From 2e84dc1a02e8ec89e94bcb867dd3dfea498f4731 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 11:18:34 +0200 Subject: [PATCH 01/26] started fixing endpoints --- dds_web/api/project.py | 12 ++++++------ dds_web/static/swaggerv3.yaml | 10 +++------- 2 files changed, 9 insertions(+), 13 deletions(-) diff --git a/dds_web/api/project.py b/dds_web/api/project.py index becf09d11..baf06026d 100644 --- a/dds_web/api/project.py +++ b/dds_web/api/project.py @@ -70,13 +70,13 @@ def get(self): return_info["current_deadline"] = project.current_deadline # Get status history - json_input = flask.request.get_json(silent=True) - if json_input and json_input.get("history"): - history = [] + history = flask.request.args.get("history") + if history == "true": + history_info = [] for pstatus in project.project_statuses: - history.append(tuple((pstatus.status, pstatus.date_created))) - history.sort(key=lambda x: x[1], reverse=True) - return_info.update({"history": history}) + history_info.append(tuple((pstatus.status, pstatus.date_created))) + history_info.sort(key=lambda x: x[1], reverse=True) + return_info.update({"history": history_info}) return return_info diff --git a/dds_web/static/swaggerv3.yaml b/dds_web/static/swaggerv3.yaml index 6fde368c6..65218e9b3 100644 --- a/dds_web/static/swaggerv3.yaml +++ b/dds_web/static/swaggerv3.yaml @@ -1003,12 +1003,7 @@ paths: get: tags: - project - summary: Get current project status and optionally entire status history CHECK METHOD - description: This method requires some data - to be passed in the request body instead of the query. - Since this does not comply with the openAPI standards, swagger cannot document it properly, - therefore we need to change/remove it in the future. - deprecated: true + summary: Get current project status and optionally entire status history operationId: projectStatusGet parameters: - $ref: "#/components/parameters/defaultHeader" @@ -1019,7 +1014,7 @@ paths: schema: type: boolean example: true - description: If true, return entire status history + description: If true, return entire status history. If false or missing, return only current status responses: "401": $ref: "#/components/responses/UnauthorizedToken" @@ -1661,6 +1656,7 @@ components: in: query schema: type: string + required: true description: project id to query email: name: email From 730d22e0c4003eeb2e3464b1007bd3aaf1ff0f7b Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 11:55:46 +0200 Subject: [PATCH 02/26] adapted testing file --- tests/tests_v3/api/test_project.py | 1821 ++++++++++++++++++++++++++++ 1 file changed, 1821 insertions(+) create mode 100644 tests/tests_v3/api/test_project.py diff --git a/tests/tests_v3/api/test_project.py b/tests/tests_v3/api/test_project.py new file mode 100644 index 000000000..2efda001b --- /dev/null +++ b/tests/tests_v3/api/test_project.py @@ -0,0 +1,1821 @@ +# IMPORTS ################################################################################ IMPORTS # + +# Standard library +import http +from sqlite3 import OperationalError +import pytest +from _pytest.logging import LogCaptureFixture +import logging +import datetime +import time +import unittest.mock + +# Installed +import boto3 +import flask_mail +import werkzeug +import sqlalchemy + +# Own +import dds_web +from dds_web import mail, db +from dds_web.errors import BucketNotFoundError, DatabaseError, DeletionError +import tests.tests_v3 as tests +from tests.test_files_new import project_row, file_in_db, FIRST_NEW_FILE +from tests.test_project_creation import proj_data_with_existing_users, create_unit_admins +from dds_web.database import models +from dds_web.api.project import UserProjects + +# CONFIG ################################################################################## CONFIG # + +proj_data = { + "pi": "researchuser@mailtrap.io", + "title": "Test proj", + "description": "A longer project description", + "users_to_add": [{"email": "researchuser2@mailtrap.io", "role": "Project Owner"}], +} +fields_set_to_null = [ + "title", + "date_created", + "description", + "pi", + "public_key", + # "unit_id", + # "created_by", + # "is_active", + # "date_updated", +] + +release_project = {"new_status": "Available"} +release_project_small_deadline = {**release_project, "deadline": 5} +release_project_big_deadline = {**release_project, "deadline": 80} + +extend_deadline_data_no_confirmed = { + "new_deadline_in": 20, +} + +extend_deadline_data = {**extend_deadline_data_no_confirmed, "confirmed": True} + + +# HELPER FUNCTIONS ################################################################################## CONFIG # + + +def create_and_release_project(client, proj_data, release_data): + """Helper function that creates a project and set it ups as available""" + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Release project + response = client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + query_string={"project": project_id}, + json=release_data, + ) + assert response.status_code == http.HTTPStatus.OK + + return project_id, project + + +@pytest.fixture(scope="module") +def test_project(module_client): + """Create a shared test project""" + with unittest.mock.patch.object(boto3.session.Session, "resource") as mock_session: + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + project_id = response.json.get("project_id") + # add a file + response = module_client.post( + tests.DDSEndpoint.FILE_NEW, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=FIRST_NEW_FILE, + ) + + return project_id + + +def mock_sqlalchemyerror(_=None): + raise sqlalchemy.exc.SQLAlchemyError() + + +# ProjectStatus + +# get + + +def test_projectstatus_get_status_without_args(module_client, boto3_session): + """Submit status request with invalid arguments""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + # Test getting project status without args - should fail + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json={}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Missing required information: 'project'" in response.json["message"] + + # Test getting project status without args version 2 - should fail + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json={}, + query_string={}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Missing required information: 'project'" in response.json["message"] + + +def test_projectstatus_get_status_with_empty_args(module_client, boto3_session): + """Submit status request with invalid arguments""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + # Test getting project status without args - should fail + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json={}, + query_string={"test": "test"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Missing required information: 'project'" in response.json["message"] + + +def test_projectstatus_get_status_with_invalid_project(module_client, boto3_session): + """Submit status request with invalid arguments""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + # Test getting project status without args - should fail + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json={}, + query_string={"project": "nonexistentproject"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "The specified project does not exist." in response.json["message"] + + +def test_projectstatus_get_status_with_non_accessible_project(module_client, boto3_session): + """Submit status request with invalid arguments""" + # Get project for unit 2 + project = models.Project.query.filter_by(unit_id=2).first() + assert project + + # Test getting project status without args - should fail + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json={}, + query_string={"project": project.public_id}, + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + assert "Project access denied." in response.json["message"] + + +# set_busy + + +def test_set_busy_true(module_client): + """Test set busy to true.""" + from dds_web.api import project + + # Get project + project_obj = models.Project.query.first() + assert project_obj + + # Set as not busy + project_obj.busy = False + db.session.commit() + + # Run function + project.ProjectStatus.set_busy(project=project_obj, busy=True) + assert project_obj.busy + + +def test_set_busy_false(module_client): + """Test set busy to false.""" + from dds_web.api import project + + # Get project + project_obj = models.Project.query.first() + assert project_obj + + # Set as not busy + project_obj.busy = True + db.session.commit() + + # Run function + project.ProjectStatus.set_busy(project=project_obj, busy=False) + assert not project_obj.busy + + +# post + + +def test_projectstatus_when_busy(module_client): + """Status change should not be possible when project is busy.""" + # Get user + username = "unitadmin" + user = models.User.query.filter_by(username=username).one_or_none() + assert user + + # Get project and set to busy + project = user.projects[0] + project.busy = True + db.session.commit() + assert project.busy + + # Attempt to change status + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS[username]).token(module_client), + query_string={"project": project.public_id}, + json={"something": "something"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + f"The status for the project '{project.public_id}' is already in the process of being changed." + in response.json.get("message") + ) + + +def test_projectstatus_when_not_busy_but_invalid(module_client): + """Status change which results in an exception should also reset busy to False.""" + # Get user + username = "unitadmin" + user = models.User.query.filter_by(username=username).one_or_none() + assert user + + # Get project and set as not busy + project = user.projects[0] + project.busy = False + db.session.commit() + assert not project.busy + + # Attempt to change status + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS[username]).token(module_client), + query_string={"project": project.public_id}, + json={"new_status": ""}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "No status transition provided. Specify the new status." in response.json.get("message") + assert not project.busy + + +def test_projectstatus_submit_request_with_invalid_args(module_client, boto3_session): + """Submit status request with invalid arguments""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={}, + ) + + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing" in response.json["message"] + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Invalid"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Invalid status" in response.json["message"] + + response: werkzeug.test.WrapperTestResponse = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"test": "test"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "No status transition provided. Specify the new status." in response.json["message"] + + +def test_projectstatus_post_operationalerror(module_client, boto3_session): + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + new_status = {"new_status": "Deleted"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + token = tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client) + with unittest.mock.patch("dds_web.db.session.commit", mock_sqlalchemyerror): + # Run command + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=token, + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + + +def test_projectstatus_set_project_to_deleted_from_in_progress(module_client, boto3_session): + """Create project and set status to deleted""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + new_status = {"new_status": "Deleted"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # add a file + response = module_client.post( + tests.DDSEndpoint.FILE_NEW, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=FIRST_NEW_FILE, + ) + + assert file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert value + assert project.project_user_keys + + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + ) + + assert response.status_code == http.HTTPStatus.OK + assert response.json["current_status"] == project.current_status + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Deleted" + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert not value + assert not project.project_user_keys + + +def test_projectstatus_archived_project(module_client, boto3_session): + """Create a project and archive it""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + # add a file + response = module_client.post( + tests.DDSEndpoint.FILE_NEW, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=FIRST_NEW_FILE, + ) + + project = project_row(project_id=project_id) + + assert file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + + new_status = {"new_status": "Archived"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Archived" + + assert not max(project.project_statuses, key=lambda x: x.date_created).is_aborted + assert not file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + assert not project.project_user_keys + + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert value + assert project.researchusers + + +def test_projectstatus_aborted_project(module_client, boto3_session): + """Create a project and try to abort it""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + # add a file + response = module_client.post( + tests.DDSEndpoint.FILE_NEW, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=FIRST_NEW_FILE, + ) + + project = project_row(project_id=project_id) + + assert file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert value + assert len(project.researchusers) > 0 + assert project.project_user_keys + + time.sleep(1) + new_status = {"new_status": "Archived", "is_aborted": True} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Archived" + assert max(project.project_statuses, key=lambda x: x.date_created).is_aborted + assert not file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + assert not project.project_user_keys + + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert not value + assert len(project.researchusers) == 0 + + +def test_projectstatus_abort_from_in_progress_once_made_available(module_client, boto3_session): + """Create project and abort it from In Progress after it has been made available""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + + # add a file + response = module_client.post( + tests.DDSEndpoint.FILE_NEW, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=FIRST_NEW_FILE, + ) + + project = project_row(project_id=project_id) + + assert file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + + new_status = {"new_status": "Available"} + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Available" + + new_status["new_status"] = "In Progress" + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "In Progress" + assert project.project_user_keys + + response = module_client.get( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id, "history": True}, + ) + + assert response.status_code == http.HTTPStatus.OK + assert response.json["current_status"] == project.current_status + assert response.json["current_deadline"] + assert response.json["history"] + + time.sleep(1) + new_status["new_status"] = "Archived" + new_status["is_aborted"] = True + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Archived" + assert max(project.project_statuses, key=lambda x: x.date_created).is_aborted + assert not file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + + for field, value in vars(project).items(): + if field in fields_set_to_null: + assert not value + assert len(project.researchusers) == 0 + assert not project.project_user_keys + + +def test_projectstatus_check_invalid_transitions_from_in_progress(module_client, boto3_session): + """Check all invalid transitions from In Progress""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # In Progress to Expired + new_status = {"new_status": "Expired"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "In Progress" + assert ( + "You cannot expire a project that has the current status 'In Progress'." + in response.json["message"] + ) + + # In Progress to Archived + new_status["new_status"] = "Archived" + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Archived" + + +def test_projectstatus_set_project_to_available_valid_transition(module_client, test_project): + """Set status to Available for test project""" + + new_status = {"new_status": "Available", "deadline": 10} + + project_id = test_project + project = project_row(project_id=project_id) + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Available" + + db_deadline = max(project.project_statuses, key=lambda x: x.date_created).deadline + calc_deadline = datetime.datetime.utcnow().replace( + hour=23, minute=59, second=59, microsecond=0 + ) + datetime.timedelta(days=new_status["deadline"]) + + assert db_deadline == calc_deadline + + +def test_projectstatus_set_project_to_available_no_mail(module_client, boto3_session): + """Set status to Available for test project, but skip sending mails""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + token = tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=token, + json=proj_data_with_existing_users, + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("user_addition_statuses") + for x in response.json.get("user_addition_statuses"): + assert "given access to the Project" in x + + public_project_id = response.json.get("project_id") + + with unittest.mock.patch.object(flask_mail.Mail, "send") as mock_mail_send: + with unittest.mock.patch.object( + dds_web.api.user.AddUser, "compose_and_send_email_to_user" + ) as mock_mail_func: + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=token, + query_string={"project": public_project_id}, + json={"new_status": "Available", "deadline": 10, "send_email": False}, + ) + # assert that no mail is being sent. + assert mock_mail_func.called == False + assert mock_mail_send.call_count == 0 + + assert response.status_code == http.HTTPStatus.OK + assert "An e-mail notification has not been sent." in response.json["message"] + + +def test_projectstatus_set_project_to_deleted_from_available(module_client, test_project): + """Try to set status to Deleted for test project in Available""" + + new_status = {"new_status": "Deleted"} + + project_id = test_project + project = project_row(project_id=project_id) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Available" + + +def test_projectstatus_check_deadline_remains_same_when_made_available_again_after_going_to_in_progress( + module_client, test_project +): + """Check deadline remains same when an available project goes to In Progress and is made available again""" + project_id = test_project + project = project_row(project_id=project_id) + assert project.current_status == "Available" + deadline_initial = project.current_deadline + + time.sleep(1) + new_status = {"new_status": "In Progress"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "In Progress" + time.sleep(1) + + # Try to delete the project + new_status = {"new_status": "Deleted"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "You cannot delete a project that has been made available previously" + in response.json["message"] + ) + assert project.current_status == "In Progress" + + new_status = {"new_status": "Available"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Available" + assert project.current_deadline == deadline_initial + + +def test_projectstatus_set_project_to_expired_from_available(module_client, test_project): + """Set status to Expired for test project""" + + new_status = {"new_status": "Expired", "deadline": 5} + + project_id = test_project + project = project_row(project_id=project_id) + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Expired" + + db_deadline = max(project.project_statuses, key=lambda x: x.date_created).deadline + calc_deadline = datetime.datetime.utcnow().replace( + hour=23, minute=59, second=59, microsecond=0 + ) + datetime.timedelta(days=new_status["deadline"]) + + assert db_deadline == calc_deadline + + +def test_projectstatus_project_availability_after_set_to_expired_more_than_twice( + module_client, test_project +): + """Try to set status to Available for test project after being in Expired 3 times""" + + new_status = {"new_status": "Available", "deadline": 5} + + project_id = test_project + project = project_row(project_id=project_id) + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Available" + + new_status["new_status"] = "Expired" + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Expired" + + new_status["new_status"] = "Available" + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Available" + + new_status["new_status"] = "Expired" + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Expired" + + new_status["new_status"] = "Available" + time.sleep(1) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Expired" + + assert "Project cannot be made Available any more times" in response.json["message"] + + +def test_projectstatus_invalid_transitions_from_expired(module_client, test_project): + """Check all invalid transitions from Expired""" + + # Expired to In progress + new_status = {"new_status": "In Progress"} + project_id = test_project + project = project_row(project_id=project_id) + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Expired" + assert ( + "You cannot retract a project that has the current status 'Expired'" + in response.json["message"] + ) + + # Expired to Deleted + new_status["new_status"] = "Deleted" + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Expired" + assert ( + "You cannot delete a project that has the current status 'Expired'" + in response.json["message"] + ) + + +def test_projectstatus_set_project_to_archived(module_client, test_project, boto3_session): + """Archive an expired project""" + + new_status = {"new_status": "Archived"} + project_id = test_project + project = project_row(project_id=project_id) + + assert file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + assert project.project_user_keys + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + + assert response.status_code == http.HTTPStatus.OK + assert project.current_status == "Archived" + assert not max(project.project_statuses, key=lambda x: x.date_created).is_aborted + assert not file_in_db(test_dict=FIRST_NEW_FILE, project=project.id) + assert not project.project_user_keys + + +def test_projectstatus_invalid_transitions_from_archived(module_client, test_project): + """Check all invalid transitions from Archived""" + + # Archived to In progress + project_id = test_project + project = project_row(project_id=project_id) + + new_status = {"new_status": "In Progress"} + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Archived" + assert "Cannot change status for a project" in response.json["message"] + + # Archived to Deleted + new_status["new_status"] = "Deleted" + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Archived" + assert "Cannot change status for a project" in response.json["message"] + + # Archived to Available + new_status["new_status"] = "Available" + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Archived" + assert "Cannot change status for a project" in response.json["message"] + + # Archived to Expired + new_status["new_status"] = "Expired" + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=new_status, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert project.current_status == "Archived" + assert "Cannot change status for a project" in response.json["message"] + + +def test_projectstatus_post_invalid_deadline_release(module_client, boto3_session): + """Attempt to set an invalid deadline.""" + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Release project - should fail due to invalid deadline + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Available", "deadline": 100}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "The deadline needs to be less than (or equal to) 90 days." in response.json["message"] + + +def test_projectstatus_post_invalid_deadline_expire(module_client, boto3_session): + # Create unit admins to allow project creation + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Release project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Available"}, + ) + assert response.status_code == http.HTTPStatus.OK + + # Expire project - should fail due to invalid deadline + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Expired", "deadline": 40}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "The deadline needs to be less than (or equal to) 30 days." in response.json["message"] + + +def test_extend_deadline_bad_confirmed(module_client, boto3_session): + """Try to extend a deadline and send a not boolean for confirmation""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # try to extend deadline with a string as confirmed - should fail + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={**extend_deadline_data, "confirmed": "true"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "`confirmed` is a boolean value: True or False." in response.json["message"] + + +def test_extend_deadline_no_confirmed(module_client, boto3_session): + """Try to extend a deadline before confirmation - should sent a warning and no operation is perfrom""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # try to extend deadline + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data_no_confirmed, + ) + # status code is ok but no operation perform + assert response.status_code == http.HTTPStatus.OK + assert project.times_expired == 0 + + assert "Operation must be confirmed before proceding." in response.json["warning"] + assert all( + item in response.json + for item in ["project_info", "project_status", "warning", "default_unit_days"] + ) + + +def test_extend_deadline_when_busy(module_client, boto3_session): + """Request should not be possible when project is busy.""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # set to busy + project.busy = True + db.session.commit() + assert project.busy + + # attempt to extend deadline + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + assert ( + f"The deadline for the project '{project_id}' is already in the process of being changed. " + in response.json["message"] + ) + assert ( + "Please try again later. \n\nIf you know that the project is not busy, contact support." + in response.json["message"] + ) + + +def test_extend_deadline_no_deadline(module_client, boto3_session): + """If no deadline has been provided it should not be executed anything""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # try to extend deadline - no new deadline provided + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"confirmed": True}, + ) + assert response.status_code == http.HTTPStatus.OK + assert project.times_expired == 0 + assert "Nothing to update." in response.json["message"] + + +def test_extend_deadline_project_not_available(module_client, boto3_session): + """Is not possible to extend deadline to a project in another status than available.""" + + # create a new project and never release it + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + + # attempt to extend deadline - project is in progress + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + assert ( + "You can only extend the deadline for a project that has the status 'Available'." + in response.json["message"] + ) + + +def test_extend_deadline_too_much_days(module_client, boto3_session): + """If the new deadline together with the time left already is more than 90 days it should not work""" + + # create project and release it with big dealdine + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project_big_deadline + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # try to extend deadline -> 80 + 11 > 90 + extend_deadline_data_big_deadline = {**extend_deadline_data, "new_deadline_in": 11} + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data_big_deadline, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "The new deadline needs to be less than (or equal to) 90 days." in response.json["message"] + ) + + +def test_extend_deadline_bad_new_deadline(module_client, boto3_session): + """If the new deadlien provided is not an integer it should fail""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + # try to extend deadline with a bad new deadline + extend_deadline_data_bad_deadline = {**extend_deadline_data, "new_deadline_in": "20"} + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data_bad_deadline, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "The deadline attribute passed should be of type Int (i.e a number)." + in response.json["message"] + ) + + +def test_extend_deadline_more_than_default(module_client, boto3_session): + """If the new deadline provided is more than the default unit days to release a project it should fail""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project_small_deadline + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + default_unit_days = project.responsible_unit.days_in_available + + # try to extend deadline with a bigger deadline that it is suppose to have + extend_deadline_data_bad_deadline = { + **extend_deadline_data, + "new_deadline_in": default_unit_days + 1, + } + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data_bad_deadline, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "The number of days has to be lower than the default deadline extension number" + in response.json["message"] + ) + + +def test_extend_deadline_maxium_number_available_exceded(module_client, boto3_session): + """If the deadline has been extended more than 2 times it should not work""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project_small_deadline + ) + assert project.times_expired == 0 + deadline = project.current_deadline # current deadline + new_deadline_in = 1 # small new deadline + + for i in range(1, 4): + time.sleep(1) # tests are too fast + + # extend deadline by a small new deadline so we can do it several times + extend_deadline_data_small_deadline = { + **extend_deadline_data, + "new_deadline_in": new_deadline_in, + } + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data_small_deadline, + ) + if i < 3: + assert response.status_code == http.HTTPStatus.OK + assert project.times_expired == i + assert project.current_deadline == deadline + datetime.timedelta(days=new_deadline_in) + deadline = project.current_deadline # update current deadline + assert project.current_status == "Available" + assert ( + f"The project '{project_id}' has been given a new deadline" + in response.json["message"] + ) + assert "An e-mail notification has not been sent." in response.json["message"] + else: + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "Project availability limit: The maximum number of changes in data availability has been reached." + in response.json["message"] + ) + + +def test_extend_deadline_ok(module_client, boto3_session): + """Extend a project deadline of a project - it should work ok""" + + # create project and release it + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project_small_deadline + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + deadline = project.current_deadline # save current deadline + + # extend deadline + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json=extend_deadline_data, + ) + assert response.status_code == http.HTTPStatus.OK + assert project.times_expired == 1 + assert project.current_deadline == deadline + datetime.timedelta( + days=extend_deadline_data.get("new_deadline_in") + ) + assert project.current_status == "Available" + + assert f"The project '{project_id}' has been given a new deadline" in response.json["message"] + assert "An e-mail notification has not been sent." in response.json["message"] + + +def test_extend_deadline_mock_database_error( + module_client, boto3_session, capfd: LogCaptureFixture +): + """Operation fails when trying to save in the Database""" + + project_id, project = create_and_release_project( + client=module_client, proj_data=proj_data, release_data=release_project_small_deadline + ) + assert project.times_expired == 0 + time.sleep(1) # tests are too fast + + token = tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client) + + with unittest.mock.patch.object(db.session, "rollback") as rollback: + with unittest.mock.patch("dds_web.db.session.commit") as mock_commit: + # we need this because the first time the commit function is called is when set_busy() + def side_effect_generator(): + yield None # First call, no exception + while True: + yield sqlalchemy.exc.SQLAlchemyError() # Subsequent calls, exception + + mock_commit.side_effect = side_effect_generator() + + # extend deadline + response = module_client.patch( + tests.DDSEndpoint.PROJECT_STATUS, + headers=token, + query_string={"project": project_id}, + json=extend_deadline_data, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + assert "Saving database changes failed." in response.json["message"] + + assert rollback.called + _, err = capfd.readouterr() + assert "Failed to extend deadline" in err + + +def test_projectstatus_post_deletion_and_archivation_errors(module_client, boto3_session): + """Mock the different expections that can occur when deleting project.""" + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + def mock_typeerror(): + raise TypeError + + def mock_databaseerror(): + raise DatabaseError + + def mock_deletionerror(): + raise DeletionError() + + def mock_bucketnotfounderror(): + raise BucketNotFoundError() + + for func in [mock_typeerror, mock_databaseerror, mock_deletionerror, mock_bucketnotfounderror]: + with unittest.mock.patch("dds_web.api.project.ProjectStatus.delete_project_info", func): + # Release project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Deleted"}, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + assert "Server Error: Status was not updated" in response.json["message"] + + +def test_projectstatus_post_archiving_without_aborting(module_client, boto3_session): + """Try to archive a project thas has been available.""" + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Release project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Available"}, + ) + assert response.status_code == http.HTTPStatus.OK + + time.sleep(1) # tests are too fast + + # Retract project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "In Progress"}, + ) + assert response.status_code == http.HTTPStatus.OK + + # Retract project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Archived"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + "You cannot archive a project that has been made available previously" + in response.json["message"] + ) + + +def test_projectstatus_post_deletion_and_archivation_errors(module_client, boto3_session): + """Mock the different expections that can occur when deleting project.""" + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Available"}, + ) + assert response.status_code == http.HTTPStatus.OK + + def mock_typeerror(): + raise TypeError + + def mock_databaseerror(): + raise DatabaseError + + def mock_deletionerror(): + raise DeletionError() + + def mock_bucketnotfounderror(): + raise BucketNotFoundError() + + for func in [mock_typeerror, mock_databaseerror, mock_deletionerror, mock_bucketnotfounderror]: + with unittest.mock.patch("dds_web.api.project.ProjectStatus.delete_project_info", func): + # Release project + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client), + query_string={"project": project_id}, + json={"new_status": "Archived", "is_aborted": True}, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + assert "Server Error: Status was not updated" in response.json["message"] + + +# GetPublic + + +def test_getpublic_publickey_is_none(module_client, boto3_session): + """Try to get public key from project that does not have a project public key.""" + # Ensure enough unit admins + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Remove public key + project.public_key = None + db.session.commit() + + # Get public key - does not exist so it fails + response = module_client.get( + tests.DDSEndpoint.PROJ_PUBLIC, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + query_string={"project": project_id}, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + assert "Unrecoverable key error. Aborting." in response.json["message"] + + +def test_getpublic_publickey(module_client, boto3_session): + """Get project public key.""" + # Ensure enough unit