def create_fake_project(creator, n_users, privacy, n_components, name, n_tags, presentation_name, is_registration): auth = Auth(user=creator) project_title = name if name else fake.science_sentence() if not is_registration: project = ProjectFactory(title=project_title, description=fake.science_paragraph(), creator=creator) else: project = RegistrationFactory(title=project_title, description=fake.science_paragraph(), creator=creator) project.set_privacy(privacy) for _ in range(n_users): contrib = create_fake_user() project.add_contributor(contrib, auth=auth) if isinstance(n_components, int): for _ in range(n_components): NodeFactory(project=project, title=fake.science_sentence(), description=fake.science_paragraph(), creator=creator) elif isinstance(n_components, list): render_generations_from_node_structure_list(project, creator, n_components) for _ in range(n_tags): project.add_tag(fake.science_word(), auth=auth) if presentation_name is not None: project.add_tag(presentation_name, auth=auth) project.add_tag('poster', auth=auth) project.save() logger.info('Created project: {0}'.format(project.title)) return project
def test_oauth_callback_with_node(self, mock_get_token, mock_github_user): mock_get_token.return_value = { "access_token": "testing access token", "token_type": "testing token type", "scope": ["repo"] } user = mock.Mock() user.id = "testing user id" user.login = "******" mock_github_user.return_value = user project = ProjectFactory(creator=self.user) project.add_addon('github', auth=Auth(user=self.user)) project.save() url = api_url_for('github_oauth_callback', uid=self.user._id, nid=project._id) res = self.app.get(url, {"code": "12345"}, auth=self.user.auth) self.user_settings.reload() node_settings = project.get_addon('github') node_settings.reload() assert_true(res.status_code, 302) assert_not_in("/settings/addons/", res.location) assert_in("/settings", res.location) assert_true(self.user_settings.oauth_settings) assert_equal(self.user_settings.oauth_access_token, "testing access token") assert_equal(self.user_settings.oauth_token_type, "testing token type") assert_equal(self.user_settings.github_user_name, "testing user") assert_equal(self.user_settings.oauth_settings.github_user_id, "testing user id") assert_equal(node_settings.user_settings, self.user_settings)
class TestCheckAuth(OsfTestCase): def setUp(self): super(TestCheckAuth, self).setUp() self.user = AuthUserFactory() self.node = ProjectFactory(creator=self.user) def test_has_permission(self): res = views.check_access(self.node, self.user, 'upload') assert_true(res) def test_not_has_permission_read_public(self): self.node.is_public = True self.node.save() res = views.check_access(self.node, None, 'download') def test_not_has_permission_read_has_link(self): link = new_private_link('red-special', self.user, [self.node], anonymous=False) res = views.check_access(self.node, None, 'download', key=link.key) def test_not_has_permission_logged_in(self): user2 = AuthUserFactory() with assert_raises(HTTPError) as exc_info: views.check_access(self.node, user2, 'download') assert_equal(exc_info.exception.code, 403) def test_not_has_permission_not_logged_in(self): with assert_raises(HTTPError) as exc_info: views.check_access(self.node, None, 'download') assert_equal(exc_info.exception.code, 401)
class TestMustBeContributorDecorator(AuthAppTestCase): def setUp(self): super(TestMustBeContributorDecorator, self).setUp() self.contrib = AuthUserFactory() self.project = ProjectFactory() self.project.add_contributor(self.contrib, auth=Auth(self.project.creator)) self.project.save() def test_must_be_contributor_when_user_is_contributor(self): result = view_that_needs_contributor( pid=self.project._primary_key, api_key=self.contrib.auth[1], api_node=self.project, user=self.contrib) assert_equal(result, self.project) def test_must_be_contributor_when_user_is_not_contributor_raises_error(self): non_contributor = AuthUserFactory() with assert_raises(HTTPError): view_that_needs_contributor( pid=self.project._primary_key, api_key=non_contributor.auth[1], api_node=non_contributor.auth[1], user=non_contributor ) def test_must_be_contributor_no_user(self): res = view_that_needs_contributor( pid=self.project._primary_key, user=None, api_key='123', api_node='abc', ) assert_is_redirect(res) redirect_url = res.headers['Location'] assert_equal(redirect_url, '/login/?next=/') def test_must_be_contributor_parent_admin(self): user = UserFactory() node = NodeFactory(parent=self.project, creator=user) res = view_that_needs_contributor( pid=self.project._id, nid=node._id, user=self.project.creator, ) assert_equal(res, node) def test_must_be_contributor_parent_write(self): user = UserFactory() node = NodeFactory(parent=self.project, creator=user) self.project.set_permissions(self.project.creator, ['read', 'write']) self.project.save() with assert_raises(HTTPError) as exc_info: view_that_needs_contributor( pid=self.project._id, nid=node._id, user=self.project.creator, ) assert_equal(exc_info.exception.code, 403)
class DraftRegistrationTestCase(ApiTestCase): def setUp(self): super(DraftRegistrationTestCase, self).setUp() self.user = AuthUserFactory() self.read_only_user = AuthUserFactory() self.read_write_user = AuthUserFactory() self.non_contributor = AuthUserFactory() self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_project.add_contributor(self.read_only_user, permissions=[permissions.READ]) self.public_project.add_contributor(self.read_write_user, permissions=[permissions.WRITE]) self.public_project.save() def prereg_metadata(self, draft): test_metadata = {} json_schema = create_jsonschema_from_metaschema(draft.registration_schema.schema) for key, value in json_schema["properties"].iteritems(): response = "Test response" if value["properties"]["value"].get("enum"): response = value["properties"]["value"]["enum"][0] if value["properties"]["value"].get("properties"): response = {"question": {"value": "Test Response"}} test_metadata[key] = {"value": response} return test_metadata
def test_migrate_project_contributed(self): user1 = UserFactory() fullname1 = 'hello world' email1 = '*****@*****.**' project1 = ProjectFactory(creator=user1) user2 = project1.add_unregistered_contributor( fullname=fullname1, email=email1, auth=Auth(user=user1) ) project1.save() assert project1.is_contributor(user2) is True assert len(project1.contributors) is 2 migrate_project_contributed(user2) assert project1.is_contributor(user2) is False assert len(project1.contributors) is 1 user3 = UserFactory() project2 = ProjectFactory(creator=user1) project2.add_contributor(user3) project2.save() assert project2.is_contributor(user3) is True assert len(project2.contributors) is 2 migrate_project_contributed(user3) assert project2.is_contributor(user3) is False assert len(project2.contributors) is 1
def test_do_migration(self): user1 = UserFactory() fullname1 = 'Presentation Service' email1 = '*****@*****.**' project1 = ProjectFactory(creator=user1) user2 = project1.add_unregistered_contributor( fullname=fullname1, email=email1, auth=Auth(user=user1) ) project1.save() user3 = UserFactory.build(username='******', fullname=fullname1) user3.save() project2 = ProjectFactory(creator=user1) project2.add_contributor(user3) project2.save() assert project1.is_contributor(user2) is True assert len(project1.contributors) is 2 assert project2.is_contributor(user3) is True assert len(project2.contributors) is 2 user_list = get_targets() do_migration(user_list) assert project2.is_contributor(user3) is False assert len(project2.contributors) is 1 assert project1.is_contributor(user2) is False assert len(project1.contributors) is 1 assert user2.is_disabled is True assert user3.is_disabled is True
class TestSearchExceptions(OsfTestCase): """ Verify that the correct exception is thrown when the connection is lost """ @classmethod def setUpClass(cls): super(TestSearchExceptions, cls).setUpClass() if settings.SEARCH_ENGINE == "elastic": cls._es = search.search_engine.es search.search_engine.es = None @classmethod def tearDownClass(cls): super(TestSearchExceptions, cls).tearDownClass() if settings.SEARCH_ENGINE == "elastic": search.search_engine.es = cls._es def test_connection_error(self): """ Ensures that saving projects/users doesn't break as a result of connection errors """ self.user = UserFactory(usename="Doug Bogie") self.project = ProjectFactory(title="Tom Sawyer", creator=self.user, is_public=True) self.user.save() self.project.save()
