def create_fake_project(creator, n_users, privacy, n_components, name, n_tags, presentation_name, is_registration):
auth = Auth(user=creator)
project_title = name if name else fake.science_sentence()
if not is_registration:
project = ProjectFactory(title=project_title, description=fake.science_paragraph(), creator=creator)
else:
project = RegistrationFactory(title=project_title, description=fake.science_paragraph(), creator=creator)
project.set_privacy(privacy)
for _ in range(n_users):
contrib = create_fake_user()
project.add_contributor(contrib, auth=auth)
if isinstance(n_components, int):
for _ in range(n_components):
NodeFactory(project=project, title=fake.science_sentence(), description=fake.science_paragraph(),
creator=creator)
elif isinstance(n_components, list):
render_generations_from_node_structure_list(project, creator, n_components)
for _ in range(n_tags):
project.add_tag(fake.science_word(), auth=auth)
if presentation_name is not None:
project.add_tag(presentation_name, auth=auth)
project.add_tag('poster', auth=auth)
project.save()
logger.info('Created project: {0}'.format(project.title))
return project
def test_oauth_callback_with_node(self, mock_get_token, mock_github_user):
mock_get_token.return_value = {
"access_token": "testing access token",
"token_type": "testing token type",
"scope": ["repo"]
}
user = mock.Mock()
user.id = "testing user id"
user.login = "******"
mock_github_user.return_value = user
project = ProjectFactory(creator=self.user)
project.add_addon('github', auth=Auth(user=self.user))
project.save()
url = api_url_for('github_oauth_callback', uid=self.user._id, nid=project._id)
res = self.app.get(url, {"code": "12345"}, auth=self.user.auth)
self.user_settings.reload()
node_settings = project.get_addon('github')
node_settings.reload()
assert_true(res.status_code, 302)
assert_not_in("/settings/addons/", res.location)
assert_in("/settings", res.location)
assert_true(self.user_settings.oauth_settings)
assert_equal(self.user_settings.oauth_access_token, "testing access token")
assert_equal(self.user_settings.oauth_token_type, "testing token type")
assert_equal(self.user_settings.github_user_name, "testing user")
assert_equal(self.user_settings.oauth_settings.github_user_id, "testing user id")
assert_equal(node_settings.user_settings, self.user_settings)
class TestCheckAuth(OsfTestCase):
def setUp(self):
super(TestCheckAuth, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
def test_has_permission(self):
res = views.check_access(self.node, self.user, 'upload')
assert_true(res)
def test_not_has_permission_read_public(self):
self.node.is_public = True
self.node.save()
res = views.check_access(self.node, None, 'download')
def test_not_has_permission_read_has_link(self):
link = new_private_link('red-special', self.user, [self.node], anonymous=False)
res = views.check_access(self.node, None, 'download', key=link.key)
def test_not_has_permission_logged_in(self):
user2 = AuthUserFactory()
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, user2, 'download')
assert_equal(exc_info.exception.code, 403)
def test_not_has_permission_not_logged_in(self):
with assert_raises(HTTPError) as exc_info:
views.check_access(self.node, None, 'download')
assert_equal(exc_info.exception.code, 401)
class TestMustBeContributorDecorator(AuthAppTestCase):
def setUp(self):
super(TestMustBeContributorDecorator, self).setUp()
self.contrib = AuthUserFactory()
self.project = ProjectFactory()
self.project.add_contributor(self.contrib, auth=Auth(self.project.creator))
self.project.save()
def test_must_be_contributor_when_user_is_contributor(self):
result = view_that_needs_contributor(
pid=self.project._primary_key,
api_key=self.contrib.auth[1],
api_node=self.project,
user=self.contrib)
assert_equal(result, self.project)
def test_must_be_contributor_when_user_is_not_contributor_raises_error(self):
non_contributor = AuthUserFactory()
with assert_raises(HTTPError):
view_that_needs_contributor(
pid=self.project._primary_key,
api_key=non_contributor.auth[1],
