[galaxy-dev] [hg] galaxy 3528: New separate functional test scripts for testi...
Greg Von Kuster
greg at bx.psu.edu
Thu Mar 18 14:30:06 EDT 2010
details: http://www.bx.psu.edu/hg/galaxy/rev/48e83411aa91
changeset: 3528:48e83411aa91
user: Greg Von Kuster <greg at bx.psu.edu>
date: Fri Mar 12 16:11:26 2010 -0500
description:
New separate functional test scripts for testing admin features, library features, library security and data security. These use a new test_db_util module for all db interaction ( other functional test scripts can be enhanced to use this ). A lot of code cleanup in the functional tests. In twilltestcase, cleaned up library and security related methods to mirror names in recently merged library code.
diffstat:
lib/galaxy/web/controllers/library_common.py | 7 +-
test/base/test_db_util.py | 123 +
test/base/twilltestcase.py | 342 ++-
test/functional/test_admin_features.py | 422 ++++
test/functional/test_data_security.py | 196 ++
test/functional/test_library_features.py | 606 ++++++
test/functional/test_library_security.py | 603 ++++++
test/functional/test_security_and_libraries.py | 2141 ------------------------
8 files changed, 2167 insertions(+), 2273 deletions(-)
diffs (truncated from 4641 to 3000 lines):
diff -r e39c9a2a0b4c -r 48e83411aa91 lib/galaxy/web/controllers/library_common.py
--- a/lib/galaxy/web/controllers/library_common.py Fri Mar 12 14:27:04 2010 -0500
+++ b/lib/galaxy/web/controllers/library_common.py Fri Mar 12 16:11:26 2010 -0500
@@ -155,7 +155,7 @@
library.root_folder.description = new_description
trans.sa_session.add_all( ( library, library.root_folder ) )
trans.sa_session.flush()
- msg = "Library '%s' has been renamed to '%s'" % ( old_name, new_name )
+ msg = "The information has been updated."
return trans.response.send_redirect( web.url_for( controller='library_common',
action='library_info',
cntrller=cntrller,
@@ -313,7 +313,7 @@
folder.description = new_description
trans.sa_session.add( folder )
trans.sa_session.flush()
- msg = "Folder '%s' has been renamed to '%s'" % ( old_name, new_name )
+ msg = "The information has been updated."
messagetype='done'
else:
msg = "You are not authorized to edit this folder"
@@ -698,7 +698,6 @@
trans.app.security_agent.derive_roles_from_access( trans, trans.app.security.decode_id( library_id ), cntrller, library=True, **vars )
if error:
messagetype = 'error'
-
trans.response.send_redirect( web.url_for( controller='library_common',
action='upload_library_dataset',
cntrller=cntrller,
@@ -1171,7 +1170,7 @@
library_dataset.info = new_info
trans.sa_session.add( library_dataset )
trans.sa_session.flush()
- msg = "Dataset '%s' has been renamed to '%s'" % ( old_name, new_name )
+ msg = "The information has been updated."
