class TestNodeConfirmHamView(AdminTestCase):
def setUp(self):
super(TestNodeConfirmHamView, self).setUp()
self.request = RequestFactory().post('/fake_path')
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(creator=self.user)
def test_confirm_node_as_ham(self):
view = NodeConfirmHamView()
view = setup_log_view(view, self.request, guid=self.node._id)
view.delete(self.request)
self.node.refresh_from_db()
nt.assert_true(self.node.spam_status == 4)
def test_confirm_registration_as_ham(self):
view = NodeConfirmHamView()
view = setup_log_view(view, self.request, guid=self.registration._id)
view.delete(self.request)
self.registration.refresh_from_db()
nt.assert_true(self.registration.spam_status == 4)
def test_valid_project_as_factory_allow_retractions_is_retracted(self):
registration = RegistrationFactory(project=self.project)
registration.retraction = RetractionFactory()
registration.retraction.state = Sanction.UNAPPROVED
registration.retraction.save()
res = as_factory_allow_retractions(pid=registration._id)
assert_equal(res['node'], registration)
def test_rejecting_embargo_for_existing_registration_does_not_deleted_component_registrations(self):
component = NodeFactory(
creator=self.user,
parent=self.project,
title='Component'
)
NodeFactory( # subcomponent
creator=self.user,
parent=component,
title='Subcomponent'
)
project_registration = RegistrationFactory(project=self.project)
component_registration = project_registration._nodes.first()
subcomponent_registration = component_registration._nodes.first()
project_registration.embargo_registration(
self.user,
timezone.now() + datetime.timedelta(days=10),
for_existing_registration=True
)
rejection_token = project_registration.embargo.approval_state[self.user._id]['rejection_token']
project_registration.embargo.disapprove_embargo(self.user, rejection_token)
project_registration.save()
assert_equal(project_registration.embargo.state, Embargo.REJECTED)
assert_false(project_registration.is_deleted)
assert_false(component_registration.is_deleted)
assert_false(subcomponent_registration.is_deleted)
class TestRestartStuckRegistrationsView(AdminTestCase):
def setUp(self):
super(TestRestartStuckRegistrationsView, self).setUp()
self.user = AuthUserFactory()
self.registration = RegistrationFactory(creator=self.user)
self.registration.save()
self.view = RestartStuckRegistrationsView
self.request = RequestFactory().post('/fake_path')
def test_get_object(self):
view = RestartStuckRegistrationsView()
view = setup_log_view(view, self.request, guid=self.registration._id)
nt.assert_true(self.registration, view.get_object())
def test_restart_stuck_registration(self):
# Prevents circular import that prevents admin app from starting up
from django.contrib.messages.storage.fallback import FallbackStorage
view = RestartStuckRegistrationsView()
view = setup_log_view(view, self.request, guid=self.registration._id)
nt.assert_equal(self.registration.archive_job.status, u'INITIATED')
# django.contrib.messages has a bug which effects unittests
# more info here -> https://code.djangoproject.com/ticket/17971
setattr(self.request, 'session', 'session')
messages = FallbackStorage(self.request)
setattr(self.request, '_messages', messages)
view.post(self.request)
nt.assert_equal(self.registration.archive_job.status, u'SUCCESS')
def private_registration(self, user, private_project, private_wiki):
private_registration = RegistrationFactory(
project=private_project, user=user)
wiki_id = private_registration.wiki_pages_versions['home'][0]
private_registration.wiki_pages_current = {'home': wiki_id}
private_registration.save()
return private_registration
def public_registration(self, user, public_project, public_wiki):
public_registration = RegistrationFactory(
project=public_project, user=user, is_public=True)
wiki_id = public_registration.wiki_pages_versions['home'][0]
public_registration.wiki_pages_current = {'home': wiki_id}
public_registration.save()
return public_registration
def test__initiate_embargo_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin, auth=Auth(project.creator), save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin, auth=Auth(child.creator), save=True)
grandchild = NodeFactory(creator=grandchild_admin, parent=child) # noqa
registration = RegistrationFactory(project=project)
embargo = registration._initiate_embargo(
project.creator,
self.valid_embargo_end_date,
for_existing_registration=True
)
assert_in(project_admin._id, embargo.approval_state)
assert_in(child_admin._id, embargo.approval_state)
assert_in(grandchild_admin._id, embargo.approval_state)
assert_not_in(project_non_admin._id, embargo.approval_state)
assert_not_in(child_non_admin._id, embargo.approval_state)
def test_view_project_pending_registration_for_admin_contributor_does_contain_cancel_link(self):
pending_reg = RegistrationFactory(project=self.node, archive=True)
assert_true(pending_reg.is_pending_registration)
result = _view_project(pending_reg, Auth(self.user))
assert_not_equal(result['node']['disapproval_link'], '')
assert_in('/?token=', result['node']['disapproval_link'])
pending_reg.delete()
class TestApproveRegistrations(OsfTestCase):
def setUp(self):
super(TestApproveRegistrations, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user)
self.registration.is_public = True
self.registration.require_approval(self.user)
def test_new_registration_should_not_be_approved(self):
assert_true(self.registration.is_pending_registration)
main(dry_run=False)
assert_false(self.registration.is_registration_approved)
def test_should_not_approve_pending_registration_less_than_48_hours_old(self):
# RegistrationApproval#iniation_date is read only
self.registration.registration_approval.initiation_date = timezone.now() - timedelta(hours=47)
self.registration.registration_approval.save()
assert_false(self.registration.is_registration_approved)
main(dry_run=False)
assert_false(self.registration.is_registration_approved)
def test_should_approve_pending_registration_that_is_48_hours_old(self):
assert_true(self.registration.registration_approval.state) # sanity check
# RegistrationApproval#iniation_date is read only
self.registration.registration_approval.initiation_date = timezone.now() - timedelta(hours=48)
self.registration.registration_approval.save()
assert_false(self.registration.is_registration_approved)
main(dry_run=False)
self.registration.registration_approval.reload()
assert_true(self.registration.is_registration_approved)
def test_should_approve_pending_registration_more_than_48_hours_old(self):
# RegistrationApproval#iniation_date is read only
self.registration.registration_approval.initiation_date = timezone.now() - timedelta(days=365)
self.registration.registration_approval.save()
assert_false(self.registration.is_registration_approved)
main(dry_run=False)
self.registration.registration_approval.reload()
assert_true(self.registration.is_registration_approved)
def test_registration_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
# RegistrationApproval#iniation_date is read only
self.registration.registration_approval.initiation_date=timezone.now() - timedelta(days=365)
self.registration.registration_approval.save()
assert_false(self.registration.is_registration_approved)
main(dry_run=False)
self.registration.registration_approval.reload()
assert_true(self.registration.is_registration_approved)
assert_true(self.registration.is_public)
# Logs: Created, approval initiated, approval initiated, registered, registration complete
assert_equal(self.registration.registered_from.logs.count(), initial_project_logs + 2)
def test_has_permission_on_parent_node_metadata_pass_if_registration(self):
component_admin = AuthUserFactory()
component = ProjectFactory(creator=component_admin, parent=self.node, is_public=False)
component_registration = RegistrationFactory(project=component, creator=component_admin)
assert_false(component_registration.has_permission(self.user, 'read'))
res = views.check_access(component_registration, Auth(user=self.user), 'metadata', None)
