def setup(self): super(TestApiNewDataset, self).setup() self.user = make_account('test_new') self.user.api_key = 'd0610659-627b-4403-8b7f-6e2820ebc95d' self.user2 = make_account('test_new2') self.user2.api_key = 'c011c340-8dad-419c-8138-1c6ded86ead5'
def test_trigger_reset_post_ok(self): try: original_smtp_server = config.get('smtp_server') config['smtp_server'] = 'non-existent-smtp-server' make_account() self.app.post(url(controller='account', action='trigger_reset'), params={'email': "*****@*****.**"}) finally: config['smtp_server'] = original_smtp_server
def setUp(self): super(TestDatasetController, self).setUp() current_app.config['LOCKDOWN_FORCE'] = False current_app.config['PRESERVE_CONTEXT_ON_EXCEPTION'] = False #self.source = csvimport_fixture("sci_study") self.authuser = make_account('authuser', email='*****@*****.**', verified=True) self.authuser.password = generate_password_hash("password") self.moduser = make_account('moduser', email='*****@*****.**', moderator=True) self.moduser.password = generate_password_hash("password") self.adminuser = make_account('adminuser', email='*****@*****.**', admin=True) self.adminuser.password = generate_password_hash("password") db.session.commit()
def setUp(self): super(TestDatasetController, self).setUp() current_app.config['LOCKDOWN_FORCE'] = False current_app.config['PRESERVE_CONTEXT_ON_EXCEPTION'] = False #self.source = csvimport_fixture("sci_study") self.user = make_account('test')
def test_dashboard(self): test = make_account('test') cra = load_fixture('cra', manager=test) response = self.app.get(url(controller='account', action='dashboard'), extra_environ={'REMOTE_USER': str(test.name)}) assert '200' in response.status, response.status assert cra.label in response, response
def setUp(self): super(TestDatasetController, self).setUp() current_app.config['LOCKDOWN_FORCE'] = False current_app.config['PRESERVE_CONTEXT_ON_EXCEPTION'] = False #self.source = csvimport_fixture("sci_study") self.user = make_account('test', make_account=True)
def setup(self): """ Set up the TestBadgeController. Setup creates two users, one regular user (test) and one administrator (admin). """ super(TestBadgeController, self).setup() # Create test user self.user = make_account('test') # Create admin user self.admin = make_account('admin') self.admin.admin = True db.session.commit() # Load dataset we use for tests self.dataset = load_fixture('cra')
def test_feeds(self): # Anonymous user with one public dataset response = self.app.get(url(controller='dataset', action='feed_rss'), expect_errors=True) assert 'application/xml' in response.content_type assert '<title>Recently Created Datasets</title>' in response assert '<item><title>Country Regional Analysis v2009' in response cra = Dataset.by_name('cra') cra.private = True db.session.add(cra) db.session.commit() # Anonymous user with one private dataset response = self.app.get(url(controller='dataset', action='feed_rss'), expect_errors=True) assert 'application/xml' in response.content_type assert '<title>Recently Created Datasets</title>' in response assert '<item><title>Country Regional Analysis v2009' not in response # Logged in user with one public dataset cra.private = False db.session.add(cra) db.session.commit() response = self.app.get(url(controller='dataset', action='feed_rss'), expect_errors=True, extra_environ={'REMOTE_USER': '******'}) assert 'application/xml' in response.content_type assert '<title>Recently Created Datasets</title>' in response assert '<item><title>Country Regional Analysis v2009' in response # Logged in user with one private dataset cra.private = True db.session.add(cra) db.session.commit() response = self.app.get(url(controller='dataset', action='feed_rss'), expect_errors=True, extra_environ={'REMOTE_USER': '******'}) assert 'application/xml' in response.content_type assert '<title>Recently Created Datasets</title>' in response assert '<item><title>Country Regional Analysis v2009' not in response # Logged in admin user with one private dataset admin_user = make_account('admin') admin_user.admin = True db.session.add(admin_user) db.session.commit() response = self.app.get(url(controller='dataset', action='feed_rss'), extra_environ={'REMOTE_USER': '******'}) assert '<title>Recently Created Datasets</title>' in response assert '<item><title>Country Regional Analysis v2009' in response assert 'application/xml' in response.content_type response = self.app.get(url(controller='dataset', action='index')) assert ('<link rel="alternate" type="application/rss+xml" title="' 'Latest Datasets on OpenSpending" href="/datasets.rss"' in response)
