def update(self, instance, validated_data):
metadata = JsonField.to_json(validated_data.get('metadata'))
if metadata is None:
metadata = dict()
owner = validated_data.get('organization')
if self.partial and metadata:
if not isinstance(instance.metadata, dict):
instance.metadata = {}
instance.metadata.update(metadata)
validated_data['metadata'] = instance.metadata
if self.partial and owner:
# give the new owner permissions
set_owners_permission(owner, instance)
if is_organization(owner.profile):
owners_team = get_organization_owners_team(owner.profile)
members_team = get_organization_members_team(owner.profile)
OwnerRole.add(owners_team, instance)
ReadOnlyRole.add(members_team, instance)
# clear cache
safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk))
project = super(ProjectSerializer, self)\
.update(instance, validated_data)
project.xform_set.exclude(shared=project.shared)\
.update(shared=project.shared, shared_data=project.shared)
return instance
def update(self, instance, validated_data):
metadata = JsonField.to_json(validated_data.get('metadata'))
if metadata is None:
metadata = dict()
owner = validated_data.get('organization')
if self.partial and metadata:
if not isinstance(instance.metadata, dict):
instance.metadata = {}
instance.metadata.update(metadata)
validated_data['metadata'] = instance.metadata
if self.partial and owner:
# give the new owner permissions
set_owners_permission(owner, instance)
if is_organization(owner.profile):
owners_team = get_organization_owners_team(owner.profile)
members_team = get_organization_members_team(owner.profile)
OwnerRole.add(owners_team, instance)
ReadOnlyRole.add(members_team, instance)
# clear cache
safe_delete('{}{}'.format(PROJ_PERM_CACHE, instance.pk))
project = super(ProjectSerializer, self)\
.update(instance, validated_data)
project.xform_set.exclude(shared=project.shared)\
.update(shared=project.shared, shared_data=project.shared)
return instance
def test_add_members_to_owner_role(self):
self._org_create()
view = OrganizationProfileViewSet.as_view({
'post': 'members',
'get': 'retrieve',
'put': 'members'
})
self.profile_data['username'] = "******"
aboy = self._create_user_profile().user
data = {'username': '******', 'role': 'owner'}
request = self.factory.post('/',
data=json.dumps(data),
content_type="application/json",
**self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
# getting profile
request = self.factory.get('/', **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['users'][1]['user'], 'aboy')
self.assertEqual(response.data['users'][1]['role'], 'owner')
owner_team = get_organization_owners_team(self.organization)
self.assertIn(aboy, owner_team.user_set.all())
# test user removed from owner team when role changed
data = {'username': '******', 'role': 'editor'}
request = self.factory.put('/',
data=json.dumps(data),
content_type="application/json",
**self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 200)
owner_team = get_organization_owners_team(self.organization)
self.assertNotIn(aboy, owner_team.user_set.all())
def test_add_members_to_owner_role(self):
self._org_create()
view = OrganizationProfileViewSet.as_view({
'post': 'members',
'get': 'retrieve',
'put': 'members'
})
self.profile_data['username'] = "******"
aboy = self._create_user_profile().user
data = {'username': '******',
'role': 'owner'}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 201)
self.assertEqual(set(response.data), set([u'denoinc', u'aboy']))
# getting profile
request = self.factory.get('/', **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 200)
self.assertEqual(response.data['users'][1]['user'], 'aboy')
self.assertEqual(response.data['users'][1]['role'], 'owner')
owner_team = get_organization_owners_team(self.organization)
self.assertIn(aboy, owner_team.user_set.all())
# test user removed from owner team when role changed
data = {'username': '******', 'role': 'editor'}
request = self.factory.put(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user='******')
self.assertEqual(response.status_code, 200)
owner_team = get_organization_owners_team(self.organization)
self.assertNotIn(aboy, owner_team.user_set.all())
def _set_organization_role_to_user(organization, user, role):
role_cls = ROLES.get(role)
role_cls.add(user, organization)
owners_team = get_organization_owners_team(organization)
# add the owner to owners team
if role == OwnerRole.name:
add_user_to_team(owners_team, user)
if role != OwnerRole.name:
remove_user_from_team(owners_team, user)
def _set_organization_role_to_user(organization, user, role):
role_cls = ROLES.get(role)
role_cls.add(user, organization)
owners_team = get_organization_owners_team(organization)
# add the owner to owners team
if role == OwnerRole.name:
add_user_to_team(owners_team, user)
# add user to org projects
for project in organization.user.project_org.all():
ShareProject(project, user.username, role).save()
if role != OwnerRole.name:
remove_user_from_team(owners_team, user)
def test_widget_create_by_org_admin(self):
self.project.organization = self.organization.user
self.project.save()
chuck_data = {'username': '******', 'email': '*****@*****.**'}
chuck_profile = self._create_user_profile(chuck_data)
view = OrganizationProfileViewSet.as_view({'post': 'members'})
data = {
'username': chuck_profile.user.username,
'role': OwnerRole.name
}
request = self.factory.post('/',
data=json.dumps(data),
content_type="application/json",
**self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
owners_team = get_organization_owners_team(self.organization)
self.assertIn(chuck_profile.user, owners_team.user_set.all())
extra = {
'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token
}
view = WidgetViewSet.as_view({'post': 'create'})
data = {
'content_object':
'http://testserver/api/v1/dataviews/%s' % self.data_view.pk,
'widget_type':
"charts",
'view_type':
"horizontal-bar",
'column':
"_submission_time",
}
request = self.factory.post('/',
data=json.dumps(data),
content_type="application/json",
**extra)
response = view(request)
self.assertEquals(response.status_code, 201)
def _check_set_role(request, organization, username, required=False):
"""
Confirms the role and assigns the role to the organization
"""
role = request.data.get('role')
role_cls = ROLES.get(role)
if not role or not role_cls:
if required:
message = (_(u"'%s' is not a valid role." %
role) if role else _(u"This field is required."))
else:
message = _(u"'%s' is not a valid role." % role)
return status.HTTP_400_BAD_REQUEST, {'role': [message]}
else:
data, status_code = _update_username_role(organization, username,
role_cls)
if status_code not in [status.HTTP_200_OK, status.HTTP_201_CREATED]:
return (status_code, data)
owners_team = get_organization_owners_team(organization)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
data = {
'username': [
_(u"User `%(username)s` does not exist." %
{'username': username})
]
}
return (status.HTTP_400_BAD_REQUEST, data)
# add the owner to owners team
if role == OwnerRole.name:
add_user_to_team(owners_team, user)
if role != OwnerRole.name:
remove_user_from_team(owners_team, user)
return (status.HTTP_200_OK, []) if request.method == 'PUT' \
else (status.HTTP_201_CREATED, [])
def test_widget_create_by_org_admin(self):
self.project.organization = self.organization.user
self.project.save()
chuck_data = {'username': '******', 'email': '*****@*****.**'}
chuck_profile = self._create_user_profile(chuck_data)
view = OrganizationProfileViewSet.as_view({
'post': 'members'
})
data = {'username': chuck_profile.user.username,
'role': OwnerRole.name}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
owners_team = get_organization_owners_team(self.organization)
self.assertIn(chuck_profile.user, owners_team.user_set.all())
extra = {
'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token}
view = WidgetViewSet.as_view({
'post': 'create'
})
data = {
'content_object': 'http://testserver/api/v1/dataviews/%s' %
self.data_view.pk,
'widget_type': "charts",
'view_type': "horizontal-bar",
'column': "_submission_time",
}
request = self.factory.post('/', data=json.dumps(data),
content_type="application/json",
**extra)
response = view(request)
self.assertEquals(response.status_code, 201)
def _check_set_role(request, organization, username, required=False):
"""
Confirms the role and assigns the role to the organization
"""
role = request.DATA.get('role')
role_cls = ROLES.get(role)
if not role or not role_cls:
if required:
message = (_(u"'%s' is not a valid role." % role) if role
else _(u"This field is required."))
else:
message = _(u"'%s' is not a valid role." % role)
return status.HTTP_400_BAD_REQUEST, {'role': [message]}
else:
_update_username_role(organization, username, role_cls)
owners_team = get_organization_owners_team(organization)
try:
user = User.objects.get(username=username)
except User.DoesNotExist:
data = {'username': [_(u"User `%(username)s` does not exist."