assert_true(res)
def test_new_draft_registration_on_registration(self):
target = RegistrationFactory(user=self.user)
payload = {
'schema_name': self.meta_schema.name,
'schema_version': self.meta_schema.schema_version
}
url = target.web_url_for('new_draft_registration')
res = self.app.post(url, payload, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
def test_register_draft_registration_already_registered(self):
reg = RegistrationFactory(user=self.user)
res = self.app.post_json(
reg.api_url_for('register_draft_registration', draft_id=self.draft._id),
self.invalid_payload,
auth=self.user.auth,
expect_errors=True
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_check_draft_state_registered_but_deleted(self):
reg = RegistrationFactory()
self.draft.registered_node = reg
reg.is_deleted = True
self.draft.save()
try:
draft_views.check_draft_state(self.draft)
except Exception:
self.fail()
def test_is_public_node_register_page(self):
self.node.is_public = True
self.node.save()
reg = RegistrationFactory(project=self.node)
reg.is_public = True
reg.save()
url = reg.web_url_for('node_register_page')
res = self.app.get(url, auth=None)
assert_equal(res.status_code, http.OK)
def test_view_project_pending_registration_for_write_contributor_does_not_contain_cancel_link(self):
write_user = UserFactory()
self.node.add_contributor(write_user, permissions=permissions.WRITE,
auth=Auth(self.user), save=True)
pending_reg = RegistrationFactory(project=self.node, archive=True)
assert_true(pending_reg.is_pending_registration)
result = _view_project(pending_reg, Auth(write_user))
assert_equal(result['node']['disapproval_link'], '')
pending_reg.delete()
def test_metadata_for_node_only_includes_visible_contribs(self, datacite_client):
visible_contrib = AuthUserFactory()
visible_contrib2 = AuthUserFactory()
visible_contrib2.given_name = u'ヽ༼ ಠ益ಠ ༽ノ'
visible_contrib2.family_name = u'ლ(´◉❥◉`ლ)'
visible_contrib2.save()
invisible_contrib = AuthUserFactory()
invisible_contrib.given_name = 'Shady'
invisible_contrib.family_name = 'McCoy'
invisible_contrib.save()
registration = RegistrationFactory(is_public=True)
registration.add_contributor(visible_contrib, visible=True)
registration.add_contributor(invisible_contrib, visible=False)
registration.add_contributor(visible_contrib2, visible=True)
registration.save()
metadata_xml = datacite_client.build_metadata(registration)
# includes visible contrib name
assert u'<givenName>{}</givenName>'.format(visible_contrib.given_name) in metadata_xml
assert u'<familyName>{}</familyName>'.format(visible_contrib.family_name) in metadata_xml
# doesn't include invisible contrib name
assert u'<givenName>{}</givenName>'.format(invisible_contrib.given_name) not in metadata_xml
assert u'<familyName>{}</familyName>'.format(invisible_contrib.family_name) not in metadata_xml
def test_turning_private_registrations_public(self, app, user, make_payload):
private_project = ProjectFactory(creator=user, is_public=False)
private_registration = RegistrationFactory(project=private_project, creator=user, is_public=False)
private_to_public_payload = make_payload(id=private_registration._id)
url = '/{}registrations/{}/'.format(API_BASE, private_registration._id)
res = app.put_json_api(url, private_to_public_payload, auth=user.auth)
assert res.json['data']['attributes']['public'] is True
private_registration.reload()
assert private_registration.is_public
def test_non_admin_can_view_node_register_page(self):
non_admin = AuthUserFactory()
self.node.add_contributor(
non_admin,
permissions.DEFAULT_CONTRIBUTOR_PERMISSIONS,
auth=self.auth,
save=True
)
reg = RegistrationFactory(project=self.node)
url = reg.web_url_for('node_register_page')
res = self.app.get(url, auth=non_admin.auth)
assert_equal(res.status_code, http.OK)
def test_check_draft_state_registered_and_deleted_and_approved(self):
reg = RegistrationFactory()
self.draft.registered_node = reg
self.draft.save()
reg.is_deleted = True
reg.save()
with mock.patch('osf.models.DraftRegistration.is_approved', mock.PropertyMock(return_value=True)):
try:
draft_views.check_draft_state(self.draft)
except HTTPError:
self.fail()
def test_add_non_node(self, app, user, institution, url_institution_nodes):
registration = RegistrationFactory(creator=user, is_public=True)
registration.affiliated_institutions.add(institution)
registration.save()
res = app.post_json_api(
url_institution_nodes,
make_payload(registration._id),
expect_errors=True, auth=user.auth
)
assert res.status_code == 404
def test_can_create_linked_registration_relationship_to_private_registration_if_read_only(self):
registration = RegistrationFactory()
registration.add_contributor(self.admin_contributor, auth=Auth(registration.creator), permissions=['read'])
registration.save()
res = self.make_request(
node_id=self.private_node._id,
reg_id=registration._id,
auth=self.admin_contributor.auth
)
assert_equal(res.status_code, 201)
linked_registrations = [r['id'] for r in res.json['data']]
assert_in(registration._id, linked_registrations)
def test_draft_with_deleted_registered_node_shows_up_in_draft_list(self):
reg = RegistrationFactory(project=self.public_project)
self.draft_registration.registered_node = reg
self.draft_registration.save()
reg.is_deleted = True
reg.save()
res = self.app.get(self.url, auth=self.user.auth)
assert_equal(res.status_code, 200)
data = res.json['data']
assert_equal(len(data), 1)
assert_equal(data[0]['attributes']['registration_supplement'], self.schema._id)
assert_equal(data[0]['id'], self.draft_registration._id)
assert_equal(data[0]['attributes']['registration_metadata'], {})
def test_can_create_linked_registration_relationship_to_private_registration_if_rw(
self, make_request, user_admin_contrib, node_private):
registration = RegistrationFactory()
registration.add_contributor(
user_admin_contrib,
auth=Auth(registration.creator))
registration.save()
res = make_request(
node_id=node_private._id,
reg_id=registration._id,
auth=user_admin_contrib.auth
)
assert res.status_code == 201
linked_registrations = [r['id'] for r in res.json['data']]
assert registration._id in linked_registrations
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin, parent=project, is_public=False)
grandchild = NodeFactory(creator=grandchild_admin, parent=child, is_public=False) # noqa
registration = RegistrationFactory(project=project)
registration._initiate_retraction(self.user)
registration.retraction._on_complete(self.user)
for each in registration.node_and_primary_descendants():
each.reload()
assert_true(each.is_public)
def test_view_project_embed_registrations_sorted_by_registered_date_descending(self):
# register a project several times, with various registered_dates
registrations = []
for days_ago in (21, 3, 2, 8, 13, 5, 1):
registration = RegistrationFactory(project=self.project)
reg_date = registration.registered_date - dt.timedelta(days_ago)
registration.registered_date = reg_date
registration.save()
registrations.append(registration)
registrations.sort(key=lambda r: r.registered_date, reverse=True)
expected = [r._id for r in registrations]
data = _view_project(node=self.project, auth=Auth(self.project.creator), embed_registrations=True)
actual = [n['id'] for n in data['node']['registrations']]
assert_equal(actual, expected)
class TestRegistrationFilesList(object):
@pytest.fixture(autouse=True)
def setUp(self):
self.app = JSONAPITestApp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(
project=self.node, creator=self.user)
# Note: folders/files added to node do not seem to get picked up by the
# Registration factory so they are added after
self.folder = self.registration.get_addon(
'osfstorage').get_root().append_folder('Archive of OSF Storage')
self.folder.save()
self.file = self.folder.append_file(
'So, on average, it has been super comfortable this week')
self.file.save()
def test_registration_relationships_contains_guid_not_id(self):
url = '/{}registrations/{}/files/{}/'.format(
API_BASE, self.registration._id, self.file.provider)
res = self.app.get(url, auth=self.user.auth)
