示例#1
0
class TestRemove2Factor(AdminTestCase):
    def setUp(self):
        super(TestRemove2Factor, self).setUp()
        self.user = AuthUserFactory()
        self.request = RequestFactory().post('/fake_path')
        self.view = views.User2FactorDeleteView
        self.setup_view = setup_log_view(self.view(),
                                         self.request,
                                         guid=self.user._id)

        self.url = reverse('users:remove2factor',
                           kwargs={'guid': self.user._id})

    @mock.patch('osf.models.user.OSFUser.delete_addon')
    def test_remove_two_factor_get(self, mock_delete_addon):
        self.setup_view.delete(self.request)
        mock_delete_addon.assert_called_with('twofactor')

    def test_integration_delete_two_factor(self):
        user_addon = self.user.get_or_add_addon('twofactor')
        nt.assert_not_equal(user_addon, None)
        user_settings = self.user.get_addon('twofactor')
        nt.assert_not_equal(user_settings, None)
        count = AdminLogEntry.objects.count()
        self.setup_view.delete(self.request)
        post_addon = self.user.get_addon('twofactor')
        nt.assert_equal(post_addon, None)
        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)

    def test_no_user_permissions_raises_error(self):
        guid = self.user._id
        request = RequestFactory().get(self.url)
        request.user = self.user

        with self.assertRaises(PermissionDenied):
            self.view.as_view()(request, guid=guid)

    def test_correct_view_permissions(self):
        guid = self.user._id

        change_permission = Permission.objects.get(codename='change_osfuser')
        self.user.user_permissions.add(change_permission)
        self.user.save()

        request = RequestFactory().get(self.url)
        request.user = self.user

        response = self.view.as_view()(request, guid=guid)
        self.assertEqual(response.status_code, 200)
示例#2
0
class TestViews(OsfTestCase):
    def setUp(self):
        super(TestViews, self).setUp()
        self.user = AuthUserFactory()
        self.user_addon = self.user.get_or_add_addon('twofactor')
        self.user_settings = self.user.get_addon('twofactor')

    def test_confirm_code(self):
        # Send a valid code to the API endpoint for the user settings.
        url = api_url_for('twofactor_settings_put')
        res = self.app.put_json(
            url, {'code': _valid_code(self.user_settings.totp_secret)},
            auth=self.user.auth)

        # reload the user settings object from the DB
        self.user_settings.reload()

        assert_true(self.user_settings.is_confirmed)
        assert_equal(res.status_code, 200)

    def test_confirm_code_failure(self):
        url = api_url_for('twofactor_settings_put')
        res = self.app.put_json(url, {'code': '0000000'},
                                auth=self.user.auth,
                                expect_errors=True)
        assert_equal(res.status_code, 403)
        json = res.json
        assert_in('verification code', json['message_long'])

        # reload the user settings object from the DB
        self.user_settings.reload()

        assert_false(self.user_settings.is_confirmed)
示例#3
0
class TestRemove2Factor(AdminTestCase):
    def setUp(self):
        super(TestRemove2Factor, self).setUp()
        self.user = AuthUserFactory()
        self.request = RequestFactory().post('/fake_path')
        self.view = views.User2FactorDeleteView
        self.setup_view = setup_log_view(self.view(), self.request, guid=self.user._id)

        self.url = reverse('users:remove2factor', kwargs={'guid': self.user._id})

    @mock.patch('osf.models.user.OSFUser.delete_addon')
    def test_remove_two_factor_get(self, mock_delete_addon):
        self.setup_view.delete(self.request)
        mock_delete_addon.assert_called_with('twofactor')

    def test_integration_delete_two_factor(self):
        user_addon = self.user.get_or_add_addon('twofactor')
        nt.assert_not_equal(user_addon, None)
        user_settings = self.user.get_addon('twofactor')
        nt.assert_not_equal(user_settings, None)
        count = AdminLogEntry.objects.count()
        self.setup_view.delete(self.request)
        post_addon = self.user.get_addon('twofactor')
        nt.assert_equal(post_addon, None)
        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)

    def test_no_user_permissions_raises_error(self):
        guid = self.user._id
        request = RequestFactory().get(self.url)
        request.user = self.user

        with self.assertRaises(PermissionDenied):
            self.view.as_view()(request, guid=guid)

    def test_correct_view_permissions(self):
        guid = self.user._id

        change_permission = Permission.objects.get(codename='change_osfuser')
        self.user.user_permissions.add(change_permission)
        self.user.save()

        request = RequestFactory().get(self.url)
        request.user = self.user

        response = self.view.as_view()(request, guid=guid)
        self.assertEqual(response.status_code, 200)
示例#4
0
class TestRemove2Factor(AdminTestCase):
    def setUp(self):
        super(TestRemove2Factor, self).setUp()
        self.user = AuthUserFactory()
        self.request = RequestFactory().post('/fake_path')
        self.view = User2FactorDeleteView()
        self.view = setup_log_view(self.view, self.request, guid=self.user._id)

    @mock.patch('osf.models.user.OSFUser.delete_addon')
    def test_remove_two_factor_get(self, mock_delete_addon):
        self.view.delete(self.request)
        mock_delete_addon.assert_called_with('twofactor')

    def test_integration_delete_two_factor(self):
        user_addon = self.user.get_or_add_addon('twofactor')
        nt.assert_not_equal(user_addon, None)
        user_settings = self.user.get_addon('twofactor')
        nt.assert_not_equal(user_settings, None)
        count = AdminLogEntry.objects.count()
        self.view.delete(self.request)
        post_addon = self.user.get_addon('twofactor')
        nt.assert_equal(post_addon, None)
        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
示例#5
0
class TestViews(OsfTestCase):
    def setUp(self):
        super(TestViews, self).setUp()
        self.user = AuthUserFactory()
        self.user_addon = self.user.get_or_add_addon('twofactor')
        self.user_settings = self.user.get_addon('twofactor')

    def test_confirm_code(self):
        # Send a valid code to the API endpoint for the user settings.
        url = api_url_for('twofactor_settings_put')
        res = self.app.put_json(
            url,
            {'code': _valid_code(self.user_settings.totp_secret)},
            auth=self.user.auth
        )

        # reload the user settings object from the DB
        self.user_settings.reload()

        assert_true(self.user_settings.is_confirmed)
        assert_equal(res.status_code, 200)

    def test_confirm_code_failure(self):
        url = api_url_for('twofactor_settings_put')
        res = self.app.put_json(
            url,
            {'code': '0000000'},
            auth=self.user.auth,
            expect_errors=True
        )
        assert_equal(res.status_code, 403)
        json = res.json
        assert_in('verification code', json['message_long'])

        # reload the user settings object from the DB
        self.user_settings.reload()

        assert_false(self.user_settings.is_confirmed)
示例#6
0
class TestAddonFileViews(OsfTestCase):

    def setUp(self):
        super(TestAddonFileViews, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)

        self.user.add_addon('github')
        self.project.add_addon('github', auth=Auth(self.user))

        self.user_addon = self.user.get_addon('github')
        self.node_addon = self.project.get_addon('github')
        self.oauth = GitHubAccountFactory()
        self.oauth.save()

        self.user.external_accounts.add(self.oauth)
        self.user.save()

        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth
        self.node_addon.repo = 'Truth'
        self.node_addon.user = '******'
        self.node_addon.save()

        self.user_addon.oauth_grants[self.project._id] = {self.oauth._id: []}
        self.user_addon.save()

    def set_sentry(status):
        def wrapper(func):
            @functools.wraps(func)
            def wrapped(*args, **kwargs):
                enabled, sentry.enabled = sentry.enabled, status
                func(*args, **kwargs)
                sentry.enabled = enabled

            return wrapped

        return wrapper

    with_sentry = set_sentry(True)

    def get_test_file(self):
        version = file_models.FileVersion(identifier='1')
        version.save()
        ret = GithubFile(
            name='Test',
            node=self.project,
            path='/test/Test',
            materialized_path='/test/Test',
        )
        ret.save()
        ret.versions.add(version)
        return ret

    def get_second_test_file(self):
        version = file_models.FileVersion(identifier='1')
        version.save()
        ret = GithubFile(
            name='Test2',
            node=self.project,
            path='/test/Test2',
            materialized_path='/test/Test2',
        )
        ret.save()
        ret.versions.add(version)
        return ret

    def get_mako_return(self):
        ret = serialize_node(self.project, Auth(self.user), primary=True)
        ret.update({
            'error': '',
            'provider': '',
            'file_path': '',
            'sharejs_uuid': '',
            'private': '',
            'urls': {
                'files': '',
                'render': '',
                'sharejs': '',
                'mfr': '',
                'profile_image': '',
                'external': '',
                'archived_from': '',
            },
            'size': '',
            'extra': '',
            'file_name': '',
            'materialized_path': '',
            'file_id': '',
        })
        ret.update(rubeus.collect_addon_assets(self.project))
        return ret

    def test_redirects_to_guid(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github'
            ),
            auth=self.user.auth
        )

        assert_equals(resp.status_code, 302)
        assert_equals(resp.location, 'http://*****:*****@mock.patch('addons.base.views.addon_view_file')
    def test_action_view_calls_view_file(self, mock_view_file):
        self.user.reload()
        self.project.reload()

        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        mock_view_file.return_value = self.get_mako_return()

        self.app.get('/{}/?action=view'.format(guid._id), auth=self.user.auth)

        args, kwargs = mock_view_file.call_args
        assert_equals(kwargs, {})
        assert_equals(args[0].user._id, self.user._id)
        assert_equals(args[1], self.project)
        assert_equals(args[2], file_node)
        assert_true(isinstance(args[3], file_node.touch(None).__class__))

    @mock.patch('addons.base.views.addon_view_file')
    def test_no_action_calls_view_file(self, mock_view_file):
        self.user.reload()
        self.project.reload()

        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        mock_view_file.return_value = self.get_mako_return()

        self.app.get('/{}/'.format(guid._id), auth=self.user.auth)

        args, kwargs = mock_view_file.call_args
        assert_equals(kwargs, {})
        assert_equals(args[0].user._id, self.user._id)
        assert_equals(args[1], self.project)
        assert_equals(args[2], file_node)
        assert_true(isinstance(args[3], file_node.touch(None).__class__))

    def test_download_create_guid(self):
        file_node = self.get_test_file()
        assert_is(file_node.get_guid(), None)

        self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github',
            ),
            auth=self.user.auth
        )

        assert_true(file_node.get_guid())

    def test_view_file_does_not_delete_file_when_requesting_invalid_version(self):
        with mock.patch('addons.github.models.NodeSettings.is_private',
                        new_callable=mock.PropertyMock) as mock_is_private:
            mock_is_private.return_value = False

            file_node = self.get_test_file()
            assert_is(file_node.get_guid(), None)

            url = self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github',
            )
            # First view generated GUID
            self.app.get(url, auth=self.user.auth)

            self.app.get(url + '?version=invalid', auth=self.user.auth, expect_errors=True)

            assert_is_not_none(BaseFileNode.load(file_node._id))
            assert_is_none(TrashedFileNode.load(file_node._id))

    def test_unauthorized_addons_raise(self):
        path = 'cloudfiles'
        self.node_addon.user_settings = None
        self.node_addon.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 401)

    def test_nonstorage_addons_raise(self):
        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path='sillywiki',
                provider='wiki',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 400)

    def test_head_returns_url_and_redriect(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.head('/{}/'.format(guid._id), auth=self.user.auth)
        location = furl.furl(resp.location)
        assert_equals(resp.status_code, 302)
        assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, version=''))

    def test_head_returns_url_with_version_and_redirect(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.head('/{}/?revision=1&foo=bar'.format(guid._id), auth=self.user.auth)
        location = furl.furl(resp.location)
        # Note: version is added but us but all other url params are added as well
        assert_equals(resp.status_code, 302)
        assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, revision=1, version='', foo='bar'))

    def test_nonexistent_addons_raise(self):
        path = 'cloudfiles'
        self.project.delete_addon('github', Auth(self.user))
        self.project.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 400)

    def test_unauth_addons_raise(self):
        path = 'cloudfiles'
        self.node_addon.user_settings = None
        self.node_addon.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 401)

    def test_delete_action_creates_trashed_file_node(self):
        file_node = self.get_test_file()
        payload = {
            'provider': file_node.provider,
            'metadata': {
                'path': '/test/Test',
                'materialized': '/test/Test'
            }
        }
        views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
        assert_false(GithubFileNode.load(file_node._id))
        assert_true(TrashedFileNode.load(file_node._id))

    def test_delete_action_for_folder_deletes_subfolders_and_creates_trashed_file_nodes(self):
        file_node = self.get_test_file()
        subfolder = GithubFolder(
            name='folder',
            node=self.project,
            path='/test/folder/',
            materialized_path='/test/folder/',
        )
        subfolder.save()
        payload = {
            'provider': file_node.provider,
            'metadata': {
                'path': '/test/',
                'materialized': '/test/'
            }
        }
        views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
        assert_false(GithubFileNode.load(subfolder._id))
        assert_true(TrashedFileNode.load(file_node._id))