% {'username': username})]}
return (status.HTTP_400_BAD_REQUEST, data)
# add the owner to owners team
if role == OwnerRole.name:
add_user_to_team(owners_team, user)
if role != OwnerRole.name:
remove_user_from_team(owners_team, user)
return (status.HTTP_200_OK, []) if request.method == 'PUT' \
else (status.HTTP_201_CREATED, [])
def test_non_owners_should_be_able_to_change_member_permissions(self):
self._org_create()
self._publish_xls_form_to_project()
chuck_data = {'username': '******', 'email': '*****@*****.**'}
chuck_profile = self._create_user_profile(chuck_data)
view = OrganizationProfileViewSet.as_view({'post': 'members'})
data = {
'username': chuck_profile.user.username,
'role': OwnerRole.name
}
request = self.factory.post('/',
data=json.dumps(data),
content_type="application/json",
**self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
owners_team = get_organization_owners_team(self.organization)
self.assertIn(chuck_profile.user, owners_team.user_set.all())
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
data = {'username': alice_profile.user.username}
request = self.factory.post('/',
data=json.dumps(data),
content_type="application/json",
**self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
member_team = get_organization_members_team(self.organization)
self.assertIn(alice_profile.user, member_team.user_set.all())
view = TeamViewSet.as_view({'post': 'share'})
post_data = {
'role': EditorRole.name,
'project': self.project.pk,
'org': self.organization.user.username
}
request = self.factory.post('/', data=post_data, **self.extra)
response = view(request, pk=member_team.pk)
self.assertEqual(response.status_code, 204)
post_data = {
'role': ReadOnlyRole.name,
'project': self.project.pk,
'org': self.organization.user.username
}
extra = {
'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token
}
request = self.factory.post('/', data=post_data, **extra)
response = view(request, pk=member_team.pk)
self.assertEqual(response.status_code, 204)
def test_non_owners_should_be_able_to_change_member_permissions(self):
self._org_create()
self._publish_xls_form_to_project()
chuck_data = {'username': '******', 'email': '*****@*****.**'}
chuck_profile = self._create_user_profile(chuck_data)
view = OrganizationProfileViewSet.as_view({
'post': 'members'
})
data = {'username': chuck_profile.user.username,
'role': OwnerRole.name}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
owners_team = get_organization_owners_team(self.organization)
self.assertIn(chuck_profile.user, owners_team.user_set.all())
alice_data = {'username': '******', 'email': '*****@*****.**'}
alice_profile = self._create_user_profile(alice_data)
data = {'username': alice_profile.user.username}
request = self.factory.post(
'/', data=json.dumps(data),
content_type="application/json", **self.extra)
response = view(request, user=self.organization.user.username)
self.assertEqual(response.status_code, 201)
member_team = get_organization_members_team(self.organization)
self.assertIn(alice_profile.user, member_team.user_set.all())
view = TeamViewSet.as_view({
'post': 'share'
})
post_data = {'role': EditorRole.name,
'project': self.project.pk,
'org': self.organization.user.username}
request = self.factory.post(
'/', data=post_data, **self.extra)
response = view(request, pk=member_team.pk)
self.assertEqual(response.status_code, 204)
post_data = {'role': ReadOnlyRole.name,
'project': self.project.pk,
'org': self.organization.user.username}
extra = {
'HTTP_AUTHORIZATION': 'Token %s' % chuck_profile.user.auth_token}
request = self.factory.post(
'/', data=post_data, **extra)
response = view(request, pk=member_team.pk)
self.assertEqual(response.status_code, 204)