class TestSearchExceptions(OsfTestCase): """ Verify that the correct exception is thrown when the connection is lost """ @classmethod def setUpClass(cls): logging.getLogger('website.project.model').setLevel(logging.CRITICAL) super(TestSearchExceptions, cls).setUpClass() if settings.SEARCH_ENGINE == 'elastic': cls._es = search.search_engine.es search.search_engine.es = None @classmethod def tearDownClass(cls): super(TestSearchExceptions, cls).tearDownClass() if settings.SEARCH_ENGINE == 'elastic': search.search_engine.es = cls._es def test_connection_error(self): # Ensures that saving projects/users doesn't break as a result of connection errors self.user = UserFactory(usename='Doug Bogie') self.project = ProjectFactory( title="Tom Sawyer", creator=self.user, is_public=True, ) self.user.save() self.project.save()
def test_sees_projects_in_her_dashboard(self): # the user already has a project project = ProjectFactory(creator=self.user) project.add_contributor(self.user) project.save() res = self.app.get('/myprojects/', auth=self.user.auth) assert_in('Projects', res) # Projects heading
def test_get_children_only_returns_child_nodes_with_admin_permissions(self): user = UserFactory() admin_project = ProjectFactory() admin_project.add_contributor( user, auth=Auth(admin_project.creator), permissions=permissions.expand_permissions(permissions.ADMIN) ) admin_project.save() admin_component = NodeFactory(parent=admin_project) admin_component.add_contributor( user, auth=Auth(admin_component.creator), permissions=permissions.expand_permissions(permissions.ADMIN) ) admin_component.save() read_and_write = NodeFactory(parent=admin_project) read_and_write.add_contributor( user, auth=Auth(read_and_write.creator), permissions=permissions.expand_permissions(permissions.WRITE) ) read_and_write.save() read_only = NodeFactory(parent=admin_project) read_only.add_contributor( user, auth=Auth(read_only.creator), permissions=permissions.expand_permissions(permissions.READ) ) read_only.save() non_contributor = NodeFactory(parent=admin_project) components = _get_children(admin_project, Auth(user)) assert_equal(len(components), 1)
def test_node_citation_view(self): node = ProjectFactory() user = AuthUserFactory() node.add_contributor(user) node.save() response = self.app.get("/api/v1" + "/project/" + node._id + "/citation/", auto_follow=True, auth=user.auth) assert_true(response.json)
class TestClaimingAsARegisteredUser(OsfTestCase): def setUp(self): super(TestClaimingAsARegisteredUser, self).setUp() self.referrer = AuthUserFactory() self.project = ProjectFactory(creator=self.referrer, is_public=True) name, email = fake.name(), fake.email() self.user = self.project.add_unregistered_contributor(fullname=name, email=email, auth=Auth(user=self.referrer)) self.project.save() def test_claim_user_registered_with_correct_password(self): reg_user = AuthUserFactory() # NOTE: AuthUserFactory sets password as 'password' url = self.user.get_claim_url(self.project._primary_key) # Follow to password re-enter page res = self.app.get(url, auth=reg_user.auth).follow(auth=reg_user.auth) # verify that the "Claim Account" form is returned assert_in("Claim Contributor", res.body) form = res.forms["claimContributorForm"] form["password"] = "******" res = form.submit(auth=reg_user.auth).follow(auth=reg_user.auth) self.project.reload() self.user.reload() # user is now a contributor to the project assert_in(reg_user._primary_key, self.project.contributors) # the unregistered user (self.user) is removed as a contributor, and their assert_not_in(self.user._primary_key, self.project.contributors) # unclaimed record for the project has been deleted assert_not_in(self.project._primary_key, self.user.unclaimed_records)