    @mock.patch('website.archiver.tasks.archive')
    def test_archived_from_url(self, mock_archive):
        file_node = self.get_test_file()
        second_file_node = self.get_second_test_file()
        file_node.copied_from = second_file_node

        registered_node = self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )

        archived_from_url = views.get_archived_from_url(registered_node, file_node)
        view_url = self.project.web_url_for('addon_view_or_download_file', provider=file_node.provider, path=file_node.copied_from._id)
        assert_true(archived_from_url)
        assert_urls_equal(archived_from_url, view_url)

    @mock.patch('website.archiver.tasks.archive')
    def test_archived_from_url_without_copied_from(self, mock_archive):
        file_node = self.get_test_file()

        registered_node = self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )
        archived_from_url = views.get_archived_from_url(registered_node, file_node)
        assert_false(archived_from_url)

    @mock.patch('website.archiver.tasks.archive')
    def test_copied_from_id_trashed(self, mock_archive):
        file_node = self.get_test_file()
        second_file_node = self.get_second_test_file()
        file_node.copied_from = second_file_node
        self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )
        trashed_node = second_file_node.delete()
        assert_false(trashed_node.copied_from)

    @mock.patch('website.archiver.tasks.archive')
    def test_missing_modified_date_in_file_data(self, mock_archive):
        file_node = self.get_test_file()
        file_data = {
            'name': 'Test File Update',
            'materialized': file_node.materialized_path,
            'modified': None
        }
        file_node.update(revision=None, data=file_data)
        assert_equal(len(file_node.history), 1)
        assert_equal(file_node.history[0], file_data)

    @mock.patch('website.archiver.tasks.archive')
    def test_missing_modified_date_in_file_history(self, mock_archive):
        file_node = self.get_test_file()
        file_node.history.append({'modified': None})
        file_data = {
            'name': 'Test File Update',
            'materialized': file_node.materialized_path,
            'modified': None
        }
        file_node.update(revision=None, data=file_data)
        assert_equal(len(file_node.history), 2)
        assert_equal(file_node.history[1], file_data)

    @with_sentry
    @mock.patch('framework.sentry.sentry.captureMessage')
    def test_update_logs_to_sentry_when_called_with_disordered_metadata(self, mock_capture):
        file_node = self.get_test_file()
        file_node.history.append({'modified': parse_date(
                '2017-08-22T13:54:32.100900',
                ignoretz=True,
                default=timezone.now()  # Just incase nothing can be parsed
            )})
        data = {
            'name': 'a name',
            'materialized': 'materialized',
            'modified': '2016-08-22T13:54:32.100900'
        }
        file_node.update(revision=None, user=None, data=data)
        mock_capture.assert_called_with(unicode('update() receives metatdata older than the newest entry in file history.'), extra={'session': {}})
示例#7
0
class TestAddonAuth(OsfTestCase):

    def setUp(self):
        super(TestAddonAuth, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()
        self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def build_url(self, **kwargs):
        options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
            action='download',
            nid=self.node._id,
            provider=self.node_addon.config.short_name), **kwargs),
            'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
        }, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
        return api_url_for('get_auth', **options)

    def test_auth_download(self):
        url = self.build_url()
        res = self.app.get(url, auth=self.user.auth)
        data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
        assert_equal(data['auth'], views.make_auth(self.user))
        assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
        assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
        expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
        observed_url = furl.furl(data['callback_url'])
        observed_url.port = expected_url.port
        assert_equal(expected_url, observed_url)

    def test_auth_missing_args(self):
        url = self.build_url(cookie=None)
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 401)

    def test_auth_bad_cookie(self):
        url = self.build_url(cookie=self.cookie)
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 200)
        data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
        assert_equal(data['auth'], views.make_auth(self.user))
        assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
        assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
        expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
        observed_url = furl.furl(data['callback_url'])
        observed_url.port = expected_url.port
        assert_equal(expected_url, observed_url)

    def test_auth_cookie(self):
        url = self.build_url(cookie=self.cookie[::-1])
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 401)

    def test_auth_missing_addon(self):
        url = self.build_url(provider='queenhub')
        res = self.app.get(url, expect_errors=True, auth=self.user.auth)
        assert_equal(res.status_code, 400)

    @mock.patch('addons.base.views.cas.get_client')
    def test_auth_bad_bearer_token(self, mock_cas_client):
        mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
        url = self.build_url()
        res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
        assert_equal(res.status_code, 403)
示例#8
0
class TestAddonLogs(OsfTestCase):

    def setUp(self):
        super(TestAddonLogs, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def configure_osf_addon(self):
        self.project = ProjectFactory(creator=self.user)
        self.node_addon = self.project.get_addon('osfstorage')
        self.node_addon.save()

    def build_payload(self, metadata, **kwargs):
        options = dict(
            auth={'id': self.user._id},
            action='create',
            provider=self.node_addon.config.short_name,
            metadata=metadata,
            time=time.time() + 1000,
        )
        options.update(kwargs)
        options = {
            key: value
            for key, value in options.iteritems()
            if value is not None
        }
        message, signature = signing.default_signer.sign_payload(options)
        return {
            'payload': message,
            'signature': signature,
        }

    @mock.patch('website.notifications.events.files.FileAdded.perform')
    def test_add_log(self, mock_perform):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        # # Mocking form_message and perform so that the payload need not be exact.
        # assert_true(mock_form_message.called, "form_message not called")
        assert_true(mock_perform.called, 'perform not called')

    def test_add_log_missing_args(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth=None)
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_user(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth={'id': None})
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_addon(self):
        path = 'pizza'
        node = ProjectFactory(creator=self.user)
        url = node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(node.logs.count(), nlogs)

    def test_add_log_bad_action(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, action='dance')
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_action_file_rename(self):
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(
            action='rename',
            metadata={
                'path': 'foo',
            },
            source={
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'new.txt',
                'kind': 'file',
            },
            destination={
                'path': 'foo',
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'old.txt',
                'kind': 'file',
            },
        )
        self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'}
        )
        self.node.reload()

        assert_equal(
            self.node.logs.latest().action,
            'github_addon_file_renamed',
        )

    def test_action_downloads(self):
        url = self.node.api_url_for('create_waterbutler_log')
        download_actions=('download_file', 'download_zip')
        for action in download_actions:
            payload = self.build_payload(metadata={'path': 'foo'}, action=action)
            nlogs = self.node.logs.count()
            res = self.app.put_json(
                url,
                payload,
                headers={'Content-Type': 'application/json'},
                expect_errors=False,
            )
            assert_equal(res.status_code, 200)

        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_file_osfstorage_log(self):
        self.configure_osf_addon()
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'materialized': path, 'kind': 'file', 'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        assert('urls' in self.node.logs.filter(action='osf_storage_file_added')[0].params)

    def test_add_folder_osfstorage_log(self):
        self.configure_osf_addon()
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'materialized': path, 'kind': 'folder', 'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        assert('urls' not in self.node.logs.filter(action='osf_storage_file_added')[0].params)
示例#9
0
class TestAddonAuth(OsfTestCase):

    def setUp(self):
        super(TestAddonAuth, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()
        self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def build_url(self, **kwargs):
        options = {'payload': jwe.encrypt(jwt.encode({'data': dict(dict(
            action='download',
            nid=self.node._id,
            provider=self.node_addon.config.short_name), **kwargs),
            'exp': timezone.now() + datetime.timedelta(seconds=settings.WATERBUTLER_JWT_EXPIRATION),
        }, settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM), self.JWE_KEY)}
        return api_url_for('get_auth', **options)

    def test_auth_download(self):
        url = self.build_url()
        res = self.app.get(url, auth=self.user.auth)
        data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
        assert_equal(data['auth'], views.make_auth(self.user))
        assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
        assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
        expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
        observed_url = furl.furl(data['callback_url'])
        observed_url.port = expected_url.port
        assert_equal(expected_url, observed_url)

    def test_auth_missing_args(self):
        url = self.build_url(cookie=None)
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 401)

    def test_auth_bad_cookie(self):
        url = self.build_url(cookie=self.cookie)
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 200)
        data = jwt.decode(jwe.decrypt(res.json['payload'].encode('utf-8'), self.JWE_KEY), settings.WATERBUTLER_JWT_SECRET, algorithm=settings.WATERBUTLER_JWT_ALGORITHM)['data']
        assert_equal(data['auth'], views.make_auth(self.user))
        assert_equal(data['credentials'], self.node_addon.serialize_waterbutler_credentials())
        assert_equal(data['settings'], self.node_addon.serialize_waterbutler_settings())
        expected_url = furl.furl(self.node.api_url_for('create_waterbutler_log', _absolute=True, _internal=True))
        observed_url = furl.furl(data['callback_url'])
        observed_url.port = expected_url.port
        assert_equal(expected_url, observed_url)

    def test_auth_cookie(self):
        url = self.build_url(cookie=self.cookie[::-1])
        res = self.app.get(url, expect_errors=True)
        assert_equal(res.status_code, 401)

    def test_auth_missing_addon(self):
        url = self.build_url(provider='queenhub')
        res = self.app.get(url, expect_errors=True, auth=self.user.auth)
        assert_equal(res.status_code, 400)

    @mock.patch('addons.base.views.cas.get_client')
    def test_auth_bad_bearer_token(self, mock_cas_client):
        mock_cas_client.return_value = mock.Mock(profile=mock.Mock(return_value=cas.CasResponse(authenticated=False)))
        url = self.build_url()
        res = self.app.get(url, headers={'Authorization': 'Bearer invalid_access_token'}, expect_errors=True)
        assert_equal(res.status_code, 403)
示例#10
0
class TestViewUtils(OsfTestCase):

    def setUp(self):
        super(TestViewUtils, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()
        self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def test_serialize_addons(self):
        addon_dicts = serialize_addons(self.node, self.auth_obj)

        enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
        assert len(enabled_addons) == 2
        assert enabled_addons[0]['short_name'] == 'github'
        assert enabled_addons[1]['short_name'] == 'osfstorage'

        default_addons = [addon for addon in addon_dicts if addon['default']]
        assert len(default_addons) == 1
        assert default_addons[0]['short_name'] == 'osfstorage'

    def test_include_template_json(self):
        """ Some addons (github, gitlab) need more specialized template infomation so we want to
        ensure we get those extra variables that when the addon is enabled.
        """
        addon_dicts = serialize_addons(self.node, self.auth_obj)

        enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
        assert len(enabled_addons) == 2
        assert enabled_addons[1]['short_name'] == 'osfstorage'
        assert enabled_addons[0]['short_name'] == 'github'
        assert 'node_has_auth' in enabled_addons[0]
        assert 'valid_credentials' in enabled_addons[0]

    def test_collect_node_config_js(self):

        addon_dicts = serialize_addons(self.node, self.auth_obj)

        asset_paths = collect_node_config_js(addon_dicts)

        # Default addons should be in addon dicts, but they have no js assets because you can't
        # connect/disconnect from them, think osfstorage, there's no node-cfg for that.
        default_addons = [addon['short_name'] for addon in addon_dicts if addon['default']]
        assert not any('/{}/'.format(addon) in asset_paths for addon in default_addons)
class TestNodeFilesList(ApiTestCase):
    def setUp(self):
        super(TestNodeFilesList, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        self.private_url = '/{}nodes/{}/files/'.format(API_BASE,
                                                       self.project._id)

        self.user_two = AuthUserFactory()

        self.public_project = ProjectFactory(creator=self.user, is_public=True)
        self.public_url = '/{}nodes/{}/files/'.format(API_BASE,
                                                      self.public_project._id)
        httpretty.enable()

    def tearDown(self):
        super(TestNodeFilesList, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []
        }
        addon.user_settings.save()

    def view_only_link(self):
        private_link = PrivateLinkFactory(creator=self.user)
        private_link.nodes.add(self.project)
        private_link.save()
        return private_link

    def _prepare_mock_wb_response(self, node=None, **kwargs):
        prepare_mock_wb_response(node=node or self.project, **kwargs)

    def test_returns_public_files_logged_out(self):
        res = self.app.get(self.public_url, expect_errors=True)
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data'][0]['attributes']['provider'],
                     'osfstorage')
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_public_files_logged_in(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data'][0]['attributes']['provider'],
                     'osfstorage')

    def test_returns_storage_addons_link(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_in('storage_addons', res.json['data'][0]['links'])

    def test_returns_file_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_file(
            'NewFile')
        fobj.save()
        res = self.app.get('{}osfstorage/{}'.format(self.private_url,
                                                    fobj._id),
                           auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_true(isinstance(res.json['data'], dict))
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data']['attributes']['kind'], 'file')
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')

    def test_returns_osfstorage_folder_version_two(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder(
            'NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/'.format(self.private_url),
                           auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_returns_osf_storage_folder_version_two_point_two(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder(
            'NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/?version=2.2'.format(
            self.private_url),
                           auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_list_returns_folder_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder(
            'NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/'.format(self.private_url, fobj._id),
                           auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')

    def test_returns_folder_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder(
            'NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/{}/'.format(self.private_url,
                                                     fobj._id),
                           auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 0)
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_private_files_logged_out(self):
        res = self.app.get(self.private_url, expect_errors=True)
        assert_equal(res.status_code, 401)
        assert_in('detail', res.json['errors'][0])

    def test_returns_private_files_logged_in_contributor(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['provider'],
                     'osfstorage')

    def test_returns_private_files_logged_in_non_contributor(self):
        res = self.app.get(self.private_url,
                           auth=self.user_two.auth,
                           expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    def test_returns_addon_folders(self):
        user_auth = Auth(self.user)
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['provider'],
                     'osfstorage')