admins + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + if current_unit_admins < 3: + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # Create project + response = module_client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + project_id = response.json.get("project_id") + project = project_row(project_id=project_id) + + # Get public key + response = module_client.get( + tests.DDSEndpoint.PROJ_PUBLIC, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client), + query_string={"project": project_id}, + ) + assert response.status_code == http.HTTPStatus.OK + response_json = response.json + + # Verify correct + public_key = response_json.get("public") + assert public_key and public_key == project.public_key.hex().upper() + + +def test_proj_public_no_project(module_client): + """Attempting to get public key without a project should not work""" + token = tests.UserAuth(tests.USER_CREDENTIALS["researchuser"]).token(module_client) + response = module_client.get( + tests.DDSEndpoint.PROJ_PUBLIC, + headers=token, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert "Missing required information: 'project'" in response_json.get("message") + + +def test_project_public_researcher_get(module_client): + """User should get access to public key""" + + token = tests.UserAuth(tests.USER_CREDENTIALS["researchuser"]).token(module_client) + response = module_client.get( + tests.DDSEndpoint.PROJ_PUBLIC, query_string={"project": "public_project_id"}, headers=token + ) + assert response.status_code == http.HTTPStatus.OK + response_json = response.json + assert response_json.get("public") + + +def test_project_public_facility_put(module_client): + """User should get access to public key""" + + token = tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(module_client) + response = module_client.get( + tests.DDSEndpoint.PROJ_PUBLIC, query_string={"project": "public_project_id"}, headers=token + ) + assert response.status_code == http.HTTPStatus.OK + response_json = response.json + assert response_json.get("public") + + +# ProjectBusy + + +def test_set_busy_no_token(module_client): + """Token required to set project busy/not busy.""" + response = module_client.put(tests.DDSEndpoint.PROJECT_BUSY, headers=tests.DEFAULT_HEADER) + assert response.status_code == http.HTTPStatus.UNAUTHORIZED + assert response.json.get("message") + assert "No token" in response.json.get("message") + + +def test_set_busy_invalid_version(module_client): + """ProjectBusy endpoint is empty and should only return error message about invalid version.""" + # Error messages + major_version_error: str = "You're using an old CLI version, please upgrade to the latest one." + busy_error: str = ( + "Your CLI version is trying to use functionality which is no longer in use. Upgrade your version to the latest one and run your command again." + ) + + for username in ["superadmin", "researchuser", "projectowner", "unituser", "unitadmin"]: + # Get user + user = models.User.query.filter_by(username=username).one_or_none() + assert user + + # Get project + project = user.projects[0] + assert project + + # Authenticate and run + token = tests.UserAuth(tests.USER_CREDENTIALS[username]).token(module_client) + for version, error_message in { + token["X-CLI-Version"]: busy_error, + "1.9.9": major_version_error, + "2.1.9": busy_error, + }.items(): + token["X-CLI-Version"] = version + response = module_client.put( + tests.DDSEndpoint.PROJECT_BUSY, + headers=token, + query_string={"project": project.public_id}, + json={"something": "notabool"}, + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + assert error_message in response.json.get("message") + + +# Project usage + + +def test_project_usage(module_client): + """Test if correct cost value is returned.""" + + cost_gbhour = 0.09 / (30 * 24) + + # Get user and project + user = models.User.query.filter_by(username="unitadmin").one_or_none() + assert user + project_0 = user.projects[0] + assert project_0 + + # Call project_usage() for the project and check if cost is calculated correctly + proj_bhours, proj_cost = UserProjects.project_usage(project=project_0) + assert (proj_bhours / 1e9) * cost_gbhour == proj_cost + + +def test_email_project_release(module_client, boto3_session): + """Test that check that the email sent to the researchers when project is released is correct""" + public_project_id = "public_project_id" + + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins >= 3 + + # user to perfrom the operation + token = tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(module_client) + # project to be released + project = models.Project.query.filter_by(public_id=public_project_id).first() + # num of researchers that will receive email + num_users = models.ProjectUsers.query.filter_by(project_id=project.id).count() + + # Release project and check email + with mail.record_messages() as outbox: + response = module_client.post( + tests.DDSEndpoint.PROJECT_STATUS, + headers=token, + query_string={"project": public_project_id}, + json={"new_status": "Available", "deadline": 10, "send_email": True}, + ) + assert len(outbox) == num_users # nº of Emails informing researchers + assert "Project made available by" in outbox[-1].subject + + body = outbox[-1].body # plain text + html = outbox[-1].html + + project_title = project.title + + ## check plain text message + assert f"- Project Title: {project_title}" in body + assert f"- DDS project ID: {public_project_id}" in body + assert f"dds ls -p {public_project_id}" in body + assert f"dds data get -p {public_project_id} -a --verify-checksum" in body + assert "If you experience issues, please contact the SciLifeLab unit" in body + assert ( + "What is the DDS? The DDS is a system for SciLifeLab infrastructures to deliver data to researchers in a fast, secure and simple way" + in body + ) + + ## check html + assert f"
  • Project Title: {project_title}
  • " in html + assert f"
  • DDS project ID: {public_project_id}
  • " in html + assert f"dds ls -p {public_project_id}" in html + assert f"dds data get -p {public_project_id} -a --verify-checksum" in html + assert "If you experience issues, please contact the SciLifeLab unit" in html + assert ( + "What is the DDS? The DDS is a system for SciLifeLab infrastructures to deliver data to researchers in a fast, secure and simple way." + in html + ) + + assert response.status_code == http.HTTPStatus.OK From 290b7899e1cced4a6dd2dc6a536a2039c62be385 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 14:34:07 +0200 Subject: [PATCH 03/26] refactor old method --- dds_web/api/project.py | 43 +++++++++++++++++++++++++++++++++++------- 1 file changed, 36 insertions(+), 7 deletions(-) diff --git a/dds_web/api/project.py b/dds_web/api/project.py index baf06026d..b07817d38 100644 --- a/dds_web/api/project.py +++ b/dds_web/api/project.py @@ -9,6 +9,7 @@ # Installed import flask_restful +from flask_restful import inputs import flask import sqlalchemy import datetime @@ -59,24 +60,52 @@ class ProjectStatus(flask_restful.Resource): @handle_validation_errors def get(self): """Get current project status and optionally entire status history""" + if "api/v1" in flask.request.path: + # requests comming from api/v1 should be handled as before + return self.old_get(current_user) + + elif "api/v3" in flask.request.path: + # Get project ID, project and verify access + project_id = dds_web.utils.get_required_item(obj=flask.request.args, req="project") + project = dds_web.utils.collect_project(project_id=project_id) + dds_web.utils.verify_project_access(project=project) + + # Get current status and deadline + return_info = {"current_status": project.current_status} + if project.current_deadline: + return_info["current_deadline"] = project.current_deadline + + # Get status history + history = flask.request.args.get("history", type=inputs.boolean, default=False) + if history: + history_info = [] + for pstatus in project.project_statuses: + history_info.append(tuple((pstatus.status, pstatus.date_created))) + history_info.sort(key=lambda x: x[1], reverse=True) + return_info.update({"history": history_info}) + + return return_info + + def old_get(self, current_user): + """Implementation of old get method. Should be removed when api/v1 is removed.""" + # Get project ID, project and verify access project_id = dds_web.utils.get_required_item(obj=flask.request.args, req="project") project = dds_web.utils.collect_project(project_id=project_id) dds_web.utils.verify_project_access(project=project) - # Get current status and deadline return_info = {"current_status": project.current_status} if project.current_deadline: return_info["current_deadline"] = project.current_deadline # Get status history - history = flask.request.args.get("history") - if history == "true": - history_info = [] + json_input = flask.request.get_json(silent=True) + if json_input and json_input.get("history"): + history = [] for pstatus in project.project_statuses: - history_info.append(tuple((pstatus.status, pstatus.date_created))) - history_info.sort(key=lambda x: x[1], reverse=True) - return_info.update({"history": history_info}) + history.append(tuple((pstatus.status, pstatus.date_created))) + history.sort(key=lambda x: x[1], reverse=True) + return_info.update({"history": history}) return return_info From 33c824353a9afbbb7e4004d72fc73553c864d795 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 14:46:43 +0200 Subject: [PATCH 04/26] fixed tests --- dds_web/api/project.py | 1 + tests/tests_v3/test_project_creation.py | 871 ++++++++++++++++++++++++ 2 files changed, 872 insertions(+) create mode 100644 tests/tests_v3/test_project_creation.py diff --git a/dds_web/api/project.py b/dds_web/api/project.py index b07817d38..b522117ad 100644 --- a/dds_web/api/project.py +++ b/dds_web/api/project.py @@ -93,6 +93,7 @@ def old_get(self, current_user): project_id = dds_web.utils.get_required_item(obj=flask.request.args, req="project") project = dds_web.utils.collect_project(project_id=project_id) dds_web.utils.verify_project_access(project=project) + # Get current status and deadline return_info = {"current_status": project.current_status} if project.current_deadline: diff --git a/tests/tests_v3/test_project_creation.py b/tests/tests_v3/test_project_creation.py new file mode 100644 index 000000000..e44e99902 --- /dev/null +++ b/tests/tests_v3/test_project_creation.py @@ -0,0 +1,871 @@ +# IMPORTS ################################################################################ IMPORTS # + +# Standard library +import http +import datetime +import unittest +import time +import os + +# Installed + +# Own +from dds_web import db +from dds_web.database import models +from dds_web.utils import current_time +import tests + + +# CONFIG ################################################################################## CONFIG # + +proj_data = { + "pi": "researchuser@mailtrap.io", + "title": "Test proj", + "description": "A longer project description", +} +proj_data_with_existing_users = { + **proj_data, + "users_to_add": [ + {"email": "researchuser@mailtrap.io", "role": "Project Owner"}, + {"email": "researchuser2@mailtrap.io", "role": "Researcher"}, + ], +} +proj_data_with_nonexisting_users = { + **proj_data, + "users_to_add": [ + {"email": "non_existing_user@mailtrap.io", "role": "Project Owner"}, + {"email": "non_existing_user2@mailtrap.io", "role": "Researcher"}, + ], +} +proj_data_with_unsuitable_user_roles = { + **proj_data, + "users_to_add": [ + {"email": "researchuser@mailtrap.io", "role": "Unit Admin"}, + {"email": "researchuser2@mailtrap.io", "role": "Unit Personnel"}, + ], +} + + +def create_unit_admins(num_admins, unit_id=1): + new_admins = [] + for i in range(1, num_admins + 1): + new_admins.append( + models.UnitUser( + **{ + "username": "unit_admin_" + os.urandom(4).hex(), + "name": "Unit Admin " + str(i), + "password": "password", + "is_admin": True, + "unit_id": unit_id, + } + ) + ) + + db.session.add_all(new_admins) + db.session.commit() + + +# TESTS #################################################################################### TESTS # + + +def test_create_project_too_few_unit_admins(client): + """There needs to be at least 2 Unit Admins.""" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + response_json = response.json + assert response_json + assert "Your unit does not have enough Unit Admins" in response_json.get("message") + + +def test_create_project_two_unit_admins(client): + """There needs to be at least 2 Unit Admins.""" + create_unit_admins(num_admins=1) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 2 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + response_json = response.json + assert response_json + assert "Your unit only has 2 Unit Admins" in response_json.get("warning") + + +def test_create_project_two_unit_admins_force(client): + """The force option (not in cli) can be used to create a project even if there are + less than 3 Unit Admins.""" + create_unit_admins(num_admins=1) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 2 + + # Use force + updated_proj_data = proj_data.copy() + updated_proj_data["force"] = True + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=updated_proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + created_proj = models.Project.query.filter_by( + created_by="unitadmin", + title=updated_proj_data["title"], + pi=updated_proj_data["pi"], + description=updated_proj_data["description"], + ).one_or_none() + assert created_proj + + +def test_create_project_two_unit_admins_force(client): + """The force option (not in cli) can be used to create a project even if there are + less than 3 Unit Admins.""" + create_unit_admins(num_admins=1) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 2 + + # Use force + updated_proj_data = proj_data.copy() + updated_proj_data["force"] = "not correct" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=updated_proj_data, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + created_proj = models.Project.query.filter_by( + created_by="unitadmin", + title=updated_proj_data["title"], + pi=updated_proj_data["pi"], + description=updated_proj_data["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_empty(client): + """Make empty request.""" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert response_json + assert "Required data missing from request" in response_json.get("message") + + +def test_create_project_unknown_field(client): + """Make request with unknown field passed.""" + # Make sure there's 3 unit admins for unit + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + # Attempt creating project + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json={"test": "test"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + response_json + and "title" in response_json + and response_json["title"].get("message") == "Title is required." + ) + + +def test_create_project_missing_title(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_no_title = proj_data.copy() + proj_data_no_title.pop("title") + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_no_title, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "title" in response_json and response_json["title"].get("message") == "Title is required." + ) + + +def test_create_project_none_title(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_none_title = proj_data.copy() + proj_data_none_title["title"] = None + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_none_title, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "title" in response_json and response_json["title"].get("message") == "Title is required." + ) + + +def test_create_project_no_description(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_no_description = proj_data.copy() + proj_data_no_description.pop("description") + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_no_description, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "description" in response_json + and response_json["description"].get("message") == "A project description is required." + ) + + +def test_create_project_none_description(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_none_description = proj_data.copy() + proj_data_none_description["description"] = None + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_none_description, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "description" in response_json + and response_json["description"].get("message") == "A project description is required." + ) + + +def test_create_project_no_pi(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_no_pi = proj_data.copy() + proj_data_no_pi.pop("pi") + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_no_pi, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "pi" in response_json + and response_json["pi"].get("message") == "A principal investigator is required." + ) + + +def test_create_project_none_pi(client): + """Make request with missing title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_none_pi = proj_data.copy() + proj_data_none_pi["pi"] = None + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), + json=proj_data_none_pi, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + response_json = response.json + assert ( + "pi" in response_json + and response_json["pi"].get("message") == "A principal investigator is required." + ) + + +def test_create_project_without_credentials(client): + """Create project without valid user credentials.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["researchuser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + created_proj = models.Project.query.filter_by( + created_by="researchuser", + title=proj_data["title"], + pi=proj_data["pi"], + description=proj_data["description"], + ).one_or_none() + assert created_proj is None + + +def test_create_project_with_credentials(client, boto3_session): + """Create project with correct credentials.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + time_before_run = datetime.datetime.utcnow() + time.sleep(1) + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data["title"], + pi=proj_data["pi"], + description=proj_data["description"], + ).one_or_none() + assert ( + created_proj + and created_proj.date_created > time_before_run + and not created_proj.non_sensitive + ) + + +def test_create_project_no_title(client): + """Create project without a title specified.