split_href = res.json['data'][0]['relationships']['files']['links']['related']['href'].split(
'/')
assert self.registration._id in split_href
assert self.registration.id not in split_href
def setUp(self):
super(TestRestartStuckRegistrationsView, self).setUp()
self.user = AuthUserFactory()
self.registration = RegistrationFactory(creator=self.user)
self.registration.save()
self.view = RestartStuckRegistrationsView
self.request = RequestFactory().post('/fake_path')
def setUp(self):
super(RegistrationEmbargoViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(creator=self.user)
self.draft = DraftRegistrationFactory(branched_from=self.project)
self.registration = RegistrationFactory(project=self.project, creator=self.user)
current_month = timezone.now().strftime('%B')
current_year = timezone.now().strftime('%Y')
self.valid_make_public_payload = json.dumps({
u'embargoEndDate': u'Fri, 01, {month} {year} 00:00:00 GMT'.format(
month=current_month,
year=current_year
),
u'registrationChoice': 'immediate',
u'summary': unicode(fake.sentence())
})
valid_date = timezone.now() + datetime.timedelta(days=180)
self.valid_embargo_payload = json.dumps({
u'embargoEndDate': unicode(valid_date.strftime('%a, %d, %B %Y %H:%M:%S')) + u' GMT',
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
self.invalid_embargo_date_payload = json.dumps({
u'embargoEndDate': u"Thu, 01 {month} {year} 05:00:00 GMT".format(
month=current_month,
year=str(int(current_year) - 1)
),
u'registrationChoice': 'embargo',
u'summary': unicode(fake.sentence())
})
def test_draft_with_deleted_registered_node_shows_up_in_draft_list(
self, app, user, project_public,
draft_registration, schema,
url_draft_registrations):
reg = RegistrationFactory(project=project_public)
draft_registration.registered_node = reg
draft_registration.save()
reg.is_deleted = True
reg.save()
res = app.get(url_draft_registrations, auth=user.auth)
assert res.status_code == 200
data = res.json['data']
assert len(data) == 1
assert data[0]['attributes']['registration_supplement'] == schema._id
assert data[0]['id'] == draft_registration._id
assert data[0]['attributes']['registration_metadata'] == {}
def setUp(self):
super(RegistrationApprovalModelTestCase, self).setUp()
self.user = UserFactory()
self.project = ProjectFactory(creator=self.user)
self.registration = RegistrationFactory(project=self.project)
self.embargo = EmbargoFactory(user=self.user)
self.valid_embargo_end_date = timezone.now() + datetime.timedelta(days=3)
def registration(self, user, project):
return RegistrationFactory(
project=project, creator=user, is_public=True)
def registration_private(self, node_private):
return RegistrationFactory(project=node_private, is_public=False)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki = WikiVersion.objects.get_for_node(self.public_registration, 'home')
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/versions/{}/content/'.format(API_BASE, self.public_registration_wiki.wiki_page._id, self.public_registration_wiki.identifier)
class TestWikiVersionContentView(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self):
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_wiki = self._add_project_wiki_version(self.public_project, self.user)
self.public_url = '/{}wikis/{}/versions/{}/content/'.format(API_BASE, self.public_wiki.wiki_page._id, self.public_wiki.identifier)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_version(self.private_project, self.user)
self.private_url = '/{}wikis/{}/versions/{}/content/'.format(API_BASE, self.private_wiki.wiki_page._id, self.private_wiki.identifier)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki = WikiVersion.objects.get_for_node(self.public_registration, 'home')
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/versions/{}/content/'.format(API_BASE, self.public_registration_wiki.wiki_page._id, self.public_registration_wiki.identifier)
def test_logged_out_user_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_non_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_in_contributor_can_get_public_wiki_content(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.public_wiki.content)
def test_logged_out_user_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
def test_logged_in_non_contributor_cannot_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_logged_in_contributor_can_get_private_wiki_content(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.private_wiki.content)
def test_older_versions_content_can_be_accessed(self):
self._set_up_private_project_with_wiki_page()
# Create a second version
wiki_version = self.private_wiki.wiki_page.update(self.user, 'Second draft of wiki')
wiki_page = wiki_version.wiki_page
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, self.private_wiki.content)
self.private_url_latest = '/{}wikis/{}/versions/{}/content/'.format(API_BASE, wiki_page._id, wiki_version.identifier)
res = self.app.get(self.private_url_latest, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'text/markdown')
assert_equal(res.body, wiki_version.content)
def test_user_cannot_get_withdrawn_registration_wiki_content(self):
self._set_up_public_registration_with_wiki_page()
withdrawal = self.public_registration.retract_registration(user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.public_registration_url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 403)
class RegistrationListFilteringMixin(object):
def setUp(self):
super(RegistrationListFilteringMixin, self).setUp()
assert self.url, 'Subclasses of RegistrationListFilteringMixin must define self.url'
self.user = AuthUserFactory()
self.A = ProjectFactory(creator=self.user)
self.B1 = NodeFactory(parent=self.A, creator=self.user)
self.B2 = NodeFactory(parent=self.A, creator=self.user)
self.C1 = NodeFactory(parent=self.B1, creator=self.user)
self.C2 = NodeFactory(parent=self.B2, creator=self.user)
self.D2 = NodeFactory(parent=self.C2, creator=self.user)
self.node_A = RegistrationFactory(project=self.A, creator=self.user)
self.node_B2 = RegistrationFactory(project=self.B2, creator=self.user)
self.parent_url = '{}filter[parent]='.format(self.url)
self.root_url = '{}filter[root]='.format(self.url)
def test_parent_filter_null(self):
expected = [self.node_A._id, self.node_B2._id]
res = self.app.get('{}null'.format(self.parent_url),
auth=self.user.auth)
actual = [node['id'] for node in res.json['data']]
assert_equal(set(expected), set(actual))
def test_parent_filter_equals_returns_one(self):
expected = [n._id for n in self.node_B2.get_nodes()]
res = self.app.get('{}{}'.format(self.parent_url, self.node_B2._id),
auth=self.user.auth)
actual = [node['id'] for node in res.json['data']]
assert_equal(len(actual), 1)
assert_equal(expected, actual)
def test_parent_filter_equals_returns_multiple(self):
expected = [n._id for n in self.node_A.get_nodes()]
res = self.app.get('{}{}'.format(self.parent_url, self.node_A._id),
auth=self.user.auth)
actual = [node['id'] for node in res.json['data']]
assert_equal(len(actual), 2)
assert_equal(set(expected), set(actual))
def test_root_filter_null(self):
res = self.app.get('{}null'.format(self.root_url),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
assert_equal(res.json['errors'][0]['source']['parameter'], 'filter')
def test_root_filter_equals_returns_branch(self):
expected = [n._id for n in Node.objects.get_children(self.node_B2)]
expected.append(self.node_B2._id)
res = self.app.get('{}{}'.format(self.root_url, self.node_B2._id),
auth=self.user.auth)
actual = [node['id'] for node in res.json['data']]
assert_equal(set(expected), set(actual))
def test_root_filter_equals_returns_tree(self):
expected = [n._id for n in Node.objects.get_children(self.node_A)]
expected.append(self.node_A._id)
res = self.app.get('{}{}'.format(self.root_url, self.node_A._id),
auth=self.user.auth)
actual = [node['id'] for node in res.json['data']]
assert_equal(len(actual), 6)
assert_equal(set(expected), set(actual))
def test_registration():
registration = RegistrationFactory(schema=get_default_test_schema())