        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []
        }
        addon.user_settings.save()
        res = self.app.get(self.private_url, auth=self.user.auth)
        data = res.json['data']
        providers = [item['attributes']['provider'] for item in data]
        assert_equal(len(data), 2)
        assert_in('github', providers)
        assert_in('osfstorage', providers)

    def test_vol_node_files_list(self):
        self._prepare_mock_wb_response(provider='github',
                                       files=[{
                                           'name': 'NewFile'
                                       }])
        self.add_github()
        vol = self.view_only_link()
        url = '/{}nodes/{}/files/github/?view_only={}'.format(
            API_BASE, self.project._id, vol.key)
        res = self.app.get(url, auth=self.user_two.auth)
        wb_request = httpretty.last_request()
        assert_equal(wb_request.querystring, {
            u'view_only': [unicode(vol.key, 'utf-8')],
            u'meta': [u'True']
        })
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
        assert_in(vol.key, res.json['data'][0]['links']['info'])
        assert_in(vol.key, res.json['data'][0]['links']['move'])
        assert_in(vol.key, res.json['data'][0]['links']['upload'])
        assert_in(vol.key, res.json['data'][0]['links']['download'])
        assert_in(vol.key, res.json['data'][0]['links']['delete'])

    def test_returns_node_files_list(self):
        self._prepare_mock_wb_response(provider='github',
                                       files=[{
                                           'name': 'NewFile'
                                       }])
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

    def test_returns_node_file(self):
        self._prepare_mock_wb_response(provider='github',
                                       files=[{
                                           'name': 'NewFile'
                                       }],
                                       folder=False,
                                       path='/file')
        self.add_github()
        url = '/{}nodes/{}/files/github/file'.format(API_BASE,
                                                     self.project._id)
        res = self.app.get(
            url,
            auth=self.user.auth,
            headers={
                'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
            })
        # test create
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')
        assert_equal(res.json['data']['attributes']['provider'], 'github')

        # test get
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')
        assert_equal(res.json['data']['attributes']['provider'], 'github')

    def test_notfound_node_file_returns_folder(self):
        self._prepare_mock_wb_response(provider='github',
                                       files=[{
                                           'name': 'NewFile'
                                       }],
                                       path='/file')
        url = '/{}nodes/{}/files/github/file'.format(API_BASE,
                                                     self.project._id)
        res = self.app.get(
            url,
            auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 404)

    def test_notfound_node_folder_returns_file(self):
        self._prepare_mock_wb_response(provider='github',
                                       files=[{
                                           'name': 'NewFile'
                                       }],
                                       folder=False,
                                       path='/')

        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(
            url,
            auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 404)

    def test_waterbutler_server_error_returns_503(self):
        self._prepare_mock_wb_response(status_code=500)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(
            url,
            auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 503)

    def test_waterbutler_invalid_data_returns_503(self):
        wb_url = waterbutler_api_url_for(self.project._id,
                                         provider='github',
                                         path='/',
                                         meta=True)
        self.add_github()
        httpretty.register_uri(httpretty.GET,
                               wb_url,
                               body=json.dumps({}),
                               status=400)
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)

    def test_handles_unauthenticated_waterbutler_request(self):
        self._prepare_mock_wb_response(status_code=401)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    def test_handles_notfound_waterbutler_request(self):
        invalid_provider = 'gilkjadsflhub'
        self._prepare_mock_wb_response(status_code=404,
                                       provider=invalid_provider)
        url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id,
                                             invalid_provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 404)
        assert_in('detail', res.json['errors'][0])

    def test_handles_request_to_provider_not_configured_on_project(self):
        provider = 'box'
        url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id,
                                             provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_false(self.project.get_addon(provider))
        assert_equal(res.status_code, 404)
        assert_equal(
            res.json['errors'][0]['detail'],
            'The {} provider is not configured for this project.'.format(
                provider))

    def test_handles_bad_waterbutler_request(self):
        wb_url = waterbutler_api_url_for(self.project._id,
                                         provider='github',
                                         path='/',
                                         meta=True)
        httpretty.register_uri(httpretty.GET,
                               wb_url,
                               body=json.dumps({}),
                               status=418)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)
        assert_in('detail', res.json['errors'][0])

    def test_files_list_contains_relationships_object(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert 'relationships' in res.json['data'][0]
示例#12
0
class TestNodeFilesList(ApiTestCase):

    def setUp(self):
        super(TestNodeFilesList, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        self.private_url = '/{}nodes/{}/files/'.format(API_BASE, self.project._id)

        self.user_two = AuthUserFactory()

        self.public_project = ProjectFactory(creator=self.user, is_public=True)
        self.public_url = '/{}nodes/{}/files/'.format(API_BASE, self.public_project._id)
        httpretty.enable()

    def tearDown(self):
        super(TestNodeFilesList, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
        addon.user_settings.save()

    def _prepare_mock_wb_response(self, node=None, **kwargs):
        prepare_mock_wb_response(node=node or self.project, **kwargs)

    def test_returns_public_files_logged_out(self):
        res = self.app.get(self.public_url, expect_errors=True)
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_public_files_logged_in(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')

    def test_returns_storage_addons_link(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_in('storage_addons', res.json['data'][0]['links'])

    def test_returns_file_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_file('NewFile')
        fobj.save()
        res = self.app.get('{}osfstorage/{}'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_true(isinstance(res.json['data'], dict))
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data']['attributes']['kind'], 'file')
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')

    def test_returns_osfstorage_folder_version_two(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/'.format(self.private_url), auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_returns_osf_storage_folder_version_two_point_two(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/?version=2.2'.format(self.private_url), auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_list_returns_folder_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')

    def test_returns_folder_data(self):
        fobj = self.project.get_addon('osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get('{}osfstorage/{}/'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 0)
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_private_files_logged_out(self):
        res = self.app.get(self.private_url, expect_errors=True)
        assert_equal(res.status_code, 401)
        assert_in('detail', res.json['errors'][0])

    def test_returns_private_files_logged_in_contributor(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')

    def test_returns_private_files_logged_in_non_contributor(self):
        res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    def test_returns_addon_folders(self):
        user_auth = Auth(self.user)
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['provider'], 'osfstorage')

        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
        addon.user_settings.save()
        res = self.app.get(self.private_url, auth=self.user.auth)
        data = res.json['data']
        providers = [item['attributes']['provider'] for item in data]
        assert_equal(len(data), 2)
        assert_in('github', providers)
        assert_in('osfstorage', providers)

    def test_returns_node_files_list(self):
        self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}])
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

    def test_returns_node_file(self):
        self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], folder=False, path='/file')
        self.add_github()
        url = '/{}nodes/{}/files/github/file'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, headers={
            'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
        })
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')
        assert_equal(res.json['data']['attributes']['provider'], 'github')

    def test_notfound_node_file_returns_folder(self):
        self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], path='/file')
        url = '/{}nodes/{}/files/github/file'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
            'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
        })
        assert_equal(res.status_code, 404)

    def test_notfound_node_folder_returns_file(self):
        self._prepare_mock_wb_response(provider='github', files=[{'name': 'NewFile'}], folder=False, path='/')

        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
            'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
        })
        assert_equal(res.status_code, 404)

    def test_waterbutler_server_error_returns_503(self):
        self._prepare_mock_wb_response(status_code=500)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True, headers={
            'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
        })
        assert_equal(res.status_code, 503)

    def test_waterbutler_invalid_data_returns_503(self):
        wb_url = waterbutler_api_url_for(self.project._id, provider='github', path='/', meta=True)
        self.add_github()
        httpretty.register_uri(
            httpretty.GET,
            wb_url,
            body=json.dumps({}),
            status=400
        )
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)

    def test_handles_unauthenticated_waterbutler_request(self):
        self._prepare_mock_wb_response(status_code=401)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    def test_handles_notfound_waterbutler_request(self):
        invalid_provider = 'gilkjadsflhub'
        self._prepare_mock_wb_response(status_code=404, provider=invalid_provider)
        url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id, invalid_provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 404)
        assert_in('detail', res.json['errors'][0])

    def test_handles_request_to_provider_not_configured_on_project(self):
        provider = 'box'
        url = '/{}nodes/{}/files/{}/'.format(API_BASE, self.project._id, provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_false(self.project.get_addon(provider))
        assert_equal(res.status_code, 404)
        assert_equal(res.json['errors'][0]['detail'], 'The {} provider is not configured for this project.'.format(provider))

    def test_handles_bad_waterbutler_request(self):
        wb_url = waterbutler_api_url_for(self.project._id, provider='github', path='/', meta=True)
        httpretty.register_uri(
            httpretty.GET,
            wb_url,
            body=json.dumps({}),
            status=418
        )
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)
        assert_in('detail', res.json['errors'][0])

    def test_files_list_contains_relationships_object(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert 'relationships' in res.json['data'][0]
示例#13
0
class TestNodeFilesListPagination(ApiTestCase):
    def setUp(self):
        super(TestNodeFilesListPagination, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        httpretty.enable()

    def tearDown(self):
        super(TestNodeFilesListPagination, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
        addon.user_settings.save()

    def check_file_order(self, resp):
        previous_file_name = 0
        for file in resp.json['data']:
            int_file_name = int(file['attributes']['name'])
            assert int_file_name > previous_file_name, 'Files were not in order'
            previous_file_name = int_file_name

    def test_node_files_are_sorted_correctly(self):
        prepare_mock_wb_response(
            node=self.project,
            provider='github',
            files=[
                {'name': '01', 'path': '/01/', 'materialized': '/01/', 'kind': 'folder'},
                {'name': '02', 'path': '/02', 'materialized': '/02', 'kind': 'file'},
                {'name': '03', 'path': '/03/', 'materialized': '/03/', 'kind': 'folder'},
                {'name': '04', 'path': '/04', 'materialized': '/04', 'kind': 'file'},
                {'name': '05', 'path': '/05/', 'materialized': '/05/', 'kind': 'folder'},
                {'name': '06', 'path': '/06', 'materialized': '/06', 'kind': 'file'},
                {'name': '07', 'path': '/07/', 'materialized': '/07/', 'kind': 'folder'},
                {'name': '08', 'path': '/08', 'materialized': '/08', 'kind': 'file'},
                {'name': '09', 'path': '/09/', 'materialized': '/09/', 'kind': 'folder'},
                {'name': '10', 'path': '/10', 'materialized': '/10', 'kind': 'file'},
                {'name': '11', 'path': '/11/', 'materialized': '/11/', 'kind': 'folder'},
                {'name': '12', 'path': '/12', 'materialized': '/12', 'kind': 'file'},
                {'name': '13', 'path': '/13/', 'materialized': '/13/', 'kind': 'folder'},
                {'name': '14', 'path': '/14', 'materialized': '/14', 'kind': 'file'},
                {'name': '15', 'path': '/15/', 'materialized': '/15/', 'kind': 'folder'},
                {'name': '16', 'path': '/16', 'materialized': '/16', 'kind': 'file'},
                {'name': '17', 'path': '/17/', 'materialized': '/17/', 'kind': 'folder'},
                {'name': '18', 'path': '/18', 'materialized': '/18', 'kind': 'file'},
                {'name': '19', 'path': '/19/', 'materialized': '/19/', 'kind': 'folder'},
                {'name': '20', 'path': '/20', 'materialized': '/20', 'kind': 'file'},
                {'name': '21', 'path': '/21/', 'materialized': '/21/', 'kind': 'folder'},
                {'name': '22', 'path': '/22', 'materialized': '/22', 'kind': 'file'},
                {'name': '23', 'path': '/23/', 'materialized': '/23/', 'kind': 'folder'},
                {'name': '24', 'path': '/24', 'materialized': '/24', 'kind': 'file'},
            ]
        )
        self.add_github()
        url = '/{}nodes/{}/files/github/?page[size]=100'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth)
        self.check_file_order(res)
示例#14
0
class TestNodeFilesListFiltering(ApiTestCase):