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json={"pi": "piName"}, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + pi=proj_data["pi"], + ).one_or_none() + assert created_proj is None + + +def test_create_project_title_too_short(client): + """Create a project with too short title.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_short_title = proj_data.copy() + proj_data_short_title["title"] = "" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_short_title, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_short_title["title"], + pi=proj_data_short_title["pi"], + description=proj_data_short_title["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_with_malformed_json(client): + """Create a project with malformed project info.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json="", + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + created_proj = models.Project.query.filter_by( + created_by="unituser", + title="", + pi="", + description="", + ).one_or_none() + assert created_proj is None + + +def test_create_project_sensitive(client, boto3_session): + """Create a sensitive project.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + p_data = proj_data + p_data["non_sensitive"] = False + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=p_data, + ) + assert response.status_code == http.HTTPStatus.OK + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data["title"], + pi=proj_data["pi"], + description=proj_data["description"], + ).one_or_none() + assert created_proj and not created_proj.non_sensitive + + +def test_create_project_description_too_short(client): + """Create a project with too short description.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_short_description = proj_data.copy() + proj_data_short_description["description"] = "" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_short_description, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_short_description["title"], + pi=proj_data_short_description["pi"], + description=proj_data_short_description["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_pi_too_short(client): + """Create a project with too short PI.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_short_pi = proj_data.copy() + proj_data_short_pi["pi"] = "" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_short_pi, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_short_pi["title"], + pi=proj_data_short_pi["pi"], + description=proj_data_short_pi["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_pi_too_long(client): + """Create a project with too long PI.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_long_pi = proj_data.copy() + proj_data_long_pi["pi"] = "pi" * 128 + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_long_pi, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_long_pi["title"], + pi=proj_data_long_pi["pi"], + description=proj_data_long_pi["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_wrong_status(client, boto3_session): + """Create a project with own status, should be overridden.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_wrong_status = proj_data.copy() + proj_data_wrong_status["status"] = "Incorrect Status" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_wrong_status, + ) + assert response.status_code == http.HTTPStatus.OK + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_wrong_status["title"], + pi=proj_data_wrong_status["pi"], + description=proj_data_wrong_status["description"], + ).one_or_none() + assert created_proj and created_proj.current_status == "In Progress" + + +def test_create_project_sensitive_not_boolean(client): + """Create project with incorrect non_sensitive format.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_sensitive_not_boolean = proj_data.copy() + proj_data_sensitive_not_boolean["non_sensitive"] = "test" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_sensitive_not_boolean, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_sensitive_not_boolean["title"], + pi=proj_data_sensitive_not_boolean["pi"], + description=proj_data_sensitive_not_boolean["description"], + ).one_or_none() + assert not created_proj + + +def test_create_project_date_created_overridden(client, boto3_session): + """Create project with own date_created, should be overridden.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + proj_data_date_created_own = proj_data.copy() + proj_data_date_created_own["date_created"] = "test" + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_date_created_own, + ) + assert response.status_code == http.HTTPStatus.OK + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data_date_created_own["title"], + pi=proj_data_date_created_own["pi"], + description=proj_data_date_created_own["description"], + ).one_or_none() + assert created_proj and created_proj.date_created != proj_data_date_created_own["date_created"] + + +def test_create_project_with_users(client, boto3_session): + """Create project and add users to the project.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_with_existing_users, + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("user_addition_statuses") + for x in response.json.get("user_addition_statuses"): + assert "given access to the Project" in x + + resp_json = response.json + created_proj = models.Project.query.filter_by(public_id=resp_json["project_id"]).one_or_none() + assert created_proj + users = models.ProjectUsers.query.filter_by(project_id=created_proj.id).all() + users_dict_from_db = [] + + for user in users: + users_dict_from_db.append({"username": user.user_id, "owner": user.owner}) + + users_dict_from_email = [] + for user in proj_data_with_existing_users["users_to_add"]: + email = models.Email.query.filter_by(email=user["email"]).one_or_none() + users_dict_from_email.append( + { + "username": email.user_id, + "owner": True if user.get("role") == "Project Owner" else False, + } + ) + + case = unittest.TestCase() + case.assertCountEqual(users_dict_from_db, users_dict_from_email) + + +def test_create_project_with_invited_users(client, boto3_session): + """Create project and invite users to the project.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_with_nonexisting_users, + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("user_addition_statuses") + for x in response.json.get("user_addition_statuses"): + assert "Invitation sent" in x + + +def test_create_project_with_unsuitable_roles(client, boto3_session): + """Create project and add users with unsuitable roles to the project.""" + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_with_unsuitable_user_roles, + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("user_addition_statuses") + for x in response.json.get("user_addition_statuses"): + assert "User Role should be either 'Project Owner' or 'Researcher'" in x + + +def test_create_project_valid_characters(client, boto3_session): + """Create a project with no unicode.""" + # Project info with valid characters + proj_data_val_chars = proj_data.copy() + proj_data_val_chars["description"] = "A longer project description !#¤%&/()=?¡@£$€¥{[]}\\" + + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_val_chars, + ) + assert response.status_code == http.HTTPStatus.OK + + new_project = ( + db.session.query(models.Project) + .filter(models.Project.description == proj_data_val_chars["description"]) + .first() + ) + assert new_project + + +def test_create_project_invalid_characters(client, boto3_session): + """Create a project with unicode characters.""" + # Project info with invalid characters + proj_data_inval_chars = proj_data.copy() + proj_data_inval_chars["description"] = "A longer project description \U0001F300 \U0001F601" + + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data_inval_chars, + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert ( + response.json + and response.json.get("description") + and isinstance(response.json.get("description"), list) + ) + assert response.json["description"][0] == "This input is not allowed: \U0001F300\U0001F601" + + new_project = ( + db.session.query(models.Project) + .filter(models.Project.description == proj_data_inval_chars["description"]) + .first() + ) + assert not new_project + + +def test_create_project_sto2(client, boto3_session, capfd): + """Create a project in sto2.""" + # Make sure there are 3 unit admins + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + # Use sto2 -- all sto4 vars not set --------------------- + unit: models.Unit = models.Unit.query.filter_by(id=1).first() + assert unit + assert not all( + [ + unit.sto4_start_time, + unit.sto4_endpoint, + unit.sto4_name, + unit.sto4_access, + unit.sto4_secret, + ] + ) + + # Create project + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + # Verify that new project is created + new_project = ( + db.session.query(models.Project) + .filter(models.Project.description == proj_data["description"]) + .first() + ) + assert new_project + + # Verify logging + _, err = capfd.readouterr() + assert f"Safespring location for project '{new_project.public_id}': sto2" in err + + +def test_create_project_sto4(client, boto3_session, capfd): + """Create a project in sto4.""" + # Make sure there are 3 unit admins + create_unit_admins(num_admins=2) + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + # Use sto4 + unit: models.Unit = models.Unit.query.filter_by(id=1).first() + assert unit + unit.sto4_start_time = current_time() + unit.sto4_endpoint = "endpoint" + unit.sto4_name = "name" + unit.sto4_access = "access" + unit.sto4_secret = "secret" + db.session.commit() + assert all( + [ + unit.sto4_start_time, + unit.sto4_endpoint, + unit.sto4_name, + unit.sto4_access, + unit.sto4_secret, + ] + ) + + # Create project + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.OK + + # Verify that new project is created + new_project = ( + db.session.query(models.Project) + .filter(models.Project.description == proj_data["description"]) + .first() + ) + assert new_project + + # Verify logging + _, err = capfd.readouterr() + assert f"Safespring location for project '{new_project.public_id}': sto4" in err + + +def test_create_project_with_credentials(client, boto3_session): + """Create project with correct credentials.""" + # Create unit admins + create_unit_admins(num_admins=2) + + current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() + assert current_unit_admins == 3 + + time_before_run = datetime.datetime.utcnow() + time.sleep(1) + + # Create project + from tests.api.test_project import mock_sqlalchemyerror + + with unittest.mock.patch("dds_web.db.session.add", mock_sqlalchemyerror): + response = client.post( + tests.DDSEndpoint.PROJECT_CREATE, + headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), + json=proj_data, + ) + assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR + + created_proj = models.Project.query.filter_by( + created_by="unituser", + title=proj_data["title"], + pi=proj_data["pi"], + description=proj_data["description"], + ).one_or_none() + assert not ( + created_proj + and created_proj.date_created > time_before_run + and not created_proj.non_sensitive + ) From daf574d45f53d0c0326e6abaaec46bb762b1ca19 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 14:47:29 +0200 Subject: [PATCH 05/26] black --- dds_web/api/project.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/api/project.py b/dds_web/api/project.py index b522117ad..33140a395 100644 --- a/dds_web/api/project.py +++ b/dds_web/api/project.py @@ -93,7 +93,7 @@ def old_get(self, current_user): project_id = dds_web.utils.get_required_item(obj=flask.request.args, req="project") project = dds_web.utils.collect_project(project_id=project_id) dds_web.utils.verify_project_access(project=project) - + # Get current status and deadline return_info = {"current_status": project.current_status} if project.current_deadline: From 0c40e02624de55c2fb41476aa50d73a90594dab5 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 15:08:53 +0200 Subject: [PATCH 06/26] fixed init tests --- tests/tests_v3/api/__init__.py | 0 tests/tests_v3/test_project_creation.py | 871 ------------------------ 2 files changed, 871 deletions(-) create mode 100644 tests/tests_v3/api/__init__.py delete mode 100644 tests/tests_v3/test_project_creation.py diff --git a/tests/tests_v3/api/__init__.py b/tests/tests_v3/api/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/tests/tests_v3/test_project_creation.py b/tests/tests_v3/test_project_creation.py deleted file mode 100644 index e44e99902..000000000 --- a/tests/tests_v3/test_project_creation.py +++ /dev/null @@ -1,871 +0,0 @@ -# IMPORTS ################################################################################ IMPORTS # - -# Standard library -import http -import datetime -import unittest -import time -import os - -# Installed - -# Own -from dds_web import db -from dds_web.database import models -from dds_web.utils import current_time -import tests - - -# CONFIG ################################################################################## CONFIG # - -proj_data = { - "pi": "researchuser@mailtrap.io", - "title": "Test proj", - "description": "A longer project description", -} -proj_data_with_existing_users = { - **proj_data, - "users_to_add": [ - {"email": "researchuser@mailtrap.io", "role": "Project Owner"}, - {"email": "researchuser2@mailtrap.io", "role": "Researcher"}, - ], -} -proj_data_with_nonexisting_users = { - **proj_data, - "users_to_add": [ - {"email": "non_existing_user@mailtrap.io", "role": "Project Owner"}, - {"email": "non_existing_user2@mailtrap.io", "role": "Researcher"}, - ], -} -proj_data_with_unsuitable_user_roles = { - **proj_data, - "users_to_add": [ - {"email": "researchuser@mailtrap.io", "role": "Unit Admin"}, - {"email": "researchuser2@mailtrap.io", "role": "Unit Personnel"}, - ], -} - - -def create_unit_admins(num_admins, unit_id=1): - new_admins = [] - for i in range(1, num_admins + 1): - new_admins.append( - models.UnitUser( - **{ - "username": "unit_admin_" + os.urandom(4).hex(), - "name": "Unit Admin " + str(i), - "password": "password", - "is_admin": True, - "unit_id": unit_id, - } - ) - ) - - db.session.add_all(new_admins) - db.session.commit() - - -# TESTS #################################################################################### TESTS # - - -def test_create_project_too_few_unit_admins(client): - """There needs to be at least 2 Unit Admins.""" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.FORBIDDEN - response_json = response.json - assert response_json - assert "Your unit does not have enough Unit Admins" in response_json.get("message") - - -def test_create_project_two_unit_admins(client): - """There needs to be at least 2 Unit Admins.""" - create_unit_admins(num_admins=1) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 2 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.OK - response_json = response.json - assert response_json - assert "Your unit only has 2 Unit Admins" in response_json.get("warning") - - -def test_create_project_two_unit_admins_force(client): - """The force option (not in cli) can be used to create a project even if there are - less than 3 Unit Admins.""" - create_unit_admins(num_admins=1) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 2 - - # Use force - updated_proj_data = proj_data.copy() - updated_proj_data["force"] = True - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=updated_proj_data, - ) - assert response.status_code == http.HTTPStatus.OK - created_proj = models.Project.query.filter_by( - created_by="unitadmin", - title=updated_proj_data["title"], - pi=updated_proj_data["pi"], - description=updated_proj_data["description"], - ).one_or_none() - assert created_proj - - -def test_create_project_two_unit_admins_force(client): - """The force option (not in cli) can be used to create a project even if there are - less than 3 Unit Admins.""" - create_unit_admins(num_admins=1) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 2 - - # Use force - updated_proj_data = proj_data.copy() - updated_proj_data["force"] = "not correct" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=updated_proj_data, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - created_proj = models.Project.query.filter_by( - created_by="unitadmin", - title=updated_proj_data["title"], - pi=updated_proj_data["pi"], - description=updated_proj_data["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_empty(client): - """Make empty request.""" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert response_json - assert "Required data missing from request" in response_json.get("message") - - -def test_create_project_unknown_field(client): - """Make request with unknown field passed.""" - # Make sure there's 3 unit admins for unit - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - # Attempt creating project - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json={"test": "test"}, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - response_json - and "title" in response_json - and response_json["title"].get("message") == "Title is required." - ) - - -def test_create_project_missing_title(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_no_title = proj_data.copy() - proj_data_no_title.pop("title") - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_no_title, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "title" in response_json and response_json["title"].get("message") == "Title is required." - ) - - -def test_create_project_none_title(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_none_title = proj_data.copy() - proj_data_none_title["title"] = None - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_none_title, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "title" in response_json and response_json["title"].get("message") == "Title is required." - ) - - -def test_create_project_no_description(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_no_description = proj_data.copy() - proj_data_no_description.pop("description") - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_no_description, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "description" in response_json - and response_json["description"].get("message") == "A project description is required." - ) - - -def test_create_project_none_description(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_none_description = proj_data.copy() - proj_data_none_description["description"] = None - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_none_description, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "description" in response_json - and response_json["description"].get("message") == "A project description is required." - ) - - -def test_create_project_no_pi(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_no_pi = proj_data.copy() - proj_data_no_pi.pop("pi") - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_no_pi, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "pi" in response_json - and response_json["pi"].get("message") == "A principal investigator is required." - ) - - -def test_create_project_none_pi(client): - """Make request with missing title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_none_pi = proj_data.copy() - proj_data_none_pi["pi"] = None - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unitadmin"]).token(client), - json=proj_data_none_pi, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - response_json = response.json - assert ( - "pi" in response_json - and response_json["pi"].get("message") == "A principal investigator is required." - ) - - -def test_create_project_without_credentials(client): - """Create project without valid user credentials.