# -*- coding: utf8 -*-
# This file is part of PyBossa.
#
# Copyright (C) 2015 SciFabric LTD.
#
# PyBossa is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# PyBossa is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with PyBossa. If not, see .
import json
from helper import web
from default import db, with_context
from mock import patch
from collections import namedtuple
from bs4 import BeautifulSoup
from pybossa.model.user import User
from pybossa.model.project import Project
from pybossa.model.task import Task
from pybossa.model.category import Category
from factories.taskrun_factory import TaskRunFactory
from mock import patch
FakeRequest = namedtuple('FakeRequest', ['text', 'status_code', 'headers'])
class TestAdmin(web.Helper):
pkg_json_not_found = {
"help": "Return ...",
"success": False,
"error": {
"message": "Not found",
"__type": "Not Found Error"}}
# Tests
@with_context
def test_00_first_user_is_admin(self):
"""Test ADMIN First Created user is admin works"""
self.register()
user = db.session.query(User).get(1)
assert user.admin == 1, "User ID:1 should be admin, but it is not"
@with_context
@patch('pybossa.view.admin.sentinel.master.delete')
def test_01_admin_index(self, sentinel_mock):
"""Test ADMIN index page works"""
self.register()
res = self.app.get("/admin", follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "There should be an index page for admin users and projects"
assert "Settings" in res.data, err_msg
divs = ['featured-apps', 'users', 'categories', 'users-list']
for div in divs:
err_msg = "There should be a button for managing %s" % div
assert dom.find(id=div) is not None, err_msg
key = "notify:admin:1"
sentinel_mock.assert_called_with(key)
@with_context
def test_01_admin_index_anonymous(self):
"""Test ADMIN index page works as anonymous user"""
res = self.app.get("/admin", follow_redirects=True)
err_msg = ("The user should not be able to access this page"
" but the returned status is %s" % res.data)
assert "Please sign in to access this page" in res.data, err_msg
@with_context
def test_01_admin_index_authenticated(self):
"""Test ADMIN index page works as signed in user"""
self.register()
self.signout()
self.register(name="tester2", email="tester2@tester.com",
password="tester")
res = self.app.get("/admin", follow_redirects=True)
err_msg = ("The user should not be able to access this page"
" but the returned status is %s" % res.status)
assert "403 FORBIDDEN" in res.status, err_msg
@with_context
def test_02_second_user_is_not_admin(self):
"""Test ADMIN Second Created user is NOT admin works"""
self.register()
self.signout()
self.register(name="tester2", email="tester2@tester.com",
password="tester")
self.signout()
user = db.session.query(User).get(2)
assert user.admin == 0, "User ID: 2 should not be admin, but it is"
@with_context
def test_03_admin_featured_apps_as_admin(self):
"""Test ADMIN featured projects works as an admin user"""
self.register()
self.signin()
res = self.app.get('/admin/featured', follow_redirects=True)
assert "Manage featured projects" in res.data, res.data
@with_context
def test_04_admin_featured_apps_as_anonymous(self):
"""Test ADMIN featured projects works as an anonymous user"""
res = self.app.get('/admin/featured', follow_redirects=True)
assert "Please sign in to access this page" in res.data, res.data
@with_context
def test_05_admin_featured_apps_as_user(self):
"""Test ADMIN featured projects works as a signed in user"""
self.register()
self.signout()
self.register(name="tester2", email="tester2@tester.com",
password="tester")
res = self.app.get('/admin/featured', follow_redirects=True)
assert res.status == "403 FORBIDDEN", res.status
@with_context
@patch('pybossa.core.uploader.upload_file', return_value=True)
def test_06_admin_featured_apps_add_remove_app(self, mock):
"""Test ADMIN featured projects add-remove works as an admin user"""
self.register()
self.new_project()
project = db.session.query(Project).first()
project.published = True
db.session.commit()
self.update_project()
# The project is in the system but not in the front page
res = self.app.get('/', follow_redirects=True)
assert "Sample Project" not in res.data,\
"The project should not be listed in the front page"\
" as it is not featured"
# Only projects that have been published can be featured
self.new_task(1)
project = db.session.query(Project).get(1)
project.info = dict(task_presenter="something")
db.session.add(project)
db.session.commit()