def test_reset_get(self): response = self.app.get(url(controller='account', action='do_reset', token='huhu', email='*****@*****.**')) assert '/login' in response.headers['location'], response.headers account = make_account() response = self.app.get(url(controller='account', action='do_reset', token=account.token, email=account.email)) assert '/settings' in response.headers['location'], response.headers
def csvimport_fixture(name): model_fp = csvimport_fixture_file(name, 'model.json') mapping_fp = csvimport_fixture_file(name, 'mapping.json') model = json.load(model_fp) if mapping_fp: model['mapping'] = json.load(mapping_fp) dataset = Dataset(model) dataset.generate() db.session.add(dataset) data_path = csvimport_fixture_path(name, 'data.csv') user = make_account() source = Source(dataset, user, data_path) db.session.add(source) db.session.commit() return source
def test_distinct_json(self): test = make_account() response = self.app.get(url(controller='account', action='complete'), extra_environ={'REMOTE_USER': str(test.name)}) obj = json.loads(response.body)['results'] assert obj[0].keys() == [u'fullname', u'name'] assert len(obj) == 1, obj assert obj[0]['name'] == 'test', obj[0] response = self.app.get(url(controller='account', action='complete'), params={'q': 'tes'}, extra_environ={'REMOTE_USER': str(test.name)}) obj = json.loads(response.body)['results'] assert len(obj) == 1, obj response = self.app.get(url(controller='account', action='complete'), params={'q': 'foo'}, extra_environ={'REMOTE_USER': str(test.name)}) obj = json.loads(response.body)['results'] assert len(obj) == 0, obj
def test_unverified_user(self): """ check that unverified user can't go anywhere """ myfakeuser = make_account(name="tester", fullname='tester', email='*****@*****.**', admin=False, verified=False) myfakeuser.password = generate_password_hash("mypassword") db.session.commit() res = self.client.post(url_for('account.login'), data=dict(login="******", password='******'), follow_redirects=True) assert "The message would have been sent below" in res.data, "should show an email message inn debug" res2 = self.client.get(url_for("forum.index")) assert '403' in res2.status, "should not be able to access the forum as unverified user"
def setUp(self): super(TestAccountController, self).setUp() # Create test user current_app.config['LOCKDOWN_FORCE'] = False self.user = make_account('testuser')
def test_user_scoreboard(self): """ Test if the user scoreboard works and is only accessible by administrators """ # Create dataset and users and make normal user owner of dataset admin_user = make_account('test_admin', admin=True) dataset = load_fixture('cra') normal_user = make_account('test_user') normal_user.datasets.append(dataset) db.session.add(normal_user) db.session.commit() # Refetch the accounts into scope after the commit admin_user = Account.by_name('test_admin') normal_user = Account.by_name('test_user') # Get the URL to user scoreboard scoreboard_url = url(controller='account', action='scoreboard') # Get the home page (could be just any page user_response = self.app.get( url(controller='home', action='index'), extra_environ={'REMOTE_USER': str(normal_user.name)}) admin_response = self.app.get( url(controller='home', action='index'), extra_environ={'REMOTE_USER': str(admin_user.name)}) # Admin user should be the only one to see a link # to the user scoreboard (not the normal user) assert scoreboard_url not in user_response.body, \ "Normal user can see scoreboard url on the home page" assert scoreboard_url in admin_response.body, \ "Admin user cannot see the scoreboard url on the home page" # Normal user should not be able to access the scoreboard url user_response = self.app.get( scoreboard_url, expect_errors=True, extra_environ={'REMOTE_USER': str(normal_user.name)}) assert '403' in user_response.status, \ "Normal user is authorized to see user scoreboard" # Administrator should see scoreboard and users should be there in # in the following order normal user - admin user (with 10 and 0 points # respectively) admin_response = self.app.get( scoreboard_url, extra_environ={'REMOTE_USER': str(admin_user.name)}) assert '200' in admin_response.status, \ "Administrator did not get a 200 status for user scoreboard" # We need to remove everything before an 'Dataset Maintainers' because # the admin user name comes first because of the navigational bar heading_index = admin_response.body.find('Dataset Maintainers') check_body = admin_response.body[heading_index:] admin_index = check_body.find(admin_user.name) user_index = check_body.find(normal_user.name) assert admin_index > user_index, \ "Admin index comes before normal user index" # Same thing as with the username we check for the scores # they are represented as <p>10</p> and <p>0</p> admin_index = check_body.find('<p>0</p>') user_index = check_body.find('<p>10</p>') assert admin_index > user_index, \ "Admin score does not come before the user score"