registration.schema_responses.clear()
registration.registration_responses = dict(DEFAULT_RESPONSES)
registration.save()
return registration
def registration_public(self, admin, institution):
registration = RegistrationFactory(creator=admin, is_public=True)
registration.affiliated_institutions.add(institution)
registration.save()
return registration
def registration_pending(self, admin, institution):
registration = RegistrationFactory(creator=admin)
registration.affiliated_institutions.add(institution)
registration.save()
return registration
class RegistrationRetractionApprovalDisapprovalViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionApprovalDisapprovalViewsTestCase,
self).setUp()
self.user = AuthUserFactory()
self.registered_from = ProjectFactory(is_public=True,
creator=self.user)
self.registration = RegistrationFactory(is_public=True,
project=self.registered_from)
self.registration.retract_registration(self.user)
self.registration.save()
self.approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
self.corrupt_token = fake.sentence()
self.token_without_sanction = tokens.encode({
'action': 'approve_retraction',
'user_id': self.user._id,
'sanction_id': 'invalid id'
})
# node_registration_retraction_approve_tests
def test_GET_approve_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(
self):
unauthorized_user = AuthUserFactory()
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.approval_token),
auth=unauthorized_user.auth,
expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
def test_GET_approve_registration_without_retraction_returns_HTTPError_BAD_REQUEST(
self):
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.reject(self.user, self.rejection_token)
assert_false(self.registration.is_pending_retraction)
self.registration.retraction.save()
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.approval_token),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_invalid_token_returns_HTTPError_BAD_REQUEST(
self):
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.corrupt_token),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_non_existant_sanction_returns_HTTPError_BAD_REQUEST(
self):
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.token_without_sanction),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_approve_with_valid_token_returns_200(self):
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.approval_token),
auth=self.user.auth)
self.registration.retraction.reload()
assert_true(self.registration.is_retracted)
assert_false(self.registration.is_pending_retraction)
assert_equal(res.status_code, http.OK)
# node_registration_retraction_disapprove_tests
def test_GET_disapprove_from_unauthorized_user_returns_HTTPError_UNAUTHORIZED(
self):
unauthorized_user = AuthUserFactory()
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.rejection_token),
auth=unauthorized_user.auth,
expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
def test_GET_disapprove_registration_without_retraction_returns_HTTPError_BAD_REQUEST(
self):
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.reject(self.user, self.rejection_token)
assert_false(self.registration.is_pending_retraction)
self.registration.retraction.save()
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.rejection_token),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_disapprove_with_invalid_token_HTTPError_BAD_REQUEST(self):
res = self.app.get(self.registration.web_url_for(
'view_project', token=self.corrupt_token),
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_GET_disapprove_with_valid_token_returns_redirect(self):
res = self.app.get(
self.registration.web_url_for('view_project',
token=self.rejection_token),
auth=self.user.auth,
)
self.registration.retraction.reload()
assert_false(self.registration.is_retracted)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.retraction.is_rejected)
assert_equal(res.status_code, http.OK)
class TestInstitutionRegistrationList(ApiTestCase):
def setUp(self):
super(TestInstitutionRegistrationList, self).setUp()
self.institution = InstitutionFactory()
self.registration1 = RegistrationFactory(is_public=True)
self.registration1.affiliated_institutions.add(self.institution)
self.registration1.save()
self.user1 = AuthUserFactory()
self.user2 = AuthUserFactory()
self.registration2 = RegistrationFactory(
creator=self.user1, is_public=False)
self.registration2.affiliated_institutions.add(self.institution)
self.registration2.add_contributor(self.user2, auth=Auth(self.user1))
self.registration2.save()
self.registration3 = RegistrationFactory(
creator=self.user2, is_public=False)
self.registration3.affiliated_institutions.add(self.institution)
self.registration3.save()
self.institution_node_url = '/{0}institutions/{1}/registrations/'.format(
API_BASE, self.institution._id)
def test_return_all_public_nodes(self):
res = self.app.get(self.institution_node_url)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_not_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_does_not_return_private_nodes_with_auth(self):
res = self.app.get(self.institution_node_url, auth=self.user1.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_in(self.registration1._id, ids)
assert_not_in(self.registration2._id, ids)
assert_not_in(self.registration3._id, ids)
def test_doesnt_return_retractions_without_auth(self):
self.registration2.is_public = True
self.registration2.save()
retraction = WithdrawnRegistrationFactory(
registration=self.registration2, user=self.user1)
assert_true(self.registration2.is_retracted)
res = self.app.get(self.institution_node_url)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_not_in(self.registration2._id, ids)
def test_doesnt_return_retractions_with_auth(self):
retraction = WithdrawnRegistrationFactory(
registration=self.registration2, user=self.user1)
assert_true(self.registration2.is_retracted)
res = self.app.get(self.institution_node_url, auth=self.user1.auth)
assert_equal(res.status_code, 200)
ids = [each['id'] for each in res.json['data']]
assert_not_in(self.registration2._id, ids)
@pytest.mark.enable_quickfiles_creation
def test_total_biographic_contributor_in_institution_registration(self):
user3 = AuthUserFactory()
registration3 = RegistrationFactory(is_public=True, creator=self.user1)
registration3.affiliated_institutions.add(self.institution)
registration3.add_contributor(self.user2, auth=Auth(self.user1))
registration3.add_contributor(
user3, auth=Auth(self.user1), visible=False)
registration3.save()
registration3_url = '/{0}registrations/{1}/?embed=contributors'.format(
API_BASE, registration3._id)
res = self.app.get(registration3_url)
assert_true(
res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic']
)
assert_equal(
res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic'],
2
)
def registration(self, registration_provider):
return RegistrationFactory(provider=registration_provider)
def registration(self, user):
return RegistrationFactory(creator=user)
def registration_two(self, node_two):
return RegistrationFactory(project=node_two, is_public=True)
def node_one(self, institution):
# Fixture override for TestNodeInstitutionList
node_one = RegistrationFactory(is_public=True)
node_one.affiliated_institutions.add(institution)
node_one.save()
return node_one
def control_registration():
return RegistrationFactory()
def node_two(self, user):
# Fixture override for TestNodeInstitutionList
return RegistrationFactory(creator=user)
def nested_registration(test_registration):
registration = RegistrationFactory(
project=ProjectFactory(parent=test_registration.registered_from),
parent=test_registration)
registration.schema_responses.clear()
return registration
class RegistrationWithChildNodesRetractionModelTestCase(OsfTestCase):
def setUp(self):
super(RegistrationWithChildNodesRetractionModelTestCase, self).setUp()
self.user = AuthUserFactory()
self.auth = self.user.auth
self.project = ProjectFactory(is_public=True, creator=self.user)
self.component = NodeFactory(creator=self.user,