    def setUp(self):
        super(TestNodeFilesListFiltering, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        httpretty.enable()
        # Prep HTTP mocks
        prepare_mock_wb_response(
            node=self.project,
            provider='github',
            files=[
                {'name': 'abc', 'path': '/abc/', 'materialized': '/abc/', 'kind': 'folder'},
                {'name': 'xyz', 'path': '/xyz', 'materialized': '/xyz', 'kind': 'file'},
            ]
        )

    def tearDown(self):
        super(TestNodeFilesListFiltering, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {oauth_settings._id: []}
        addon.user_settings.save()

    def test_node_files_are_filterable_by_name(self):
        url = '/{}nodes/{}/files/github/?filter[name]=xyz'.format(API_BASE, self.project._id)
        self.add_github()
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'abc'
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

    def test_node_files_filter_by_name_case_insensitive(self):
        url = '/{}nodes/{}/files/github/?filter[name]=XYZ'.format(API_BASE, self.project._id)
        self.add_github()
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'abc', but finds 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

    def test_node_files_are_filterable_by_path(self):
        url = '/{}nodes/{}/files/github/?filter[path]=abc'.format(API_BASE, self.project._id)
        self.add_github()
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

    def test_node_files_are_filterable_by_kind(self):
        url = '/{}nodes/{}/files/github/?filter[kind]=folder'.format(API_BASE, self.project._id)
        self.add_github()
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

    def test_node_files_external_provider_can_filter_by_last_touched(self):
        yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
        self.add_github()
        url = '/{}nodes/{}/files/github/?filter[last_touched][gt]={}'.format(API_BASE,
                                                                             self.project._id,
                                                                             yesterday_stamp.isoformat())
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 2)

    def test_node_files_osfstorage_cannot_filter_by_last_touched(self):
        yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
        self.file = api_utils.create_test_file(self.project, self.user)

        url = '/{}nodes/{}/files/osfstorage/?filter[last_touched][gt]={}'.format(API_BASE,
                                                                                 self.project._id,
                                                                                 yesterday_stamp.isoformat())
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 400)
        assert_equal(len(res.json['errors']), 1)
class TestAddonCount(OsfTestCase):
    def setUp(self):
        super(TestAddonCount, self).setUp()
        self.user = AuthUserFactory()
        self.node = ProjectFactory(creator=self.user)
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')

        self.external_account = GitHubAccountFactory(display_name='hmoco1')

        self.user_settings = self.user.get_or_add_addon('github')

        self.user_settings.save()
        self.user.external_accounts.add(self.external_account)
        self.user.save()
        self.node.add_addon('github', Auth(self.user))
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = self.user.fullname
        self.node_addon.repo = '29 #Strafford APTS'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.external_account
        self.node_addon.save()

        self.user_settings.grant_oauth_access(
            node=self.node,
            external_account=self.external_account,
        )

    def test_run_for_all_addon(self):
        results = AddonSnapshot().get_events()
        names = [res['provider']['name'] for res in results]
        for addon in ADDONS_AVAILABLE:
            assert_in(addon.short_name, names)

    def test_one_user_one_node_one_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(github_res['nodes']['total'], 1)

    def test_one_user_one_node_one_addon_one_node_linked(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(github_res['nodes']['total'], 1)

    def test_one_user_with_multiple_githubs(self):
        oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
        oauth_settings2.save()
        self.user.external_accounts.add(oauth_settings2)
        self.user.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 1)

    def test_one_user_with_multiple_addons(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(googledrive_res['users']['enabled'], 0)

        self.user.add_addon('googledrive')
        oauth_settings = GoogleDriveAccountFactory()
        oauth_settings.save()
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(googledrive_res['users']['enabled'], 1)

    def test_many_users_each_with_a_different_github(self):
        user = AuthUserFactory()
        user.add_addon('github')
        oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
        oauth_settings2.save()
        user.external_accounts.add(oauth_settings2)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 2)
        assert_equal(github_res['users']['authorized'], 1)
        assert_equal(github_res['users']['linked'], 1)

    def test_many_users_each_with_the_same_github_enabled(self):
        user = AuthUserFactory()
        user.add_addon('github')
        user.external_accounts.add(self.external_account)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 2)

    def test_github_enabled_not_linked_or_authorized(self):
        user = AuthUserFactory()
        user.add_addon('github')
        user.external_accounts.add(self.external_account)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['users']['enabled'], 2)
        assert_equal(github_res['users']['authorized'], 1)
        assert_equal(github_res['users']['linked'], 1)

    def test_one_node_with_multiple_addons(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
        assert_equal(github_res['nodes']['total'], 1)
        assert_equal(googledrive_res['nodes']['total'], 0)

        self.user.add_addon('googledrive')
        user_addon = self.user.get_addon('googledrive')
        oauth_settings = GoogleDriveAccountFactory()
        oauth_settings.save()
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        self.node.add_addon('googledrive', Auth(self.user))
        node_addon = self.node.get_addon('googledrive')
        node_addon.user = self.user.fullname
        node_addon.user_settings = user_addon
        node_addon.external_account = oauth_settings
        node_addon.save()
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        googledrive_res = [res for res in results if res['provider']['name'] == 'googledrive'][0]
        assert_equal(github_res['nodes']['total'], 1)
        assert_equal(googledrive_res['nodes']['total'], 1)

    def test_many_nodes_with_one_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['total'], 1)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.user = self.user.fullname
        node_addon.repo = '8 (circle)'
        node_addon.user_settings = self.user_addon
        node_addon.external_account = self.external_account
        node_addon.save()
        node.save()

        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['total'], 2)

    def test_node_count_deleted_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['deleted'], 0)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.delete()

        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['deleted'], 1)

    def test_node_count_disconected_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['disconnected'], 0)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.external_account = None
        node_addon.save()

        results = AddonSnapshot().get_events()
        github_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(github_res['nodes']['disconnected'], 1)

    def test_all_users_have_wiki_osfstorage_enabled(self):
        all_user_count = OSFUser.objects.all().count()
        results = AddonSnapshot().get_events()
        osfstorage_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0]
        wiki_res = [res for res in results if res['provider']['name'] == 'osfstorage'][0]

        assert_equal(osfstorage_res['users']['enabled'], all_user_count)
        assert_equal(wiki_res['users']['enabled'], all_user_count)

    def test_wiki_deleted_shows_as_deleted(self):
        node = ProjectFactory(creator=self.user)
        node.delete_addon('wiki', auth=Auth(self.user))

        results = AddonSnapshot().get_events()
        wiki_res = [res for res in results if res['provider']['name'] == 'wiki'][0]

        assert_equal(wiki_res['nodes']['deleted'], 1)

    def test_node_settings_has_no_owner_not_connected(self):
        self.node_addon.owner = None
        self.node_addon.save()

        results = AddonSnapshot().get_events()
        storage_res = [res for res in results if res['provider']['name'] == 'github'][0]
        assert_equal(storage_res['nodes']['connected'], 0)
示例#16
0
class TestCreateContainer(AzureBlobStorageAddonTestCase, OsfTestCase):
    def setUp(self):

        super(TestCreateContainer, self).setUp()

        self.user = AuthUserFactory()
        self.consolidated_auth = Auth(user=self.user)
        self.auth = self.user.auth
        self.project = ProjectFactory(creator=self.user)

        self.project.add_addon('azureblobstorage', auth=self.consolidated_auth)
        self.project.creator.add_addon('azureblobstorage')

        self.user_settings = self.user.get_addon('azureblobstorage')
        self.user_settings.access_key = 'We-Will-Rock-You'
        self.user_settings.secret_key = 'Idontknowanyqueensongs'
        self.user_settings.save()

        self.node_settings = self.project.get_addon('azureblobstorage')
        self.node_settings.container = 'Sheer-Heart-Attack'
        self.node_settings.user_settings = self.project.creator.get_addon(
            'azureblobstorage')

        self.node_settings.save()

    def test_bad_names(self):
        assert_false(validate_container_name(''))
        assert_false(validate_container_name('no'))
        assert_false(validate_container_name('a' * 64))
        assert_false(validate_container_name(' leadingspace'))
        assert_false(validate_container_name('trailingspace '))
        assert_false(validate_container_name('bogus naMe'))
        assert_false(validate_container_name('.cantstartwithp'))
        assert_false(validate_container_name('or.endwith.'))
        assert_false(validate_container_name('..nodoubles'))
        assert_false(validate_container_name('no_unders_in'))
        assert_false(validate_container_name('-leadinghyphen'))
        assert_false(validate_container_name('trailinghyphen-'))
        assert_false(validate_container_name('Mixedcase'))
        assert_false(validate_container_name('empty..label'))
        assert_false(validate_container_name('label-.trailinghyphen'))
        assert_false(validate_container_name('label.-leadinghyphen'))
        assert_false(validate_container_name('8.8.8.8'))
        assert_false(validate_container_name('600.9000.0.28'))
        assert_false(validate_container_name('no_underscore'))
        assert_false(validate_container_name('_nounderscoreinfront'))
        assert_false(validate_container_name('no-underscore-in-back_'))
        assert_false(
            validate_container_name('no-underscore-in_the_middle_either'))

    def test_names(self):
        assert_true(validate_container_name('imagoodname'))
        assert_true(validate_container_name('can-have-dashes'))
        assert_true(validate_container_name('a--------a'))
        assert_true(validate_container_name('a' * 63))

    @mock.patch('addons.azureblobstorage.views.utils.create_container')
    @mock.patch('addons.azureblobstorage.views.utils.get_container_names')
    def test_create_container_pass(self, mock_names, mock_make):
        mock_make.return_value = True
        mock_names.return_value = ['butintheend', 'it', 'doesntevenmatter']
        url = self.project.api_url_for('azureblobstorage_create_container')
        ret = self.app.post_json(url, {'container_name': 'doesntevenmatter'},
                                 auth=self.user.auth)

        assert_equal(ret.status_int, http.OK)
        assert_equal(ret.json, {})

    @mock.patch('addons.azureblobstorage.views.utils.create_container')
    def test_create_container_fail(self, mock_make):
        error = AzureHttpError('because Im a test', 418)
        error.message = 'This should work'
        mock_make.side_effect = error

        url = "/api/v1/project/{0}/azureblobstorage/newcontainer/".format(
            self.project._id)
        ret = self.app.post_json(url, {'container_name': 'doesntevenmatter'},
                                 auth=self.user.auth,
                                 expect_errors=True)

        assert_equals(
            ret.body,
            '{"message": "This should work", "title": "Problem connecting to Azure Blob Storage"}'
        )
示例#17
0
class TestAddonLogs(OsfTestCase):

    def setUp(self):
        super(TestAddonLogs, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def build_payload(self, metadata, **kwargs):
        options = dict(
            auth={'id': self.user._id},
            action='create',
            provider=self.node_addon.config.short_name,
            metadata=metadata,
            time=time.time() + 1000,
        )
        options.update(kwargs)
        options = {
            key: value
            for key, value in options.iteritems()
            if value is not None
        }
        message, signature = signing.default_signer.sign_payload(options)
        return {
            'payload': message,
            'signature': signature,
        }

    @mock.patch('website.notifications.events.files.FileAdded.perform')
    def test_add_log(self, mock_perform):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        # # Mocking form_message and perform so that the payload need not be exact.
        # assert_true(mock_form_message.called, "form_message not called")
        assert_true(mock_perform.called, 'perform not called')

    def test_add_log_missing_args(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth=None)
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_user(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth={'id': None})
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_addon(self):
        path = 'pizza'
        node = ProjectFactory(creator=self.user)
        url = node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(node.logs.count(), nlogs)

    def test_add_log_bad_action(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, action='dance')
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_action_file_rename(self):
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(
            action='rename',
            metadata={
                'path': 'foo',
            },
            source={
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'new.txt',
                'kind': 'file',
            },
            destination={
                'path': 'foo',
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'old.txt',
                'kind': 'file',
            },
        )
        self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'}
        )
        self.node.reload()

        assert_equal(
            self.node.logs.latest().action,
            'github_addon_file_renamed',
        )
class TestNodeFilesListFiltering(ApiTestCase):
    def setUp(self):
        super(TestNodeFilesListFiltering, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        httpretty.enable()
        # Prep HTTP mocks
        prepare_mock_wb_response(node=self.project,
                                 provider='github',
                                 files=[
                                     {
                                         'name': 'abc',
                                         'path': '/abc/',
                                         'materialized': '/abc/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': 'xyz',
                                         'path': '/xyz',
                                         'materialized': '/xyz',
                                         'kind': 'file'
                                     },
                                 ])

    def tearDown(self):
        super(TestNodeFilesListFiltering, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []
        }
        addon.user_settings.save()

    def test_node_files_are_filterable_by_name(self):
        url = '/{}nodes/{}/files/github/?filter[name]=xyz'.format(
            API_BASE, self.project._id)
        self.add_github()

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'abc'
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'abc'
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

    def test_node_files_filter_by_name_case_insensitive(self):
        url = '/{}nodes/{}/files/github/?filter[name]=XYZ'.format(
            API_BASE, self.project._id)
        self.add_github()