def test_read_permission_contributor_can_comment(self): project = ProjectFactory() user = UserFactory() project.set_privacy('private') project.add_contributor(user, permissions=[permissions.READ]) project.save() assert_true(project.can_comment(Auth(user=user)))
def test_retract_public_non_registration_raises_NodeStateError(self): project = ProjectFactory(is_public=True, creator=self.user) project.save() with assert_raises(NodeStateError): project.retract_registration(self.user, self.valid_justification) project.reload() assert_is_none(project.retraction)
def test_find_unread_does_not_include_deleted_comments(self): project = ProjectFactory() user = AuthUserFactory() project.add_contributor(user) project.save() comment = CommentFactory(node=project, user=project.creator, is_deleted=True) n_unread = Comment.find_n_unread(user=user, node=project) assert_equal(n_unread, 0)
def create_fake_conference_nodes(n, endpoint): nodes = [] for i in range(n): node = ProjectFactory(is_public=True) node.add_tag(endpoint, Auth(node.creator)) node.save() nodes.append(node) return nodes
def test_find_unread_new_comments(self): project = ProjectFactory() user = UserFactory() project.add_contributor(user) project.save() comment = CommentFactory(node=project, user=project.creator) n_unread = Comment.find_n_unread(user=user, node=project) assert_equal(n_unread, 1)
def test_retract_public_non_registration_raises_NodeStateError(self): project = ProjectFactory(is_public=True, creator=self.user) project.save() with assert_raises(NodeStateError): project.retract_registration(self.user, self.valid_justification) project.reload() assert_is_none(project.retraction)
class TestNodeFileLogDetail(ApiTestCase): def setUp(self): super(TestNodeFileLogDetail, self).setUp() self.user_one = AuthUserFactory() self.user_two = AuthUserFactory() self.node = ProjectFactory(creator=self.user_one) self.node.add_contributor(self.user_two) self.component = NodeFactory(parent=self.node, creator=self.user_one) self.file = api_utils.create_test_file(node=self.component, user=self.user_one) self.node.add_log( 'osf_storage_file_moved', auth=Auth(self.user_one), params={ 'node': self.node._id, 'project': self.node.parent_id, 'path': self.file.materialized_path, 'source': { 'materialized': self.file.materialized_path, 'addon': 'osfstorage', 'node': { '_id': self.component._id, 'url': self.component.url, 'title': self.component.title, } }, 'destination': { 'materialized': self.file.materialized_path, 'addon': 'osfstorage', 'node': { '_id': self.node._id, 'url': self.node.url, 'title': self.node.title, } } }, ) self.node.save() self.node_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.node._id) self.component_logs_url = '/{}nodes/{}/logs/'.format(API_BASE, self.component._id) def test_title_not_hidden_from_contributor_in_file_move(self): res = self.app.get(self.node_logs_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_equal(res.json['data'][0]['attributes']['params']['destination']['node_title'], self.node.title) def test_title_hidden_from_non_contributor_in_file_move(self): res = self.app.get(self.node_logs_url, auth=self.user_two.auth) assert_equal(res.status_code, 200) assert_not_in(self.component.title, res.json['data']) assert_equal(res.json['data'][0]['attributes']['params']['source']['node_title'], 'Private Component')
class TestRemoveContributor(AdminTestCase): def setUp(self): super(TestRemoveContributor, self).setUp() self.user = AuthUserFactory() self.node = ProjectFactory(creator=self.user) self.user_2 = AuthUserFactory() self.node.add_contributor(self.user_2) self.node.save() self.view = NodeRemoveContributorView() self.request = RequestFactory().post('/fake_path') def test_get_object(self): view = setup_log_view(self.view, self.request, node_id=self.node._id, user_id=self.user._id) node, user = view.get_object() nt.assert_is_instance(node, Node) nt.assert_is_instance(user, User) @mock.patch('admin.nodes.views.Node.remove_contributor') def test_remove_contributor(self, mock_remove_contributor): user_id = self.user_2._id node_id = self.node._id view = setup_log_view(self.view, self.request, node_id=node_id, user_id=user_id) view.delete(self.request) mock_remove_contributor.assert_called_with(self.user_2, None, log=False) def