parent=self.project,
title='Component')
self.subproject = ProjectFactory(creator=self.user,
parent=self.project,
title='Subproject')
self.subproject_component = NodeFactory(creator=self.user,
parent=self.subproject,
title='Subcomponent')
self.registration = RegistrationFactory(project=self.project,
is_public=True)
# Reload the registration; else tests won't catch failures to svae
self.registration.reload()
@mock.patch('website.project.tasks.format_node')
@mock.patch('website.project.tasks.format_registration')
@mock.patch('website.project.tasks.settings.SHARE_URL', 'ima_real_website')
@mock.patch('website.project.tasks.settings.SHARE_API_TOKEN',
'totaly_real_token')
@mock.patch('website.project.tasks.send_share_node_data')
def test_approval_retracts_descendant_nodes(self, mock_update_share,
mock_format_registration,
mock_format_node):
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending registration
descendants = self.registration.get_descendants_recursive()
for node in descendants:
node.save()
assert_true(node.is_pending_retraction)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_retracted)
# Ensure descendant nodes are retracted
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
assert mock_update_share.called
assert mock_format_registration.called
assert not mock_format_node.called
def test_disapproval_cancels_retraction_on_descendant_nodes(self):
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending registration
descendants = self.registration.get_descendants_recursive()
for node in descendants:
node.save()
assert_true(node.is_pending_retraction)
# Disapprove parent registration's retraction
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(
self.user, rejection_token)
assert_false(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
assert_true(self.registration.retraction.is_rejected)
# Ensure descendant nodes' retractions are cancelled
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_false(node.is_pending_retraction)
assert_false(node.is_retracted)
@mock.patch('website.project.tasks.settings.SHARE_URL', 'ima_real_website')
@mock.patch('website.project.tasks.settings.SHARE_API_TOKEN',
'totaly_real_token')
@mock.patch('website.project.tasks.send_share_node_data')
def test_approval_cancels_pending_embargoes_on_descendant_nodes(
self, mock_update_share):
# Initiate embargo for registration
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_retraction)
assert_true(node.is_pending_embargo)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
assert_false(node.is_pending_embargo)
assert mock_update_share.called
@mock.patch('website.project.tasks.settings.SHARE_URL', 'ima_real_website')
@mock.patch('website.project.tasks.settings.SHARE_API_TOKEN',
'totaly_real_token')
@mock.patch('website.project.tasks.send_share_node_data')
def test_approval_cancels_active_embargoes_on_descendant_nodes(
self, mock_update_share):
# Initiate embargo for registration
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
# Approve embargo for registration
embargo_approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user,
embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
# Initiate retraction for parent registration
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_pending_retraction)
assert_true(node.embargo_end_date)
# Approve parent registration's retraction
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_retracted)
# Ensure descendant nodes are not pending embargo
descendants = self.registration.get_descendants_recursive()
for node in descendants:
assert_true(node.is_retracted)
assert mock_update_share.called
def registration(self, user):
return RegistrationFactory(creator=user, comment_level='private')
class RegistrationRetractionModelsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionModelsTestCase, self).setUp()
self.user = UserFactory()
self.registration = RegistrationFactory(creator=self.user,
is_public=True)
self.valid_justification = fake.sentence()
self.invalid_justification = fake.text(max_nb_chars=3000)
def test_set_public_registration_to_private_raises_NodeStateException(
self):
self.registration.save()
with assert_raises(NodeStateError):
self.registration.set_privacy('private')
self.registration.reload()
assert_true(self.registration.is_public)
def test_initiate_retraction_saves_retraction(self):
initial_count = Retraction.objects.all().count()
self.registration._initiate_retraction(self.user)
assert_equal(Retraction.objects.all().count(), initial_count + 1)
def test__initiate_retraction_does_not_create_tokens_for_unregistered_admin(
self):
unconfirmed_user = UnconfirmedUserFactory()
Contributor.objects.create(node=self.registration,
user=unconfirmed_user)
self.registration.add_permission(unconfirmed_user, 'admin', save=True)
assert_true(self.registration.has_permission(unconfirmed_user,
'admin'))
retraction = self.registration._initiate_retraction(self.user)
assert_true(self.user._id in retraction.approval_state)
assert_false(unconfirmed_user._id in retraction.approval_state)
def test__initiate_retraction_adds_admins_on_child_nodes(self):
project_admin = UserFactory()
project_non_admin = UserFactory()
child_admin = UserFactory()
child_non_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin)
project.add_contributor(project_non_admin,
auth=Auth(project.creator),
save=True)
child = NodeFactory(creator=child_admin, parent=project)
child.add_contributor(child_non_admin,
auth=Auth(child.creator),
save=True)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child) # noqa
registration = RegistrationFactory(project=project)
retraction = registration._initiate_retraction(registration.creator)
assert_in(project_admin._id, retraction.approval_state)
assert_in(child_admin._id, retraction.approval_state)
assert_in(grandchild_admin._id, retraction.approval_state)
assert_not_in(project_non_admin._id, retraction.approval_state)
assert_not_in(child_non_admin._id, retraction.approval_state)
# Backref tests
def test_retraction_initiator_has_backref(self):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_equal(
Retraction.objects.filter(initiated_by=self.user).count(), 1)
# Node#retract_registration tests
def test_pending_retract(self):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
assert_equal(self.registration.retraction.justification,
self.valid_justification)
assert_equal(self.registration.retraction.initiated_by, self.user)
assert_equal(self.registration.retraction.initiation_date.date(),
timezone.now().date())
def test_retract_component_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
NodeFactory(is_public=True, creator=self.user, parent=project)
registration = RegistrationFactory(is_public=True, project=project)
with assert_raises(NodeStateError):
registration._nodes.first().retract_registration(
self.user, self.valid_justification)
def test_long_justification_raises_ValidationValueError(self):
with assert_raises(DataError):
self.registration.retract_registration(self.user,
self.invalid_justification)
self.registration.save()
assert_is_none(self.registration.retraction)
def test_retract_private_registration_raises_NodeStateError(self):
self.registration.is_public = False
with assert_raises(NodeStateError):
self.registration.retract_registration(self.user,
self.valid_justification)
self.registration.save()
self.registration.reload()
assert_is_none(self.registration.retraction)
def test_retraction_of_registration_pending_embargo_cancels_embargo(self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_retraction_of_registration_in_active_embargo_cancels_embargo(
self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user,
embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
# Retraction#approve_retraction_tests
def test_invalid_approval_token_raises_InvalidSanctionApprovalToken(self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionApprovalToken):
self.registration.retraction.approve_retraction(
self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_approval_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