messagetype = 'done'
else:
msg = "You are not authorized to change the attributes of this dataset"
diff -r e39c9a2a0b4c -r 48e83411aa91 test/base/test_db_util.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/base/test_db_util.py Fri Mar 12 16:11:26 2010 -0500
@@ -0,0 +1,123 @@
+import galaxy.model
+from galaxy.model.orm import *
+from galaxy.model.mapping import context as sa_session
+from base.twilltestcase import *
+import sys
+
+def flush( obj ):
+ sa_session.add( obj )
+ sa_session.flush()
+def get_all_histories_for_user( user ):
+ return sa_session.query( galaxy.model.History ) \
+ .filter( and_( galaxy.model.History.table.c.user_id==user.id,
+ galaxy.model.History.table.c.deleted==False ) ) \
+ .all()
+def get_dataset_permissions_by_dataset( dataset ):
+ return sa_session.query( galaxy.model.DatasetPermissions ) \
+ .filter( galaxy.model.DatasetPermissions.table.c.dataset_id==dataset.id ) \
+ .all()
+def get_dataset_permissions_by_role( role ):
+ return sa_session.query( galaxy.model.DatasetPermissions ) \
+ .filter( galaxy.model.DatasetPermissions.table.c.role_id == role.id ) \
+ .first()
+def get_default_history_permissions_by_history( history ):
+ return sa_session.query( galaxy.model.DefaultHistoryPermissions ) \
+ .filter( galaxy.model.DefaultHistoryPermissions.table.c.history_id==history.id ) \
+ .all()
+def get_default_history_permissions_by_role( role ):
+ return sa_session.query( galaxy.model.DefaultHistoryPermissions ) \
+ .filter( galaxy.model.DefaultHistoryPermissions.table.c.role_id == role.id ) \
+ .all()
+def get_default_user_permissions_by_role( role ):
+ return sa_session.query( galaxy.model.DefaultUserPermissions ) \
+ .filter( galaxy.model.DefaultUserPermissions.table.c.role_id == role.id ) \
+ .all()
+def get_default_user_permissions_by_user( user ):
+ return sa_session.query( galaxy.model.DefaultUserPermissions ) \
+ .filter( galaxy.model.DefaultUserPermissions.table.c.user_id==user.id ) \
+ .all()
+def get_form( name ):
+ fdc_list = sa_session.query( galaxy.model.FormDefinitionCurrent ) \
+ .filter( galaxy.model.FormDefinitionCurrent.table.c.deleted == False ) \
+ .order_by( galaxy.model.FormDefinitionCurrent.table.c.create_time.desc() )
+ for fdc in fdc_list:
+ sa_session.refresh( fdc )
+ sa_session.refresh( fdc.latest_form )
+ if fdc.latest_form.name == name:
+ return fdc.latest_form
+ return None
+def get_folder( parent_id, name, description ):
+ return sa_session.query( galaxy.model.LibraryFolder ) \
+ .filter( and_( galaxy.model.LibraryFolder.table.c.parent_id==parent_id,
+ galaxy.model.LibraryFolder.table.c.name==name,
+ galaxy.model.LibraryFolder.table.c.description==description ) ) \
+ .first()
+def get_group_by_name( name ):
+ return sa_session.query( galaxy.model.Group ).filter( galaxy.model.Group.table.c.name==name ).first()
+def get_group_role_associations_by_group( group ):
+ return sa_session.query( galaxy.model.GroupRoleAssociation ) \
+ .filter( galaxy.model.GroupRoleAssociation.table.c.group_id == group.id ) \
+ .all()
+def get_group_role_associations_by_role( role ):
+ return sa_session.query( galaxy.model.GroupRoleAssociation ) \
+ .filter( galaxy.model.GroupRoleAssociation.table.c.role_id == role.id ) \
+ .all()
+def get_latest_dataset():
+ return sa_session.query( galaxy.model.Dataset ) \
+ .order_by( desc( galaxy.model.Dataset.table.c.create_time ) ) \
+ .first()
+def get_latest_hda():
+ return sa_session.query( galaxy.model.HistoryDatasetAssociation ) \
+ .order_by( desc( galaxy.model.HistoryDatasetAssociation.table.c.create_time ) ) \
+ .first()
+def get_latest_history_for_user( user ):
+ return sa_session.query( galaxy.model.History ) \
+ .filter( and_( galaxy.model.History.table.c.deleted==False,
+ galaxy.model.History.table.c.user_id==user.id ) ) \
+ .order_by( desc( galaxy.model.History.table.c.create_time ) ) \
+ .first()
+def get_latest_ldda():
+ return sa_session.query( galaxy.model.LibraryDatasetDatasetAssociation ) \