test_integration_remove_contributor(self): nt.assert_in(self.user_2, self.node.contributors) view = setup_log_view(self.view, self.request, node_id=self.node._id, user_id=self.user_2._id) count = OSFLogEntry.objects.count() view.delete(self.request) nt.assert_not_in(self.user_2, self.node.contributors) nt.assert_equal(OSFLogEntry.objects.count(), count + 1) def test_do_not_remove_last_admin(self): nt.assert_equal( len(list(self.node.get_admin_contributors(self.node.contributors))), 1 ) view = setup_log_view(self.view, self.request, node_id=self.node._id, user_id=self.user._id) count = OSFLogEntry.objects.count() view.delete(self.request) self.node.reload() # Reloads instance to show that nothing was removed nt.assert_equal(len(list(self.node.contributors)), 2) nt.assert_equal( len(list(self.node.get_admin_contributors(self.node.contributors))), 1 ) nt.assert_equal(OSFLogEntry.objects.count(), count) def test_no_log(self): view = setup_log_view(self.view, self.request, node_id=self.node._id, user_id=self.user_2._id) view.delete(self.request) nt.assert_not_equal(self.node.logs[-1].action, NodeLog.CONTRIB_REMOVED)
def test_get_recently_added_contributors_with_limit(self): project = ProjectFactory(creator=self.user) for _ in range(5): project.add_contributor(AuthUserFactory(), auth=self.auth) project.save() url = self.project.api_url_for('get_recently_added_contributors', max=4) res = self.app.get(url, auth=self.user.auth) project.reload() assert_equal(len(res.json['contributors']), 4)
def test_find_unread_includes_comment_replies(self): project = ProjectFactory() user = UserFactory() project.add_contributor(user) project.save() comment = CommentFactory(node=project, user=user) reply = CommentFactory(node=project, target=comment, user=project.creator) n_unread = Comment.find_n_unread(user=user, node=project) assert_equal(n_unread, 1)
class TestValidProject(OsfTestCase): def setUp(self): super(TestValidProject, self).setUp() self.project = ProjectFactory() self.node = NodeFactory(project=self.project) self.retraction = RetractionFactory() self.auth = Auth(user=self.project.creator) def test_populates_kwargs_node(self): res = valid_project_helper(pid=self.project._id) assert_equal(res['node'], self.project) assert_is_none(res['parent']) def test_populates_kwargs_node_and_parent(self): res = valid_project_helper(pid=self.project._id, nid=self.node._id) assert_equal(res['parent'], self.project) assert_equal(res['node'], self.node) def test_project_not_found(self): with assert_raises(HTTPError) as exc_info: valid_project_helper(pid='fakepid') assert_equal(exc_info.exception.code, 404) def test_project_deleted(self): self.project.is_deleted = True self.project.save() with assert_raises(HTTPError) as exc_info: valid_project_helper(pid=self.project._id) assert_equal(exc_info.exception.code, 410) def test_node_not_found(self): with assert_raises(HTTPError) as exc_info: valid_project_helper(pid=self.project._id, nid='fakenid') assert_equal(exc_info.exception.code, 404) def test_node_deleted(self): self.node.is_deleted = True self.node.save() with assert_raises(HTTPError) as exc_info: valid_project_helper(pid=self.project._id, nid=self.node._id) assert_equal(exc_info.exception.code, 410) def test_valid_project_as_factory_allow_retractions_is_retracted(self): self.project.is_registration = True self.project.retraction = self.retraction self.retraction.state = Sanction.UNAPPROVED self.retraction.save() res = as_factory_allow_retractions(pid=self.project._id) assert_equal(res['node'], self.project) def test_collection_guid_not_found(self): collection = CollectionFactory() collection.add_pointer(self.project, self.auth) with assert_raises(HTTPError) as exc_info: valid_project_helper(pid=collection._id, nid=collection._id) assert_equal(exc_info.exception.code, 404)
def test_private_node_with_public_comment_level_non_contributor_cannot_comment(self): """ Test non-contributors cannot comment on a private project with comment_level == 'public' """ project = ProjectFactory(is_public=False, creator=self.user) project.comment_level = "public" project.save() url = "/{}nodes/{}/comments/".format(API_BASE, project._id) res = self.app.post_json_api(url, self.payload, auth=self.non_contributor.auth, expect_errors=True) assert_equal(res.status_code, 403)
