From 9e3f157036f6a75e997b17137bf45022a2514c7d Mon Sep 17 00:00:00 2001 From: John Tordoff <> Date: Wed, 18 Oct 2023 22:36:03 +0800 Subject: [PATCH] split-up and clean-up tests for differing draftnode permissions --- .../views/test_draft_registration_list.py | 169 +++++++++++++++--- 1 file changed, 145 insertions(+), 24 deletions(-) diff --git a/api_tests/draft_registrations/views/test_draft_registration_list.py b/api_tests/draft_registrations/views/test_draft_registration_list.py index 509e8daacc2a..ceba1322d9e1 100644 --- a/api_tests/draft_registrations/views/test_draft_registration_list.py +++ b/api_tests/draft_registrations/views/test_draft_registration_list.py @@ -2,23 +2,30 @@ import pytest from framework.auth.core import Auth -from api_tests.nodes.views.test_node_draft_registration_list import ( - TestDraftRegistrationList, - TestDraftRegistrationCreate -) +from django.utils import timezone +from api_tests.nodes.views.test_node_draft_registration_list import TestDraftRegistrationCreate from api.base.settings.defaults import API_BASE from osf.migrations import ensure_invisible_and_inactive_schema -from osf.models import DraftRegistration, NodeLicense, RegistrationProvider, Institution +from osf.models import ( + DraftRegistration, + NodeLicense, + RegistrationProvider, + Institution, + RegistrationSchema +) + from osf_tests.factories import ( RegistrationFactory, CollectionFactory, ProjectFactory, AuthUserFactory, - InstitutionFactory + InstitutionFactory, + DraftRegistrationFactory, ) from osf.utils.permissions import READ, WRITE, ADMIN + from website import mails, settings @@ -28,48 +35,162 @@ def invisible_and_inactive_schema(): @pytest.mark.django_db -class TestDraftRegistrationListNewWorkflow(TestDraftRegistrationList): +class TestDraftRegistrationListNewWorkflow: + @pytest.fixture() - def url_draft_registrations(self, project_public): - return '/{}draft_registrations/?'.format(API_BASE) + def user(self): + return AuthUserFactory() + + @pytest.fixture() + def user_write_contrib(self): + return AuthUserFactory() + + @pytest.fixture() + def user_read_contrib(self): + return AuthUserFactory() + + @pytest.fixture() + def user_non_contrib(self): + return AuthUserFactory() + + @pytest.fixture() + def group_mem(self): + return AuthUserFactory() + + @pytest.fixture() + def project(self, user): + return ProjectFactory(creator=user) + + @pytest.fixture() + def schema(self): + return RegistrationSchema.objects.get(name='Open-Ended Registration', schema_version=3) + + @pytest.fixture() + def draft_registration(self, user, project, schema, user_write_contrib, user_read_contrib): + draft = DraftRegistrationFactory( + initiator=user, + registration_schema=schema, + branched_from=project + ) + draft.add_contributor(user_write_contrib, permissions=WRITE) + draft.add_contributor(user_read_contrib, permissions=ADMIN) + return draft + + @pytest.fixture() + def url_draft_registrations(self, project): + return f'/{API_BASE}draft_registrations/?' # Overrides TestDraftRegistrationList def test_osf_group_with_admin_permissions_can_view(self): # DraftRegistration endpoints permissions are not calculated from the node - return - - # Overrides TestDraftRegistrationList - def test_cannot_view_draft_list( - self, app, user_write_contrib, project_public, - user_read_contrib, user_non_contrib, draft_registration, - url_draft_registrations, group, group_mem): + return False - # test_read_only_contributor_can_view_draft_list + def test_read_only_contributor_can_view_draft_list( + self, app, user_read_contrib, draft_registration, url_draft_registrations + ): res = app.get( url_draft_registrations, - auth=user_read_contrib.auth) + auth=user_read_contrib.auth + ) assert res.status_code == 200 assert len(res.json['data']) == 1 - # test_read_write_contributor_can_view_draft_list + def