api_node=non_contributor.auth[1],
user=non_contributor
)
def test_must_be_contributor_no_user(self):
res = view_that_needs_contributor(
pid=self.project._primary_key,
user=None,
api_key='123',
api_node='abc',
)
assert_is_redirect(res)
redirect_url = res.headers['Location']
assert_equal(redirect_url, '/login/?next=/')
def test_must_be_contributor_parent_admin(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
res = view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(res, node)
def test_must_be_contributor_parent_write(self):
user = UserFactory()
node = NodeFactory(parent=self.project, creator=user)
self.project.set_permissions(self.project.creator, ['read', 'write'])
self.project.save()
with assert_raises(HTTPError) as exc_info:
view_that_needs_contributor(
pid=self.project._id,
nid=node._id,
user=self.project.creator,
)
assert_equal(exc_info.exception.code, 403)
class DraftRegistrationTestCase(ApiTestCase):
def setUp(self):
super(DraftRegistrationTestCase, self).setUp()
self.user = AuthUserFactory()
self.read_only_user = AuthUserFactory()
self.read_write_user = AuthUserFactory()
self.non_contributor = AuthUserFactory()
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_project.add_contributor(self.read_only_user, permissions=[permissions.READ])
self.public_project.add_contributor(self.read_write_user, permissions=[permissions.WRITE])
self.public_project.save()
def prereg_metadata(self, draft):
test_metadata = {}
json_schema = create_jsonschema_from_metaschema(draft.registration_schema.schema)
for key, value in json_schema["properties"].iteritems():
response = "Test response"
if value["properties"]["value"].get("enum"):
response = value["properties"]["value"]["enum"][0]
if value["properties"]["value"].get("properties"):
response = {"question": {"value": "Test Response"}}
test_metadata[key] = {"value": response}
return test_metadata
def test_migrate_project_contributed(self):
user1 = UserFactory()
fullname1 = 'hello world'
email1 = '*****@*****.**'
project1 = ProjectFactory(creator=user1)
user2 = project1.add_unregistered_contributor(
fullname=fullname1, email=email1, auth=Auth(user=user1)
)
project1.save()
assert project1.is_contributor(user2) is True
assert len(project1.contributors) is 2
migrate_project_contributed(user2)
assert project1.is_contributor(user2) is False
assert len(project1.contributors) is 1
user3 = UserFactory()
project2 = ProjectFactory(creator=user1)
project2.add_contributor(user3)
project2.save()
assert project2.is_contributor(user3) is True
assert len(project2.contributors) is 2
migrate_project_contributed(user3)
assert project2.is_contributor(user3) is False
assert len(project2.contributors) is 1
def test_do_migration(self):
user1 = UserFactory()
fullname1 = 'Presentation Service'
email1 = '*****@*****.**'
project1 = ProjectFactory(creator=user1)
user2 = project1.add_unregistered_contributor(
fullname=fullname1, email=email1, auth=Auth(user=user1)
)
project1.save()
user3 = UserFactory.build(username='******', fullname=fullname1)
user3.save()
project2 = ProjectFactory(creator=user1)
project2.add_contributor(user3)
project2.save()
assert project1.is_contributor(user2) is True
assert len(project1.contributors) is 2
assert project2.is_contributor(user3) is True
assert len(project2.contributors) is 2
user_list = get_targets()
do_migration(user_list)
assert project2.is_contributor(user3) is False
assert len(project2.contributors) is 1
assert project1.is_contributor(user2) is False
assert len(project1.contributors) is 1
assert user2.is_disabled is True
assert user3.is_disabled is True
class TestSearchExceptions(OsfTestCase):
"""
Verify that the correct exception is thrown when the connection is lost
"""
@classmethod
def setUpClass(cls):
super(TestSearchExceptions, cls).setUpClass()
if settings.SEARCH_ENGINE == "elastic":
cls._es = search.search_engine.es
search.search_engine.es = None
@classmethod
def tearDownClass(cls):
super(TestSearchExceptions, cls).tearDownClass()
if settings.SEARCH_ENGINE == "elastic":