def test_import_auth_invalid_account(self): ea = self.ExternalAccountFactory() node = ProjectFactory(creator=self.user) node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth) node.save() url = node.api_url_for("{0}_import_auth".format(self.ADDON_SHORT_NAME)) res = self.app.put_json(url, {"external_account_id": ea._id}, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, http.FORBIDDEN)
class TestNodeRegistrationList(ApiTestCase): def setUp(self): super(TestNodeRegistrationList, self).setUp() self.user = AuthUserFactory() self.project = ProjectFactory(is_public=False, creator=self.user) self.registration_project = RegistrationFactory(creator=self.user, project=self.project, is_public=True) self.project.save() self.private_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.project._id) self.public_project = ProjectFactory(is_public=True, creator=self.user) self.public_registration_project = RegistrationFactory(creator=self.user, project=self.public_project, is_public=True) self.public_project.save() self.public_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.public_project._id) self.user_two = AuthUserFactory() def test_return_public_registrations_logged_out(self): res = self.app.get(self.public_url) assert_equal(res.status_code, 200) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(res.json['data'][0]['attributes']['registration'], True) url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href'] assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id)) assert_equal(res.json['data'][0]['type'], 'registrations') def test_return_public_registrations_logged_in(self): res = self.app.get(self.public_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(res.json['data'][0]['attributes']['registration'], True) url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href'] assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id)) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(res.json['data'][0]['type'], 'registrations') def test_return_private_registrations_logged_out(self): res = self.app.get(self.private_url, expect_errors=True) assert_equal(res.status_code, 401) assert 'detail' in res.json['errors'][0] def test_return_private_registrations_logged_in_contributor(self): res = self.app.get(self.private_url, auth=self.user.auth) assert_equal(res.status_code, 200) assert_equal(res.json['data'][0]['attributes']['registration'], True) url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href'] assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.project._id)) assert_equal(res.content_type, 'application/vnd.api+json') assert_equal(res.json['data'][0]['type'], 'registrations') def test_cannot_access_retracted_registrations_list(self): registration = RegistrationFactory(creator=self.user, project=self.public_project) retraction = RetractedRegistrationFactory(registration=registration, user=registration.creator) registration.save() url = '/{}nodes/{}/registrations/'.format(API_BASE, registration._id) res = self.app.get(url, auth=self.user.auth, expect_errors=True) assert_equal(res.status_code, 404)
class TestOsfStorageCheckout(StorageTestCase): def setUp(self): super(TestOsfStorageCheckout, self).setUp() self.user = factories.AuthUserFactory() self.node = ProjectFactory(creator=self.user) self.osfstorage = self.node.get_addon('osfstorage') self.root_node = self.osfstorage.get_root() self.file = self.root_node.append_file('3005') def test_delete_checked_out_file(self): self.file.checkout = self.user self.file.save() with assert_raises(FileNodeCheckedOutError): self.file.delete() def test_delete_folder_with_checked_out_file(self): folder = self.root_node.append_folder('folder') self.file.move_under(folder) self.file.checkout = self.user self.file.save() with assert_raises(FileNodeCheckedOutError): folder.delete() def test_move_checked_out_file(self): self.file.checkout = self.user