+ .order_by( desc( galaxy.model.LibraryDatasetDatasetAssociation.table.c.create_time ) ) \
+ .first()
+def get_latest_lddas( limit ):
+ return sa_session.query( galaxy.model.LibraryDatasetDatasetAssociation ) \
+ .order_by( desc( galaxy.model.LibraryDatasetDatasetAssociation.table.c.update_time ) ) \
+ .limit( limit )
+def get_library( name, description, synopsis ):
+ return sa_session.query( galaxy.model.Library ) \
+ .filter( and_( galaxy.model.Library.table.c.name==name,
+ galaxy.model.Library.table.c.description==description,
+ galaxy.model.Library.table.c.synopsis==synopsis,
+ galaxy.model.Library.table.c.deleted==False ) ) \
+ .first()
+def get_private_role( user ):
+ for role in user.all_roles():
+ if role.name == user.email and role.description == 'Private Role for %s' % user.email:
+ return role
+ raise AssertionError( "Private role not found for user '%s'" % user.email )
+def get_role_by_name( name ):
+ return sa_session.query( galaxy.model.Role ).filter( galaxy.model.Role.table.c.name==name ).first()
+def get_user( email ):
+ return sa_session.query( galaxy.model.User ) \
+ .filter( galaxy.model.User.table.c.email==email ) \
+ .first()
+def get_user_group_associations_by_group( group ):
+ return sa_session.query( galaxy.model.UserGroupAssociation ) \
+ .filter( galaxy.model.UserGroupAssociation.table.c.group_id == group.id ) \
+ .all()
+def get_user_role_associations_by_role( role ):
+ return sa_session.query( galaxy.model.UserRoleAssociation ) \
+ .filter( galaxy.model.UserRoleAssociation.table.c.role_id == role.id ) \
+ .all()
+def refresh( obj ):
+ sa_session.refresh( obj )
+def set_library_permissions( in_list ):
+ permissions_in = []
+ permissions_out = []
+ for k, v in galaxy.model.Library.permitted_actions.items():
+ if k in in_list:
+ permissions_in.append( k )
+ else:
+ permissions_out.append( k )
+ return permissions_in, permissions_out
diff -r e39c9a2a0b4c -r 48e83411aa91 test/base/twilltestcase.py
--- a/test/base/twilltestcase.py Fri Mar 12 14:27:04 2010 -0500
+++ b/test/base/twilltestcase.py Fri Mar 12 16:11:26 2010 -0500
@@ -535,21 +535,55 @@
if check_str:
self.check_page_for_string( check_str )
self.home()
- def edit_hda_attribute_info( self, hda_id, new_name='', new_info='', new_dbkey='', new_startcol='' ):
+ def edit_hda_attribute_info( self, hda_id, new_name='', new_info='', new_dbkey='', new_startcol='',
+ check_str1='', check_str2='', check_str3='', check_str4='',
+ not_displayed1='', not_displayed2='', not_displayed3='' ):
"""Edit history_dataset_association attribute information"""
self.home()
self.visit_url( "%s/root/edit?id=%s" % ( self.url, hda_id ) )
+ submit_required = False
self.check_page_for_string( 'Edit Attributes' )
if new_name:
tc.fv( 'edit_attributes', 'name', new_name )
+ submit_required = True
if new_info:
tc.fv( 'edit_attributes', 'info', new_info )
+ submit_required = True
if new_dbkey:
tc.fv( 'edit_attributes', 'dbkey', new_dbkey )
+ submit_required = True
if new_startcol:
tc.fv( 'edit_attributes', 'startCol', new_startcol )
- tc.submit( 'save' )
- self.check_page_for_string( 'Attributes updated' )
+ submit_required = True
+ if submit_required:
+ tc.submit( 'save' )
+ self.check_page_for_string( 'Attributes updated' )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if check_str2:
+ self.check_page_for_string( check_str2 )
+ if check_str3:
+ self.check_page_for_string( check_str3 )
+ if check_str4:
+ self.check_page_for_string( check_str4 )
+ if not_displayed1:
+ try:
+ self.check_page_for_string( not_displayed1 )
+ raise AssertionError, "String (%s) incorrectly displayed on Edit Attributes page." % not_displayed
+ except:
+ pass
+ if not_displayed2:
+ try:
+ self.check_page_for_string( not_displayed2 )
+ raise AssertionError, "String (%s) incorrectly displayed on Edit Attributes page." % not_displayed
+ except:
+ pass
+ if not_displayed3:
+ try:
+ self.check_page_for_string( not_displayed3 )
+ raise AssertionError, "String (%s) incorrectly displayed on Edit Attributes page." % not_displayed