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["researchuser"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.FORBIDDEN - created_proj = models.Project.query.filter_by( - created_by="researchuser", - title=proj_data["title"], - pi=proj_data["pi"], - description=proj_data["description"], - ).one_or_none() - assert created_proj is None - - -def test_create_project_with_credentials(client, boto3_session): - """Create project with correct credentials.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - time_before_run = datetime.datetime.utcnow() - time.sleep(1) - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.OK - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data["title"], - pi=proj_data["pi"], - description=proj_data["description"], - ).one_or_none() - assert ( - created_proj - and created_proj.date_created > time_before_run - and not created_proj.non_sensitive - ) - - -def test_create_project_no_title(client): - """Create project without a title specified.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json={"pi": "piName"}, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - pi=proj_data["pi"], - ).one_or_none() - assert created_proj is None - - -def test_create_project_title_too_short(client): - """Create a project with too short title.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_short_title = proj_data.copy() - proj_data_short_title["title"] = "" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_short_title, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_short_title["title"], - pi=proj_data_short_title["pi"], - description=proj_data_short_title["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_with_malformed_json(client): - """Create a project with malformed project info.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json="", - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - created_proj = models.Project.query.filter_by( - created_by="unituser", - title="", - pi="", - description="", - ).one_or_none() - assert created_proj is None - - -def test_create_project_sensitive(client, boto3_session): - """Create a sensitive project.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - p_data = proj_data - p_data["non_sensitive"] = False - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=p_data, - ) - assert response.status_code == http.HTTPStatus.OK - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data["title"], - pi=proj_data["pi"], - description=proj_data["description"], - ).one_or_none() - assert created_proj and not created_proj.non_sensitive - - -def test_create_project_description_too_short(client): - """Create a project with too short description.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_short_description = proj_data.copy() - proj_data_short_description["description"] = "" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_short_description, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_short_description["title"], - pi=proj_data_short_description["pi"], - description=proj_data_short_description["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_pi_too_short(client): - """Create a project with too short PI.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_short_pi = proj_data.copy() - proj_data_short_pi["pi"] = "" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_short_pi, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_short_pi["title"], - pi=proj_data_short_pi["pi"], - description=proj_data_short_pi["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_pi_too_long(client): - """Create a project with too long PI.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_long_pi = proj_data.copy() - proj_data_long_pi["pi"] = "pi" * 128 - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_long_pi, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_long_pi["title"], - pi=proj_data_long_pi["pi"], - description=proj_data_long_pi["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_wrong_status(client, boto3_session): - """Create a project with own status, should be overridden.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_wrong_status = proj_data.copy() - proj_data_wrong_status["status"] = "Incorrect Status" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_wrong_status, - ) - assert response.status_code == http.HTTPStatus.OK - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_wrong_status["title"], - pi=proj_data_wrong_status["pi"], - description=proj_data_wrong_status["description"], - ).one_or_none() - assert created_proj and created_proj.current_status == "In Progress" - - -def test_create_project_sensitive_not_boolean(client): - """Create project with incorrect non_sensitive format.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_sensitive_not_boolean = proj_data.copy() - proj_data_sensitive_not_boolean["non_sensitive"] = "test" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_sensitive_not_boolean, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_sensitive_not_boolean["title"], - pi=proj_data_sensitive_not_boolean["pi"], - description=proj_data_sensitive_not_boolean["description"], - ).one_or_none() - assert not created_proj - - -def test_create_project_date_created_overridden(client, boto3_session): - """Create project with own date_created, should be overridden.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - proj_data_date_created_own = proj_data.copy() - proj_data_date_created_own["date_created"] = "test" - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_date_created_own, - ) - assert response.status_code == http.HTTPStatus.OK - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data_date_created_own["title"], - pi=proj_data_date_created_own["pi"], - description=proj_data_date_created_own["description"], - ).one_or_none() - assert created_proj and created_proj.date_created != proj_data_date_created_own["date_created"] - - -def test_create_project_with_users(client, boto3_session): - """Create project and add users to the project.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_with_existing_users, - ) - assert response.status_code == http.HTTPStatus.OK - assert response.json and response.json.get("user_addition_statuses") - for x in response.json.get("user_addition_statuses"): - assert "given access to the Project" in x - - resp_json = response.json - created_proj = models.Project.query.filter_by(public_id=resp_json["project_id"]).one_or_none() - assert created_proj - users = models.ProjectUsers.query.filter_by(project_id=created_proj.id).all() - users_dict_from_db = [] - - for user in users: - users_dict_from_db.append({"username": user.user_id, "owner": user.owner}) - - users_dict_from_email = [] - for user in proj_data_with_existing_users["users_to_add"]: - email = models.Email.query.filter_by(email=user["email"]).one_or_none() - users_dict_from_email.append( - { - "username": email.user_id, - "owner": True if user.get("role") == "Project Owner" else False, - } - ) - - case = unittest.TestCase() - case.assertCountEqual(users_dict_from_db, users_dict_from_email) - - -def test_create_project_with_invited_users(client, boto3_session): - """Create project and invite users to the project.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_with_nonexisting_users, - ) - assert response.status_code == http.HTTPStatus.OK - assert response.json and response.json.get("user_addition_statuses") - for x in response.json.get("user_addition_statuses"): - assert "Invitation sent" in x - - -def test_create_project_with_unsuitable_roles(client, boto3_session): - """Create project and add users with unsuitable roles to the project.""" - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_with_unsuitable_user_roles, - ) - assert response.status_code == http.HTTPStatus.OK - assert response.json and response.json.get("user_addition_statuses") - for x in response.json.get("user_addition_statuses"): - assert "User Role should be either 'Project Owner' or 'Researcher'" in x - - -def test_create_project_valid_characters(client, boto3_session): - """Create a project with no unicode.""" - # Project info with valid characters - proj_data_val_chars = proj_data.copy() - proj_data_val_chars["description"] = "A longer project description !#¤%&/()=?¡@£$€¥{[]}\\" - - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_val_chars, - ) - assert response.status_code == http.HTTPStatus.OK - - new_project = ( - db.session.query(models.Project) - .filter(models.Project.description == proj_data_val_chars["description"]) - .first() - ) - assert new_project - - -def test_create_project_invalid_characters(client, boto3_session): - """Create a project with unicode characters.""" - # Project info with invalid characters - proj_data_inval_chars = proj_data.copy() - proj_data_inval_chars["description"] = "A longer project description \U0001F300 \U0001F601" - - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data_inval_chars, - ) - assert response.status_code == http.HTTPStatus.BAD_REQUEST - assert ( - response.json - and response.json.get("description") - and isinstance(response.json.get("description"), list) - ) - assert response.json["description"][0] == "This input is not allowed: \U0001F300\U0001F601" - - new_project = ( - db.session.query(models.Project) - .filter(models.Project.description == proj_data_inval_chars["description"]) - .first() - ) - assert not new_project - - -def test_create_project_sto2(client, boto3_session, capfd): - """Create a project in sto2.""" - # Make sure there are 3 unit admins - create_unit_admins(num_admins=2) - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - # Use sto2 -- all sto4 vars not set --------------------- - unit: models.Unit = models.Unit.query.filter_by(id=1).first() - assert unit - assert not all( - [ - unit.sto4_start_time, - unit.sto4_endpoint, - unit.sto4_name, - unit.sto4_access, - unit.sto4_secret, - ] - ) - - # Create project - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.OK - - # Verify that new project is created - new_project = ( - db.session.query(models.Project) - .filter(models.Project.description == proj_data["description"]) - .first() - ) - assert new_project - - # Verify logging - _, err = capfd.readouterr() - assert f"Safespring location for project '{new_project.public_id}': sto2" in err - - -def test_create_project_sto4(client, boto3_session, capfd): - """Create a project in sto4.""" - # Make sure there are 3 unit admins - create_unit_admins(num_admins=2) - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - # Use sto4 - unit: models.Unit = models.Unit.query.filter_by(id=1).first() - assert unit - unit.sto4_start_time = current_time() - unit.sto4_endpoint = "endpoint" - unit.sto4_name = "name" - unit.sto4_access = "access" - unit.sto4_secret = "secret" - db.session.commit() - assert all( - [ - unit.sto4_start_time, - unit.sto4_endpoint, - unit.sto4_name, - unit.sto4_access, - unit.sto4_secret, - ] - ) - - # Create project - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.OK - - # Verify that new project is created - new_project = ( - db.session.query(models.Project) - .filter(models.Project.description == proj_data["description"]) - .first() - ) - assert new_project - - # Verify logging - _, err = capfd.readouterr() - assert f"Safespring location for project '{new_project.public_id}': sto4" in err - - -def test_create_project_with_credentials(client, boto3_session): - """Create project with correct credentials.""" - # Create unit admins - create_unit_admins(num_admins=2) - - current_unit_admins = models.UnitUser.query.filter_by(unit_id=1, is_admin=True).count() - assert current_unit_admins == 3 - - time_before_run = datetime.datetime.utcnow() - time.sleep(1) - - # Create project - from tests.api.test_project import mock_sqlalchemyerror - - with unittest.mock.patch("dds_web.db.session.add", mock_sqlalchemyerror): - response = client.post( - tests.DDSEndpoint.PROJECT_CREATE, - headers=tests.UserAuth(tests.USER_CREDENTIALS["unituser"]).token(client), - json=proj_data, - ) - assert response.status_code == http.HTTPStatus.INTERNAL_SERVER_ERROR - - created_proj = models.Project.query.filter_by( - created_by="unituser", - title=proj_data["title"], - pi=proj_data["pi"], - description=proj_data["description"], - ).one_or_none() - assert not ( - created_proj - and created_proj.date_created > time_before_run - and not created_proj.non_sensitive - ) From 037b0061133777ef476346c43496f007bd040b73 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 16 Apr 2024 16:31:34 +0200 Subject: [PATCH 07/26] small fixes --- dds_web/api/project.py | 4 ++-- tests/tests_v3/api/test_project.py | 4 +++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/dds_web/api/project.py b/dds_web/api/project.py index 33140a395..108ef3881 100644 --- a/dds_web/api/project.py +++ b/dds_web/api/project.py @@ -62,7 +62,7 @@ def get(self): """Get current project status and optionally entire status history""" if "api/v1" in flask.request.path: # requests comming from api/v1 should be handled as before - return self.old_get(current_user) + return self.old_get() elif "api/v3" in flask.request.path: # Get project ID, project and verify access @@ -86,7 +86,7 @@ def get(self): return return_info - def old_get(self, current_user): + def old_get(self): """Implementation of old get method. Should be removed when api/v1 is removed.""" # Get project ID, project and verify access diff --git a/tests/tests_v3/api/test_project.py b/tests/tests_v3/api/test_project.py index 2efda001b..b5cf1632b 100644 --- a/tests/tests_v3/api/test_project.py +++ b/tests/tests_v3/api/test_project.py @@ -1711,6 +1711,7 @@ def test_set_busy_no_token(module_client): assert "No token" in response.json.get("message") +# This test should be removed due to removing the put method. -> Class ProjectBusy in dds_web/api/project.py def test_set_busy_invalid_version(module_client): """ProjectBusy endpoint is empty and should only return error message about invalid version.""" # Error messages @@ -1732,7 +1733,8 @@ def test_set_busy_invalid_version(module_client): token = tests.UserAuth(tests.USER_CREDENTIALS[username]).token(module_client) for version, error_message in { token["X-CLI-Version"]: busy_error, - "1.9.9": major_version_error, + # Experimental v3 doesnt verify the major version + # "1.9.9": major_version_error, "2.1.9": busy_error, }.items(): token["X-CLI-Version"] = version From 702a348acf2d7e89f138f8a6d59015cc9cd39169 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 10:29:08 +0200 Subject: [PATCH 08/26] sprintlog --- SPRINTLOG.md | 4 ++++ dds_web/static/swaggerv3.yaml | 1 - 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index 6dbd3bb4a..56b78f088 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -393,3 +393,7 @@ _Nothing merged in CLI during this sprint_ - Fix raising error when archiving project, bucket deleted but DB error ([#1524](https://github.com/ScilifelabDataCentre/dds_web/pull/1524)) - Increase the identified less covered files([#1521](https://github.com/ScilifelabDataCentre/dds_web/pull/1521)) - Parse boolean inputs correctly ([#1528](https://github.com/ScilifelabDataCentre/dds_web/pull/1528)) + +# 2024-06-03 - 2024-06-14 + +- Fix the project endpoints according to the OpenAPI standard ([#1527](https://github.com/ScilifelabDataCentre/dds_web/pull/1527)) diff --git a/dds_web/static/swaggerv3.yaml b/dds_web/static/swaggerv3.yaml index d9a2afb69..c492b2a94 100644 --- a/dds_web/static/swaggerv3.yaml +++ b/dds_web/static/swaggerv3.yaml @@ -1656,7 +1656,6 @@ components: type: string required: true description: project id to query - description: Project id to query email: name: email in: query From e00abbe60c0278845c6ddb92fe89da3af08a8bf4 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 11:24:26 +0200 Subject: [PATCH 09/26] Added new endpoints --- dds_web/api/superadmin_only.py | 52 ++++++++++++++++++++++++++++++++-- dds_web/static/swaggerv3.yaml | 19 +++++-------- 2 files changed, 56 insertions(+), 15 deletions(-) diff --git a/dds_web/api/superadmin_only.py b/dds_web/api/superadmin_only.py index 3c73305f1..91816088f 100644 --- a/dds_web/api/superadmin_only.py +++ b/dds_web/api/superadmin_only.py @@ -10,6 +10,7 @@ # Installed import flask_restful +from flask_restful import inputs import flask import structlog import flask_mail @@ -204,11 +205,31 @@ class FindUser(flask_restful.Resource): @auth.login_required(role=["Super Admin"]) @logging_bind_request - @json_required @handle_db_error def get(self): - """Return users or a confirmation on if one exists.""" - # Get request info + if "api/v1" in flask.request.path: + # requests comming from api/v1 should be handled as before + return self.old_get() + + elif "api/v3" in flask.request.path: + """Return users or a confirmation on if one exists.""" + + # Get username from request + user_to_find = flask.request.args.get("username") + if not user_to_find: + raise ddserr.DDSArgumentError( + message="Username required to check existence of account." + ) + + return { + "exists": models.User.query.filter_by(username=user_to_find).one_or_none() + is not None + } + + @json_required + def old_get(self): + """Implementation of old get method. Should be removed when api/v1 is removed.""" # Get request info + request_json = flask.request.get_json(silent=True) # Verified by json_required # Get username from request @@ -303,6 +324,31 @@ class AnyProjectsBusy(flask_restful.Resource): @handle_db_error def get(self): """Check if any projects are busy.""" + if "api/v1" in flask.request.path: + # requests comming from api/v1 should be handled as before + return self.old_get() + + elif "api/v3" in flask.request.path: + # Get busy projects + projects_busy: typing.List = models.Project.query.filter_by(busy=True).all() + num_busy: int = len(projects_busy) + + # Set info to always return nu + return_info: typing.Dict = {"num": num_busy} + + # Return 0 if none are busy + if num_busy == 0: + return return_info + + # Check if user listing busy projects + if flask.request.args("list", type=inputs.boolean, default=False) is True: + return_info.update( + {"projects": {p.public_id: p.date_updated for p in projects_busy}} + ) + + return return_info + + def old_get(): # Get busy projects projects_busy: typing.List = models.Project.query.filter_by(busy=True).all() num_busy: int = len(projects_busy) diff --git a/dds_web/static/swaggerv3.yaml b/dds_web/static/swaggerv3.yaml index afa599359..534611ba9 100644 --- a/dds_web/static/swaggerv3.yaml +++ b/dds_web/static/swaggerv3.yaml @@ -1418,15 +1418,15 @@ paths: get: tags: - superadmin - summary: Get all users or check if there is a specific user in the database CHECK METHOD - description: This method requires the data - to be passed in the request body instead of the query. - Since this does not comply with the openAPI standards, swagger cannot document it properly, - therefore we need to change/remove it in the future. - deprecated: true + summary: Check if a specific user exists in the system. The username must be passed operationId: findUser parameters: - $ref: "#/components/parameters/defaultHeader" + - in: query + name: username + schema: + type: string + description: username to check responses: "401": $ref: "#/components/responses/UnauthorizedToken" @@ -1483,12 +1483,7 @@ paths: get: tags: - superadmin - summary: Check if any project are busy CHECK METHOD - description: This method requires the data - to be passed in the request body instead of the query. - Since this does not comply with the openAPI standards, swagger cannot document it properly, - therefore we need to change/remove it in the future. - deprecated: true + summary: Check if any project are busy. Returns the number of busy projects and can list them if requested. operationId: anyProjectBusy parameters: - $ref: "#/components/parameters/defaultHeader" From 9aec3f468b4dcae306102c5a54247ce6303173bb Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 11:50:34 +0200 Subject: [PATCH 10/26] added tests --- tests/tests_v3/api/__init.py__ | 0 tests/tests_v3/api/test_superadmin_only.py | 1007 ++++++++++++++++++++ 2 files changed, 1007 insertions(+) create mode 100644 tests/tests_v3/api/__init.py__ create mode 100644 tests/tests_v3/api/test_superadmin_only.py diff --git a/tests/tests_v3/api/__init.py__ b/tests/tests_v3/api/__init.py__ new file mode 100644 index 000000000..e69de29bb diff --git a/tests/tests_v3/api/test_superadmin_only.py b/tests/tests_v3/api/test_superadmin_only.py new file mode 100644 index 000000000..0a2ad8fa1 --- /dev/null +++ b/tests/tests_v3/api/test_superadmin_only.py @@ -0,0 +1,1007 @@ +#################################################################################################### +# IMPORTS ################################################################################ IMPORTS # +#################################################################################################### + +# Standard library +import http +import time +import typing +import unittest +from datetime import datetime, timedelta +from unittest import mock +from unittest.mock import patch +from unittest.mock import PropertyMock + +# Installed +import flask +import werkzeug +import flask_mail +import freezegun +import click + +# Own +from dds_web import db, mail +from dds_web.database import models +import tests +from dds_web.commands import collect_stats + +#################################################################################################### +# CONFIG ################################################################################## CONFIG # +#################################################################################################### + +users: typing.Dict = { + "Researcher": "researchuser", + "Unit Personnel": "unituser", + "Unit Admin": "unitadmin", + "Super Admin": "superadmin", +} + +#################################################################################################### +# TESTS #################################################################################### TESTS # +#################################################################################################### + + +# Tools ############################################################################################ +def get_token(username: str, client: flask.testing.FlaskClient) -> typing.Dict: + return tests.UserAuth(tests.USER_CREDENTIALS[username]).token(client) + + +# AllUnits ######################################################################################### + + +def test_list_units_as_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Only Super Admin can list users.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.LIST_UNITS_ALL, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_list_units_as_super_admin(client: flask.testing.FlaskClient) -> None: + """List units as Super Admin.""" + all_units: typing.List = models.Unit.query.all() + + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.LIST_UNITS_ALL, headers=token + ) + assert response.status_code == http.HTTPStatus.OK + + keys: typing.List = response.json.get("keys") + units: typing.List = response.json.get("units") + assert keys and units + + assert keys == [ + "Name", + "Public ID", + "External Display Name", + "Days In Available", + "Days In Expired", + "Safespring Endpoint", + "Contact Email", + "Size", + ] + assert len(all_units) == len(units) + + for unit in all_units: + expected: typing.Dict = { + "Name": unit.name, + "Public ID": unit.public_id, + "External Display Name": unit.external_display_name, + "Contact Email": unit.contact_email, + "Safespring Endpoint": unit.sto2_endpoint, + "Days In Available": unit.days_in_available, + "Days In Expired": unit.days_in_expired, + "Size": unit.size, + } + + correct_size: int = 0 + for project in unit.projects: + for file in project.files: + correct_size += file.size_stored + assert correct_size == unit.size + assert expected in units + + +# MOTD ############################################################################################# + + +def test_create_motd_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Create a new message of the day, using everything but Super Admin access.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_create_motd_as_superadmin_no_json(client: flask.testing.FlaskClient) -> None: + """Create a new message of the day, using a Super Admin account, but without any json.""" + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.post(tests.DDSEndpoint.MOTD, headers=token) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing from request!" in response.json.get("message") + + +def test_create_motd_as_superadmin_no_message(client: flask.testing.FlaskClient) -> None: + """Create a new message of the day, using a Super Admin account, but without any message.""" + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token, json={"test": "test"} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "No MOTD specified." in response.json.get("message") + + +def test_create_motd_as_superadmin_empty_message(client: flask.testing.FlaskClient) -> None: + """Create a new message of the day, using a Super Admin account, but with empty message.""" + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token, json={"message": ""} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "No MOTD specified." in response.json.get("message") + + +def test_create_motd_as_superadmin_success(client: flask.testing.FlaskClient) -> None: + """Create a new message of the day, using a Super Admin account.""" + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token, json={"message": "test"} + ) + assert response.status_code == http.HTTPStatus.OK + assert "The MOTD was successfully added to the database." in response.json.get("message") + + assert models.MOTD.query.filter_by(message="test") + + +def test_get_motd_no_message(client: flask.testing.FlaskClient) -> None: + """Get latest MOTD from database.""" + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.MOTD, headers=tests.DEFAULT_HEADER + ) + assert response.status_code == http.HTTPStatus.OK + assert "There are no active MOTDs." in response.json.get("message") + + +def test_get_motd(client: flask.testing.FlaskClient) -> None: + """Get latest MOTD from database.""" + # Create first message + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token, json={"message": "test"} + ) + assert response.status_code == http.HTTPStatus.OK + assert models.MOTD.query.filter_by(message="test") + + # Get first message + response1: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.MOTD, headers=tests.DEFAULT_HEADER + ) + assert response1.status_code == http.HTTPStatus.OK + assert isinstance(response1.json.get("motds"), list) + assert "test" in response1.json.get("motds")[0]["Message"] + + time.sleep(5) + + # Create new message + response2: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD, headers=token, json={"message": "something else"} + ) + assert response2.status_code == http.HTTPStatus.OK + assert models.MOTD.query.filter_by(message="something else") + + # Check that new message is displayed + response3: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.MOTD, headers=tests.DEFAULT_HEADER + ) + assert response3.status_code == http.HTTPStatus.OK + assert "something else" in response3.json.get("motds")[1]["Message"] + + # Deactivate message + response4: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MOTD, headers=token, json={"motd_id": 1} + ) + assert response4.status_code == http.HTTPStatus.OK + assert "The MOTD was successfully deactivated in the database." in response4.json.get("message") + + # Deactivate message that is not active + response5: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MOTD, headers=token, json={"motd_id": 1} + ) + assert response5.status_code == http.HTTPStatus.BAD_REQUEST + assert "MOTD with id 1 is not active." in response5.json.get("message") + + +def test_deactivate_motd_no_json(client: flask.testing.FlaskClient) -> None: + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.put(tests.DDSEndpoint.MOTD, headers=token) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing from request!" in response.json.get("message") + + +def test_deactivate_motd_no_motd_id(client: flask.testing.FlaskClient) -> None: + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MOTD, headers=token, json={"test": "test"} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "No MOTD for deactivation specified." in response.json.get("message") + + +def test_deactivate_motd_no_such_motd(client: flask.testing.FlaskClient) -> None: + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MOTD, headers=token, json={"motd_id": 8} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "MOTD with id 8 does not exist in the database" in response.json.get("message") + + +def test_deactivate_motd_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Deactivate a message of the day, using everything but Super Admin access.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MOTD, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +# FindUser ######################################################################################### + + +def test_find_user_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Try finding a specific user without being Super Admin.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_FIND, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_find_user_no_username(client: flask.testing.FlaskClient) -> None: + """Find specific user with empty username.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Get user + for x in ["", None]: + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_FIND, headers=token, query_string={"username": ""} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Username required to check existence of account." in response.json.get("message") + + +def test_find_user_non_existent(client: flask.testing.FlaskClient) -> None: + """Try to find non existent user.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Non existent user + username: str = "nonexistentuser" + assert not models.User.query.filter_by(username=username).first() + + # Get user + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_FIND, headers=token, query_string={"username": username} + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("exists") is False + + +def test_find_user(client: flask.testing.FlaskClient) -> None: + """Find existing user.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Non existent user + user_row: models.User = models.User.query.first() + assert user_row + + # Get user + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_FIND, headers=token, query_string={"username": user_row.username} + ) + assert response.status_code == http.HTTPStatus.OK + assert response.json and response.json.get("exists") is True + + +# ResetTwoFactor ################################################################################### + + +def test_reset_hotp_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Try resetting a users HOTP without being Super Admin.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_reset_hotp_no_json(client: flask.testing.FlaskClient) -> None: + """Try reseting user HOTP without specifying the user.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Deactivate TOTP + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing from request!" in response.json.get("message") + + +def test_reset_hotp_no_username(client: flask.testing.FlaskClient) -> None: + """Reset users HOTP with empty username.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Deactivate TOTP + for x in ["", None]: + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token, json={"username": x} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Username required to reset 2FA to HOTP" in response.json.get("message") + + +def test_reset_hotp_non_existent_user(client: flask.testing.FlaskClient) -> None: + """Try to reset HOTP for non existent user.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Non existent user + username: str = "nonexistentuser" + assert not models.User.query.filter_by(username=username).first() + + # Deactivate TOTP + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token, json={"username": username} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert f"The user doesn't exist: {username}" in response.json.get("message") + + +def test_reset_hotp_already_set(client: flask.testing.FlaskClient) -> None: + """Reset hotp when already set.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Existent user + user_row: models.User = models.User.query.first() + assert user_row + assert not user_row.totp_enabled + + # Deactivate TOTP + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token, json={"username": user_row.username} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "TOTP is already deactivated for this user" in response.json.get("message") + + +def test_reset_hotp(client: flask.testing.FlaskClient) -> None: + """Reset HOTP.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Existent user + user_row: models.User = models.User.query.first() + assert user_row + user_row.activate_totp() + assert user_row.totp_enabled + + # Deactivate TOTP + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.TOTP_DEACTIVATE, headers=token, json={"username": user_row.username} + ) + assert response.status_code == http.HTTPStatus.OK + assert ( + f"TOTP has been deactivated for user: {user_row.username}. They can now use 2FA via email during authentication." + in response.json.get("message") + ) + + user_row_again: models.User = models.User.query.filter_by(username=user_row.username).first() + assert user_row_again and not user_row_again.totp_enabled + + +# SendMOTD ######################################################################################### + + +def test_send_motd_incorrect_method(client: flask.testing.FlaskClient) -> None: + """Only post should be accepted.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + for method in [client.get, client.put, client.delete, client.patch]: + response: werkzeug.test.WrapperTestResponse = method( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": "something"} + ) + assert response.status_code == http.HTTPStatus.METHOD_NOT_ALLOWED + assert mock_mail_send.call_count == 0 + + +def test_send_motd_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Only Super Admins should be able to send the motds.""" + for role in ["Unit Admin", "Unit Personnel", "Researcher"]: + # Authenticate + token: typing.Dict = get_token(username=users[role], client=client) + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": "something"} + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + assert mock_mail_send.call_count == 0 + + +def test_send_motd_no_json(client: flask.testing.FlaskClient) -> None: + """The request needs json in order to send a motd.