self.file.save() folder = self.root_node.append_folder('folder') with assert_raises(FileNodeCheckedOutError): self.file.move_under(folder) def test_checked_out_merge(self): user = factories.AuthUserFactory() node = ProjectFactory(creator=user) osfstorage = node.get_addon('osfstorage') root_node = osfstorage.get_root() file = root_node.append_file('test_file') user_merge_target = factories.AuthUserFactory() file.checkout = user file.save() user_merge_target.merge_user(user) file.reload() assert_equal(user_merge_target, file.checkout) def test_remove_contributor_with_checked_file(self): user = factories.AuthUserFactory() self.node.contributors.append(user) self.node.add_permission(user, 'admin') self.node.visible_contributor_ids.append(user._id) self.node.save() self.file.checkout = self.user self.file.save() self.file.node.remove_contributors([self.user], save=True) self.file.reload() assert_equal(self.file.checkout, None)
class TestCommentViews(OsfTestCase): def setUp(self): super(TestCommentViews, self).setUp() self.project = ProjectFactory(is_public=True) self.user = AuthUserFactory() self.project.add_contributor(self.user) self.project.save() self.user.save() def test_view_project_comments_updates_user_comments_view_timestamp(self): url = self.project.api_url_for('update_comments_timestamp') res = self.app.put_json(url, { 'page': 'node', 'rootId': self.project._id }, auth=self.user.auth) self.user.reload() user_timestamp = self.user.comments_viewed_timestamp[self.project._id]['node'] view_timestamp = dt.datetime.utcnow() assert_datetime_equal(user_timestamp, view_timestamp) def test_confirm_non_contrib_viewers_dont_have_pid_in_comments_view_timestamp(self): non_contributor = AuthUserFactory() url = self.project.api_url_for('update_comments_timestamp') res = self.app.put_json(url, { 'page': 'node', 'rootId': self.project._id }, auth=self.user.auth) non_contributor.reload() assert_not_in(self.project._id, non_contributor.comments_viewed_timestamp) def test_view_comments_updates_user_comments_view_timestamp_files(self): osfstorage = self.project.get_addon('osfstorage') root_node = osfstorage.get_root() test_file = root_node.append_file('test_file') test_file.create_version(self.user, { 'object': '06d80e', 'service': 'cloud', osfstorage_settings.WATERBUTLER_RESOURCE: 'osf', }, { 'size': 1337, 'contentType': 'img/png' }).save() url = self.project.api_url_for('update_comments_timestamp') res = self.app.put_json(url, { 'page': 'files', 'rootId': test_file._id }, auth=self.user.auth) self.user.reload() user_timestamp = self.user.comments_viewed_timestamp[self.project._id]['files'][test_file._id] view_timestamp = dt.datetime.utcnow() assert_datetime_equal(user_timestamp, view_timestamp)
def test_public_node_non_contributor_commenter_cannot_update_own_comment_if_comment_level_private(self): project = ProjectFactory(is_public=True, comment_level='public') comment = CommentFactory(node=project, user=self.non_contributor) project.comment_level = 'private' project.save() url = '/{}comments/{}/'.format(API_BASE, comment._id) payload = self._set_up_payload(comment._id) res = self.app.put_json_api(url, payload, auth=self.non_contributor.auth, expect_errors=True) assert_equal(res.status_code, 403) assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
def test_get_targets(self): project1 = ProjectFactory() for log in project1.logs: log.should_hide = True log.save() project1.save() targets = get_targets() assert targets is not None assert len(targets) is 1
def test_import_auth_cant_write_node(self): ea = self.ExternalAccountFactory() user = AuthUserFactory() user.add_addon(self.ADDON_SHORT_NAME, auth=Auth(user)) user.external_accounts.append(ea) user.save() node = ProjectFactory(creator=self.user) node.add_contributor(user, permissions=[permissions.READ], auth=self.auth, save=True) node.add_addon(self.ADDON_SHORT_NAME, auth=self.auth) node.save() url = node.api_url_for('{0}_import_auth'.format(self.ADDON_SHORT_NAME)) res = self.app.put_json(url, { 'external_account_id': ea._id }, auth=user.auth, expect_errors=True) assert_equal(res.status_code, http.FORBIDDEN)