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        # filters out 'abc', but finds 'xyz'
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        # filters out 'abc', but finds 'xyz'
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.json['data'][0]['attributes']['name'], 'xyz')

    def test_node_files_are_filterable_by_path(self):
        url = '/{}nodes/{}/files/github/?filter[path]=abc'.format(
            API_BASE, self.project._id)
        self.add_github()

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

    def test_node_files_are_filterable_by_kind(self):
        url = '/{}nodes/{}/files/github/?filter[kind]=folder'.format(
            API_BASE, self.project._id)
        self.add_github()

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)  # filters out 'xyz'
        assert_equal(res.json['data'][0]['attributes']['name'], 'abc')

    def test_node_files_external_provider_can_filter_by_last_touched(self):
        yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
        self.add_github()
        url = '/{}nodes/{}/files/github/?filter[last_touched][gt]={}'.format(
            API_BASE, self.project._id, yesterday_stamp.isoformat())
        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 2)

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 2)

    def test_node_files_osfstorage_cannot_filter_by_last_touched(self):
        yesterday_stamp = timezone.now() - datetime.timedelta(days=1)
        self.file = api_utils.create_test_file(self.project, self.user)

        url = '/{}nodes/{}/files/osfstorage/?filter[last_touched][gt]={}'.format(
            API_BASE, self.project._id, yesterday_stamp.isoformat())

        # test create
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 400)
        assert_equal(len(res.json['errors']), 1)

        # test get
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 400)
        assert_equal(len(res.json['errors']), 1)
示例#19
0
class TestCreateBucket(S3AddonTestCase, OsfTestCase):
    def setUp(self):

        super(TestCreateBucket, self).setUp()

        self.user = AuthUserFactory()
        self.consolidated_auth = Auth(user=self.user)
        self.auth = self.user.auth
        self.project = ProjectFactory(creator=self.user)

        self.project.add_addon('s3', auth=self.consolidated_auth)
        self.project.creator.add_addon('s3')

        self.user_settings = self.user.get_addon('s3')
        self.user_settings.access_key = 'We-Will-Rock-You'
        self.user_settings.secret_key = 'Idontknowanyqueensongs'
        self.user_settings.save()

        self.node_settings = self.project.get_addon('s3')
        self.node_settings.bucket = 'Sheer-Heart-Attack'
        self.node_settings.user_settings = self.project.creator.get_addon('s3')

        self.node_settings.save()

    def test_bad_names(self):
        assert_false(validate_bucket_name(''))
        assert_false(validate_bucket_name('no'))
        assert_false(validate_bucket_name('a' * 64))
        assert_false(validate_bucket_name(' leadingspace'))
        assert_false(validate_bucket_name('trailingspace '))
        assert_false(validate_bucket_name('bogus naMe'))
        assert_false(validate_bucket_name('.cantstartwithp'))
        assert_false(validate_bucket_name('or.endwith.'))
        assert_false(validate_bucket_name('..nodoubles'))
        assert_false(validate_bucket_name('no_unders_in'))
        assert_false(validate_bucket_name('-leadinghyphen'))
        assert_false(validate_bucket_name('trailinghyphen-'))
        assert_false(validate_bucket_name('Mixedcase'))
        assert_false(validate_bucket_name('empty..label'))
        assert_false(validate_bucket_name('label-.trailinghyphen'))
        assert_false(validate_bucket_name('label.-leadinghyphen'))
        assert_false(validate_bucket_name('8.8.8.8'))
        assert_false(validate_bucket_name('600.9000.0.28'))
        assert_false(validate_bucket_name('no_underscore'))
        assert_false(validate_bucket_name('_nounderscoreinfront'))
        assert_false(validate_bucket_name('no-underscore-in-back_'))
        assert_false(
            validate_bucket_name('no-underscore-in_the_middle_either'))

    def test_names(self):
        assert_true(validate_bucket_name('imagoodname'))
        assert_true(validate_bucket_name('still.passing'))
        assert_true(validate_bucket_name('can-have-dashes'))
        assert_true(validate_bucket_name('kinda.name.spaced'))
        assert_true(validate_bucket_name('a-o.valid'))
        assert_true(validate_bucket_name('11.12.m'))
        assert_true(validate_bucket_name('a--------a'))
        assert_true(validate_bucket_name('a' * 63))

    def test_bad_locations(self):
        assert_false(validate_bucket_location('Venus'))
        assert_false(validate_bucket_location('AlphaCentari'))
        assert_false(validate_bucket_location('CostaRica'))

    def test_locations(self):
        assert_true(validate_bucket_location(''))
        assert_true(validate_bucket_location('eu-central-1'))
        assert_true(validate_bucket_location('ca-central-1'))
        assert_true(validate_bucket_location('us-west-1'))
        assert_true(validate_bucket_location('us-west-2'))
        assert_true(validate_bucket_location('ap-northeast-1'))
        assert_true(validate_bucket_location('ap-northeast-2'))
        assert_true(validate_bucket_location('ap-southeast-1'))
        assert_true(validate_bucket_location('ap-southeast-2'))
        assert_true(validate_bucket_location('sa-east-1'))
        assert_true(validate_bucket_location('eu-west-1'))
        assert_true(validate_bucket_location('eu-west-2'))

    @mock.patch('addons.s3.views.utils.create_bucket')
    @mock.patch('addons.s3.views.utils.get_bucket_names')
    def test_create_bucket_pass(self, mock_names, mock_make):
        mock_make.return_value = True
        mock_names.return_value = ['butintheend', 'it', 'doesntevenmatter']
        url = self.project.api_url_for('create_bucket')
        ret = self.app.post_json(url, {
            'bucket_name': 'doesntevenmatter',
            'bucket_location': '',
        },
                                 auth=self.user.auth)

        assert_equal(ret.status_int, http.OK)
        assert_equal(ret.json, {})

    @mock.patch('addons.s3.views.utils.create_bucket')
    def test_create_bucket_fail(self, mock_make):
        error = S3ResponseError(418, 'because Im a test')
        error.message = 'This should work'
        mock_make.side_effect = error

        url = '/api/v1/project/{0}/s3/newbucket/'.format(self.project._id)
        ret = self.app.post_json(url, {'bucket_name': 'doesntevenmatter'},
                                 auth=self.user.auth,
                                 expect_errors=True)

        assert_equals(
            ret.body,
            '{"message": "This should work", "title": "Problem connecting to S3"}'
        )

    @mock.patch('addons.s3.views.utils.create_bucket')
    def test_bad_location_fails(self, mock_make):
        url = '/api/v1/project/{0}/s3/newbucket/'.format(self.project._id)
        ret = self.app.post_json(
            url, {
                'bucket_name': 'doesntevenmatter',
                'bucket_location': 'not a real bucket location',
            },
            auth=self.user.auth,
            expect_errors=True)

        assert_equals(
            ret.body,
            '{"message": "That bucket location is not valid.", "title": "Invalid bucket location"}'
        )
class TestNodeFilesListPagination(ApiTestCase):
    def setUp(self):
        super(TestNodeFilesListPagination, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        httpretty.enable()

    def tearDown(self):
        super(TestNodeFilesListPagination, self).tearDown()
        httpretty.disable()
        httpretty.reset()

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []
        }
        addon.user_settings.save()

    def check_file_order(self, resp):
        previous_file_name = 0
        for file in resp.json['data']:
            int_file_name = int(file['attributes']['name'])
            assert int_file_name > previous_file_name, 'Files were not in order'
            previous_file_name = int_file_name

    def test_node_files_are_sorted_correctly(self):
        prepare_mock_wb_response(node=self.project,
                                 provider='github',
                                 files=[
                                     {
                                         'name': '01',
                                         'path': '/01/',
                                         'materialized': '/01/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '02',
                                         'path': '/02',
                                         'materialized': '/02',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '03',
                                         'path': '/03/',
                                         'materialized': '/03/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '04',
                                         'path': '/04',
                                         'materialized': '/04',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '05',
                                         'path': '/05/',
                                         'materialized': '/05/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '06',
                                         'path': '/06',
                                         'materialized': '/06',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '07',
                                         'path': '/07/',
                                         'materialized': '/07/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '08',
                                         'path': '/08',
                                         'materialized': '/08',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '09',
                                         'path': '/09/',
                                         'materialized': '/09/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '10',
                                         'path': '/10',
                                         'materialized': '/10',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '11',
                                         'path': '/11/',
                                         'materialized': '/11/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '12',
                                         'path': '/12',
                                         'materialized': '/12',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '13',
                                         'path': '/13/',
                                         'materialized': '/13/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '14',
                                         'path': '/14',
                                         'materialized': '/14',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '15',
                                         'path': '/15/',
                                         'materialized': '/15/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '16',
                                         'path': '/16',
                                         'materialized': '/16',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '17',
                                         'path': '/17/',
                                         'materialized': '/17/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '18',
                                         'path': '/18',
                                         'materialized': '/18',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '19',
                                         'path': '/19/',
                                         'materialized': '/19/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '20',
                                         'path': '/20',
                                         'materialized': '/20',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '21',
                                         'path': '/21/',
                                         'materialized': '/21/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '22',
                                         'path': '/22',
                                         'materialized': '/22',
                                         'kind': 'file'
                                     },
                                     {
                                         'name': '23',
                                         'path': '/23/',
                                         'materialized': '/23/',
                                         'kind': 'folder'
                                     },
                                     {
                                         'name': '24',
                                         'path': '/24',
                                         'materialized': '/24',
                                         'kind': 'file'
                                     },
                                 ])
        self.add_github()
        url = '/{}nodes/{}/files/github/?page[size]=100'.format(
            API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth)
        self.check_file_order(res)
示例#21
0
class TestAddonCount(OsfTestCase):
    def setUp(self):
        super(TestAddonCount, self).setUp()
        self.user = AuthUserFactory()
        self.node = ProjectFactory(creator=self.user)
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')

        self.external_account = GitHubAccountFactory(display_name='hmoco1')

        self.user_settings = self.user.get_or_add_addon('github')

        self.user_settings.save()
        self.user.external_accounts.add(self.external_account)
        self.user.save()
        self.node.add_addon('github', Auth(self.user))
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = self.user.fullname
        self.node_addon.repo = '29 #Strafford APTS'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.external_account
        self.node_addon.save()

        self.user_settings.grant_oauth_access(
            node=self.node,
            external_account=self.external_account,
        )

    def test_run_for_all_addon(self):
        results = AddonSnapshot().get_events()
        names = [res['provider']['name'] for res in results]
        for addon in ADDONS_AVAILABLE:
            assert_in(addon.short_name, names)

    def test_one_user_one_node_one_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(github_res['nodes']['total'], 1)

    def test_one_user_one_node_one_addon_one_node_linked(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(github_res['nodes']['total'], 1)

    def test_one_user_with_multiple_githubs(self):
        oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
        oauth_settings2.save()
        self.user.external_accounts.add(oauth_settings2)
        self.user.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 1)

    def test_one_user_with_multiple_addons(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        googledrive_res = [
            res for res in results if res['provider']['name'] == 'googledrive'
        ][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(googledrive_res['users']['enabled'], 0)

        self.user.add_addon('googledrive')
        oauth_settings = GoogleDriveAccountFactory()
        oauth_settings.save()
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        googledrive_res = [
            res for res in results if res['provider']['name'] == 'googledrive'
        ][0]
        assert_equal(github_res['users']['enabled'], 1)
        assert_equal(googledrive_res['users']['enabled'], 1)

    def test_many_users_each_with_a_different_github(self):
        user = AuthUserFactory()
        user.add_addon('github')
        oauth_settings2 = GitHubAccountFactory(display_name='hmoco2')
        oauth_settings2.save()
        user.external_accounts.add(oauth_settings2)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 2)
        assert_equal(github_res['users']['authorized'], 1)
        assert_equal(github_res['users']['linked'], 1)

    def test_many_users_each_with_the_same_github_enabled(self):
        user = AuthUserFactory()
        user.add_addon('github')
        user.external_accounts.add(self.external_account)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 2)

    def test_github_enabled_not_linked_or_authorized(self):
        user = AuthUserFactory()
        user.add_addon('github')
        user.external_accounts.add(self.external_account)
        user.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['users']['enabled'], 2)
        assert_equal(github_res['users']['authorized'], 1)
        assert_equal(github_res['users']['linked'], 1)

    def test_one_node_with_multiple_addons(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        googledrive_res = [
            res for res in results if res['provider']['name'] == 'googledrive'
        ][0]
        assert_equal(github_res['nodes']['total'], 1)
        assert_equal(googledrive_res['nodes']['total'], 0)

        self.user.add_addon('googledrive')
        user_addon = self.user.get_addon('googledrive')
        oauth_settings = GoogleDriveAccountFactory()
        oauth_settings.save()
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        self.node.add_addon('googledrive', Auth(self.user))
        node_addon = self.node.get_addon('googledrive')
        node_addon.user = self.user.fullname
        node_addon.user_settings = user_addon
        node_addon.external_account = oauth_settings
        node_addon.save()
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        googledrive_res = [
            res for res in results if res['provider']['name'] == 'googledrive'
        ][0]
        assert_equal(github_res['nodes']['total'], 1)
        assert_equal(googledrive_res['nodes']['total'], 1)

    def test_many_nodes_with_one_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['total'], 1)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.user = self.user.fullname
        node_addon.repo = '8 (circle)'
        node_addon.user_settings = self.user_addon
        node_addon.external_account = self.external_account
        node_addon.save()
        node.save()