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing from request" in response.json.get("message") + assert mock_mail_send.call_count == 0 + + +def test_send_motd_no_motdid(client: flask.testing.FlaskClient) -> None: + """The json should have motd_id.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"test": "something"} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Please specify the ID of the MOTD you want to send." in response.json.get("message") + assert mock_mail_send.call_count == 0 + + +def test_send_motd_nonexistent_motd(client: flask.testing.FlaskClient) -> None: + """The motd_id needs to be a valid motd.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Specify motd to send + motd_id: int = 10 + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": motd_id} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert f"There is no active MOTD with ID '{motd_id}'" in response.json.get("message") + assert mock_mail_send.call_count == 0 + + +def test_send_motd_not_active(client: flask.testing.FlaskClient) -> None: + """Attempt sending a motd which is not active.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Create a motd + message: str = "This is a message that should become a MOTD and then be sent to all the users." + new_motd: models.MOTD = models.MOTD(message=message, active=False) + db.session.add(new_motd) + db.session.commit() + + # Make sure the motd is created + created_motd: models.MOTD = models.MOTD.query.filter_by(message=message).one_or_none() + assert created_motd and not created_motd.active + + # Attempt request + with unittest.mock.patch.object(flask_mail.Connection, "send") as mock_mail_send: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": created_motd.id} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert f"There is no active MOTD with ID '{created_motd.id}'" in response.json.get( + "message" + ) + assert mock_mail_send.call_count == 0 + + +def test_send_motd_no_primary_email(client: flask.testing.FlaskClient) -> None: + """Send a motd to all users.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Create a motd + message: str = "This is a message that should become a MOTD and then be sent to all the users." + new_motd: models.MOTD = models.MOTD(message=message) + db.session.add(new_motd) + db.session.commit() + + # Make sure the motd is created + created_motd: models.MOTD = models.MOTD.query.filter_by(message=message).one_or_none() + assert created_motd + + # Get number of users + num_users: int = models.User.query.count() + + # Remove primary_email for one user + primary_email: models.Email = models.Email.query.first() + email: str = primary_email.email + username: str = primary_email.user.username + db.session.delete(primary_email) + db.session.commit() + + # Make sure email is removed + assert not models.Email.query.filter_by(email=email).one_or_none() + assert not models.User.query.filter_by(username=username).one().primary_email + + # Attempt request and catch email + with mail.record_messages() as outbox: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": created_motd.id} + ) + assert response.status_code == http.HTTPStatus.OK + assert len(outbox) == num_users - 1 + assert "Important Information: Data Delivery System" in outbox[-1].subject + assert "incorrect subject" not in outbox[-1].subject + + +def test_send_motd_ok(client: flask.testing.FlaskClient) -> None: + """Send a motd to all users.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Create a motd + message: str = "This is a message that should become a MOTD and then be sent to all the users." + new_motd: models.MOTD = models.MOTD(message=message) + db.session.add(new_motd) + db.session.commit() + + # Make sure the motd is created + created_motd: models.MOTD = models.MOTD.query.filter_by(message=message).one_or_none() + assert created_motd + + # Get number of users + num_users = models.User.query.count() + + # Attempt request and catch email + with mail.record_messages() as outbox: + response: werkzeug.test.WrapperTestResponse = client.post( + tests.DDSEndpoint.MOTD_SEND, headers=token, json={"motd_id": created_motd.id} + ) + assert response.status_code == http.HTTPStatus.OK + assert len(outbox) == num_users + assert "Important Information: Data Delivery System" in outbox[-1].subject + + +# Maintenance ###################################################################################### + + +def test_set_maintenance_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Change Maintenance mode using everything but Super Admin access.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MAINTENANCE, headers=token, json={"state": "on"} + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_get_maintenance_status_not_superadmin(client: flask.testing.FlaskClient) -> None: + """Check Maintenance mode status using everything but Super Admin access.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.MAINTENANCE, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_maintenance_command_incorrect_method(client: flask.testing.FlaskClient) -> None: + """Only put and get should be accepted.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + for method in [client.post, client.delete, client.patch]: + response: werkzeug.test.WrapperTestResponse = method( + tests.DDSEndpoint.MAINTENANCE, headers=token, json={"state": "on"} + ) + assert response.status_code == http.HTTPStatus.METHOD_NOT_ALLOWED + + +def test_set_maintenance_no_json(client: flask.testing.FlaskClient) -> None: + """The request needs json in order to change Maintenance mode.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + response: werkzeug.test.TestResponse = client.put(tests.DDSEndpoint.MAINTENANCE, headers=token) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Required data missing from request" in response.json.get("message") + + +def test_get_maintenance_status_no_json_required(client: flask.testing.FlaskClient) -> None: + """No json needed in order to get the current Maintenance mode.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Attempt request + response: werkzeug.test.TestResponse = client.get(tests.DDSEndpoint.MAINTENANCE, headers=token) + assert response.status_code == http.HTTPStatus.OK + assert "Maintenance mode is set to:" in response.json.get("message") + + +def test_set_maintenance_incorrect_state(client: flask.testing.FlaskClient) -> None: + """The json should be 'on' or 'off'.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # create record in Maintenance + current_mode: models.Maintenance = models.Maintenance(active=False) + db.session.add(current_mode) + db.session.commit() + # Attempt request + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MAINTENANCE, headers=token, json={"state": "something"} + ) + assert response.status_code == http.HTTPStatus.BAD_REQUEST + assert "Please, specify the correct argument: on or off" in response.json.get("message") + + +def test_set_maintenance_on_ok(client: flask.testing.FlaskClient) -> None: + """Set Maintenance mode to 'on'.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + setting = "on" + + # create record in Maintenance + current_mode: models.Maintenance = models.Maintenance(active=False) + db.session.add(current_mode) + db.session.commit() + + # Verify that maintenance is off + assert models.Maintenance.query.first().active is False + + # Attempt request + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MAINTENANCE, headers=token, json={"state": setting} + ) + assert response.status_code == http.HTTPStatus.OK + assert f"Maintenance set to: {setting.upper()}" in response.json.get("message") + + # Verify that maintenance is set to ON using the get method + response: werkzeug.test.TestResponse = client.get(tests.DDSEndpoint.MAINTENANCE, headers=token) + assert response.status_code == http.HTTPStatus.OK + assert f"Maintenance mode is set to: {setting.upper()}" in response.json.get("message") + + +def test_set_maintenance_off_ok(client: flask.testing.FlaskClient) -> None: + """Set Maintenance mode to 'off'.""" + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + setting = "off" + + # create record in Maintenance + current_mode: models.Maintenance = models.Maintenance.query.first() + current_mode.active = True + db.session.commit() + + # Verify that maintenance is on + assert models.Maintenance.query.first().active + + # Attempt request + response: werkzeug.test.WrapperTestResponse = client.put( + tests.DDSEndpoint.MAINTENANCE, headers=token, json={"state": setting} + ) + assert response.status_code == http.HTTPStatus.OK + assert f"Maintenance set to: {setting.upper()}" in response.json.get("message") + + # Verify that maintenance is set to OFF using the get method + response: werkzeug.test.TestResponse = client.get(tests.DDSEndpoint.MAINTENANCE, headers=token) + assert response.status_code == http.HTTPStatus.OK + assert f"Maintenance mode is set to: {setting.upper()}" in response.json.get("message") + + +# AnyProjectsBusy + +# -- get + + +def test_anyprojectsbusy_no_token(client: flask.testing.FlaskClient) -> None: + """Token required to check if projects are busy.""" + response = client.get(tests.DDSEndpoint.PROJECT_BUSY_ANY, headers=tests.DEFAULT_HEADER) + assert response.status_code == http.HTTPStatus.UNAUTHORIZED + assert response.json.get("message") + assert "No token" in response.json.get("message") + + +def test_anyprojectsbusy_not_allowed(client: flask.testing.FlaskClient) -> None: + """Only super admins allowed.""" + for role in ["researcher", "unituser", "unitadmin"]: + token = tests.UserAuth(tests.USER_CREDENTIALS[role]).token(client) + response = client.get( + tests.DDSEndpoint.PROJECT_BUSY_ANY, + headers=token, + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_anyprojectsbusy_true(client: flask.testing.FlaskClient) -> None: + """There are busy projects.""" + # Get a project and set to busy + project: models.Project = models.Project.query.first() + project.busy = True + db.session.commit() + busy_count: int = models.Project.query.filter_by(busy=True).count() + assert busy_count > 0 + + # Call endpoint + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get( + tests.DDSEndpoint.PROJECT_BUSY_ANY, + headers=token, + ) + assert response.status_code == http.HTTPStatus.OK + + # Check response + num: int = response.json.get("num") + assert num == busy_count + + +def test_anyprojectsbusy_false(client: flask.testing.FlaskClient) -> None: + """There are busy projects.""" + # Set all projects to not busy + for project in models.Project.query.all(): + project.busy = False + db.session.commit() + busy_count: int = models.Project.query.filter_by(busy=True).count() + assert busy_count == 0 + + # Call endpoint + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get( + tests.DDSEndpoint.PROJECT_BUSY_ANY, + headers=token, + ) + assert response.status_code == http.HTTPStatus.OK + + # Check response + num: int = response.json.get("num") + assert num == 0 + + +def test_anyprojectsbusy_true_list(client: flask.testing.FlaskClient) -> None: + """There are busy projects, list them.""" + wanted_return_info: typing.Dict = {} + + # Get all projects and set to busy + all_projects: typing.List = models.Project.query.all() + for project in all_projects: + project.busy = True + wanted_return_info[project.public_id] = project.date_updated + db.session.commit() + busy_count: int = models.Project.query.filter_by(busy=True).count() + assert busy_count == len(all_projects) + + # Call endpoint + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get( + tests.DDSEndpoint.PROJECT_BUSY_ANY, headers=token, query_string={"list": True} + ) + assert response.status_code == http.HTTPStatus.OK + + # Check response + num: int = response.json.get("num") + assert num == len(all_projects) + projects_returned: typing.Dict = response.json.get("projects") + for p in wanted_return_info: + assert p in projects_returned + + +def test_anyprojectsbusy_false_list(client: flask.testing.FlaskClient) -> None: + """There are busy projects.""" + # Get all projects and set to not busy + all_projects: typing.List = models.Project.query.all() + for project in all_projects: + project.busy = False + db.session.commit() + busy_count: int = models.Project.query.filter_by(busy=True).count() + assert busy_count == 0 + + # Call endpoint + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get( + tests.DDSEndpoint.PROJECT_BUSY_ANY, headers=token, query_string={"list": True} + ) + assert response.status_code == http.HTTPStatus.OK + + # Check response + num: int = response.json.get("num") + assert num == 0 + projects_returned: typing.Dict = response.json.get("projects") + assert projects_returned is None + + +def test_statistics_no_access(client: flask.testing.FlaskClient) -> None: + """Verify that users that are not Super Admins cannot use this endpoint.""" + # Verify no access for researchers and unit users + for user in ["researcher", "unituser", "unitadmin"]: + token = tests.UserAuth(tests.USER_CREDENTIALS[user]).token(client) + response = client.get(tests.DDSEndpoint.STATS, headers=token) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_statistics_return_none(client: flask.testing.FlaskClient) -> None: + """There are no rows in the Reporting table.""" + # Check that there are no rows + assert not models.Reporting.query.count() + + # Get all rows from API + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get(tests.DDSEndpoint.STATS, headers=token) + assert response.status_code == http.HTTPStatus.OK + + # Check response + returned: typing.Dict = response.json.get("stats") + assert returned == [] + + +def test_statistics_return_rows(client: flask.testing.FlaskClient, cli_runner) -> None: + """Verify list returned when there are rows in reporting table.""" + + def add_row_to_reporting_table(time): + """Run command to add a new row to the reporting table.""" + with freezegun.freeze_time(time): + # Run scheduled job now + with mock.patch.object(flask_mail.Mail, "send") as mock_mail_send: + result: click.testing.Result = cli_runner.invoke(collect_stats) + assert not result.exception, "Raised an unwanted exception." + assert mock_mail_send.call_count == 0 + + # Generate row in reporting table + time_1 = datetime(year=2022, month=12, day=10, hour=10, minute=54, second=10) + add_row_to_reporting_table(time=time_1) + + # Verify that there's a row added + assert models.Reporting.query.count() == 1 + + # Get all rows from API + token = tests.UserAuth(tests.USER_CREDENTIALS["superadmin"]).token(client) + response = client.get(tests.DDSEndpoint.STATS, headers=token) + assert response.status_code == http.HTTPStatus.OK + + # Check response + returned: typing.Dict = response.json.get("stats") + assert len(returned) == 1 + reporting_row = models.Reporting.query.first() + assert returned[0] == { + "Date": str(reporting_row.date.date()), + "Units": reporting_row.unit_count, + "Researchers": reporting_row.researcher_count, + "Project Owners": reporting_row.project_owner_unique_count, + "Unit Personnel": reporting_row.unit_personnel_count, + "Unit Admins": reporting_row.unit_admin_count, + "Super Admins": reporting_row.superadmin_count, + "Total Users": reporting_row.total_user_count, + "Total Projects": reporting_row.total_project_count, + "Active Projects": reporting_row.active_project_count, + "Inactive Projects": reporting_row.inactive_project_count, + "Data Now (TB)": reporting_row.tb_stored_now, + "Data Uploaded (TB)": reporting_row.tb_uploaded_since_start, + "TBHours Last Month": reporting_row.tbhours, + "TBHours Total": reporting_row.tbhours_since_start, + } + returned_columns: typing.Dict = response.json.get("columns") + assert returned_columns + + +# UnitUserEmails + + +def test_unituseremails_accessdenied(client: flask.testing.FlaskClient) -> None: + """Only Super Admins can get the emails.""" + no_access_users: typing.Dict = users.copy() + no_access_users.pop("Super Admin") + + for u in no_access_users: + token: typing.Dict = get_token(username=users[u], client=client) + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_EMAILS, headers=token + ) + assert response.status_code == http.HTTPStatus.FORBIDDEN + + +def test_unituseremails_no_emails(client: flask.testing.FlaskClient) -> None: + """Empty should be returned if no emails.""" + # No users returned from query + with patch("dds_web.database.models.UnitUser.query") as mock_users: + mock_users.return_value = [] + + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Call endpoint + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_EMAILS, headers=token + ) + assert response.status_code == http.HTTPStatus.OK + + # Verify response + assert response.json and response.json.get("empty") == True + + +def test_unituseremails_ok(client: flask.testing.FlaskClient) -> None: + """Return user emails for unit users only.""" + # Emails that should be returned + unituser_emails = [user.primary_email for user in models.UnitUser.query.all()] + + # Emails that should not be returned + researcher_emails = [user.primary_email for user in models.ResearchUser.query.all()] + superadmin_emails = [user.primary_email for user in models.SuperAdmin.query.all()] + non_primary_emails = [ + email.email for email in models.Email.query.filter_by(primary=False).all() + ] + + # Authenticate + token: typing.Dict = get_token(username=users["Super Admin"], client=client) + + # Call endpoint + response: werkzeug.test.WrapperTestResponse = client.get( + tests.DDSEndpoint.USER_EMAILS, headers=token + ) + assert response.status_code == http.HTTPStatus.OK + + # Verify response ------------------------------- + + # There should be a json response + json_response = response.json + assert json_response + + # There should be emails in response + emails = json_response.get("emails") + assert emails + + # The list of emails should contain all unit user primary emails + assert len(emails) == len(unituser_emails) + for e in unituser_emails: + assert e in emails + + # The list of should not contain any of the other emails + for e in researcher_emails + superadmin_emails + non_primary_emails: + assert e not in emails From ad758fd20f488ce2db57e6dbd66e6529af834be3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Revuelta?