def test_account_create_gives_api_key(self): account = make_account() assert len(account.api_key) == 36
def test_profile(self): """ Profile page test """ # Create the test user account using default # username is test, fullname is 'Test User', # email is [email protected] and twitter handle is testuser test = make_account('test') # Get the user profile for an anonymous user response = self.app.get( url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile not successfully returned for anonymous user' assert '<dt>Name</dt>' in response.body, \ 'Name heading is not in profile for anonymous user' assert '<dd>Test User</dd>' in response.body, \ 'User fullname is not in profile for anonymous user' assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile for anonymous user' assert '<dd>test</dd>' in response.body, \ 'Username is not in profile for anonymous user' assert '<dt>Email</dt>' not in response.body, \ 'Email heading is in profile for anonymous user' assert '<dd>[email protected]</dd>' not in response.body, \ 'Email of user is in profile for anonymous user' assert '<dt>Twitter</dt>' not in response.body, \ 'Twitter heading is in profile for anonymous user' assert '<dd>@testuser</dd>' not in response.body, \ 'Twitter handle is in profile for anonymous user' # Display email and twitter handle for the user response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) assert '200' in response.status, \ 'Profile not successfully returned for user' assert '<dt>Email</dt>' in response.body, \ 'Email heading is not in profile for the user' assert '<dd>[email protected]</dd>' in response.body, \ 'Email of user is not in profile for the user' assert '<dt>Twitter</dt>' in response.body, \ 'Twitter heading is not in profile for the user' assert '@testuser' in response.body, \ 'Twitter handle of user is not in profile for the user' # Immitate that the user now makes email address and twitter handle # public to all test.public_email = True test.public_twitter = True db.session.add(test) db.session.commit() # Get the site as an anonymous user response = self.app.get( url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile with public contact info not returned to anonymous user' assert '<dt>Email</dt>' in response.body, \ 'Public email heading not in profile for anonymous user' assert '<dd>[email protected]</dd>' in response.body, \ 'Public email not in profile for anonymous user' assert '<dt>Twitter</dt>' in response.body, \ 'Public Twitter heading not in profile for anonymous user' assert '@testuser' in response.body, \ 'Public Twitter handle not in profile for anonymous user' # We take it back and hide the email and the twitter handle test.public_email = False test.public_twitter = False db.session.add(test) db.session.commit() # Create admin user admin_user = make_account('admin', 'Admin', '*****@*****.**') admin_user.admin = True db.session.add(admin_user) db.session.commit() # Display email for admins response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) assert '200' in response.status, \ 'Profile not successfully returned for admins' assert '<dt>Name</dt>' in response.body, \ 'Full name heading not in profile for admins' assert '<dd>Test User</dd>' in response.body, \ 'Full name of user not in profile for admins' assert '<dt>Username</dt>' in response.body, \ 'Username heading not in profile for admins' assert '<dd>test</dd>' in response.body, \ 'Username of user not in profile for admins' assert '<dt>Email</dt>' in response.body, \ 'Email heading not in profile for admins' assert '<dd>[email protected]</dd>' in response.body, \ 'Email of user not in profile for admins' assert '<dt>Twitter</dt>' in response.body, \ 'Twitter heading not in profile for admins' assert '@testuser' in response.body, \ 'Twitter handle of user not in profile for admins' # Do not display fullname if it's empty test.fullname = '' db.session.add(test) db.session.commit() response = self.app.get( url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile page not successfully returned without full name' assert '<dt>Name</dt>' not in