        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['total'], 2)

    def test_node_count_deleted_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['deleted'], 0)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.delete()

        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['deleted'], 1)

    def test_node_count_disconected_addon(self):
        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['disconnected'], 0)

        node = ProjectFactory(creator=self.user)
        node.add_addon('github', Auth(self.user))
        node_addon = node.get_addon('github')
        node_addon.external_account = None
        node_addon.save()

        results = AddonSnapshot().get_events()
        github_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(github_res['nodes']['disconnected'], 1)

    def test_all_users_have_wiki_osfstorage_enabled(self):
        all_user_count = OSFUser.objects.all().count()
        results = AddonSnapshot().get_events()
        osfstorage_res = [
            res for res in results if res['provider']['name'] == 'osfstorage'
        ][0]
        wiki_res = [
            res for res in results if res['provider']['name'] == 'osfstorage'
        ][0]

        assert_equal(osfstorage_res['users']['enabled'], all_user_count)
        assert_equal(wiki_res['users']['enabled'], all_user_count)

    def test_wiki_deleted_shows_as_deleted(self):
        node = ProjectFactory(creator=self.user)
        node.delete_addon('wiki', auth=Auth(self.user))

        results = AddonSnapshot().get_events()
        wiki_res = [
            res for res in results if res['provider']['name'] == 'wiki'
        ][0]

        assert_equal(wiki_res['nodes']['deleted'], 1)

    def test_node_settings_has_no_owner_not_connected(self):
        self.node_addon.owner = None
        self.node_addon.save()

        results = AddonSnapshot().get_events()
        storage_res = [
            res for res in results if res['provider']['name'] == 'github'
        ][0]
        assert_equal(storage_res['nodes']['connected'], 0)
示例#22
0
class TestCreateBucket(S3AddonTestCase, OsfTestCase):

    def setUp(self):

        super(TestCreateBucket, self).setUp()

        self.user = AuthUserFactory()
        self.consolidated_auth = Auth(user=self.user)
        self.auth = self.user.auth
        self.project = ProjectFactory(creator=self.user)

        self.project.add_addon('s3', auth=self.consolidated_auth)
        self.project.creator.add_addon('s3')

        self.user_settings = self.user.get_addon('s3')
        self.user_settings.access_key = 'We-Will-Rock-You'
        self.user_settings.secret_key = 'Idontknowanyqueensongs'
        self.user_settings.save()

        self.node_settings = self.project.get_addon('s3')
        self.node_settings.bucket = 'Sheer-Heart-Attack'
        self.node_settings.user_settings = self.project.creator.get_addon('s3')

        self.node_settings.save()

    def test_bad_names(self):
        assert_false(validate_bucket_name(''))
        assert_false(validate_bucket_name('no'))
        assert_false(validate_bucket_name('a' * 64))
        assert_false(validate_bucket_name(' leadingspace'))
        assert_false(validate_bucket_name('trailingspace '))
        assert_false(validate_bucket_name('bogus naMe'))
        assert_false(validate_bucket_name('.cantstartwithp'))
        assert_false(validate_bucket_name('or.endwith.'))
        assert_false(validate_bucket_name('..nodoubles'))
        assert_false(validate_bucket_name('no_unders_in'))
        assert_false(validate_bucket_name('-leadinghyphen'))
        assert_false(validate_bucket_name('trailinghyphen-'))
        assert_false(validate_bucket_name('Mixedcase'))
        assert_false(validate_bucket_name('empty..label'))
        assert_false(validate_bucket_name('label-.trailinghyphen'))
        assert_false(validate_bucket_name('label.-leadinghyphen'))
        assert_false(validate_bucket_name('8.8.8.8'))
        assert_false(validate_bucket_name('600.9000.0.28'))
        assert_false(validate_bucket_name('no_underscore'))
        assert_false(validate_bucket_name('_nounderscoreinfront'))
        assert_false(validate_bucket_name('no-underscore-in-back_'))
        assert_false(validate_bucket_name('no-underscore-in_the_middle_either'))

    def test_names(self):
        assert_true(validate_bucket_name('imagoodname'))
        assert_true(validate_bucket_name('still.passing'))
        assert_true(validate_bucket_name('can-have-dashes'))
        assert_true(validate_bucket_name('kinda.name.spaced'))
        assert_true(validate_bucket_name('a-o.valid'))
        assert_true(validate_bucket_name('11.12.m'))
        assert_true(validate_bucket_name('a--------a'))
        assert_true(validate_bucket_name('a' * 63))

    def test_bad_locations(self):
        assert_false(validate_bucket_location('Venus'))
        assert_false(validate_bucket_location('AlphaCentari'))
        assert_false(validate_bucket_location('CostaRica'))

    def test_locations(self):
        assert_true(validate_bucket_location(''))
        assert_true(validate_bucket_location('eu-central-1'))
        assert_true(validate_bucket_location('ca-central-1'))
        assert_true(validate_bucket_location('us-west-1'))
        assert_true(validate_bucket_location('us-west-2'))
        assert_true(validate_bucket_location('ap-northeast-1'))
        assert_true(validate_bucket_location('ap-northeast-2'))
        assert_true(validate_bucket_location('ap-southeast-1'))
        assert_true(validate_bucket_location('ap-southeast-2'))
        assert_true(validate_bucket_location('sa-east-1'))
        assert_true(validate_bucket_location('eu-west-1'))
        assert_true(validate_bucket_location('eu-west-2'))

    @mock.patch('addons.s3.views.utils.create_bucket')
    @mock.patch('addons.s3.views.utils.get_bucket_names')
    def test_create_bucket_pass(self, mock_names, mock_make):
        mock_make.return_value = True
        mock_names.return_value = [
            'butintheend',
            'it',
            'doesntevenmatter'
        ]
        url = self.project.api_url_for('create_bucket')
        ret = self.app.post_json(
            url,
            {
                'bucket_name': 'doesntevenmatter',
                'bucket_location': '',
            },
            auth=self.user.auth
        )

        assert_equal(ret.status_int, http.OK)
        assert_equal(ret.json, {})

    @mock.patch('addons.s3.views.utils.create_bucket')
    def test_create_bucket_fail(self, mock_make):
        error = S3ResponseError(418, 'because Im a test')
        error.message = 'This should work'
        mock_make.side_effect = error

        url = '/api/v1/project/{0}/s3/newbucket/'.format(self.project._id)
        ret = self.app.post_json(url, {'bucket_name': 'doesntevenmatter'}, auth=self.user.auth, expect_errors=True)

        assert_equals(ret.body, '{"message": "This should work", "title": "Problem connecting to S3"}')

    @mock.patch('addons.s3.views.utils.create_bucket')
    def test_bad_location_fails(self, mock_make):
        url = '/api/v1/project/{0}/s3/newbucket/'.format(self.project._id)
        ret = self.app.post_json(
            url,
            {
                'bucket_name': 'doesntevenmatter',
                'bucket_location': 'not a real bucket location',
            },
            auth=self.user.auth,
            expect_errors=True)

        assert_equals(ret.body, '{"message": "That bucket location is not valid.", "title": "Invalid bucket location"}')
示例#23
0
class TestCreateContainer(SwiftAddonTestCase, OsfTestCase):
    def setUp(self):

        super(TestCreateContainer, self).setUp()

        self.user = AuthUserFactory()
        self.consolidated_auth = Auth(user=self.user)
        self.auth = self.user.auth
        self.project = ProjectFactory(creator=self.user)

        self.project.add_addon('swift', auth=self.consolidated_auth)
        self.project.creator.add_addon('swift')

        self.user_settings = self.user.get_addon('swift')
        self.user_settings.access_key = 'We-Will-Rock-You'
        self.user_settings.secret_key = 'Idontknowanyqueensongs'
        self.user_settings.save()

        self.node_settings = self.project.get_addon('swift')
        self.node_settings.container = 'Sheer-Heart-Attack'
        self.node_settings.user_settings = self.project.creator.get_addon(
            'swift')

        self.node_settings.save()

    def test_bad_names(self):
        assert_false(validate_container_name(''))
        assert_false(validate_container_name('a' * 257))
        assert_false(validate_container_name('a/b'))
        assert_false(validate_container_name('a/'))
        assert_false(validate_container_name('/a'))

    def test_names(self):
        assert_true(validate_container_name('a'))
        assert_true(validate_container_name('1'))
        assert_true(validate_container_name('can have whitespaces'))
        assert_true(validate_container_name('imagoodname'))
        assert_true(validate_container_name('still.passing'))
        assert_true(validate_container_name('can-have-dashes'))
        assert_true(validate_container_name('kinda.name.spaced'))
        assert_true(validate_container_name('a-o.valid'))
        assert_true(validate_container_name('11.12.m'))
        assert_true(validate_container_name('a--------a'))
        assert_true(validate_container_name('a' * 256))

    @mock.patch('addons.swift.views.utils.create_container')
    @mock.patch('addons.swift.views.utils.get_container_names')
    def test_create_container_pass(self, mock_names, mock_make):
        mock_make.return_value = True
        mock_names.return_value = ['butintheend', 'it', 'doesntevenmatter']
        url = self.project.api_url_for('swift_create_container')
        ret = self.app.post_json(url, {'container_name': 'doesntevenmatter'},
                                 auth=self.user.auth)

        assert_equal(ret.status_int, http.OK)
        assert_equal(ret.json, {})

    @mock.patch('addons.swift.views.utils.create_container')
    def test_create_container_fail(self, mock_make):
        error = swift_exceptions.ClientException(
            'This should work',
            http_status=418,
            http_reason='because Im a test')
        mock_make.side_effect = error

        url = "/api/v1/project/{0}/swift/newcontainer/".format(
            self.project._id)
        ret = self.app.post_json(url, {'container_name': 'doesntevenmatter'},
                                 auth=self.user.auth,
                                 expect_errors=True)

        assert_equals(
            ret.body,
            '{"message": "This should work", "title": "Problem creating container \'doesntevenmatter\'"}'
        )
示例#24
0
class TestAddonLogs(OsfTestCase):

    def setUp(self):
        super(TestAddonLogs, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def configure_osf_addon(self):
        self.project = ProjectFactory(creator=self.user)
        self.node_addon = self.project.get_addon('osfstorage')
        self.node_addon.save()

    def build_payload(self, metadata, **kwargs):
        options = dict(
            auth={'id': self.user._id},
            action='create',
            provider=self.node_addon.config.short_name,
            metadata=metadata,
            time=time.time() + 1000,
        )
        options.update(kwargs)
        options = {
            key: value
            for key, value in options.iteritems()
            if value is not None
        }
        message, signature = signing.default_signer.sign_payload(options)
        return {
            'payload': message,
            'signature': signature,
        }

    @mock.patch('website.notifications.events.files.FileAdded.perform')
    @mock.patch('requests.get',{'code': 404, 'referrer': None,'message_short': 'Page not found'})
    def test_add_log_timestamptoken(self, mock_perform):
        from osf.models import RdmFileTimestamptokenVerifyResult, NodeLog
        from api_tests.utils import create_test_file
        from website.views import userkey_generation
        result_list1_count = RdmFileTimestamptokenVerifyResult.objects.filter(project_id=self.node._id).count()
        nodelog_count1 = NodeLog.objects.all().count()
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        userkey_generation(self.user._id)
        file_node = create_test_file(node=self.node, user=self.user, filename=path)
        file_node._path = '/' + path
        file_node.save()
        metadata = {
            'path': path,
            'provider': 'osfstorage',
            'name': path,
            'materialized': '/' + path,
            'extra': {
                'version': 1
            }
        }
        payload = self.build_payload(metadata=metadata)
        logging.info('---test_add_log_timestamptoken.payload: {}'.format(payload))
        nlogs = self.node.logs.count()
        
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        nodelog_count2 = NodeLog.objects.all().count()
        assert_equal(nodelog_count1 + 1, nodelog_count2)
        result_list2 = RdmFileTimestamptokenVerifyResult.objects.filter(project_id=self.node._id)
        assert_true(mock_perform.called, 'perform not called')