+ except:
+ pass
self.home()
def auto_detect_metadata( self, hda_id ):
"""Auto-detect history_dataset_association metadata"""
@@ -1164,12 +1198,10 @@
check_str = "Purged 1 users"
self.check_page_for_string( check_str )
self.home()
- def associate_roles_and_groups_with_user( self, user_id, email,
- in_role_ids=[], out_role_ids=[],
- in_group_ids=[], out_group_ids=[],
- check_str='' ):
+ def manage_roles_and_groups_for_user( self, user_id, in_role_ids=[], out_role_ids=[],
+ in_group_ids=[], out_group_ids=[], check_str='' ):
self.home()
- url = "%s/admin/manage_roles_and_groups_for_user?id=%s&user_roles_groups_edit_button=Save" % ( self.url, user_id )
+ url = "%s/admin/manage_roles_and_groups_for_user?id=%s" % ( self.url, user_id )
if in_role_ids:
url += "&in_roles=%s" % ','.join( in_role_ids )
if out_role_ids:
@@ -1178,12 +1210,18 @@
url += "&in_groups=%s" % ','.join( in_group_ids )
if out_group_ids:
url += "&out_groups=%s" % ','.join( out_group_ids )
+ if in_role_ids or out_role_ids or in_group_ids or out_group_ids:
+ url += "&user_roles_groups_edit_button=Save"
self.visit_url( url )
if check_str:
self.check_page_for_string( check_str )
self.home()
# Tests associated with roles
+ def browse_roles( self, check_str1='' ):
+ self.visit_url( '%s/admin/roles' % self.url )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
def create_role( self,
name='Role One',
description="This is Role One",
@@ -1280,6 +1318,10 @@
self.visit_url( "%s/admin/groups" % self.url )
self.check_page_for_string( name )
self.home()
+ def browse_groups( self, check_str1='' ):
+ self.visit_url( '%s/admin/groups' % self.url )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
def rename_group( self, group_id, name='Group One Renamed' ):
"""Rename a group"""
self.home()
@@ -1532,6 +1574,58 @@
self.check_page_for_string( 'Address <b>%s</b> has been added' % address_dict[ 'short_desc' ] )
# Library stuff
+ def add_library_template( self, cntrller, item_type, library_id, form_id, form_name, folder_id=None, ldda_id=None ):
+ """Add a new info template to a library item"""
+ self.home()
+ if item_type == 'library':
+ url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s" % \
+ ( self.url, cntrller, item_type, library_id )
+ elif item_type == 'folder':
+ url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s&folder_id=%s" % \
+ ( self.url, cntrller, item_type, library_id, folder_id )
+ elif item_type == 'ldda':
+ url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s&folder_id=%s&ldda_id=%s" % \
+ ( self.url, cntrller, item_type, library_id, folder_id, ldda_id )
+ self.visit_url( url )
+ self.check_page_for_string ( "Select a template for the" )
+ tc.fv( '1', 'form_id', form_id )
+ tc.fv( '1', 'inherit', '1' )
+ tc.submit( 'add_template_button' )
+ self.check_page_for_string = 'A template based on the form "%s" has been added to this' % form_name
+ self.home()
+ def browse_libraries_admin( self, deleted=False, check_str1='', check_str2='', not_displayed1='' ):
+ self.visit_url( '%s/library_admin/browse_libraries?sort=name&f-description=All&f-name=All&f-deleted=%s' % ( self.url, str( deleted ) ) )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if check_str2:
+ self.check_page_for_string( check_str2 )
+ if not_displayed1:
+ try:
+ self.check_page_for_string( not_displayed1 )
+ raise AssertionError, "String (%s) incorrectly displayed when browing library." % not_displayed1
+ except:
+ pass
+ def browse_libraries_regular_user( self, check_str1='', check_str2='' ):
+ self.visit_url( '%s/library/browse_libraries' % self.url )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if check_str2:
+ self.check_page_for_string( check_str2 )
+ def browse_library( self, cntrller, id, show_deleted=False,
+ check_str1='', check_str2='', check_str3='', not_displayed='', not_displayed2='' ):
+ self.visit_url( '%s/library_common/browse_library?cntrller=%s&id=%s&show_deleted=%s' % ( self.url, cntrller, id, str( show_deleted ) ) )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if check_str2:
+ self.check_page_for_string( check_str2 )
+ if check_str3:
+ self.check_page_for_string( check_str3 )
+ if not_displayed:
+ try:
+ self.check_page_for_string( not_displayed )
+ raise AssertionError, "String (%s) incorrectly displayed when browing library." % not_displayed
+ except:
+ pass
def create_library( self, name='Library One', description='This is Library One', synopsis='Synopsis for Library One' ):
"""Create a new library"""
self.home()
@@ -1544,6 +1638,28 @@
check_str = "The new library named '%s' has been created" % name
self.check_page_for_string( check_str )
self.home()
+ def library_info( self, cntrller, library_id, library_name, new_name='', new_description='', new_synopsis='',
+ ele_1_field_name='', ele_1_contents='', ele_2_field_name='', ele_2_contents='', check_str1='' ):
+ """Edit information about a library, optionally using an existing template with up to 2 elements"""
+ self.home()
+ self.visit_url( "%s/library_common/library_info?cntrller=%s&id=%s" % ( self.url, cntrller, library_id ) )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if new_name and new_description and new_synopsis:
+ tc.fv( '1', 'name', new_name )
+ tc.fv( '1', 'description', new_description )
+ tc.fv( '1', 'synopsis', new_synopsis )
+ tc.submit( 'library_info_button' )
+ self.check_page_for_string( "The information has been updated." )
+ # If there is a template, then there are 2 forms on this page and the template is the 2nd form
+ if ele_1_field_name and ele_1_contents and ele_2_field_name and ele_2_contents:
+ tc.fv( '2', ele_1_field_name, ele_1_contents )
+ tc.fv( '2', ele_2_field_name, ele_2_contents )
+ tc.submit( 'edit_info_button' )
+ elif ele_1_field_name and ele_1_contents:
+ tc.fv( '2', ele_1_field_name, ele_1_contents )
+ tc.submit( 'edit_info_button' )
+ self.home()
def library_permissions( self, library_id, library_name, role_ids_str, permissions_in, permissions_out, cntrller='library_admin' ):
# role_ids_str must be a comma-separated string of role ids
url = "library_common/library_permissions?id=%s&cntrller=%slibrary_admin&update_roles_button=Save" % ( library_id, cntrller )
@@ -1558,46 +1674,8 @@
check_str = "Permissions updated for library '%s'" % library_name
self.check_page_for_string( check_str )
self.home()
- def rename_library( self, library_id, old_name, name='Library One Renamed', description='This is Library One Re-described',
- synopsis='This is the new synopsis for Library One ', controller='library_admin' ):
- """Rename a library"""
- self.home()
- self.visit_url( "%s/library_common/library_info?id=%s&cntrller=%s" % ( self.url, library_id, controller ) )
- self.check_page_for_string( old_name )
- # Since twill barfs on the form submisson, we ar forced to simulate it
- url = "%s/library_common/library_info?id=%s&cntrller=%s&library_info_button=Save&description=%s&name=%s&synopsis=%s" % \
- ( self.url, library_id, controller, description.replace( ' ', '+' ), name.replace( ' ', '+' ), synopsis.replace( ' ', '+' ) )
- self.home()
- self.visit_url( url )
- check_str = "Library '%s' has been renamed to '%s'" % ( old_name, name )
- self.check_page_for_string( check_str )
- self.home()
- def add_template( self, cntrller, item_type, library_id, form_id, form_name, folder_id=None, ldda_id=None ):
- """Add a new info template to a library item"""
- self.home()
- if item_type == 'library':
- url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s" % ( self.url, cntrller, item_type, library_id )
- elif item_type == 'folder':
- url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s&folder_id=%s" % ( self.url, cntrller, item_type, library_id, folder_id )
- elif item_type == 'ldda':
- url = "%s/library_common/add_template?cntrller=%s&item_type=%s&library_id=%s&folder_id=%s&ldda_id=%s" % ( self.url, cntrller, item_type, library_id, folder_id, ldda_id )
- self.visit_url( url )
- self.check_page_for_string ( "Select a template for the" )