res = self.app.get('/admin/featured', follow_redirects=True)
assert "Featured" in res.data, res.data
assert "Sample Project" in res.data, res.data
# Add it to the Featured list
res = self.app.post('/admin/featured/1')
f = json.loads(res.data)
assert f['id'] == 1, f
assert f['featured'] == True, f
# Check can be removed from featured
res = self.app.get('/admin/featured', follow_redirects=True)
assert "Remove from Featured!" in res.data,\
"The project should have a button to remove from featured"
# A retry should fail
res = self.app.post('/admin/featured/1')
err = json.loads(res.data)
err_msg = "Project.id 1 already featured"
assert err['error'] == err_msg, err_msg
assert err['status_code'] == 415, "Status code should be 415"
# Remove it again from the Featured list
res = self.app.delete('/admin/featured/1')
f = json.loads(res.data)
assert f['id'] == 1, f
assert f['featured'] == False, f
# Check that can be added to featured
res = self.app.get('/admin/featured', follow_redirects=True)
assert "Add to Featured!" in res.data,\
"The project should have a button to add to featured"
# If we try to delete again, it should return an error
res = self.app.delete('/admin/featured/1')
err = json.loads(res.data)
assert err['status_code'] == 415, "Project should not be found"
err_msg = 'Project.id 1 is not featured'
assert err['error'] == err_msg, err_msg
# Try with an id that does not exist
res = self.app.delete('/admin/featured/999')
err = json.loads(res.data)
assert err['status_code'] == 404, "Project should not be found"
err_msg = 'Project.id 999 not found'
assert err['error'] == err_msg, err_msg
@with_context
@patch('pybossa.core.uploader.upload_file', return_value=True)
def test_07_admin_featured_apps_add_remove_app_non_admin(self, mock):
"""Test ADMIN featured projects add-remove works as an non-admin user"""
self.register()
self.signout()
self.register(name="John2", email="john2@john.com",
password="passwd")
self.new_project()
# The project is in the system but not in the front page
res = self.app.get('/', follow_redirects=True)
err_msg = ("The project should not be listed in the front page"
"as it is not featured")
assert "Create a Project" in res.data, err_msg
res = self.app.get('/admin/featured', follow_redirects=True)
err_msg = ("The user should not be able to access this page"
" but the returned status is %s" % res.status)
assert "403 FORBIDDEN" in res.status, err_msg
# Try to add the project to the featured list
res = self.app.post('/admin/featured/1')
err_msg = ("The user should not be able to POST to this page"
" but the returned status is %s" % res.status)
assert "403 FORBIDDEN" in res.status, err_msg
# Try to remove it again from the Featured list
res = self.app.delete('/admin/featured/1')
err_msg = ("The user should not be able to DELETE to this page"
" but the returned status is %s" % res.status)
assert "403 FORBIDDEN" in res.status, err_msg
@with_context
@patch('pybossa.core.uploader.upload_file', return_value=True)
def test_08_admin_featured_apps_add_remove_app_anonymous(self, mock):
"""Test ADMIN featured projects add-remove works as an anonymous user"""
self.register()
self.new_project()
self.signout()
# The project is in the system but not in the front page
res = self.app.get('/', follow_redirects=True)
assert "Create a Project" in res.data,\
"The project should not be listed in the front page"\
" as it is not featured"
res = self.app.get('/admin/featured', follow_redirects=True)
err_msg = ("The user should not be able to access this page"
" but the returned status is %s" % res.data)
assert "Please sign in to access this page" in res.data, err_msg
# Try to add the project to the featured list
res = self.app.post('/admin/featured/1', follow_redirects=True)
err_msg = ("The user should not be able to POST to this page"
" but the returned status is %s" % res.data)
assert "Please sign in to access this page" in res.data, err_msg
# Try to remove it again from the Featured list
res = self.app.delete('/admin/featured/1', follow_redirects=True)
err_msg = ("The user should not be able to DELETE to this page"
" but the returned status is %s" % res.data)
assert "Please sign in to access this page" in res.data, err_msg
@with_context
def test_09_admin_users_as_admin(self):
"""Test ADMIN users works as an admin user"""
self.register()
res = self.app.get('/admin/users', follow_redirects=True)
assert "Manage Admin Users" in res.data, res.data
@with_context
def test_10_admin_user_not_listed(self):