search.search_engine.es = cls._es
def test_connection_error(self):
"""
Ensures that saving projects/users doesn't break as a result of connection errors
"""
self.user = UserFactory(usename="Doug Bogie")
self.project = ProjectFactory(title="Tom Sawyer", creator=self.user, is_public=True)
self.user.save()
self.project.save()
class TestSearchExceptions(OsfTestCase):
"""
Verify that the correct exception is thrown when the connection is lost
"""
@classmethod
def setUpClass(cls):
logging.getLogger('website.project.model').setLevel(logging.CRITICAL)
super(TestSearchExceptions, cls).setUpClass()
if settings.SEARCH_ENGINE == 'elastic':
cls._es = search.search_engine.es
search.search_engine.es = None
@classmethod
def tearDownClass(cls):
super(TestSearchExceptions, cls).tearDownClass()
if settings.SEARCH_ENGINE == 'elastic':
search.search_engine.es = cls._es
def test_connection_error(self):
# Ensures that saving projects/users doesn't break as a result of connection errors
self.user = UserFactory(usename='Doug Bogie')
self.project = ProjectFactory(
title="Tom Sawyer",
creator=self.user,
is_public=True,
)
self.user.save()
self.project.save()
def test_sees_projects_in_her_dashboard(self):
# the user already has a project
project = ProjectFactory(creator=self.user)
project.add_contributor(self.user)
project.save()
res = self.app.get('/myprojects/', auth=self.user.auth)
assert_in('Projects', res) # Projects heading
def test_get_children_only_returns_child_nodes_with_admin_permissions(self):
user = UserFactory()
admin_project = ProjectFactory()
admin_project.add_contributor(
user, auth=Auth(admin_project.creator), permissions=permissions.expand_permissions(permissions.ADMIN)
)
admin_project.save()
admin_component = NodeFactory(parent=admin_project)
admin_component.add_contributor(
user, auth=Auth(admin_component.creator), permissions=permissions.expand_permissions(permissions.ADMIN)
)
admin_component.save()
read_and_write = NodeFactory(parent=admin_project)
read_and_write.add_contributor(
user, auth=Auth(read_and_write.creator), permissions=permissions.expand_permissions(permissions.WRITE)
)
read_and_write.save()
read_only = NodeFactory(parent=admin_project)
read_only.add_contributor(
user, auth=Auth(read_only.creator), permissions=permissions.expand_permissions(permissions.READ)
)
read_only.save()
non_contributor = NodeFactory(parent=admin_project)
components = _get_children(admin_project, Auth(user))
assert_equal(len(components), 1)
def test_node_citation_view(self):
node = ProjectFactory()
user = AuthUserFactory()
node.add_contributor(user)
node.save()
response = self.app.get("/api/v1" + "/project/" + node._id + "/citation/", auto_follow=True, auth=user.auth)
assert_true(response.json)
class TestClaimingAsARegisteredUser(OsfTestCase):
def setUp(self):
super(TestClaimingAsARegisteredUser, self).setUp()
self.referrer = AuthUserFactory()
self.project = ProjectFactory(creator=self.referrer, is_public=True)
name, email = fake.name(), fake.email()
self.user = self.project.add_unregistered_contributor(fullname=name, email=email, auth=Auth(user=self.referrer))
self.project.save()
def test_claim_user_registered_with_correct_password(self):
reg_user = AuthUserFactory() # NOTE: AuthUserFactory sets password as 'password'
url = self.user.get_claim_url(self.project._primary_key)
# Follow to password re-enter page
res = self.app.get(url, auth=reg_user.auth).follow(auth=reg_user.auth)
# verify that the "Claim Account" form is returned
assert_in("Claim Contributor", res.body)
form = res.forms["claimContributorForm"]
form["password"] = "******"
res = form.submit(auth=reg_user.auth).follow(auth=reg_user.auth)
self.project.reload()
self.user.reload()
# user is now a contributor to the project
assert_in(reg_user._primary_key, self.project.contributors)
# the unregistered user (self.user) is removed as a contributor, and their
assert_not_in(self.user._primary_key, self.project.contributors)
# unclaimed record for the project has been deleted
assert_not_in(self.project._primary_key, self.user.unclaimed_records)