- tc.fv( '1', 'form_id', form_id )
- tc.fv( '1', 'inherit', '1' )
- tc.submit( 'add_template_button' )
- self.check_page_for_string = 'A template based on the form "%s" has been added to this' % form_name
- self.home()
- def library_info( self, library_id, library_name, ele_1_field_name, ele_1_contents, ele_2_field_name, ele_2_contents, controller='library_admin' ):
- """Add information to a library using an existing template with 2 elements"""
- self.home()
- self.visit_url( "%s/library_common/library_info?id=%s&cntrller=%s" % ( self.url, library_id, controller ) )
- check_str = 'Other information about library %s' % library_name
- self.check_page_for_string( check_str )
- tc.fv( '2', ele_1_field_name, ele_1_contents )
- tc.fv( '2', ele_2_field_name, ele_2_contents )
- tc.submit( 'create_new_info_button' )
- self.home()
+
+ # Library folder stuff
def add_folder( self, controller, library_id, folder_id, name='Folder One', description='This is Folder One' ):
"""Create a new folder"""
self.home()
@@ -1609,27 +1687,40 @@
check_str = "The new folder named '%s' has been added to the data library." % name
self.check_page_for_string( check_str )
self.home()
- def folder_info( self, controller, folder_id, library_id, name, new_name, description, contents='', field_name='' ):
+ def folder_info( self, cntrller, folder_id, library_id, name='', new_name='', description='',
+ field_name='', contents='', check_str1='', check_str2='', not_displayed='' ):
"""Add information to a library using an existing template with 2 elements"""
self.home()
self.visit_url( "%s/library_common/folder_info?cntrller=%s&id=%s&library_id=%s" % \
- ( self.url, controller, folder_id, library_id) )
+ ( self.url, cntrller, folder_id, library_id ) )
# Twill cannot handle the following call for some reason - it's buggy
# self.check_page_for_string( "Edit folder name and description" )
- tc.fv( '1', "name", new_name )
- tc.fv( '1', "description", description )
- tc.submit( 'rename_folder_button' )
- # Twill cannot handle the following call for some reason - it's buggy
- # check_str = "Folder '%s' has been renamed to '%s'" % ( name, new_name )
- # self.check_page_for_string( check_str )
- if contents and field_name:
+ if name and new_name and description:
+ tc.fv( '1', "name", new_name )
+ tc.fv( '1', "description", description )
+ tc.submit( 'rename_folder_button' )
+ # Twill barfs on this, so keep it commented...
+ #self.check_page_for_string( "The information has been updated." )
+ if field_name and contents:
# We have an information template associated with the folder, so
# there are 2 forms on this page and the template is the 2nd form
tc.fv( '2', field_name, contents )
tc.submit( 'edit_info_button' )
- # Twill cannot handle the following call for some reason - it's buggy
- # self.check_page_for_string( 'The information has been updated.' )
+ # Twill barfs on this, so keep it commented...
+ #self.check_page_for_string( 'The information has been updated.' )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if check_str2:
+ self.check_page_for_string( check_str2 )
+ if not_displayed:
+ try:
+ self.check_page_for_string( not_displayed )
+ raise AssertionError, "String (%s) should not have been displayed on folder info page." % not_displayed
+ except:
+ pass
self.home()
+
+ # Library dataset stuff
def add_library_dataset( self, cntrller, filename, library_id, folder_id, folder_name,
file_type='auto', dbkey='hg18', roles=[], message='', root=False,
template_field_name1='', template_field_contents1='', show_deleted='False',
@@ -1638,7 +1729,7 @@
filename = self.get_filename( filename )
self.home()
self.visit_url( "%s/library_common/upload_library_dataset?cntrller=%s&library_id=%s&folder_id=%s&upload_option=%s&message=%s" % \
- ( self.url, cntrller, library_id, folder_id, upload_option, message ) )
+ ( self.url, cntrller, library_id, folder_id, upload_option, message.replace( ' ', '+' ) ) )
self.check_page_for_string( 'Upload files' )
