def manage_sources_token_two_groups(group_admin_user_two_groups):
token_id = create_token(
ACLs=["Manage sources"],
user_id=group_admin_user_two_groups.id,
name=str(uuid.uuid4()),
)
return token_id
def upload_data_token_two_groups(user_two_groups):
token_id = create_token(
ACLs=["Upload data"],
user_id=user_two_groups.id,
name=str(uuid.uuid4()),
)
return token_id
def test_token_user_post_photometry_data_series(driver, public_group,
public_source):
auth_token = create_token(public_group.id, ['Upload data'])
response = requests.post(
f'{driver.server_url}/api/photometry',
json={
'sourceID':
str(public_source.id),
'obsTime': [
str(datetime.datetime.now()),
str(datetime.datetime.now() + datetime.timedelta(days=1)),
str(datetime.datetime.now() + datetime.timedelta(days=2))
],
'timeFormat':
'iso',
'timeScale':
'utc',
'instrumentID':
1,
'mag': [12.24, 12.52, 12.70],
'e_mag': [0.031, 0.029, 0.030],
'lim_mag':
14.1,
'filter':
'V'
},
headers={
'Authorization': f'token {auth_token}'
}).json()
print(response)
assert response['status'] == 'success'
def manage_sources_token(group_admin_user):
token_id = create_token(
permissions=["Manage sources"],
created_by_id=group_admin_user.id,
name=str(uuid.uuid4()),
)
return token_id
def manage_users_token(super_admin_user):
token_id = create_token(
ACLs=["Manage users"],
user_id=super_admin_user.id,
name=str(uuid.uuid4()),
)
return token_id
def manage_users_token(super_admin_user):
token_id = create_token(
permissions=["Manage users"],
created_by_id=super_admin_user.id,
name=str(uuid.uuid4()),
)
return token_id
def test_double_posting(user, public_candidate):
token_id = create_token(ACLs=["Upload data"],
user_id=user.id,
name=str(uuid.uuid4()))
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 200
# try posting the same listing again!
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 400
def taxonomy_token_two_groups(user_two_groups):
token_id = create_token(
ACLs=["Post taxonomy", "Delete taxonomy"],
user_id=user_two_groups.id,
name=str(uuid.uuid4()),
)
return token_id
def sedm_listener_token(sedm, group_admin_user):
token_id = create_token(
ACLs=[sedm.listener_class.get_acl_id()],
user_id=group_admin_user.id,
name=str(uuid.uuid4()),
)
return token_id
def source_notification_user_token(source_notification_user):
token_id = create_token(
ACLs=[],
user_id=source_notification_user.id,
name=str(uuid.uuid4()),
)
return token_id
def test_token_user_retrieving_source(driver, public_group, public_source):
auth_token = create_token(public_group.id, ['Manage sources'])
response = requests.get(f'{driver.server_url}/api/sources/{public_source.id}',
headers={'Authorization': f'token {auth_token}'}).json()
assert response['status'] == 'success'
assert all(k in response['data'] for k in ['ra', 'dec', 'red_shift',
'created_at', 'id'])
def analysis_token(user):
token_id = create_token(
ACLs=["Run Analyses"],
user_id=user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def analysis_service_token_two_groups(user_two_groups):
token_id = create_token(
ACLs=["Manage Analysis Services"],
user_id=user_two_groups.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def super_admin_token(super_admin_user):
role = Role.query.get('Super admin')
token_id = create_token(
permissions=[a.id for a in role.acls],
created_by_id=super_admin_user.id,
name=str(uuid.uuid4()),
)
return token_id
def manage_users_token(super_admin_user):
token_id = create_token(
ACLs=["Manage users"],
user_id=super_admin_user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def manage_users_token_group2(super_admin_user_group2):
token_id = create_token(
ACLs=["Manage users", "Upload data"],
user_id=super_admin_user_group2.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def manage_sources_token(group_admin_user):
token_id = create_token(
ACLs=["Manage sources"],
user_id=group_admin_user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def upload_data_token_no_groups_no_streams(user_no_groups_no_streams):
token_id = create_token(
ACLs=["Upload data"],
user_id=user_no_groups_no_streams.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def super_admin_token_two_groups(super_admin_user_two_groups):
role = Role.query.get("Super admin")
token_id = create_token(
ACLs=[a.id for a in role.acls],
user_id=super_admin_user_two_groups.id,
name=str(uuid.uuid4()),
)
return token_id
def source_notification_user_token(source_notification_user):
token_id = create_token(
ACLs=[],
user_id=source_notification_user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def taxonomy_token(user):
token_id = create_token(
ACLs=["Post taxonomy", "Delete taxonomy"],
user_id=user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def super_admin_token(super_admin_user):
role = Role.query.get("Super admin")
token_id = create_token(
ACLs=[a.id for a in role.acls],
user_id=super_admin_user.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def test_add_objects_to_list(user, public_candidate, public_candidate2):
token_id = create_token(
ACLs=["Upload data"], user_id=user.id, name=str(uuid.uuid4())
)
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 200
item1 = data["data"]["id"] # get the list item ID