def test_read_permission_contributor_can_comment(self):
project = ProjectFactory()
user = UserFactory()
project.set_privacy('private')
project.add_contributor(user, permissions=[permissions.READ])
project.save()
assert_true(project.can_comment(Auth(user=user)))
def test_retract_public_non_registration_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
project.save()
with assert_raises(NodeStateError):
project.retract_registration(self.user, self.valid_justification)
project.reload()
assert_is_none(project.retraction)
def test_find_unread_does_not_include_deleted_comments(self):
project = ProjectFactory()
user = AuthUserFactory()
project.add_contributor(user)
project.save()
comment = CommentFactory(node=project, user=project.creator, is_deleted=True)
n_unread = Comment.find_n_unread(user=user, node=project)
assert_equal(n_unread, 0)
def create_fake_conference_nodes(n, endpoint):
nodes = []
for i in range(n):
node = ProjectFactory(is_public=True)
node.add_tag(endpoint, Auth(node.creator))
node.save()
nodes.append(node)
return nodes
def test_find_unread_new_comments(self):
project = ProjectFactory()
user = UserFactory()
project.add_contributor(user)
project.save()
comment = CommentFactory(node=project, user=project.creator)
n_unread = Comment.find_n_unread(user=user, node=project)
assert_equal(n_unread, 1)
def test_retract_public_non_registration_raises_NodeStateError(self):
project = ProjectFactory(is_public=True, creator=self.user)
project.save()
with assert_raises(NodeStateError):
project.retract_registration(self.user, self.valid_justification)
project.reload()
assert_is_none(project.retraction)
class TestNodeFileLogDetail(ApiTestCase):
def setUp(self):
super(TestNodeFileLogDetail, self).setUp()
self.user_one = AuthUserFactory()
self.user_two = AuthUserFactory()
self.node = ProjectFactory(creator=self.user_one)
self.node.add_contributor(self.user_two)
self.component = NodeFactory(parent=self.node, creator=self.user_one)
self.file = api_utils.create_test_file(node=self.component, user=self.user_one)
self.node.add_log(
'osf_storage_file_moved',
auth=Auth(self.user_one),
params={
'node': self.node._id,
'project': self.node.parent_id,
'path': self.file.materialized_path,
'source': {
'materialized': self.file.materialized_path,
'addon': 'osfstorage',
'node': {
'_id': self.component._id,
'url': self.component.url,
'title': self.component.title,
}
},
'destination': {
'materialized': self.file.materialized_path,
'addon': 'osfstorage',
'node': {
'_id': self.node._id,
'url': self.node.url,
'title': self.node.title,
}
}
},
)
self.node.save()
self.node_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.node._id)
self.component_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.component._id)
def test_title_not_hidden_from_contributor_in_file_move(self):
res = self.app.get(self.node_logs_url, auth=self.user_two.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['params']['destination']['node_title'], self.node.title)
def test_title_hidden_from_non_contributor_in_file_move(self):
res = self.app.get(self.node_logs_url, auth=self.user_two.auth)
assert_equal(res.status_code, 200)
assert_not_in(self.component.title, res.json['data'])
assert_equal(res.json['data'][0]['attributes']['params']['source']['node_title'], 'Private Component')
class TestRemoveContributor(AdminTestCase):
def setUp(self):
super(TestRemoveContributor, self).setUp()
self.user = AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.user_2 = AuthUserFactory()
self.node.add_contributor(self.user_2)
self.node.save()
self.view = NodeRemoveContributorView()
self.request = RequestFactory().post('/fake_path')
def test_get_object(self):
view = setup_log_view(self.view, self.request, node_id=self.node._id,
user_id=self.user._id)
node, user = view.get_object()
nt.assert_is_instance(node, Node)
nt.assert_is_instance(user, User)
@mock.patch('admin.nodes.views.Node.remove_contributor')
def test_remove_contributor(self, mock_remove_contributor):