test_read_write_contributor_can_view_draft_list( + self, app, user_write_contrib, draft_registration, url_draft_registrations + ): res = app.get( url_draft_registrations, - auth=user_write_contrib.auth) + auth=user_write_contrib.auth + ) assert res.status_code == 200 assert len(res.json['data']) == 1 - # test_logged_in_non_contributor_can_view_draft_list + def test_logged_in_non_contributor_can_view_draft_list( + self, app, user_non_contrib, url_draft_registrations + ): res = app.get( url_draft_registrations, auth=user_non_contrib.auth, - expect_errors=True) + expect_errors=True + ) assert res.status_code == 200 assert len(res.json['data']) == 0 - # test_unauthenticated_user_cannot_view_draft_list - res = app.get(url_draft_registrations, expect_errors=True) + def test_unauthenticated_user_cannot_view_draft_list(self, app, url_draft_registrations): + res = app.get( + url_draft_registrations, + expect_errors=True + ) assert res.status_code == 401 + def test_admin_can_view_draft_list(self, app, user, draft_registration, schema, url_draft_registrations): + res = app.get(url_draft_registrations, auth=user.auth) + assert res.status_code == 200 + data = res.json['data'] + assert len(data) == 1 + + assert schema._id in data[0]['relationships']['registration_schema']['links']['related']['href'] + assert data[0]['id'] == draft_registration._id + assert data[0]['attributes']['registration_metadata'] == {} + + def test_logged_in_non_contributor_cannot_view_draft_list( + self, app, user_write_contrib, user_read_contrib, user_non_contrib, url_draft_registrations + ): + res = app.get(url_draft_registrations, auth=user_non_contrib.auth, expect_errors=True) + assert res.status_code == 200 + + def test_deleted_draft_registration_does_not_show_up_in_draft_list( + self, app, user, draft_registration, url_draft_registrations): + draft_registration.deleted = timezone.now() + draft_registration.save() + res = app.get(url_draft_registrations, auth=user.auth) + assert res.status_code == 200 + data = res.json['data'] + assert len(data) == 0 + + def test_draft_with_registered_node_does_not_show_up_in_draft_list( + self, app, user, project, draft_registration, url_draft_registrations + ): + reg = RegistrationFactory(project=project, draft_registration=draft_registration) + draft_registration.registered_node = reg + draft_registration.save() + res = app.get(url_draft_registrations, auth=user.auth) + assert res.status_code == 200 + data = res.json['data'] + assert len(data) == 0 + + def test_draft_with_deleted_registered_node_shows_up_in_draft_list( + self, app, user, project, + draft_registration, schema, + url_draft_registrations): + reg = RegistrationFactory(project=project, draft_registration=draft_registration) + draft_registration.registered_node = reg + draft_registration.save() + reg.deleted = timezone.now() + reg.save() + res = app.get(url_draft_registrations, auth=user.auth) + assert res.status_code == 200 + data = res.json['data'] + assert len(data) == 1 + assert schema._id in data[0]['relationships']['registration_schema']['links']['related']['href'] + assert data[0]['id'] == draft_registration._id + assert data[0]['attributes']['registration_metadata'] == {} + + def test_draft_registration_serializer_usage(self, app, user, project, draft_registration): + # Tests the usage of DraftRegistrationDetailSerializer for version 2.20 + url_draft_registrations = '/{}nodes/{}/draft_registrations/?{}'.format( + API_BASE, project._id, 'version=2.20') + + res = app.get(url_draft_registrations, auth=user.auth) + assert res.status_code == 200 + data = res.json['data'] + assert len(data) == 1 + + # Set of fields that DraftRegistrationLegacySerializer does not provide + assert data[0]['attributes']['title'] + assert data[0]['attributes']['description'] + assert data[0]['relationships']['affiliated_institutions'] + class TestDraftRegistrationCreateWithNode(TestDraftRegistrationCreate):