"""Test ADMIN users does not list himself works"""
self.register()
res = self.app.get('/admin/users', follow_redirects=True)
assert "Manage Admin Users" in res.data, res.data
assert "Current Users with Admin privileges" not in res.data, res.data
assert "John" not in res.data, res.data
@with_context
def test_11_admin_user_not_listed_in_search(self):
"""Test ADMIN users does not list himself in the search works"""
self.register()
data = {'user': 'john'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
assert "Manage Admin Users" in res.data, res.data
assert "Current Users with Admin privileges" not in res.data, res.data
assert "John" not in res.data, res.data
@with_context
def test_12_admin_user_search(self):
"""Test ADMIN users search works"""
# Create two users
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.signout()
# Signin with admin user
self.signin()
data = {'user': 'juan'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
assert "Juan Jose" in res.data, "username should be searchable"
# Check with uppercase
data = {'user': 'JUAN'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
err_msg = "username search should be case insensitive"
assert "Juan Jose" in res.data, err_msg
# Search fullname
data = {'user': 'Jose'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
assert "Juan Jose" in res.data, "fullname should be searchable"
# Check with uppercase
data = {'user': 'JOsE'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
err_msg = "fullname search should be case insensitive"
assert "Juan Jose" in res.data, err_msg
# Warning should be issued for non-found users
data = {'user': 'nothingExists'}
res = self.app.post('/admin/users', data=data, follow_redirects=True)
warning = ("We didn't find a user matching your query: %s" %
data['user'])
err_msg = "A flash message should be returned for non-found users"
assert warning in res.data, err_msg
@with_context
def test_13_admin_user_add_del(self):
"""Test ADMIN add/del user to admin group works"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.signout()
# Signin with admin user
self.signin()
# Add user.id=1000 (it does not exist)
res = self.app.get("/admin/users/add/1000", follow_redirects=True)
err = json.loads(res.data)
assert res.status_code == 404, res.status_code
assert err['error'] == "User not found", err
assert err['status_code'] == 404, err
# Add user.id=2 to admin group
res = self.app.get("/admin/users/add/2", follow_redirects=True)
assert "Current Users with Admin privileges" in res.data
err_msg = "User.id=2 should be listed as an admin"
assert "Juan Jose" in res.data, err_msg
# Remove user.id=2 from admin group
res = self.app.get("/admin/users/del/2", follow_redirects=True)
assert "Current Users with Admin privileges" not in res.data
err_msg = "User.id=2 should be listed as an admin"
assert "Juan Jose" not in res.data, err_msg
# Delete a non existant user should return an error
res = self.app.get("/admin/users/del/5000", follow_redirects=True)
err = json.loads(res.data)
assert res.status_code == 404, res.status_code
assert err['error'] == "User.id not found", err
assert err['status_code'] == 404, err
@with_context
def test_14_admin_user_add_del_anonymous(self):
"""Test ADMIN add/del user to admin group works as anonymous"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.signout()
# Add user.id=2 to admin group
res = self.app.get("/admin/users/add/2", follow_redirects=True)
err_msg = "User should be redirected to signin"
assert "Please sign in to access this page" in res.data, err_msg
# Remove user.id=2 from admin group
res = self.app.get("/admin/users/del/2", follow_redirects=True)
err_msg = "User should be redirected to signin"
assert "Please sign in to access this page" in res.data, err_msg
@with_context
def test_15_admin_user_add_del_authenticated(self):
"""Test ADMIN add/del user to admin group works as authenticated"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.signout()
self.register(fullname="Juan Jose2", name="juan2",
email="juan2@juan.com", password="juan2")
self.signout()
self.signin(email="juan2@juan.com", password="juan2")
# Add user.id=2 to admin group
res = self.app.get("/admin/users/add/2", follow_redirects=True)
assert res.status == "403 FORBIDDEN",\
"This action should be forbidden, not enought privileges"
# Remove user.id=2 from admin group
res = self.app.get("/admin/users/del/2", follow_redirects=True)
assert res.status == "403 FORBIDDEN",\