response.body, \ 'Name heading is in profile even though full name is empty' # Test if the information is missing or just the full name assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile when full name is empty' assert '<dd>test</dd>' in response.body, \ 'Username for user is not in profile when full name is empty' # Do not display twitter handle if it's empty test.twitter_handle = None db.session.add(test) db.session.commit() response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) # Check if the Twitter heading is there assert '<dt>Twitter</dt>' not in response.body, \ 'Twitter heading is in profile even though twitter handle is empty' # Test if the other information is missing assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile when Twitter handle is empty' assert '<dd>test</dd>' in response.body, \ 'Username for user is not in profile when Twitter handle is empty'
def test_user_scoreboard(self): """ Test if the user scoreboard works and is only accessible by administrators """ # Create dataset and users and make normal user owner of dataset admin_user = make_account('test_admin', admin=True) dataset = load_fixture('cra') normal_user = make_account('test_user') normal_user.datasets.append(dataset) db.session.add(normal_user) db.session.commit() # Refetch the accounts into scope after the commit admin_user = Account.by_name('test_admin') normal_user = Account.by_name('test_user') # Get the URL to user scoreboard scoreboard_url = url(controller='account', action='scoreboard') # Get the home page (could be just any page user_response = self.app.get(url(controller='home', action='index'), extra_environ={'REMOTE_USER': str(normal_user.name)}) admin_response = self.app.get(url(controller='home', action='index'), extra_environ={'REMOTE_USER': str(admin_user.name)}) # Admin user should be the only one to see a link # to the user scoreboard (not the normal user) assert scoreboard_url not in user_response.body, \ "Normal user can see scoreboard url on the home page" assert scoreboard_url in admin_response.body, \ "Admin user cannot see the scoreboard url on the home page" # Normal user should not be able to access the scoreboard url user_response = self.app.get(scoreboard_url, expect_errors=True, extra_environ={'REMOTE_USER': str(normal_user.name)}) assert '403' in user_response.status, \ "Normal user is authorized to see user scoreboard" # Administrator should see scoreboard and users should be there in # in the following order normal user - admin user (with 10 and 0 points # respectively) admin_response = self.app.get(scoreboard_url, extra_environ={'REMOTE_USER': str(admin_user.name)}) assert '200' in admin_response.status, \ "Administrator did not get a 200 status for user scoreboard" # We need to remove everything before an 'Dataset Maintainers' because # the admin user name comes first because of the navigational bar heading_index = admin_response.body.find('Dataset Maintainers') check_body = admin_response.body[heading_index:] admin_index = check_body.find(admin_user.name) user_index = check_body.find(normal_user.name) assert admin_index > user_index, \ "Admin index comes before normal user index" # Same thing as with the username we check for the scores # they are represented as <p>10</p> and <p>0</p> admin_index = check_body.find('<p>0</p>') user_index = check_body.find('<p>10</p>') assert admin_index > user_index, \ "Admin score does not come before the user score"
def setup(self): super(TestEditorController, self).setup() self.user = make_account('test') load_fixture('cra', self.user)
def setup(self): super(TestDatasetController, self).setup() self.dataset = load_fixture('cra') self.user = make_account('test') clean_and_reindex_solr()
def test_profile(self): """ Profile page test """ # Create the test user account using default # username is test, fullname is 'Test User', # email is [email protected] and twitter handle is testuser test = make_account('test') # Get the user profile for an anonymous user response = self.app.get(url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile not successfully returned for anonymous user' assert '<dt>Name</dt>' in response.body, \ 'Name heading is not in profile for anonymous user' assert '<dd>Test User</dd>' in response.body, \ 'User fullname is not in profile for anonymous user' assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile for anonymous user' assert '<dd>test</dd>' in response.body, \ 'Username is not in profile for anonymous user' assert '<dt>Email</dt>' not in response.body, \ 'Email heading is