tc.fv( "1", "library_id", library_id )
tc.fv( "1", "folder_id", folder_id )
@@ -1659,68 +1750,77 @@
check_str = "Added 1 datasets to the folder '%s' (each is selected)." % folder_name
self.library_wait( library_id )
self.home()
- def set_library_dataset_permissions( self, cntrller, library_id, folder_id, ldda_id, ldda_name, role_ids_str, permissions_in, permissions_out ):
+ def ldda_permissions( self, cntrller, library_id, folder_id, id, role_ids_str,
+ permissions_in=[], permissions_out=[], check_str1='' ):
# role_ids_str must be a comma-separated string of role ids
- url = "library_common/ldda_permissions?cntrller=%s&library_id=%s&folder_id=%s&id=%s&update_roles_button=Save" % \
- ( cntrller, library_id, folder_id, ldda_id )
+ url = "%s/library_common/ldda_permissions?cntrller=%s&library_id=%s&folder_id=%s&id=%s" % \
+ ( self.url, cntrller, library_id, folder_id, id )
for po in permissions_out:
key = '%s_out' % po
url ="%s&%s=%s" % ( url, key, role_ids_str )
for pi in permissions_in:
key = '%s_in' % pi
url ="%s&%s=%s" % ( url, key, role_ids_str )
- self.home()
- self.visit_url( "%s/%s" % ( self.url, url ) )
- check_str = "Permissions have been updated on 1 datasets"
+ if permissions_in or permissions_out:
+ url += "&update_roles_button=Save"
+ self.visit_url( url )
+ if check_str1:
+ check_str = check_str1
+ else:
+ check_str = "Permissions have been updated on 1 datasets"
self.check_page_for_string( check_str )
self.home()
- def edit_ldda_template_element_info( self, library_id, folder_id, ldda_id, ldda_name, ele_1_field_name,
- ele_1_contents, ele_2_field_name, ele_2_contents, ele_1_help='', ele_2_help='',
- ele_3_field_name='', ele_3_contents='', ele_3_help='' ):
- """Edit library_dataset_dataset_association template element information"""
- self.home()
- self.visit_url( "%s/library_common/ldda_edit_info?cntrller=library_admin&library_id=%s&folder_id=%s&id=%s" % \
- ( self.url, library_id, folder_id, ldda_id ) )
+ def ldda_edit_info( self, cntrller, library_id, folder_id, ldda_id, ldda_name, new_ldda_name='',
+ ele_1_field_name='', ele_1_contents='', ele_1_help='',
+ ele_2_field_name='', ele_2_contents='', ele_2_help='',
+ ele_3_field_name='', ele_3_contents='', ele_3_help='',
+ check_str1='', check_str2='', check_str3='', not_displayed='' ):
+ """Edit library_dataset_dataset_association information, optionally template element information"""
+ self.visit_url( "%s/library_common/ldda_edit_info?cntrller=%s&library_id=%s&folder_id=%s&id=%s" % \
+ ( self.url, cntrller, library_id, folder_id, ldda_id ) )
check_str = 'Edit attributes of %s' % ldda_name
self.check_page_for_string( check_str )
- ele_1_contents = ele_1_contents.replace( '+', ' ' )
- ele_2_contents = ele_2_contents.replace( '+', ' ' )
- tc.fv( '4', ele_1_field_name, ele_1_contents )
- tc.fv( '4', ele_2_field_name, ele_2_contents.replace( '+', ' ' ) )
+ if new_ldda_name:
+ tc.fv( '1', 'name', new_ldda_name )
+ tc.submit( 'save' )
+ check_str = 'Attributes updated for library dataset %s' % new_ldda_name
+ self.check_page_for_string( check_str )
+ # There are 4 forms on this page and the template is the 4th form
+ if ele_1_field_name and ele_1_contents:
+ ele_1_contents = ele_1_contents.replace( '+', ' ' )
+ tc.fv( '4', ele_1_field_name, ele_1_contents )
+ if ele_2_field_name and ele_2_contents:
+ ele_2_contents = ele_2_contents.replace( '+', ' ' )
+ tc.fv( '4', ele_2_field_name, ele_2_contents.replace( '+', ' ' ) )
if ele_3_field_name and ele_3_contents:
ele_3_contents = ele_3_contents.replace( '+', ' ' )
tc.fv( '4', ele_3_field_name, ele_3_contents )
- tc.submit( 'edit_info_button' )
- self.check_page_for_string( 'This is the latest version of this library dataset' )
- self.check_page_for_string( 'The information has been updated.' )
- self.check_page_for_string( ele_1_contents )
- self.check_page_for_string( ele_2_contents )
- if ele_3_field_name and ele_3_contents:
+ if ele_1_field_name:
+ tc.submit( 'edit_info_button' )