user_id = self.user_2._id
node_id = self.node._id
view = setup_log_view(self.view, self.request, node_id=node_id,
user_id=user_id)
view.delete(self.request)
mock_remove_contributor.assert_called_with(self.user_2, None, log=False)
def test_integration_remove_contributor(self):
nt.assert_in(self.user_2, self.node.contributors)
view = setup_log_view(self.view, self.request, node_id=self.node._id,
user_id=self.user_2._id)
count = OSFLogEntry.objects.count()
view.delete(self.request)
nt.assert_not_in(self.user_2, self.node.contributors)
nt.assert_equal(OSFLogEntry.objects.count(), count + 1)
def test_do_not_remove_last_admin(self):
nt.assert_equal(
len(list(self.node.get_admin_contributors(self.node.contributors))),
1
)
view = setup_log_view(self.view, self.request, node_id=self.node._id,
user_id=self.user._id)
count = OSFLogEntry.objects.count()
view.delete(self.request)
self.node.reload() # Reloads instance to show that nothing was removed
nt.assert_equal(len(list(self.node.contributors)), 2)
nt.assert_equal(
len(list(self.node.get_admin_contributors(self.node.contributors))),
1
)
nt.assert_equal(OSFLogEntry.objects.count(), count)
def test_no_log(self):
view = setup_log_view(self.view, self.request, node_id=self.node._id,
user_id=self.user_2._id)
view.delete(self.request)
nt.assert_not_equal(self.node.logs[-1].action, NodeLog.CONTRIB_REMOVED)
def test_get_recently_added_contributors_with_limit(self):
project = ProjectFactory(creator=self.user)
for _ in range(5):
project.add_contributor(AuthUserFactory(), auth=self.auth)
project.save()
url = self.project.api_url_for('get_recently_added_contributors', max=4)
res = self.app.get(url, auth=self.user.auth)
project.reload()
assert_equal(len(res.json['contributors']), 4)
def test_find_unread_includes_comment_replies(self):
project = ProjectFactory()
user = UserFactory()
project.add_contributor(user)
project.save()
comment = CommentFactory(node=project, user=user)
reply = CommentFactory(node=project, target=comment, user=project.creator)
n_unread = Comment.find_n_unread(user=user, node=project)
assert_equal(n_unread, 1)
class TestValidProject(OsfTestCase):
def setUp(self):
super(TestValidProject, self).setUp()
self.project = ProjectFactory()
self.node = NodeFactory(project=self.project)
self.retraction = RetractionFactory()
self.auth = Auth(user=self.project.creator)
def test_populates_kwargs_node(self):
res = valid_project_helper(pid=self.project._id)
assert_equal(res['node'], self.project)
assert_is_none(res['parent'])
def test_populates_kwargs_node_and_parent(self):
res = valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(res['parent'], self.project)
assert_equal(res['node'], self.node)
def test_project_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid='fakepid')
assert_equal(exc_info.exception.code, 404)
def test_project_deleted(self):
self.project.is_deleted = True
self.project.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id)
assert_equal(exc_info.exception.code, 410)
def test_node_not_found(self):
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid='fakenid')
assert_equal(exc_info.exception.code, 404)
def test_node_deleted(self):
self.node.is_deleted = True
self.node.save()
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=self.project._id, nid=self.node._id)
assert_equal(exc_info.exception.code, 410)
def test_valid_project_as_factory_allow_retractions_is_retracted(self):
self.project.is_registration = True
self.project.retraction = self.retraction
self.retraction.state = Sanction.UNAPPROVED
self.retraction.save()
res = as_factory_allow_retractions(pid=self.project._id)
assert_equal(res['node'], self.project)
def test_collection_guid_not_found(self):
collection = CollectionFactory()
collection.add_pointer(self.project, self.auth)
with assert_raises(HTTPError) as exc_info:
valid_project_helper(pid=collection._id, nid=collection._id)
assert_equal(exc_info.exception.code, 404)
def test_private_node_with_public_comment_level_non_contributor_cannot_comment(self):