in profile for anonymous user' assert '<dd>[email protected]</dd>' not in response.body, \ 'Email of user is in profile for anonymous user' assert '<dt>Twitter</dt>' not in response.body, \ 'Twitter heading is in profile for anonymous user' assert '<dd>@testuser</dd>' not in response.body, \ 'Twitter handle is in profile for anonymous user' # Display email and twitter handle for the user response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) assert '200' in response.status, \ 'Profile not successfully returned for user' assert '<dt>Email</dt>' in response.body, \ 'Email heading is not in profile for the user' assert '<dd>[email protected]</dd>' in response.body, \ 'Email of user is not in profile for the user' assert '<dt>Twitter</dt>' in response.body, \ 'Twitter heading is not in profile for the user' assert '@testuser' in response.body, \ 'Twitter handle of user is not in profile for the user' # Immitate that the user now makes email address and twitter handle # public to all test.public_email = True test.public_twitter = True db.session.add(test) db.session.commit() # Get the site as an anonymous user response = self.app.get(url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile with public contact info not returned to anonymous user' assert '<dt>Email</dt>' in response.body, \ 'Public email heading not in profile for anonymous user' assert '<dd>[email protected]</dd>' in response.body, \ 'Public email not in profile for anonymous user' assert '<dt>Twitter</dt>' in response.body, \ 'Public Twitter heading not in profile for anonymous user' assert '@testuser' in response.body, \ 'Public Twitter handle not in profile for anonymous user' # We take it back and hide the email and the twitter handle test.public_email = False test.public_twitter = False db.session.add(test) db.session.commit() # Create admin user admin_user = make_account('admin', 'Admin', '*****@*****.**') admin_user.admin = True db.session.add(admin_user) db.session.commit() # Display email for admins response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) assert '200' in response.status, \ 'Profile not successfully returned for admins' assert '<dt>Name</dt>' in response.body, \ 'Full name heading not in profile for admins' assert '<dd>Test User</dd>' in response.body, \ 'Full name of user not in profile for admins' assert '<dt>Username</dt>' in response.body, \ 'Username heading not in profile for admins' assert '<dd>test</dd>' in response.body, \ 'Username of user not in profile for admins' assert '<dt>Email</dt>' in response.body, \ 'Email heading not in profile for admins' assert '<dd>[email protected]</dd>' in response.body, \ 'Email of user not in profile for admins' assert '<dt>Twitter</dt>' in response.body, \ 'Twitter heading not in profile for admins' assert '@testuser' in response.body, \ 'Twitter handle of user not in profile for admins' # Do not display fullname if it's empty test.fullname = '' db.session.add(test) db.session.commit() response = self.app.get(url(controller='account', action='profile', name='test')) assert '200' in response.status, \ 'Profile page not successfully returned without full name' assert '<dt>Name</dt>' not in response.body, \ 'Name heading is in profile even though full name is empty' # Test if the information is missing or just the full name assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile when full name is empty' assert '<dd>test</dd>' in response.body, \ 'Username for user is not in profile when full name is empty' # Do not display twitter handle if it's empty test.twitter_handle = None db.session.add(test) db.session.commit() response = self.app.get(url(controller='account', action='profile', name='test'), extra_environ={'REMOTE_USER': '******'}) # Check if the Twitter heading is there assert '<dt>Twitter</dt>' not in response.body, \ 'Twitter heading is in profile even though twitter handle is empty' # Test if the other information is missing assert '<dt>Username</dt>' in response.body, \ 'Username heading is not in profile when Twitter handle is empty' assert '<dd>test</dd>' in response.body, \ 'Username for user is not in profile when Twitter handle is empty'
