager), status=204 ) res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 0) def test_unsubscribe_from_public_context_as_plain_user(self): """ Given a plain user When I try to unsubscribe from a public subscription context Then I am not subscribed to the context anymore """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) url_hash = sha1(create_context["url"]).hexdigest() self.user_unsubscribe_user_from_context(username, url_hash, expect=204) res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 0) def test_unsubscribe_from_public_context_as_admin(self): """ Given a admin user When I try to unsubscribe a plain user from a public subscription context Then I am not subscribed to the context anymore """ from .mockers import create_context from .mockers import subscribe_context username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) url_hash = sha1(create_context["url"]).hexdigest() self.admin_unsubscribe_user_from_context(username, url_hash, expect=204) res = self.testapp.get("/people/%s/subscriptions" % username, {}, oauth2Header(username), status=200) result = json.loads(res.text) self.assertEqual(len(result), 0) def test_change_context_with_same_permissions(self): """ Create a public context, user subscribes to context. Try to update the context with the same permissions. Permissions remain the same NOTE: Test added to catch a bug where modifying a context with the same permissions would crash on a mongodb empty query """ from .mockers import create_context from .mockers import subscribe_context url_hash = sha1(create_context["url"]).hexdigest() username = "******" self.create_user(username) permissions = dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted") self.create_context(create_context, permissions=permissions) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) data = json.dumps({"permissions": permissions}) res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200) self.assertEqual(res.json["permissions"]["read"], "subscribed") self.assertEqual(res.json["permissions"]["write"], "subscribed") self.assertEqual(res.json["permissions"]["subscribe"], "public") self.assertEqual(res.json["permissions"]["invite"], "restricted") def test_change_public_context_to_restricted(self): """ Create a public context, user subscribes to context. Change the context to write=restricted, and user fails to write in the context. """ from .mockers import create_context from .mockers import subscribe_context from .mockers import user_status_context url_hash = sha1(create_context["url"]).hexdigest() username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) data = json.dumps({"permissions": {"write": "restricted"}}) res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200) self.assertEqual(res.json["permissions"]["read"], "subscribed") self.assertEqual(res.json["permissions"]["write"], "restricted") res = self.create_activity(username, user_status_context, expect=403) def test_change_public_context_to_restricted_preserve_granted_write_permission(self): """ Create a public context, user subscribes to context. Extra grant write permission to the user Change the context to write=restricted, and user still have the write permission """ from .mockers import create_context from .mockers import subscribe_context from .mockers import user_status_context url_hash = sha1(create_context["url"]).hexdigest() username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="subscribed", subscribe="public", invite="restricted"), ) self.user_subscribe_user_to_context(username, subscribe_context, expect=201) permission = "write" res = self.testapp.put( "/contexts/%s/permissions/%s/%s?permanent=1" % (url_hash, username, permission), "", oauth2Header(test_manager), status=201, ) data = json.dumps({"permissions": {"write": "restricted"}}) res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200) self.assertEqual(res.json["permissions"]["read"], "subscribed") self.assertEqual(res.json["permissions"]["write"], "restricted") res = self.create_activity(username, user_status_context, expect=201) def test_change_restricted_context_to_susbcribed(self): """ Create a write restricted context, admin subscribes the user to context, but he cannot write Change the context to write subscribed, and user can write to context """ from .mockers import create_context from .mockers import subscribe_context from .mockers import user_status_context url_hash = sha1(create_context["url"]).hexdigest() username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="restricted", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) data = json.dumps({"permissions": {"write": "subscribed"}}) res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200) self.assertEqual(res.json["permissions"]["read"], "subscribed") self.assertEqual(res.json["permissions"]["write"], "subscribed") res = self.create_activity(username, user_status_context, expect=201) def test_change_restricted_context_to_susbcribed_maintain_write_veto(self): """ Create a write restricted context, admin subscribes the user to context, but he cannot write. Admin also adds a persistent "don't write" veto to this user. Change the context to write subscribed, and user still can't write. """ from .mockers import create_context from .mockers import subscribe_context from .mockers import user_status_context url_hash = sha1(create_context["url"]).hexdigest() username = "******" self.create_user(username) self.create_context( create_context, permissions=dict(read="subscribed", write="restricted", subscribe="restricted", invite="restricted"), ) self.admin_subscribe_user_to_context(username, subscribe_context, expect=201) permission = "write" res = self.testapp.delete( "/contexts/%s/permissions/%s/%s?permanent=1" % (url_hash, username, permission), "", oauth2Header(test_manager), status=201, ) data = json.dumps({"permissions": {"write": "subscribed"}}) res = self.testapp.put("/contexts/%s" % url_hash, data, oauth2Header(test_manager), status=200) self.assertEqual(res.json["permissions"]["read"], "subscribed") self.assertEqual(res.json["permissions"]["write"], "subscribed") res = self.create_activity(username, user_status_context, expect=403)