"This action should be forbidden, not enought privileges"
@with_context
def test_16_admin_user_export(self):
"""Test ADMIN user list export works as admin"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.signout()
self.register(fullname="Juan Jose2", name="juan2",
email="juan2@juan.com", password="juan2")
self.signin()
# The user is redirected to '/admin/' if no format is specified
res = self.app.get('/admin/users/export', follow_redirects=True)
assert 'Featured Projects' in res.data, res.data
assert 'Administrators' in res.data, res.data
res = self.app.get('/admin/users/export?firmit=', follow_redirects=True)
assert 'Featured Projects' in res.data, res.data
assert 'Administrators' in res.data, res.data
# A 415 error is raised if the format is not supported (is not either json or csv)
res = self.app.get('/admin/users/export?format=bad',
follow_redirects=True)
assert res.status_code == 415, res.status_code
# JSON is a valid format for exports
res = self.app.get('/admin/users/export?format=json',
follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.mimetype == 'application/json', res.mimetype
#CSV is a valid format for exports
res = self.app.get('/admin/users/export?format=csv',
follow_redirects=True)
assert res.status_code == 200, res.status_code
assert res.mimetype == 'text/csv', res.mimetype
@with_context
def test_17_admin_user_export_anonymous(self):
"""Test ADMIN user list export works as anonymous user"""
self.register()
self.signout()
# Whichever the args of the request are, the user is redirected to login
res = self.app.get('/admin/users/export', follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
res = self.app.get('/admin/users/export?firmit=', follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
res = self.app.get('/admin/users/export?format=bad',
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
res = self.app.get('/admin/users/export?format=json',
follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
@with_context
def test_18_admin_user_export_authenticated(self):
"""Test ADMIN user list export works as authenticated non-admin user"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
# No matter what params in the request, Forbidden is raised
res = self.app.get('/admin/users/export', follow_redirects=True)
assert res.status_code == 403, res.status_code
res = self.app.get('/admin/users/export?firmit=', follow_redirects=True)
assert res.status_code == 403, res.status_code
res = self.app.get('/admin/users/export?format=bad',
follow_redirects=True)
assert res.status_code == 403, res.status_code
res = self.app.get('/admin/users/export?format=json',
follow_redirects=True)
assert res.status_code == 403, res.status_code
@patch('pybossa.ckan.requests.get')
@patch('pybossa.core.uploader.upload_file', return_value=True)
@patch('pybossa.forms.validator.requests.get')
def test_19_admin_update_app(self, Mock, Mock2, mock_webhook):
"""Test ADMIN can update a project that belongs to another user"""
html_request = FakeRequest(json.dumps(self.pkg_json_not_found), 200,
{'content-type': 'application/json'})
Mock.return_value = html_request
mock_webhook.return_value = html_request
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.new_project()
self.signout()
# Sign in with the root user
self.signin()
res = self.app.get('/project/sampleapp/settings')
err_msg = "Admin users should be able to get the settings page for any project"
assert res.status == "200 OK", err_msg
res = self.update_project(method="GET")
assert "Update the project" in res.data,\
"The project should be updated by admin users"
res = self.update_project(new_name="Root",
new_short_name="rootsampleapp")
res = self.app.get('/project/rootsampleapp', follow_redirects=True)
assert "Root" in res.data, "The app should be updated by admin users"
app = db.session.query(Project)\
.filter_by(short_name="rootsampleapp").first()
juan = db.session.query(User).filter_by(name="juan").first()
assert app.owner_id == juan.id, "Owner_id should be: %s" % juan.id
assert app.owner_id != 1, "The owner should be not updated"
res = self.update_project(short_name="rootsampleapp",
new_short_name="sampleapp",
new_long_description="New Long Desc")
res = self.app.get('/project/sampleapp', follow_redirects=True)
err_msg = "The long description should have been updated"
assert "New Long Desc" in res.data, err_msg
@with_context
@patch('pybossa.core.uploader.upload_file', return_value=True)
def test_20_admin_delete_app(self, mock):