        ## tearDown
        import os
        from api.base import settings as api_settings
        from osf.models import RdmUserKey
        rdmuserkey_pvt_key = RdmUserKey.objects.get(guid=self.user.id, key_kind=api_settings.PRIVATE_KEY_VALUE)
        pvt_key_path = os.path.join(api_settings.KEY_SAVE_PATH, rdmuserkey_pvt_key.key_name)
        os.remove(pvt_key_path)
        rdmuserkey_pvt_key.delete()

        rdmuserkey_pub_key = RdmUserKey.objects.get(guid=self.user.id, key_kind=api_settings.PUBLIC_KEY_VALUE)
        pub_key_path = os.path.join(api_settings.KEY_SAVE_PATH, rdmuserkey_pub_key.key_name)
        os.remove(pub_key_path)
        rdmuserkey_pub_key.delete()

    @mock.patch('website.notifications.events.files.FileAdded.perform')
    def test_add_log(self, mock_perform):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        # # Mocking form_message and perform so that the payload need not be exact.
        # assert_true(mock_form_message.called, "form_message not called")
        assert_true(mock_perform.called, 'perform not called')

    def test_add_log_missing_args(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth=None)
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_user(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, auth={'id': None})
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_log_no_addon(self):
        path = 'pizza'
        node = ProjectFactory(creator=self.user)
        url = node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path})
        nlogs = node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(node.logs.count(), nlogs)

    def test_add_log_bad_action(self):
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'path': path}, action='dance')
        nlogs = self.node.logs.count()
        res = self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'},
            expect_errors=True,
        )
        assert_equal(res.status_code, 400)
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_action_file_rename(self):
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(
            action='rename',
            metadata={
                'path': 'foo',
            },
            source={
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'new.txt',
                'kind': 'file',
            },
            destination={
                'path': 'foo',
                'materialized': 'foo',
                'provider': 'github',
                'node': {'_id': self.node._id},
                'name': 'old.txt',
                'kind': 'file',
            },
        )
        self.app.put_json(
            url,
            payload,
            headers={'Content-Type': 'application/json'}
        )
        self.node.reload()

        assert_equal(
            self.node.logs.latest().action,
            'github_addon_file_renamed',
        )

    def test_action_downloads(self):
        url = self.node.api_url_for('create_waterbutler_log')
        download_actions=('download_file', 'download_zip')
        for action in download_actions:
            payload = self.build_payload(metadata={'path': 'foo'}, action=action)
            nlogs = self.node.logs.count()
            res = self.app.put_json(
                url,
                payload,
                headers={'Content-Type': 'application/json'},
                expect_errors=False,
            )
            assert_equal(res.status_code, 200)

        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs)

    def test_add_file_osfstorage_log(self):
        self.configure_osf_addon()
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'materialized': path, 'kind': 'file', 'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        assert('urls' in self.node.logs.filter(action='osf_storage_file_added')[0].params)

    def test_add_folder_osfstorage_log(self):
        self.configure_osf_addon()
        path = 'pizza'
        url = self.node.api_url_for('create_waterbutler_log')
        payload = self.build_payload(metadata={'materialized': path, 'kind': 'folder', 'path': path})
        nlogs = self.node.logs.count()
        self.app.put_json(url, payload, headers={'Content-Type': 'application/json'})
        self.node.reload()
        assert_equal(self.node.logs.count(), nlogs + 1)
        assert('urls' not in self.node.logs.filter(action='osf_storage_file_added')[0].params)
示例#25
0
class TestViewUtils(OsfTestCase):

    def setUp(self):
        super(TestViewUtils, self).setUp()
        self.user = AuthUserFactory()
        self.auth_obj = Auth(user=self.user)
        self.node = ProjectFactory(creator=self.user)
        self.session = Session(data={'auth_user_id': self.user._id})
        self.session.save()
        self.cookie = itsdangerous.Signer(settings.SECRET_KEY).sign(self.session._id)
        self.configure_addon()
        self.JWE_KEY = jwe.kdf(settings.WATERBUTLER_JWE_SECRET.encode('utf-8'), settings.WATERBUTLER_JWE_SALT.encode('utf-8'))

    def configure_addon(self):
        self.user.add_addon('github')
        self.user_addon = self.user.get_addon('github')
        self.oauth_settings = GitHubAccountFactory(display_name='john')
        self.oauth_settings.save()
        self.user.external_accounts.add(self.oauth_settings)
        self.user.save()
        self.node.add_addon('github', self.auth_obj)
        self.node_addon = self.node.get_addon('github')
        self.node_addon.user = '******'
        self.node_addon.repo = 'youre-my-best-friend'
        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth_settings
        self.node_addon.save()
        self.user_addon.oauth_grants[self.node._id] = {self.oauth_settings._id: []}
        self.user_addon.save()

    def test_serialize_addons(self):
        addon_dicts = serialize_addons(self.node, self.auth_obj)

        enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
        assert len(enabled_addons) == 2
        assert enabled_addons[0]['short_name'] == 'github'
        assert enabled_addons[1]['short_name'] == 'osfstorage'

        default_addons = [addon for addon in addon_dicts if addon['default']]
        assert len(default_addons) == 1
        assert default_addons[0]['short_name'] == 'osfstorage'

    def test_include_template_json(self):
        """ Some addons (github, gitlab) need more specialized template infomation so we want to
        ensure we get those extra variables that when the addon is enabled.
        """
        addon_dicts = serialize_addons(self.node, self.auth_obj)

        enabled_addons = [addon for addon in addon_dicts if addon['enabled']]
        assert len(enabled_addons) == 2
        assert enabled_addons[1]['short_name'] == 'osfstorage'
        assert enabled_addons[0]['short_name'] == 'github'
        assert 'node_has_auth' in enabled_addons[0]
        assert 'valid_credentials' in enabled_addons[0]

    def test_collect_node_config_js(self):

        addon_dicts = serialize_addons(self.node, self.auth_obj)

        asset_paths = collect_node_config_js(addon_dicts)

        # Default addons should be in addon dicts, but they have no js assets because you can't
        # connect/disconnect from them, think osfstorage, there's no node-cfg for that.
        default_addons = [addon['short_name'] for addon in addon_dicts if addon['default']]
        assert not any('/{}/'.format(addon) in asset_paths for addon in default_addons)
示例#26
0
class TestAddonFileViews(OsfTestCase):

    def setUp(self):
        super(TestAddonFileViews, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)

        self.user.add_addon('github')
        self.project.add_addon('github', auth=Auth(self.user))

        self.user_addon = self.user.get_addon('github')
        self.node_addon = self.project.get_addon('github')
        self.oauth = GitHubAccountFactory()
        self.oauth.save()

        self.user.external_accounts.add(self.oauth)
        self.user.save()

        self.node_addon.user_settings = self.user_addon
        self.node_addon.external_account = self.oauth
        self.node_addon.repo = 'Truth'
        self.node_addon.user = '******'
        self.node_addon.save()

        self.user_addon.oauth_grants[self.project._id] = {self.oauth._id: []}
        self.user_addon.save()

    def set_sentry(status):
        def wrapper(func):
            @functools.wraps(func)
            def wrapped(*args, **kwargs):
                enabled, sentry.enabled = sentry.enabled, status
                func(*args, **kwargs)
                sentry.enabled = enabled

            return wrapped

        return wrapper

    with_sentry = set_sentry(True)

    def get_test_file(self):
        version = file_models.FileVersion(identifier='1')
        version.save()
        ret = GithubFile(
            name='Test',
            node=self.project,
            path='/test/Test',
            materialized_path='/test/Test',
        )
        ret.save()
        ret.versions.add(version)
        return ret

    def get_second_test_file(self):
        version = file_models.FileVersion(identifier='1')
        version.save()
        ret = GithubFile(
            name='Test2',
            node=self.project,
            path='/test/Test2',
            materialized_path='/test/Test2',
        )
        ret.save()
        ret.versions.add(version)
        return ret

    def get_mako_return(self):
        ret = serialize_node(self.project, Auth(self.user), primary=True)
        ret.update({
            'error': '',
            'provider': '',
            'file_path': '',
            'sharejs_uuid': '',
            'private': '',
            'urls': {
                'files': '',
                'render': '',
                'sharejs': '',
                'mfr': '',
                'profile_image': '',
                'external': '',
                'archived_from': '',
            },
            'size': '',
            'extra': '',
            'file_name': '',
            'materialized_path': '',
            'file_id': '',
        })
        ret.update(rubeus.collect_addon_assets(self.project))
        return ret

    def test_redirects_to_guid(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github'
            ),
            auth=self.user.auth
        )

        assert_equals(resp.status_code, 302)
        assert_equals(resp.location, 'http://*****:*****@mock.patch('addons.base.views.addon_view_file')
    def test_action_view_calls_view_file(self, mock_view_file):
        self.user.reload()
        self.project.reload()

        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        mock_view_file.return_value = self.get_mako_return()

        self.app.get('/{}/?action=view'.format(guid._id), auth=self.user.auth)

        args, kwargs = mock_view_file.call_args
        assert_equals(kwargs, {})
        assert_equals(args[0].user._id, self.user._id)
        assert_equals(args[1], self.project)
        assert_equals(args[2], file_node)
        assert_true(isinstance(args[3], file_node.touch(None).__class__))

    @mock.patch('addons.base.views.addon_view_file')
    def test_no_action_calls_view_file(self, mock_view_file):
        self.user.reload()
        self.project.reload()

        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        mock_view_file.return_value = self.get_mako_return()

        self.app.get('/{}/'.format(guid._id), auth=self.user.auth)

        args, kwargs = mock_view_file.call_args
        assert_equals(kwargs, {})
        assert_equals(args[0].user._id, self.user._id)
        assert_equals(args[1], self.project)
        assert_equals(args[2], file_node)
        assert_true(isinstance(args[3], file_node.touch(None).__class__))

    def test_download_create_guid(self):
        file_node = self.get_test_file()
        assert_is(file_node.get_guid(), None)

        self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github',
            ),
            auth=self.user.auth
        )

        assert_true(file_node.get_guid())

    def test_view_file_does_not_delete_file_when_requesting_invalid_version(self):
        with mock.patch('addons.github.models.NodeSettings.is_private',
                        new_callable=mock.PropertyMock) as mock_is_private:
            mock_is_private.return_value = False

            file_node = self.get_test_file()
            assert_is(file_node.get_guid(), None)

            url = self.project.web_url_for(
                'addon_view_or_download_file',
                path=file_node.path.strip('/'),
                provider='github',
            )
            # First view generated GUID
            self.app.get(url, auth=self.user.auth)

            self.app.get(url + '?version=invalid', auth=self.user.auth, expect_errors=True)

            assert_is_not_none(BaseFileNode.load(file_node._id))
            assert_is_none(TrashedFileNode.load(file_node._id))

    def test_unauthorized_addons_raise(self):
        path = 'cloudfiles'
        self.node_addon.user_settings = None
        self.node_addon.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 401)

    def test_nonstorage_addons_raise(self):
        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path='sillywiki',
                provider='wiki',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 400)

    def test_head_returns_url_and_redriect(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.head('/{}/'.format(guid._id), auth=self.user.auth)
        location = furl.furl(resp.location)
        assert_equals(resp.status_code, 302)
        assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, version=''))

    def test_head_returns_url_with_version_and_redirect(self):
        file_node = self.get_test_file()
        guid = file_node.get_guid(create=True)

        resp = self.app.head('/{}/?revision=1&foo=bar'.format(guid._id), auth=self.user.auth)
        location = furl.furl(resp.location)
        # Note: version is added but us but all other url params are added as well
        assert_equals(resp.status_code, 302)
        assert_urls_equal(location.url, file_node.generate_waterbutler_url(direct=None, revision=1, version='', foo='bar'))

    def test_nonexistent_addons_raise(self):
        path = 'cloudfiles'
        self.project.delete_addon('github', Auth(self.user))
        self.project.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 400)

    def test_unauth_addons_raise(self):
        path = 'cloudfiles'
        self.node_addon.user_settings = None
        self.node_addon.save()

        resp = self.app.get(
            self.project.web_url_for(
                'addon_view_or_download_file',
                path=path,
                provider='github',
                action='download'
            ),
            auth=self.user.auth,
            expect_errors=True
        )

        assert_equals(resp.status_code, 401)

    def test_delete_action_creates_trashed_file_node(self):
        file_node = self.get_test_file()
        payload = {
            'provider': file_node.provider,
            'metadata': {
                'path': '/test/Test',
                'materialized': '/test/Test'
            }
        }
        views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
        assert_false(GithubFileNode.load(file_node._id))
        assert_true(TrashedFileNode.load(file_node._id))

    def test_delete_action_for_folder_deletes_subfolders_and_creates_trashed_file_nodes(self):
        file_node = self.get_test_file()
        subfolder = GithubFolder(
            name='folder',
            node=self.project,
            path='/test/folder/',
            materialized_path='/test/folder/',
        )
        subfolder.save()
        payload = {
            'provider': file_node.provider,
            'metadata': {
                'path': '/test/',
                'materialized': '/test/'
            }
        }
        views.addon_delete_file_node(self=None, node=self.project, user=self.user, event_type='file_removed', payload=payload)
        assert_false(GithubFileNode.load(subfolder._id))
        assert_true(TrashedFileNode.load(file_node._id))