""" Test non-contributors cannot comment on a private project
with comment_level == 'public' """
project = ProjectFactory(is_public=False, creator=self.user)
project.comment_level = "public"
project.save()
url = "/{}nodes/{}/comments/".format(API_BASE, project._id)
res = self.app.post_json_api(url, self.payload, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
def test_import_auth_invalid_account(self):
ea = self.ExternalAccountFactory()
node = ProjectFactory(creator=self.user)
node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth)
node.save()
url = node.api_url_for("{0}_import_auth".format(self.ADDON_SHORT_NAME))
res = self.app.put_json(url, {"external_account_id": ea._id}, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
class TestNodeRegistrationList(ApiTestCase):
def setUp(self):
super(TestNodeRegistrationList, self).setUp()
self.user = AuthUserFactory()
self.project = ProjectFactory(is_public=False, creator=self.user)
self.registration_project = RegistrationFactory(creator=self.user, project=self.project, is_public=True)
self.project.save()
self.private_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.project._id)
self.public_project = ProjectFactory(is_public=True, creator=self.user)
self.public_registration_project = RegistrationFactory(creator=self.user, project=self.public_project, is_public=True)
self.public_project.save()
self.public_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.public_project._id)
self.user_two = AuthUserFactory()
def test_return_public_registrations_logged_out(self):
res = self.app.get(self.public_url)
assert_equal(res.status_code, 200)
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['attributes']['registration'], True)
url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id))
assert_equal(res.json['data'][0]['type'], 'registrations')
def test_return_public_registrations_logged_in(self):
res = self.app.get(self.public_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['registration'], True)
url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['type'], 'registrations')
def test_return_private_registrations_logged_out(self):
res = self.app.get(self.private_url, expect_errors=True)
assert_equal(res.status_code, 401)
assert 'detail' in res.json['errors'][0]
def test_return_private_registrations_logged_in_contributor(self):
res = self.app.get(self.private_url, auth=self.user.auth)
assert_equal(res.status_code, 200)
assert_equal(res.json['data'][0]['attributes']['registration'], True)
url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.project._id))
assert_equal(res.content_type, 'application/vnd.api+json')
assert_equal(res.json['data'][0]['type'], 'registrations')
def test_cannot_access_retracted_registrations_list(self):
registration = RegistrationFactory(creator=self.user, project=self.public_project)
retraction = RetractedRegistrationFactory(registration=registration, user=registration.creator)
registration.save()
url = '/{}nodes/{}/registrations/'.format(API_BASE, registration._id)
res = self.app.get(url, auth=self.user.auth, expect_errors=True)
assert_equal(res.status_code, 404)
class TestOsfStorageCheckout(StorageTestCase):
def setUp(self):
super(TestOsfStorageCheckout, self).setUp()
self.user = factories.AuthUserFactory()
self.node = ProjectFactory(creator=self.user)
self.osfstorage = self.node.get_addon('osfstorage')
self.root_node = self.osfstorage.get_root()
self.file = self.root_node.append_file('3005')
def test_delete_checked_out_file(self):
self.file.checkout = self.user
self.file.save()
with assert_raises(FileNodeCheckedOutError):
self.file.delete()
def test_delete_folder_with_checked_out_file(self):
folder = self.root_node.append_folder('folder')
self.file.move_under(folder)
self.file.checkout = self.user
self.file.save()
with assert_raises(FileNodeCheckedOutError):
folder.delete()
def test_move_checked_out_file(self):
self.file.checkout = self.user
self.file.save()
folder = self.root_node.append_folder('folder')
with assert_raises(FileNodeCheckedOutError):