"""Test ADMIN can delete a project that belongs to another user"""
self.register()
self.signout()
self.register(fullname="Juan Jose", name="juan",
email="juan@juan.com", password="juan")
self.new_project()
self.signout()
# Sign in with the root user
self.signin()
res = self.delete_project(method="GET")
assert "Yes, delete it" in res.data,\
"The project should be deleted by admin users"
res = self.delete_project()
err_msg = "The project should be deleted by admin users"
assert "Project deleted!" in res.data, err_msg
@with_context
def test_21_admin_delete_tasks(self):
"""Test ADMIN can delete a project's tasks that belongs to another user"""
# Admin
self.create()
tasks = db.session.query(Task).filter_by(project_id=1).all()
assert len(tasks) > 0, "len(app.tasks) > 0"
res = self.signin(email=u'root@root.com', password=u'tester' + 'root')
res = self.app.get('/project/test-app/tasks/delete', follow_redirects=True)
err_msg = "Admin user should get 200 in GET"
assert res.status_code == 200, err_msg
res = self.app.post('/project/test-app/tasks/delete', follow_redirects=True)
err_msg = "Admin should get 200 in POST"
assert res.status_code == 200, err_msg
tasks = db.session.query(Task).filter_by(project_id=1).all()
assert len(tasks) == 0, "len(app.tasks) != 0"
@with_context
def test_22_admin_list_categories(self):
"""Test ADMIN list categories works"""
self.create()
# Anonymous user
url = '/admin/categories'
res = self.app.get(url, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Authenticated user but not admin
self.signin(email=self.email_addr2, password=self.password)
res = self.app.get(url, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
self.signout()
# Admin user
self.signin(email=self.root_addr, password=self.root_password)
res = self.app.get(url, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Admin users should be get a list of Categories"
assert dom.find(id='categories') is not None, err_msg
@with_context
def test_23_admin_add_category(self):
"""Test ADMIN add category works"""
self.create()
category = {'name': 'cat', 'short_name': 'cat',
'description': 'description', 'id': ""}
# Anonymous user
url = '/admin/categories'
res = self.app.post(url, data=category, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Authenticated user but not admin
self.signin(email=self.email_addr2, password=self.password)
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
self.signout()
# Admin
self.signin(email=self.root_addr, password=self.root_password)
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Category should be added"
assert "Category added" in res.data, err_msg
assert category['name'] in res.data, err_msg
# Create the same category again should fail
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Category form validation should work"
assert "Please correct the errors" in res.data, err_msg
@with_context
def test_24_admin_update_category(self):
"""Test ADMIN update category works"""
self.create()
obj = db.session.query(Category).get(1)
_name = obj.name
category = obj.dictize()
# Anonymous user GET
url = '/admin/categories/update/%s' % obj.id
res = self.app.get(url, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Anonymous user POST
res = self.app.post(url, data=category, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Authenticated user but not admin GET
self.signin(email=self.email_addr2, password=self.password)
res = self.app.post(url, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
# Authenticated user but not admin POST
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
self.signout()
# Admin GET
self.signin(email=self.root_addr, password=self.root_password)
res = self.app.get(url, follow_redirects=True)
err_msg = "Category should be listed for admin user"
assert _name in res.data, err_msg
# Check 404
url_404 = '/admin/categories/update/5000'
res = self.app.get(url_404, follow_redirects=True)
assert res.status_code == 404, res.status_code
# Admin POST
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Category should be updated"
assert "Category updated" in res.data, err_msg
assert category['name'] in res.data, err_msg
updated_category = db.session.query(Category).get(obj.id)
assert updated_category.name == obj.name, err_msg
# With not valid form
category['name'] = None
res = self.app.post(url, data=category, follow_redirects=True)
assert "Please correct the errors" in res.data, err_msg
@with_context