with assert_raises(PermissionsError):
self.registration.retraction.approve_retraction(
non_admin, approval_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_approval_with_one_admin_retracts(self):
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
assert_true(self.registration.is_pending_retraction)
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_retracted)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
def test_approval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
# Logs: Created, registered, retraction initiated, retraction approved
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 2)
def test_retraction_of_registration_pending_embargo_cancels_embargo_public(
self):
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_approval_of_registration_with_embargo_adds_to_parent_projects_log(
self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
self.registration.retract_registration(self.user)
self.registration.save()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
# Logs: Created, registered, embargo initiated, retraction initiated, retraction approved, embargo cancelled
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 4)
def test_retraction_of_public_registration_in_active_embargo_cancels_embargo(
self):
self.registration.is_public = True
self.registration.embargo_registration(self.user,
timezone.now() +
datetime.timedelta(days=10),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
embargo_approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve_embargo(self.user,
embargo_approval_token)
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo_end_date)
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
retraction_approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, retraction_approval_token)
assert_false(self.registration.is_pending_retraction)
assert_true(self.registration.is_retracted)
self.registration.embargo.reload()
assert_false(self.registration.is_pending_embargo)
assert_true(self.registration.embargo.is_rejected)
def test_two_approvals_with_two_admins_retracts(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
# First admin approves
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Second admin approves
approval_token = self.registration.retraction.approval_state[
self.admin2._id]['approval_token']
self.registration.retraction.approve_retraction(
self.admin2, approval_token)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 2)
assert_true(self.registration.is_retracted)
def test_one_approval_with_two_admins_stays_pending(self):
self.admin2 = UserFactory()
Contributor.objects.create(node=self.registration, user=self.admin2)
self.registration.add_permission(self.admin2, 'admin', save=True)
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.approve_retraction(
self.user, approval_token)
assert_true(self.registration.is_pending_retraction)
num_of_approvals = sum([
val['has_approved']
for val in self.registration.retraction.approval_state.values()
])
assert_equal(num_of_approvals, 1)
# Retraction#disapprove_retraction tests
def test_invalid_rejection_token_raises_InvalidSanctionRejectionToken(
self):
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
with assert_raises(InvalidSanctionRejectionToken):
self.registration.retraction.disapprove_retraction(
self.user, fake.sentence())
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_admin_rejection_token_raises_PermissionsError(self):
non_admin = UserFactory()
self.registration.retract_registration(self.user)
self.registration.save()
assert_true(self.registration.is_pending_retraction)
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
with assert_raises(PermissionsError):
self.registration.retraction.disapprove_retraction(
non_admin, rejection_token)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_one_disapproval_cancels_retraction(self):
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
assert_equal(self.registration.retraction.state, Retraction.UNAPPROVED)
self.registration.retraction.disapprove_retraction(
self.user, rejection_token)
assert_true(self.registration.retraction.is_rejected)
def test_disapproval_adds_to_parent_projects_log(self):
initial_project_logs = self.registration.registered_from.logs.count()
self.registration.retract_registration(self.user)
self.registration.save()
self.registration.reload()
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
self.registration.retraction.disapprove_retraction(
self.user, rejection_token)
# Logs: Created, registered, retraction initiated, retraction cancelled
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 2)
def test__on_complete_makes_project_and_components_public(self):
project_admin = UserFactory()
child_admin = UserFactory()
grandchild_admin = UserFactory()
project = ProjectFactory(creator=project_admin, is_public=False)
child = NodeFactory(creator=child_admin,
parent=project,
is_public=False)
grandchild = NodeFactory(creator=grandchild_admin,
parent=child,
is_public=False) # noqa
registration = RegistrationFactory(project=project)
registration._initiate_retraction(self.user)
registration.retraction._on_complete(self.user)
for each in registration.node_and_primary_descendants():
each.reload()
assert_true(each.is_public)
# Retraction property tests
def test_new_retraction_is_pending_retraction(self):
self.registration.retract_registration(self.user)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def registration(self, admin, contrib):
registration = RegistrationFactory(creator=admin)
registration.add_contributor(admin, 'admin')
registration.add_contributor(contrib, 'write')
update_provider_auth_groups()
return registration
def registration(self, node):
reg = RegistrationFactory(is_public=True)
IdentifierFactory(referent=reg, category='doi')
reg.archive_jobs.clear(
) # if reg.archiving is True it will skip updating SHARE
return reg
class TestWikiDetailView(ApiWikiTestCase):
def _set_up_public_project_with_wiki_page(self, project_options=None):
project_options = project_options or {}
self.public_project = ProjectFactory(is_public=True,
creator=self.user,
**project_options)
self.public_wiki = self._add_project_wiki_page(self.public_project,
self.user)
self.public_url = '/{}wikis/{}/'.format(API_BASE, self.public_wiki._id)
def _set_up_private_project_with_wiki_page(self):
self.private_project = ProjectFactory(creator=self.user)
self.private_wiki = self._add_project_wiki_page(
self.private_project, self.user)
self.private_url = '/{}wikis/{}/'.format(API_BASE,
self.private_wiki._id)
def _set_up_public_registration_with_wiki_page(self):
self._set_up_public_project_with_wiki_page()
self.public_registration = RegistrationFactory(
project=self.public_project, user=self.user, is_public=True)
self.public_registration_wiki_id = self.public_registration.wiki_pages_versions[
'home'][0]
self.public_registration.wiki_pages_current = {
'home': self.public_registration_wiki_id
}
self.public_registration.save()
self.public_registration_url = '/{}wikis/{}/'.format(
API_BASE, self.public_registration_wiki_id)
def _set_up_private_registration_with_wiki_page(self):
self._set_up_private_project_with_wiki_page()
self.private_registration = RegistrationFactory(
project=self.private_project, user=self.user)
self.private_registration_wiki_id = self.private_registration.wiki_pages_versions[
'home'][0]
self.private_registration.wiki_pages_current = {
'home': self.private_registration_wiki_id
}
self.private_registration.save()
self.private_registration_url = '/{}wikis/{}/'.format(
API_BASE, self.private_registration_wiki_id)
def test_public_node_logged_out_user_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_public_node_logged_in_non_contributor_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_public_node_logged_in_contributor_can_view_wiki(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_wiki._id)
def test_private_node_logged_out_user_cannot_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'],
'Authentication credentials were not provided.')