= <46089290+rv0lt@users.noreply.github.com> Date: Mon, 10 Jun 2024 12:30:16 +0200 Subject: [PATCH 11/26] Fix init file --- tests/tests_v3/api/__init.py__ | 0 tests/tests_v3/api/__init__.py | 1 + 2 files changed, 1 insertion(+) delete mode 100644 tests/tests_v3/api/__init.py__ create mode 100644 tests/tests_v3/api/__init__.py diff --git a/tests/tests_v3/api/__init.py__ b/tests/tests_v3/api/__init.py__ deleted file mode 100644 index e69de29bb..000000000 diff --git a/tests/tests_v3/api/__init__.py b/tests/tests_v3/api/__init__.py new file mode 100644 index 000000000..d3f5a12fa --- /dev/null +++ b/tests/tests_v3/api/__init__.py @@ -0,0 +1 @@ + From 588d58520c5bf6c0c7f05bdb80f2404898559afb Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 13:03:47 +0200 Subject: [PATCH 12/26] fixed old get --- dds_web/api/superadmin_only.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/api/superadmin_only.py b/dds_web/api/superadmin_only.py index 91816088f..1931f601b 100644 --- a/dds_web/api/superadmin_only.py +++ b/dds_web/api/superadmin_only.py @@ -348,7 +348,7 @@ def get(self): return return_info - def old_get(): + def old_get(self): # Get busy projects projects_busy: typing.List = models.Project.query.filter_by(busy=True).all() num_busy: int = len(projects_busy) From b1c27799ea78caa8bbb5b66b888a1a6249b93915 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 13:41:46 +0200 Subject: [PATCH 13/26] correct import of modules --- tests/tests_v3/api/test_superadmin_only.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/tests_v3/api/test_superadmin_only.py b/tests/tests_v3/api/test_superadmin_only.py index 0a2ad8fa1..b70658819 100644 --- a/tests/tests_v3/api/test_superadmin_only.py +++ b/tests/tests_v3/api/test_superadmin_only.py @@ -22,7 +22,7 @@ # Own from dds_web import db, mail from dds_web.database import models -import tests +import tests.tests_v3 as tests from dds_web.commands import collect_stats #################################################################################################### From caf971a7c0dea3721d9dd001e062e75885cb2436 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 10 Jun 2024 14:14:09 +0200 Subject: [PATCH 14/26] Correct syntax --- dds_web/api/superadmin_only.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/api/superadmin_only.py b/dds_web/api/superadmin_only.py index 1931f601b..373eb5589 100644 --- a/dds_web/api/superadmin_only.py +++ b/dds_web/api/superadmin_only.py @@ -341,7 +341,7 @@ def get(self): return return_info # Check if user listing busy projects - if flask.request.args("list", type=inputs.boolean, default=False) is True: + if flask.request.args.get("list", type=inputs.boolean, default=False): return_info.update( {"projects": {p.public_id: p.date_updated for p in projects_busy}} ) From ee887782f9a3e1241542e12ca90ee208c90edef3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Revuelta?= <46089290+rv0lt@users.noreply.github.com> Date: Wed, 12 Jun 2024 16:56:02 +0200 Subject: [PATCH 15/26] Update dds_web/api/superadmin_only.py Co-authored-by: Valentin Georgiev --- dds_web/api/superadmin_only.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/api/superadmin_only.py b/dds_web/api/superadmin_only.py index 373eb5589..6afc9b7e1 100644 --- a/dds_web/api/superadmin_only.py +++ b/dds_web/api/superadmin_only.py @@ -212,7 +212,7 @@ def get(self): return self.old_get() elif "api/v3" in flask.request.path: - """Return users or a confirmation on if one exists.""" + """Return all users or confirmation whether a specific user is in the database.""" # Get username from request user_to_find = flask.request.args.get("username") From a7375ed0b4c0919aec75325095ce087dd0ed3189 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Thu, 13 Jun 2024 13:14:21 +0200 Subject: [PATCH 16/26] sprintlog --- SPRINTLOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index 56b78f088..00d0a729a 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -397,3 +397,4 @@ _Nothing merged in CLI during this sprint_ # 2024-06-03 - 2024-06-14 - Fix the project endpoints according to the OpenAPI standard ([#1527](https://github.com/ScilifelabDataCentre/dds_web/pull/1527)) +- Fix the Superadmin endpoints according to the OpenAPI standard ([#1533](https://github.com/ScilifelabDataCentre/dds_web/pull/1533)) From ff7176d289765ada5d21ec80b3e8a67f335e2408 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 18 Jun 2024 11:38:06 +0200 Subject: [PATCH 17/26] update library to address cve --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 6b64c20aa..0e152c762 100644 --- a/requirements.txt +++ b/requirements.txt @@ -45,7 +45,7 @@ marshmallow-sqlalchemy==0.27.0 packaging==21.3 Pillow==10.2.0 # required by qrcode pycparser==2.21 -PyMySQL==1.0.2 +PyMySQL==1.1.1 PyNaCl==1.5.0 pyparsing==3.0.7 python-dateutil==2.8.2 From c2b5bf3c35a76abb38cec2d2a5e7b5faa2a3683f Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 18 Jun 2024 11:40:54 +0200 Subject: [PATCH 18/26] sprintlog --- SPRINTLOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index 00d0a729a..e65eb51fc 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -398,3 +398,7 @@ _Nothing merged in CLI during this sprint_ - Fix the project endpoints according to the OpenAPI standard ([#1527](https://github.com/ScilifelabDataCentre/dds_web/pull/1527)) - Fix the Superadmin endpoints according to the OpenAPI standard ([#1533](https://github.com/ScilifelabDataCentre/dds_web/pull/1533)) + +# 2024-06-17 - 2024-06-28 + +- Update pymysql to address cve ([#1534](https://github.com/ScilifelabDataCentre/dds_web/pull/1534)) From 4970331761dedd2266f5f43f9962701266059618 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 18 Jun 2024 12:25:37 +0200 Subject: [PATCH 19/26] Updqte authlib library to address cve --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 6b64c20aa..a7a2c6dd1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ aniso8601==9.0.1 APScheduler==3.9.1 argon2-cffi==21.3.0 argon2-cffi-bindings==21.2.0 -Authlib==0.15.5 +Authlib==1.3.1 blinker==1.4 boto3==1.20.47 botocore==1.23.47 From cd8765d83bde4d301d2f333859c54a32da117b10 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Tue, 18 Jun 2024 12:31:25 +0200 Subject: [PATCH 20/26] sprintlog --- SPRINTLOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index 00d0a729a..35d011224 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -398,3 +398,7 @@ _Nothing merged in CLI during this sprint_ - Fix the project endpoints according to the OpenAPI standard ([#1527](https://github.com/ScilifelabDataCentre/dds_web/pull/1527)) - Fix the Superadmin endpoints according to the OpenAPI standard ([#1533](https://github.com/ScilifelabDataCentre/dds_web/pull/1533)) + +# 2024-06-17 - 2024-06-28 + +- Update authlib to address cve ([#1535](https://github.com/ScilifelabDataCentre/dds_web/pull/1535)) From 93985e443ab715c15517243db433fd1c3f9d58a7 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Wed, 19 Jun 2024 10:29:46 +0200 Subject: [PATCH 21/26] fix imported of algorithm --- dds_web/security/project_user_keys.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/dds_web/security/project_user_keys.py b/dds_web/security/project_user_keys.py index 8c27afb7a..ded8f0b4e 100644 --- a/dds_web/security/project_user_keys.py +++ b/dds_web/security/project_user_keys.py @@ -4,7 +4,8 @@ import argon2 import cryptography.exceptions -from cryptography.hazmat.primitives import asymmetric, ciphers, hashes, serialization +from cryptography.hazmat.primitives.ciphers.aead import AESGCM +from cryptography.hazmat.primitives import asymmetric, hashes, serialization import flask import gc @@ -178,7 +179,7 @@ def __encrypt_with_aes(key, plaintext, aad=None): :param plaintext: a byte string :param aad: Additional data that should be authenticated with the key, but is not encrypted. Can be None. """ - aesgcm = ciphers.aead.AESGCM(key) + aesgcm = AESGCM(key) nonce = os.urandom(12) return nonce, aesgcm.encrypt(nonce, plaintext, aad) @@ -192,7 +193,7 @@ def __decrypt_with_aes(key, ciphertext, nonce, aad=None): :param aad: Additional data that should be authenticated with the key, but is not encrypted. Can be None. """ try: - aesgcm = ciphers.aead.AESGCM(key=key) + aesgcm = AESGCM(key=key) return aesgcm.decrypt(nonce=nonce, data=ciphertext, associated_data=aad) except (cryptography.exceptions.InvalidTag, ValueError): return None @@ -205,7 +206,7 @@ def __owner_identifier(owner): def __encrypt_owner_private_key(owner, private_key, owner_key=None): """Encrypt owners private key.""" # Generate key or use current key if exists - key = owner_key or ciphers.aead.AESGCM.generate_key(bit_length=256) + key = owner_key or AESGCM.generate_key(bit_length=256) # Encrypt private key nonce, encrypted_key = __encrypt_with_aes( From c58258ad8972955b2186ae3e8c911a674db247d1 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Thu, 20 Jun 2024 12:00:43 +0200 Subject: [PATCH 22/26] Update node packages to address cve --- SPRINTLOG.md | 4 ++ dds_web/static/package-lock.json | 113 ++++++++++++++++++++----------- 2 files changed, 78 insertions(+), 39 deletions(-) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index 00d0a729a..ef00e3eab 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -398,3 +398,7 @@ _Nothing merged in CLI during this sprint_ - Fix the project endpoints according to the OpenAPI standard ([#1527](https://github.com/ScilifelabDataCentre/dds_web/pull/1527)) - Fix the Superadmin endpoints according to the OpenAPI standard ([#1533](https://github.com/ScilifelabDataCentre/dds_web/pull/1533)) + +# 2024-06-17 - 2024-06-28 + +- Update node packages to address cve ([#1536](https://github.com/ScilifelabDataCentre/dds_web/pull/1536)) diff --git a/dds_web/static/package-lock.json b/dds_web/static/package-lock.json index 482625544..de7385ae2 100644 --- a/dds_web/static/package-lock.json +++ b/dds_web/static/package-lock.json @@ -770,12 +770,12 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -1586,9 +1586,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { "to-regex-range": "^5.0.1" @@ -2272,11 +2272,18 @@ "node": ">= 0.4" } }, - "node_modules/ip": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.0.tgz", - "integrity": "sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==", - "dev": true + "node_modules/ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "dependencies": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + }, + "engines": { + "node": ">= 12" + } }, "node_modules/is-array-buffer": { "version": "3.0.2", @@ -2632,6 +2639,12 @@ "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, + "node_modules/jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, "node_modules/json-buffer": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", @@ -4881,16 +4894,16 @@ } }, "node_modules/socks": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.1.tgz", - "integrity": "sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==", + "version": "2.8.3", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.3.tgz", + "integrity": "sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==", "dev": true, "dependencies": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" }, "engines": { - "node": ">= 10.13.0", + "node": ">= 10.0.0", "npm": ">= 3.0.0" } }, @@ -4958,6 +4971,12 @@ "integrity": "sha512-XkD+zwiqXHikFZm4AX/7JSCXA98U5Db4AFd5XUg/+9UNtnH75+Z9KxtpYiJZx36mUDVOwH83pl7yvCer6ewM3w==", "dev": true }, + "node_modules/sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true + }, "node_modules/ssri": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", @@ -5469,9 +5488,9 @@ } }, "node_modules/tar": { - "version": "6.1.15", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.15.tgz", - "integrity": "sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "dependencies": { "chownr": "^2.0.0", @@ -6513,12 +6532,12 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" } }, "browserslist": { @@ -7120,9 +7139,9 @@ } }, "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { "to-regex-range": "^5.0.1" @@ -7627,11 +7646,15 @@ "side-channel": "^1.0.4" } }, - "ip": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/ip/-/ip-2.0.0.tgz", - "integrity": "sha512-WKa+XuLG1A1R0UWhl2+1XQSi+fZWMsYKffMZTTYsiZaUD8k2yDAj5atimTUD2TZkyCkNEeYE5NhFZmupOGtjYQ==", - "dev": true + "ip-address": { + "version": "9.0.5", + "resolved": "https://registry.npmjs.org/ip-address/-/ip-address-9.0.5.tgz", + "integrity": "sha512-zHtQzGojZXTwZTHQqra+ETKd4Sn3vgi7uBmlPoXVWZqYvuKmtI0l/VZTjqGmJY9x88GGOaZ9+G9ES8hC4T4X8g==", + "dev": true, + "requires": { + "jsbn": "1.1.0", + "sprintf-js": "^1.1.3" + } }, "is-array-buffer": { "version": "3.0.2", @@ -7873,6 +7896,12 @@ "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==", "dev": true }, + "jsbn": { + "version": "1.1.0", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-1.1.0.tgz", + "integrity": "sha512-4bYVV3aAMtDTTu4+xsDYa6sy9GyJ69/amsu9sYF2zqjiEoZA5xJi3BrfX3uY+/IekIu7MwdObdbDWpoZdBv3/A==", + "dev": true + }, "json-buffer": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/json-buffer/-/json-buffer-3.0.1.tgz", @@ -9513,12 +9542,12 @@ "dev": true }, "socks": { - "version": "2.7.1", - "resolved": "https://registry.npmjs.org/socks/-/socks-2.7.1.tgz", - "integrity": "sha512-7maUZy1N7uo6+WVEX6psASxtNlKaNVMlGQKkG/63nEDdLOWNbiUMoLK7X4uYoLhQstau72mLgfEWcXcwsaHbYQ==", + "version": "2.8.3", + "resolved": "https://registry.npmjs.org/socks/-/socks-2.8.3.tgz", + "integrity": "sha512-l5x7VUUWbjVFbafGLxPWkYsHIhEvmF85tbIeFZWc8ZPtoMyybuEhL7Jye/ooC4/d48FgOjSJXgsF/AJPYCW8Zw==", "dev": true, "requires": { - "ip": "^2.0.0", + "ip-address": "^9.0.5", "smart-buffer": "^4.2.0" } }, @@ -9577,6 +9606,12 @@ "integrity": "sha512-XkD+zwiqXHikFZm4AX/7JSCXA98U5Db4AFd5XUg/+9UNtnH75+Z9KxtpYiJZx36mUDVOwH83pl7yvCer6ewM3w==", "dev": true }, + "sprintf-js": { + "version": "1.1.3", + "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", + "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", + "dev": true + }, "ssri": { "version": "8.0.1", "resolved": "https://registry.npmjs.org/ssri/-/ssri-8.0.1.tgz", @@ -9985,9 +10020,9 @@ } }, "tar": { - "version": "6.1.15", - "resolved": "https://registry.npmjs.org/tar/-/tar-6.1.15.tgz", - "integrity": "sha512-/zKt9UyngnxIT/EAGYuxaMYgOIJiP81ab9ZfkILq4oNLPFX50qyYmu7jRj9qeXoxmJHjGlbH0+cm2uy1WCs10A==", + "version": "6.2.1", + "resolved": "https://registry.npmjs.org/tar/-/tar-6.2.1.tgz", + "integrity": "sha512-DZ4yORTwrbTj/7MZYq2w+/ZFdI6OZ/f9SFHR+71gIVUZhOQPHzVCLpvRnPgyaMpfWxxk/4ONva3GQSyNIKRv6A==", "dev": true, "requires": { "chownr": "^2.0.0", From 833b96b9bba1f66852ef98ddd1d62f784b7cb266 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Thu, 20 Jun 2024 12:13:41 +0200 Subject: [PATCH 23/26] refactoring a bit --- dds_web/security/project_user_keys.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/security/project_user_keys.py b/dds_web/security/project_user_keys.py index ded8f0b4e..8c4beed85 100644 --- a/dds_web/security/project_user_keys.py +++ b/dds_web/security/project_user_keys.py @@ -4,8 +4,8 @@ import argon2 import cryptography.exceptions +from cryptography.hazmat.primitives import asymmetric, ciphers, hashes, serialization from cryptography.hazmat.primitives.ciphers.aead import AESGCM -from cryptography.hazmat.primitives import asymmetric, hashes, serialization import flask import gc From 84da9806c9e1478d908c3139744369baecb8e170 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Mon, 24 Jun 2024 14:05:43 +0200 Subject: [PATCH 24/26] prettier --- SPRINTLOG.md | 1 - 1 file changed, 1 deletion(-) diff --git a/SPRINTLOG.md b/SPRINTLOG.md index de655375d..ea428cb21 100644 --- a/SPRINTLOG.md +++ b/SPRINTLOG.md @@ -403,4 +403,3 @@ _Nothing merged in CLI during this sprint_ - Update pymysql to address cve ([#1534](https://github.com/ScilifelabDataCentre/dds_web/pull/1534)) - Update node packages to address cve ([#1536](https://github.com/ScilifelabDataCentre/dds_web/pull/1536)) - From 48ff8a526ac4628036028da99fd1b19d8ce76b17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Revuelta?= <46089290+rv0lt@users.noreply.github.com> Date: Tue, 25 Jun 2024 10:38:58 +0200 Subject: [PATCH 25/26] Update dds_web/security/project_user_keys.py Co-authored-by: Valentin Georgiev --- dds_web/security/project_user_keys.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dds_web/security/project_user_keys.py b/dds_web/security/project_user_keys.py index 8c4beed85..81ec35863 100644 --- a/dds_web/security/project_user_keys.py +++ b/dds_web/security/project_user_keys.py @@ -4,7 +4,7 @@ import argon2 import cryptography.exceptions -from cryptography.hazmat.primitives import asymmetric, ciphers, hashes, serialization +from cryptography.hazmat.primitives import asymmetric, hashes, serialization from cryptography.hazmat.primitives.ciphers.aead import AESGCM import flask import gc From 0499db953dc07770e310b05e142e6cce294a8574 Mon Sep 17 00:00:00 2001 From: rv0lt Date: Wed, 26 Jun 2024 14:22:34 +0200 Subject: [PATCH 26/26] new version & changelog --- CHANGELOG.rst | 18 ++++++++++++++++++ dds_web/version.py | 2 +- tests/test_version.py | 2 +- 3 files changed, 20 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 0f8b56ad9..76dfc6aba 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -1,6 +1,24 @@ Changelog ========== +.. _2.7.1: + +2.7.1 - 2024-06-26 +~~~~~~~~~~~~~~~~~~~~~~~ + +- New features: + - Fix the Project endpoint according to OpenAPI standard. + - Fix the Superadmin endpoint according to OpenAPI standard. +- Dependencies: + - `Authlib` from `0.15.5` to `1.3.1` + - `PyMySQL` from `1.0.2` to `1.1.1` +- Node modules: + - `braces` from `3.0.2` to `3.0.3` + - `fill-range` from `7.0.1` to `7.1.1` + - `ip` from `2.0.0` to `9.0.5` + - `socks` from `2.7.1` to `2.8.3` + - `tar` from `6.1.15` to `6.2.1` + .. _2.7.0: 2.7.0 - 2024-05-29 diff --git a/dds_web/version.py b/dds_web/version.py index 8ce0e986f..c0b18f39f 100644 --- a/dds_web/version.py +++ b/dds_web/version.py @@ -1,3 +1,3 @@ # Do not do major version upgrade during 2024. # If mid or minor version reaches 9, continue with 10, 11 etc etc. -__version__ = "2.7.0" +__version__ = "2.7.1" diff --git a/tests/test_version.py b/tests/test_version.py index c98810944..92c2234cb 100644 --- a/tests/test_version.py +++ b/tests/test_version.py @@ -2,4 +2,4 @@ def test_version(): - assert version.__version__ == "2.7.0" + assert version.__version__ == "2.7.1"