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate2.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 200
item2 = data["data"]["id"] # get the list item ID
# get the list back, should include only two items
status, data = api('GET', f'listing/{user.id}?listName=favorites', token=token_id)
assert status == 200
new_list = data["data"]
items = [item["id"] for item in new_list]
assert set(items) == {item1, item2}
# try to post a listing to a non-existing object
fake_obj_id = str(uuid.uuid4())
status, data = api(
'POST',
'listing',
data={'user_id': user.id, 'obj_id': fake_obj_id, 'list_name': 'favorites'},
token=token_id,
)
assert status == 400
def super_admin_token_two_groups(super_admin_user_two_groups):
role = (DBSession().execute(
sa.select(models.Role).filter(
models.Role.id == "Super admin")).scalars().first())
token_id = create_token(
ACLs=[a.id for a in role.acls],
user_id=super_admin_user_two_groups.id,
name=str(uuid.uuid4()),
)
yield token_id
delete_token(token_id)
def test_delete_user_cascades_to_tokens(manage_users_token, user, public_group):
token_name = str(uuid.uuid4())
token_id = create_token(permissions=[], created_by_id=user.id,
name=token_name)
assert Token.query.get(token_id)
status, data = api('DELETE', f'user/{user.id}', token=manage_users_token)
assert status == 200
assert data['data']['user_id'] == user.id
status, data = api('GET', f'user/{user.id}', token=manage_users_token)
assert status == 400
assert not Token.query.get(token_id)
def test_delete_user_cascades_to_tokens(super_admin_token, user, public_group):
token_name = str(uuid.uuid4())
token_id = create_token(ACLs=[], user_id=user.id, name=token_name)
assert Token.query.get(token_id)
# end the transaction on the test-side
DBSession().commit()
status, data = api('DELETE', f'user/{user.id}', token=super_admin_token)
assert status == 200
status, data = api('GET', f'user/{user.id}', token=super_admin_token)
assert status == 400
assert not Token.query.get(token_id)
def test_add_remove_objects(user, public_candidate, public_candidate2):
token_id = create_token(ACLs=["Upload data"],
user_id=user.id,
name=str(uuid.uuid4()))
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 200
item1 = data["data"]["id"] # get the list item ID
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate2.id,
'list_name': 'favorites',
},
token=token_id,
)
assert status == 200
item2 = data["data"]["id"] # get the list item ID
status, data = api('DELETE', f'listing/{item1}', token=token_id)
assert status == 200
# get the list back, should include only one item
status, data = api('GET',
f'listing/{user.id}?listName=favorites',
token=token_id)
assert status == 200
new_list = data["data"]
items = [item["id"] for item in new_list]
assert set(items) == {item2}
def test_add_objects_to_different_lists(user, public_candidate,
public_candidate2):
token_id = create_token(ACLs=["Upload data"],
user_id=user.id,
name=str(uuid.uuid4()))
list1 = str(uuid.uuid4())
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate.id,
'list_name': list1
},
token=token_id,
)
assert status == 200
item1 = data["data"]["id"] # get the list item ID
list2 = str(uuid.uuid4())
status, data = api(
'POST',
'listing',
data={
'user_id': user.id,
'obj_id': public_candidate2.id,
'list_name': list2
},
token=token_id,
)
assert status == 200
# get the list back, should include only one item that matches list1
status, data = api('GET',
f'listing/{user.id}?listName={list1}',
token=token_id)
assert status == 200
new_list = data["data"]
items = [item["id"] for item in new_list]
assert set(items) == {item1}
def test_add_modify_user_adds_modifies_single_user_group(
manage_groups_token, super_admin_user_two_groups, manage_users_token
):
username = str(uuid.uuid4())
token_name = str(uuid.uuid4())
status, data = api(
"POST", "user", data={"username": username}, token=manage_users_token
)
assert status == 200
new_user_id = data["data"]["id"]
status, data = api(
"GET", "groups?includeSingleUserGroups=true", token=manage_groups_token
)
assert data["status"] == "success"
assert any(
[
group["single_user_group"] and group["name"] == username
for group in data["data"]["all_groups"]
]
)
token_id = create_token(ACLs=[], user_id=new_user_id, name=token_name)
new_username = str(uuid.uuid4())
status, data = api(
'PATCH', f'internal/profile', data={'username': new_username}, token=token_id
)
assert status == 200
status, data = api(
"GET", "groups?includeSingleUserGroups=true", token=manage_groups_token
)
assert data["status"] == "success"
assert any(
[
group["single_user_group"] and group["name"] == new_username
for group in data["data"]["all_groups"]
]
)
def test_manage_groups_token_get_unowned_group(
manage_groups_token, user, super_admin_user
):
group_name = str(uuid.uuid4())
status, data = api(
"POST",
"groups",
data={"name": group_name, "group_admins": [user.id]},
token=manage_groups_token,
)
assert status == 200
assert data["status"] == "success"
new_group_id = data["data"]["id"]
token_name = str(uuid.uuid4())
token_id = create_token(
ACLs=['Manage groups'], user_id=super_admin_user.id, name=token_name
)
status, data = api("GET", f"groups/{new_group_id}", token=token_id)
assert data["status"] == "success"
assert data["data"]["name"] == group_name