def test_25_admin_delete_category(self):
"""Test ADMIN delete category works"""
self.create()
obj = db.session.query(Category).get(2)
category = obj.dictize()
# Anonymous user GET
url = '/admin/categories/del/%s' % obj.id
res = self.app.get(url, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Anonymous user POST
res = self.app.post(url, data=category, follow_redirects=True)
dom = BeautifulSoup(res.data)
err_msg = "Anonymous users should be redirected to sign in"
assert dom.find(id='signin') is not None, err_msg
# Authenticated user but not admin GET
self.signin(email=self.email_addr2, password=self.password)
res = self.app.post(url, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
# Authenticated user but not admin POST
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Non-Admin users should get 403"
assert res.status_code == 403, err_msg
self.signout()
# Admin GET
self.signin(email=self.root_addr, password=self.root_password)
res = self.app.get(url, follow_redirects=True)
err_msg = "Category should be listed for admin user"
assert category['name'] in res.data, err_msg
# Admin POST
res = self.app.post(url, data=category, follow_redirects=True)
err_msg = "Category should be deleted"
assert "Category deleted" in res.data, err_msg
assert category['name'] not in res.data, err_msg
output = db.session.query(Category).get(obj.id)
assert output is None, err_msg
# Non existant category
category['id'] = 5000
url = '/admin/categories/del/5000'
res = self.app.post(url, data=category, follow_redirects=True)
assert res.status_code == 404, res.status_code
# Now try to delete the only available Category
obj = db.session.query(Category).first()
url = '/admin/categories/del/%s' % obj.id
category = obj.dictize()
res = self.app.post(url, data=category, follow_redirects=True)
print res.data
err_msg = "Category should not be deleted"
assert "Category deleted" not in res.data, err_msg
assert category['name'] in res.data, err_msg
output = db.session.query(Category).get(obj.id)
assert output.id == category['id'], err_msg
@with_context
def test_admin_dashboard(self):
"""Test ADMIN dashboard requires admin"""
url = '/admin/dashboard/'
res = self.app.get(url, follow_redirects=True)
err_msg = "It should require login"
assert "Sign in" in res.data, err_msg
@with_context
def test_admin_dashboard_auth_user(self):
"""Test ADMIN dashboard requires admin"""
url = '/admin/dashboard/'
self.register()
self.signout()
self.register(fullname="juan", name="juan")
res = self.app.get(url, follow_redirects=True)
err_msg = "It should return 403"
assert res.status_code == 403, err_msg
@with_context
def test_admin_dashboard_admin_user(self):
"""Test ADMIN dashboard admins can access it"""
url = '/admin/dashboard/'
self.register()
self.new_project()
res = self.app.get(url, follow_redirects=True)
err_msg = "It should return 200"
assert res.status_code == 200, err_msg
assert "No data" in res.data, res.data
@with_context
def test_admin_dashboard_admin_user_data(self):
"""Test ADMIN dashboard admins can access it with data"""
url = '/admin/dashboard/'
self.register()
self.new_project()
self.new_task(1)
import pybossa.dashboard.jobs as dashboard
dashboard.active_anon_week()
dashboard.active_users_week()
dashboard.new_users_week()
dashboard.new_tasks_week()
dashboard.new_task_runs_week()
dashboard.draft_projects_week()
dashboard.published_projects_week()
dashboard.update_projects_week()
dashboard.returning_users_week()
res = self.app.get(url, follow_redirects=True)
err_msg = "It should return 200"
assert res.status_code == 200, err_msg
assert "No data" not in res.data, res.data
assert "New Users" in res.data, res.data
@with_context
@patch('pybossa.view.admin.DASHBOARD_QUEUE')
def test_admin_dashboard_admin_refresh_user_data(self, mock):
"""Test ADMIN dashboard admins refresh can access it with data"""
url = '/admin/dashboard/?refresh=1'
self.register()
self.new_project()
self.new_task(1)
import pybossa.dashboard.jobs as dashboard
dashboard.active_anon_week()
dashboard.active_users_week()
dashboard.new_users_week()
dashboard.new_tasks_week()
dashboard.new_task_runs_week()
dashboard.draft_projects_week()
dashboard.published_projects_week()
dashboard.update_projects_week()
dashboard.returning_users_week()
res = self.app.get(url, follow_redirects=True)
err_msg = "It should return 200"
assert res.status_code == 200, err_msg
assert "No data" not in res.data, res.data
assert "New Users" in res.data, res.data
assert mock.enqueue.called