def test_private_node_logged_in_non_contributor_cannot_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
def test_private_node_logged_in_contributor_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_private_node_user_with_anonymous_link_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
private_link = PrivateLinkFactory(anonymous=True)
private_link.nodes.add(self.private_project)
private_link.save()
url = furl.furl(self.private_url).add(query_params={
'view_only': private_link.key
}).url
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_private_node_user_with_view_only_link_can_view_wiki(self):
self._set_up_private_project_with_wiki_page()
private_link = PrivateLinkFactory(anonymous=False)
private_link.nodes.add(self.private_project)
private_link.save()
url = furl.furl(self.private_url).add(query_params={
'view_only': private_link.key
}).url
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_wiki._id)
def test_public_registration_logged_out_user_cannot_view_wiki(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url, expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_public_registration_logged_in_non_contributor_cannot_view_wiki(
self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_public_registration_contributor_can_view_wiki(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.public_registration_wiki_id)
def test_user_cannot_view_withdrawn_registration_wikis(self):
self._set_up_public_registration_with_wiki_page()
# TODO: Remove mocking when StoredFileNode is implemented
with mock.patch('osf.models.AbstractNode.update_search'):
withdrawal = self.public_registration.retract_registration(
user=self.user, save=True)
token = withdrawal.approval_state.values()[0]['approval_token']
withdrawal.approve_retraction(self.user, token)
withdrawal.save()
res = self.app.get(self.public_registration_url,
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
def test_private_registration_logged_out_user_cannot_view_wiki(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert_equal(res.json['errors'][0]['detail'],
'Authentication credentials were not provided.')
def test_private_registration_logged_in_non_contributor_cannot_view_wiki(
self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url,
auth=self.non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'],
'You do not have permission to perform this action.')
def test_private_registration_contributor_can_view_wiki(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data']['id'], self.private_registration_wiki_id)
def test_wiki_has_user_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['relationships']['user']['links']['related'][
'href']
expected_url = '/{}users/{}/'.format(API_BASE, self.user._id)
assert_equal(res.status_code, 200)
assert_equal(urlparse(url).path, expected_url)
def test_wiki_has_node_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['relationships']['node']['links']['related'][
'href']
expected_url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
assert_equal(res.status_code, 200)
assert_equal(urlparse(url).path, expected_url)
def test_wiki_has_comments_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
url = res.json['data']['relationships']['comments']['links'][
'related']['href']
comment = CommentFactory(node=self.public_project,
target=Guid.load(self.public_wiki._id),
user=self.user)
res = self.app.get(url)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['type'], 'comments')
def test_only_project_contrib_can_comment_on_closed_project(self):
self._set_up_public_project_with_wiki_page(
project_options={'comment_level': 'private'})
res = self.app.get(self.public_url, auth=self.user.auth)
can_comment = res.json['data']['attributes'][
'current_user_can_comment']
assert_equal(res.status_code, 200)
assert_equal(can_comment, True)
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
can_comment = res.json['data']['attributes'][
'current_user_can_comment']
assert_equal(res.status_code, 200)
assert_equal(can_comment, False)
def test_any_loggedin_user_can_comment_on_open_project(self):
self._set_up_public_project_with_wiki_page(
project_options={'comment_level': 'public'})
res = self.app.get(self.public_url, auth=self.non_contributor.auth)
can_comment = res.json['data']['attributes'][
'current_user_can_comment']
assert_equal(res.status_code, 200)
assert_equal(can_comment, True)
def test_non_logged_in_user_cant_comment(self):
self._set_up_public_project_with_wiki_page(
project_options={'comment_level': 'public'})
res = self.app.get(self.public_url)
can_comment = res.json['data']['attributes'][
'current_user_can_comment']
assert_equal(res.status_code, 200)
assert_equal(can_comment, False)
def test_wiki_has_download_link(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
url = res.json['data']['links']['download']
expected_url = '/{}wikis/{}/content/'.format(API_BASE,
self.public_wiki._id)
assert_equal(res.status_code, 200)
assert_in(expected_url, url)
def test_wiki_invalid_id_not_found(self):
url = '/{}wikis/{}/'.format(API_BASE, 'abcde')
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 404)
def test_old_wiki_versions_not_returned(self):
self._set_up_public_project_with_wiki_page()
# TODO: Remove mocking when StoredFileNode is implemented
with mock.patch('osf.models.AbstractNode.update_search'):
current_wiki = NodeWikiFactory(node=self.public_project,
user=self.user)
old_version_id = self.public_project.wiki_pages_versions[
current_wiki.page_name][-2]
old_version = NodeWikiPage.load(old_version_id)
url = '/{}wikis/{}/'.format(API_BASE, old_version._id)
res = self.app.get(url, expect_errors=True)
assert_equal(res.status_code, 404)
def test_public_node_wiki_relationship_links(self):
self._set_up_public_project_with_wiki_page()
res = self.app.get(self.public_url)
expected_nodes_relationship_url = '{}nodes/{}/'.format(
API_BASE, self.public_project._id)
expected_comments_relationship_url = '{}nodes/{}/comments/'.format(
API_BASE, self.public_project._id)
assert_in(
expected_nodes_relationship_url, res.json['data']['relationships']
['node']['links']['related']['href'])
assert_in(
expected_comments_relationship_url, res.json['data']
['relationships']['comments']['links']['related']['href'])
def test_private_node_wiki_relationship_links(self):
self._set_up_private_project_with_wiki_page()
res = self.app.get(self.private_url, auth=self.user.auth)
expected_nodes_relationship_url = '{}nodes/{}/'.format(
API_BASE, self.private_project._id)
expected_comments_relationship_url = '{}nodes/{}/comments/'.format(
API_BASE, self.private_project._id)
assert_in(
expected_nodes_relationship_url, res.json['data']['relationships']
['node']['links']['related']['href'])
assert_in(
expected_comments_relationship_url, res.json['data']
['relationships']['comments']['links']['related']['href'])
def test_public_registration_wiki_relationship_links(self):
self._set_up_public_registration_with_wiki_page()
res = self.app.get(self.public_registration_url)
expected_nodes_relationship_url = '{}registrations/{}/'.format(
API_BASE, self.public_registration._id)
expected_comments_relationship_url = '{}registrations/{}/comments/'.format(
API_BASE, self.public_registration._id)
assert_in(
expected_nodes_relationship_url, res.json['data']['relationships']
['node']['links']['related']['href'])
assert_in(
expected_comments_relationship_url, res.json['data']
['relationships']['comments']['links']['related']['href'])
def test_private_registration_wiki_relationship_links(self):
self._set_up_private_registration_with_wiki_page()
res = self.app.get(self.private_registration_url, auth=self.user.auth)
expected_nodes_relationship_url = '{}registrations/{}/'.format(
API_BASE, self.private_registration._id)