def test_permissions(self): """ Test permissions API which tells users if they are allowed to perform CRUD operations on a given dataset """ # Create our users make_account('test_admin', admin=True) maintainer = make_account('maintainer') make_account('test_user') # Set maintainer as maintainer of cra dataset dataset = Dataset.by_name('cra') dataset.managers.append(maintainer) db.session.add(dataset) db.session.commit() # Make the url reusable permission = url(controller='api/version2', action='permissions') # First we try to get permissions without dataset parameter # This should return a 200 but include an error message and nothing # else response = self.app.get(permission) json_response = json.loads(response.body) assert len(json_response.keys()) == 1, \ 'Parameterless call response includes more than one properties' assert 'error' in json_response, \ 'Error property not present in parameterless call response' # Dataset is public by default # Anonymous user response = self.app.get(permission, params={'dataset': 'cra'}) anon_response = json.loads(response.body) assert not anon_response['create'], \ 'Anonymous user can create existing dataset' assert anon_response['read'], \ 'Anonymous user cannot read public dataset' assert not anon_response['update'], \ 'Anonymous user can update existing dataset' assert not anon_response['delete'], \ 'Anonymous user can delete existing dataset' # Normal user response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) normal_response = json.loads(response.body) assert anon_response == normal_response, \ 'Normal user has wrong permissions for a public dataset' # Maintainer response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) main_response = json.loads(response.body) assert not main_response['create'], \ 'Maintainer can create a dataset with an existing (public) name' assert main_response['read'], \ 'Maintainer is not able to read public dataset' assert main_response['update'], \ 'Maintainer is not able to update public dataset' assert main_response['delete'], \ 'Maintainer is not able to delete public dataset' # Administrator response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) admin_response = json.loads(response.body) # Permissions for admins should be the same as for maintainer assert main_response == admin_response, \ 'Admin and maintainer permissions differ on public datasets' # Set cra dataset as private so only maintainer and admin should be # able to 'read' (and 'update' and 'delete'). All others should get # False on everything dataset = Dataset.by_name('cra') dataset.private = True db.session.add(dataset) db.session.commit() # Anonymous user response = self.app.get(permission, params={'dataset': 'cra'}) anon_response = json.loads(response.body) assert True not in anon_response.values(), \ 'Anonymous user has access to a private dataset' # Normal user response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) normal_response = json.loads(response.body) assert anon_response == normal_response, \ 'Normal user has access to a private dataset' # Maintainer response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) main_response = json.loads(response.body) assert not main_response['create'], \ 'Maintainer can create a dataset with an existing (private) name' assert main_response['read'], \ 'Maintainer is not able to read private dataset' assert main_response['update'], \ 'Maintainer is not able to update private dataset' assert main_response['delete'], \ 'Maintainer is not able to delete private dataset' # Administrator response = self.app.get(permission, params={'dataset': 'cra'}, extra_environ={'REMOTE_USER': '******'}) admin_response = json.loads(response.body) # Permissions for admins should be the same as for maintainer assert main_response == admin_response, \ 'Admin does not have the same permissions as maintainer' # Now we try accessing a nonexistent dataset # Everyone except anonymous user should have the same permissions # We don't need to check with maintainer or admin now since this # applies to all logged in users response = self.app.get(permission, params={'dataset': 'nonexistent'}) anon_response = json.loads(response.body) assert True not in anon_response.values(), \ 'Anonymous users has permissions on a nonexistent datasets' # Any logged in user (we use normal user) response = self.app.get(permission, params={'dataset': 'nonexistent'}, extra_environ={'REMOTE_USER': '******'}) normal_response = json.loads(response.body) assert normal_response['create'], \ 'User cannot create a nonexistent dataset' assert not normal_response['read'], \ 'User can read a nonexistent dataset' assert not normal_response['update'], \ 'User can update a nonexistent dataset' assert not normal_response['delete'], \ 'User can delete a nonexistent dataset'
def setup(self): super(TestSourceController, self).setup() self.user = make_account('test') self.dataset = load_fixture('cra', self.user)