    @mock.patch('website.archiver.tasks.archive')
    def test_archived_from_url(self, mock_archive):
        file_node = self.get_test_file()
        second_file_node = self.get_second_test_file()
        file_node.copied_from = second_file_node

        registered_node = self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )

        archived_from_url = views.get_archived_from_url(registered_node, file_node)
        view_url = self.project.web_url_for('addon_view_or_download_file', provider=file_node.provider, path=file_node.copied_from._id)
        assert_true(archived_from_url)
        assert_urls_equal(archived_from_url, view_url)

    @mock.patch('website.archiver.tasks.archive')
    def test_archived_from_url_without_copied_from(self, mock_archive):
        file_node = self.get_test_file()

        registered_node = self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )
        archived_from_url = views.get_archived_from_url(registered_node, file_node)
        assert_false(archived_from_url)

    @mock.patch('website.archiver.tasks.archive')
    def test_copied_from_id_trashed(self, mock_archive):
        file_node = self.get_test_file()
        second_file_node = self.get_second_test_file()
        file_node.copied_from = second_file_node
        self.project.register_node(
            schema=get_default_metaschema(),
            auth=Auth(self.user),
            data=None,
        )
        trashed_node = second_file_node.delete()
        assert_false(trashed_node.copied_from)

    @mock.patch('website.archiver.tasks.archive')
    def test_missing_modified_date_in_file_data(self, mock_archive):
        file_node = self.get_test_file()
        file_data = {
            'name': 'Test File Update',
            'materialized': file_node.materialized_path,
            'modified': None
        }
        file_node.update(revision=None, data=file_data)
        assert_equal(len(file_node.history), 1)
        assert_equal(file_node.history[0], file_data)

    @mock.patch('website.archiver.tasks.archive')
    def test_missing_modified_date_in_file_history(self, mock_archive):
        file_node = self.get_test_file()
        file_node.history.append({'modified': None})
        file_data = {
            'name': 'Test File Update',
            'materialized': file_node.materialized_path,
            'modified': None
        }
        file_node.update(revision=None, data=file_data)
        assert_equal(len(file_node.history), 2)
        assert_equal(file_node.history[1], file_data)

    @with_sentry
    @mock.patch('framework.sentry.sentry.captureMessage')
    def test_update_logs_to_sentry_when_called_with_disordered_metadata(self, mock_capture):
        file_node = self.get_test_file()
        file_node.history.append({'modified': parse_date(
                '2017-08-22T13:54:32.100900',
                ignoretz=True,
                default=timezone.now()  # Just incase nothing can be parsed
            )})
        data = {
            'name': 'a name',
            'materialized': 'materialized',
            'modified': '2016-08-22T13:54:32.100900'
        }
        file_node.update(revision=None, user=None, data=data)
        mock_capture.assert_called_with(unicode('update() receives metatdata older than the newest entry in file history.'), extra={'session': {}})
示例#27
0
class TestNodeFilesList(ApiTestCase):

    def setUp(self):
        super(TestNodeFilesList, self).setUp()
        self.user = AuthUserFactory()
        self.project = ProjectFactory(creator=self.user)
        self.private_url = '/{}nodes/{}/files/'.format(
            API_BASE, self.project._id)

        self.user_two = AuthUserFactory()

        self.public_project = ProjectFactory(creator=self.user, is_public=True)
        self.public_url = '/{}nodes/{}/files/'.format(API_BASE, self.public_project._id)

    def add_github(self):
        user_auth = Auth(self.user)
        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []}
        addon.user_settings.save()

    def view_only_link(self):
        private_link = PrivateLinkFactory(creator=self.user)
        private_link.nodes.add(self.project)
        private_link.save()
        return private_link

    def _prepare_mock_wb_response(self, node=None, **kwargs):
        prepare_mock_wb_response(node=node or self.project, **kwargs)

    def test_returns_public_files_logged_out(self):
        res = self.app.get(self.public_url, expect_errors=True)
        assert_equal(res.status_code, 200)
        assert_equal(
            res.json['data'][0]['attributes']['provider'],
            'osfstorage'
        )
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_public_files_logged_in(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(
            res.json['data'][0]['attributes']['provider'],
            'osfstorage'
        )

    def test_returns_storage_addons_link(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_in('storage_addons', res.json['data'][0]['links'])

    def test_returns_file_data(self):
        fobj = self.project.get_addon(
            'osfstorage').get_root().append_file('NewFile')
        fobj.save()
        res = self.app.get(
            '{}osfstorage/{}'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_true(isinstance(res.json['data'], dict))
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data']['attributes']['kind'], 'file')
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')

    def test_returns_osfstorage_folder_version_two(self):
        fobj = self.project.get_addon(
            'osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get(
            '{}osfstorage/'.format(self.private_url), auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_returns_osf_storage_folder_version_two_point_two(self):
        fobj = self.project.get_addon(
            'osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get(
            '{}osfstorage/?version=2.2'.format(self.private_url), auth=self.user.auth)
        assert_equal(res.status_code, 200)

    def test_list_returns_folder_data(self):
        fobj = self.project.get_addon(
            'osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get(
            '{}osfstorage/'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 1)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFolder')

    def test_returns_folder_data(self):
        fobj = self.project.get_addon(
            'osfstorage').get_root().append_folder('NewFolder')
        fobj.save()
        res = self.app.get(
            '{}osfstorage/{}/'.format(self.private_url, fobj._id), auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(len(res.json['data']), 0)
        assert_equal(res.content_type, 'application/vnd.api+json')

    def test_returns_private_files_logged_out(self):
        res = self.app.get(self.private_url, expect_errors=True)
        assert_equal(res.status_code, 401)
        assert_in('detail', res.json['errors'][0])

    def test_returns_private_files_logged_in_contributor(self):
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert_equal(res.content_type, 'application/vnd.api+json')
        assert_equal(len(res.json['data']), 1)
        assert_equal(
            res.json['data'][0]['attributes']['provider'],
            'osfstorage'
        )

    def test_returns_private_files_logged_in_non_contributor(self):
        res = self.app.get(
            self.private_url,
            auth=self.user_two.auth,
            expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    def test_returns_addon_folders(self):
        user_auth = Auth(self.user)
        res = self.app.get(self.private_url, auth=self.user.auth)
        assert_equal(len(res.json['data']), 1)
        assert_equal(
            res.json['data'][0]['attributes']['provider'],
            'osfstorage'
        )

        self.project.add_addon('github', auth=user_auth)
        addon = self.project.get_addon('github')
        addon.repo = 'something'
        addon.user = '******'
        oauth_settings = GitHubAccountFactory()
        oauth_settings.save()
        self.user.add_addon('github')
        self.user.external_accounts.add(oauth_settings)
        self.user.save()
        addon.user_settings = self.user.get_addon('github')
        addon.external_account = oauth_settings
        addon.save()
        self.project.save()
        addon.user_settings.oauth_grants[self.project._id] = {
            oauth_settings._id: []}
        addon.user_settings.save()
        res = self.app.get(self.private_url, auth=self.user.auth)
        data = res.json['data']
        providers = [item['attributes']['provider'] for item in data]
        assert_equal(len(data), 2)
        assert_in('github', providers)
        assert_in('osfstorage', providers)

    @responses.activate
    def test_vol_node_files_list(self):
        self._prepare_mock_wb_response(
            provider='github', files=[{'name': 'NewFile'}])
        self.add_github()
        vol = self.view_only_link()
        url = '/{}nodes/{}/files/github/?view_only={}'.format(
            API_BASE, self.project._id, vol.key)
        res = self.app.get(url, auth=self.user_two.auth)
        wb_request = responses.calls[-1].request
        url = furl.furl(wb_request.url)

        assert_equal(url.query, 'meta=True&view_only={}'.format(unicode(vol.key, 'utf-8')))
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')
        assert_in(vol.key, res.json['data'][0]['links']['info'])
        assert_in(vol.key, res.json['data'][0]['links']['move'])
        assert_in(vol.key, res.json['data'][0]['links']['upload'])
        assert_in(vol.key, res.json['data'][0]['links']['download'])
        assert_in(vol.key, res.json['data'][0]['links']['delete'])

    @responses.activate
    def test_returns_node_files_list(self):
        self._prepare_mock_wb_response(
            provider='github', files=[{'name': 'NewFile'}])
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)

        # test create
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

        # test get
        res = self.app.get(url, auth=self.user.auth)
        assert_equal(res.json['data'][0]['attributes']['name'], 'NewFile')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

    @responses.activate
    def test_returns_folder_metadata_not_children(self):
        folder = GithubFolder(
            name='Folder',
            target=self.project,
            path='/Folder/'
        )
        folder.save()
        self._prepare_mock_wb_response(provider='github', files=[{'name': 'Folder'}], path='/Folder/')
        self.add_github()
        url = '/{}nodes/{}/files/github/Folder/'.format(API_BASE, self.project._id)
        res = self.app.get(url, params={'info': ''}, auth=self.user.auth)

        assert_equal(res.status_code, 200)
        assert_equal(res.json['data'][0]['attributes']['kind'], 'folder')
        assert_equal(res.json['data'][0]['attributes']['name'], 'Folder')
        assert_equal(res.json['data'][0]['attributes']['provider'], 'github')

    @responses.activate
    def test_returns_node_file(self):
        self._prepare_mock_wb_response(
            provider='github', files=[{'name': 'NewFile'}],
            folder=False, path='/file')
        self.add_github()
        url = '/{}nodes/{}/files/github/file'.format(
            API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, headers={
            'COOKIE': 'foo=bar;'  # Webtests doesnt support cookies?
        })
        # test create
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')
        assert_equal(res.json['data']['attributes']['provider'], 'github')

        # test get
        assert_equal(res.status_code, 200)
        assert_equal(res.json['data']['attributes']['name'], 'NewFile')
        assert_equal(res.json['data']['attributes']['provider'], 'github')

    @responses.activate
    def test_notfound_node_file_returns_folder(self):
        self._prepare_mock_wb_response(
            provider='github', files=[{'name': 'NewFile'}],
            path='/file')
        url = '/{}nodes/{}/files/github/file'.format(
            API_BASE, self.project._id)
        res = self.app.get(
            url, auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 404)

    @responses.activate
    def test_notfound_node_folder_returns_file(self):
        self._prepare_mock_wb_response(
            provider='github', files=[{'name': 'NewFile'}],
            folder=False, path='/')

        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(
            url, auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 404)

    @responses.activate
    def test_waterbutler_server_error_returns_503(self):
        self._prepare_mock_wb_response(status_code=500)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(
            url, auth=self.user.auth,
            expect_errors=True,
            headers={'COOKIE': 'foo=bar;'}  # Webtests doesnt support cookies?
        )
        assert_equal(res.status_code, 503)

    @responses.activate
    def test_waterbutler_invalid_data_returns_503(self):
        wb_url = waterbutler_api_url_for(self.project._id, _internal=True, provider='github', path='/', meta=True)
        self.add_github()
        responses.add(
            responses.Response(
                responses.GET,
                wb_url,
                body=json.dumps({}),
                status=400
            )
        )
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)

    @responses.activate
    def test_handles_unauthenticated_waterbutler_request(self):
        self._prepare_mock_wb_response(status_code=401)
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 403)
        assert_in('detail', res.json['errors'][0])

    @responses.activate
    def test_handles_notfound_waterbutler_request(self):
        invalid_provider = 'gilkjadsflhub'
        self._prepare_mock_wb_response(
            status_code=404, provider=invalid_provider)
        url = '/{}nodes/{}/files/{}/'.format(API_BASE,
                                             self.project._id, invalid_provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 404)
        assert_in('detail', res.json['errors'][0])

    def test_handles_request_to_provider_not_configured_on_project(self):
        provider = 'box'
        url = '/{}nodes/{}/files/{}/'.format(
            API_BASE, self.project._id, provider)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_false(self.project.get_addon(provider))
        assert_equal(res.status_code, 404)
        assert_equal(
            res.json['errors'][0]['detail'],
            'The {} provider is not configured for this project.'.format(provider))

    @responses.activate
    def test_handles_bad_waterbutler_request(self):
        wb_url = waterbutler_api_url_for(self.project._id, _internal=True, provider='github', path='/', meta=True)
        responses.add(
            responses.Response(
                responses.GET,
                wb_url,
                json={'bad' : 'json'},
                status=418
            )
        )
        self.add_github()
        url = '/{}nodes/{}/files/github/'.format(API_BASE, self.project._id)
        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
        assert_equal(res.status_code, 503)
        assert_in('detail', res.json['errors'][0])

    def test_files_list_contains_relationships_object(self):
        res = self.app.get(self.public_url, auth=self.user.auth)
        assert_equal(res.status_code, 200)
        assert 'relationships' in res.json['data'][0]