expected_comments_relationship_url = '{}registrations/{}/comments/'.format(
API_BASE, self.private_registration._id)
assert_in(
expected_nodes_relationship_url, res.json['data']['relationships']
['node']['links']['related']['href'])
assert_in(
expected_comments_relationship_url, res.json['data']
['relationships']['comments']['links']['related']['href'])
def reg_with_abstract(self, node_with_abstract):
return RegistrationFactory(project=node_with_abstract, is_public=True)
def test_add_incorrect_permissions(self, app, admin, user, affiliated_user,
registration_no_affiliation,
url_institution_registrations,
institution):
# No authentication
res = app.post_json_api(
url_institution_registrations,
make_registration_payload(registration_no_affiliation._id),
expect_errors=True,
)
assert res.status_code == 401
# User has no permission
res = app.post_json_api(url_institution_registrations,
make_registration_payload(
registration_no_affiliation._id),
expect_errors=True,
auth=AuthUserFactory().auth)
assert res.status_code == 403
# User has read permission
registration_no_affiliation.add_contributor(
affiliated_user, permissions=[permissions.READ])
registration_no_affiliation.save()
res = app.post_json_api(url_institution_registrations,
make_registration_payload(
registration_no_affiliation._id),
auth=user.auth,
expect_errors=True)
assert res.status_code == 403
# User is admin but not affiliated
registration = RegistrationFactory(creator=user)
res = app.post_json_api(url_institution_registrations,
make_registration_payload(registration._id),
expect_errors=True,
auth=user.auth)
assert res.status_code == 403
registration.reload()
assert institution not in registration.affiliated_institutions.all()
# Registration does not exist
res = app.post_json_api(url_institution_registrations,
make_registration_payload('notIdatAll'),
expect_errors=True,
auth=admin.auth)
assert res.status_code == 404
# Attempt to use endpoint on Node
res = app.post_json_api(url_institution_registrations, {
'data': [{
'type': 'nodes',
'id': NodeFactory(creator=admin)._id
}]
},
expect_errors=True,
auth=admin.auth)
assert res.status_code == 409
registration_no_affiliation.reload()
assert institution not in registration_no_affiliation.affiliated_institutions.all(
)
class RegistrationRetractionViewsTestCase(OsfTestCase):
def setUp(self):
super(RegistrationRetractionViewsTestCase, self).setUp()
self.user = AuthUserFactory()
self.registered_from = ProjectFactory(creator=self.user,
is_public=True)
self.registration = RegistrationFactory(project=self.registered_from,
is_public=True)
self.retraction_post_url = self.registration.api_url_for(
'node_registration_retraction_post')
self.retraction_get_url = self.registration.web_url_for(
'node_registration_retraction_get')
self.justification = fake.sentence()
def test_GET_retraction_page_when_pending_retraction_returns_HTTPError_BAD_REQUEST(
self):
self.registration.retract_registration(self.user)
self.registration.save()
res = self.app.get(
self.retraction_get_url,
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.BAD_REQUEST)
def test_POST_retraction_to_private_registration_returns_HTTPError_FORBIDDEN(
self):
self.registration.is_public = False
self.registration.save()
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.FORBIDDEN)
self.registration.reload()
assert_is_none(self.registration.retraction)
@mock.patch('website.mails.send_mail')
def test_POST_retraction_does_not_send_email_to_unregistered_admins(
self, mock_send_mail):
unreg = UnregUserFactory()
self.registration.add_unregistered_contributor(
unreg.fullname,
unreg.email,
auth=Auth(self.user),
permissions=['read', 'write', 'admin'],
existing_user=unreg)
self.registration.save()
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
# Only the creator gets an email; the unreg user does not get emailed
assert_equal(mock_send_mail.call_count, 1)
def test_POST_pending_embargo_returns_HTTPError_HTTPOK(self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_true(self.registration.is_pending_retraction)
def test_POST_active_embargo_returns_HTTPOK(self):
self.registration.embargo_registration(
self.user, (timezone.now() + datetime.timedelta(days=10)),
for_existing_registration=True)
self.registration.save()
assert_true(self.registration.is_pending_embargo)
approval_token = self.registration.embargo.approval_state[
self.user._id]['approval_token']
self.registration.embargo.approve(self.user, approval_token)
assert_true(self.registration.embargo_end_date)
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_true(self.registration.is_pending_retraction)
def test_POST_retraction_by_non_admin_retract_HTTPError_UNAUTHORIZED(self):
res = self.app.post_json(self.retraction_post_url, expect_errors=True)
assert_equals(res.status_code, http.UNAUTHORIZED)
self.registration.reload()
assert_is_none(self.registration.retraction)
@mock.patch('website.mails.send_mail')
def test_POST_retraction_without_justification_returns_HTTPOK(
self, mock_send):
res = self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
assert_equal(res.status_code, http.OK)
self.registration.reload()
assert_false(self.registration.is_retracted)
assert_true(self.registration.is_pending_retraction)
assert_is_none(self.registration.retraction.justification)
@mock.patch('website.mails.send_mail')
def test_valid_POST_retraction_adds_to_parent_projects_log(
self, mock_send):
initial_project_logs = self.registration.registered_from.logs.count()
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
self.registration.registered_from.reload()
# Logs: Created, registered, retraction initiated
assert_equal(self.registration.registered_from.logs.count(),
initial_project_logs + 1)
@mock.patch('website.mails.send_mail')
def test_valid_POST_retraction_when_pending_retraction_raises_400(
self, mock_send):
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
res = self.app.post_json(self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
expect_errors=True)
assert_equal(res.status_code, 400)
@mock.patch('website.mails.send_mail')
def test_valid_POST_calls_send_mail_with_username(self, mock_send):
self.app.post_json(
self.retraction_post_url,
{'justification': ''},
auth=self.user.auth,
)
assert_true(mock_send.called)
args, kwargs = mock_send.call_args
assert_true(self.user.username in args)
def test_non_contributor_GET_approval_returns_HTTPError_UNAUTHORIZED(self):
non_contributor = AuthUserFactory()
self.registration.retract_registration(self.user)
approval_token = self.registration.retraction.approval_state[
self.user._id]['approval_token']
approval_url = self.registration.web_url_for('view_project',
token=approval_token)
res = self.app.get(approval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def test_non_contributor_GET_disapproval_returns_HTTPError_UNAUTHORIZED(
self):
non_contributor = AuthUserFactory()
self.registration.retract_registration(self.user)
rejection_token = self.registration.retraction.approval_state[
self.user._id]['rejection_token']
disapproval_url = self.registration.web_url_for('view_project',
token=rejection_token)
res = self.app.get(disapproval_url,
auth=non_contributor.auth,
expect_errors=True)
assert_equal(res.status_code, http.UNAUTHORIZED)
assert_true(self.registration.is_pending_retraction)
assert_false(self.registration.is_retracted)
def registration_no_owner(self):
return RegistrationFactory(is_public=True)
def registration(self, user_one, public_project_user_one):
return RegistrationFactory(project=public_project_user_one,
creator=user_one,
is_public=True)
def registration(self, user):
return RegistrationFactory(creator=user, is_public=True)
def registration_no_affiliation(self, admin):
return RegistrationFactory(creator=admin)