self.file.move_under(folder)
def test_checked_out_merge(self):
user = factories.AuthUserFactory()
node = ProjectFactory(creator=user)
osfstorage = node.get_addon('osfstorage')
root_node = osfstorage.get_root()
file = root_node.append_file('test_file')
user_merge_target = factories.AuthUserFactory()
file.checkout = user
file.save()
user_merge_target.merge_user(user)
file.reload()
assert_equal(user_merge_target, file.checkout)
def test_remove_contributor_with_checked_file(self):
user = factories.AuthUserFactory()
self.node.contributors.append(user)
self.node.add_permission(user, 'admin')
self.node.visible_contributor_ids.append(user._id)
self.node.save()
self.file.checkout = self.user
self.file.save()
self.file.node.remove_contributors([self.user], save=True)
self.file.reload()
assert_equal(self.file.checkout, None)
class TestCommentViews(OsfTestCase):
def setUp(self):
super(TestCommentViews, self).setUp()
self.project = ProjectFactory(is_public=True)
self.user = AuthUserFactory()
self.project.add_contributor(self.user)
self.project.save()
self.user.save()
def test_view_project_comments_updates_user_comments_view_timestamp(self):
url = self.project.api_url_for('update_comments_timestamp')
res = self.app.put_json(url, {
'page': 'node',
'rootId': self.project._id
}, auth=self.user.auth)
self.user.reload()
user_timestamp = self.user.comments_viewed_timestamp[self.project._id]['node']
view_timestamp = dt.datetime.utcnow()
assert_datetime_equal(user_timestamp, view_timestamp)
def test_confirm_non_contrib_viewers_dont_have_pid_in_comments_view_timestamp(self):
non_contributor = AuthUserFactory()
url = self.project.api_url_for('update_comments_timestamp')
res = self.app.put_json(url, {
'page': 'node',
'rootId': self.project._id
}, auth=self.user.auth)
non_contributor.reload()
assert_not_in(self.project._id, non_contributor.comments_viewed_timestamp)
def test_view_comments_updates_user_comments_view_timestamp_files(self):
osfstorage = self.project.get_addon('osfstorage')
root_node = osfstorage.get_root()
test_file = root_node.append_file('test_file')
test_file.create_version(self.user, {
'object': '06d80e',
'service': 'cloud',
osfstorage_settings.WATERBUTLER_RESOURCE: 'osf',
}, {
'size': 1337,
'contentType': 'img/png'
}).save()
url = self.project.api_url_for('update_comments_timestamp')
res = self.app.put_json(url, {
'page': 'files',
'rootId': test_file._id
}, auth=self.user.auth)
self.user.reload()
user_timestamp = self.user.comments_viewed_timestamp[self.project._id]['files'][test_file._id]
view_timestamp = dt.datetime.utcnow()
assert_datetime_equal(user_timestamp, view_timestamp)
def test_public_node_non_contributor_commenter_cannot_update_own_comment_if_comment_level_private(self):
project = ProjectFactory(is_public=True, comment_level='public')
comment = CommentFactory(node=project, user=self.non_contributor)
project.comment_level = 'private'
project.save()
url = '/{}comments/{}/'.format(API_BASE, comment._id)
payload = self._set_up_payload(comment._id)
res = self.app.put_json_api(url, payload, auth=self.non_contributor.auth, expect_errors=True)
assert_equal(res.status_code, 403)
assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_get_targets(self):
project1 = ProjectFactory()
for log in project1.logs:
log.should_hide = True
log.save()
project1.save()
targets = get_targets()
assert targets is not None
assert len(targets) is 1
def test_import_auth_cant_write_node(self):
ea = self.ExternalAccountFactory()
user = AuthUserFactory()
user.add_addon(self.ADDON_SHORT_NAME, auth=Auth(user))
user.external_accounts.append(ea)
user.save()
node = ProjectFactory(creator=self.user)
node.add_contributor(user, permissions=[permissions.READ], auth=self.auth, save=True)
node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth)
node.save()
url = node.api_url_for('{0}_import_auth'.format(self.ADDON_SHORT_NAME))
res = self.app.put_json(url, {
'external_account_id': ea._id
}, auth=user.auth, expect_errors=True)
assert_equal(res.status_code, http.FORBIDDEN)