+ self.check_page_for_string( 'This is the latest version of this library dataset' )
+ self.check_page_for_string( 'The information has been updated.' )
+ self.check_page_for_string( ele_1_contents )
+ if ele_2_field_name:
+ self.check_page_for_string( ele_2_contents )
+ if ele_3_field_name:
self.check_page_for_string( ele_3_contents )
if ele_1_help:
check_str = ele_1_help.replace( '+', ' ' )
self.check_page_for_string( check_str )
- self.check_page_for_string( ele_2_contents )
if ele_2_help:
check_str = ele_2_help.replace( '+', ' ' )
self.check_page_for_string( check_str )
if ele_2_help:
check_str = ele_3_help.replace( '+', ' ' )
self.check_page_for_string( check_str )
- self.home()
- def edit_ldda_attribute_info( self, cntrller, library_id, folder_id, ldda_id, ldda_name, new_ldda_name ):
- """Edit library_dataset_dataset_association attribute information"""
- self.home()
- self.visit_url( "%s/library_common/ldda_edit_info?cntrller=%s&library_id=%s&folder_id=%s&id=%s" % \
- ( self.url, cntrller, library_id, folder_id, ldda_id ) )
- check_str = 'Edit attributes of %s' % ldda_name
- self.check_page_for_string( check_str )
- tc.fv( '1', 'name', new_ldda_name )
- tc.submit( 'save' )
- check_str = 'Attributes updated for library dataset %s' % new_ldda_name
- self.check_page_for_string( check_str )
- check_str = 'Edit attributes of %s' % new_ldda_name
- self.check_page_for_string( check_str )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
+ if not_displayed:
+ try:
+ self.check_page_for_string( not_displayed )
+ raise AssertionError, "String (%s) should not have been displayed on ldda Edit Attributes page." % not_displayed
+ except:
+ pass
self.home()
def upload_new_dataset_version( self, cntrller, filename, library_id, folder_id, folder_name, library_dataset_id, ldda_name, file_type='auto',
dbkey='hg18', message='', template_field_name1='', template_field_contents1='' ):
@@ -1755,19 +1855,21 @@
check_str = "Added 1 datasets to the folder '%s' (each is selected)." % folder_name
self.check_page_for_string( check_str )
self.home()
- def add_dir_of_files_from_admin_view( self, library_id, folder_id, file_type='auto', dbkey='hg18', roles_tuple=[],
- message='', check_str_after_submit='', template_field_name1='', template_field_contents1='' ):
+ def upload_directory_of_files( self, cntrller, library_id, folder_id, server_dir, file_type='auto', dbkey='hg18', roles_tuple=[],
+ message='', check_str1='', check_str_after_submit='', template_field_name1='', template_field_contents1='' ):
"""Add a directory of datasets to a folder"""
# roles is a list of tuples: [ ( role_id, role_description ) ]
- self.home()
- self.visit_url( "%s/library_common/upload_library_dataset?cntrller=library_admin&upload_option=upload_directory&library_id=%s&folder_id=%s" % \
- ( self.url, library_id, folder_id ) )
+ url = "%s/library_common/upload_library_dataset?cntrller=%s&library_id=%s&folder_id=%s&upload_option=upload_directory" % \
+ ( self.url, cntrller, library_id, folder_id )
+ self.visit_url( url )
self.check_page_for_string( 'Upload a directory of files' )
+ if check_str1:
+ self.check_page_for_strin( check_str1 )
tc.fv( "1", "folder_id", folder_id )
tc.fv( "1", "file_type", file_type )
tc.fv( "1", "dbkey", dbkey )
- tc.fv( "1", "message", message.replace( '+', ' ' ) )
- tc.fv( "1", "server_dir", "library" )
+ tc.fv( "1", "message", message )
+ tc.fv( "1", "server_dir", server_dir )
for role_tuple in roles_tuple:
tc.fv( "1", "roles", role_tuple[1] ) # role_tuple[1] is the role name
# Add template field contents, if any...
@@ -1778,29 +1880,13 @@
self.check_page_for_string( check_str_after_submit )
self.library_wait( library_id )
self.home()
- def add_dir_of_files_from_libraries_view( self, library_id, folder_id, selected_dir, file_type='auto', dbkey='hg18', roles_tuple=[],
- message='', check_str_after_submit='', template_field_name1='', template_field_contents1='' ):
- """Add a directory of datasets to a folder"""
- # roles is a list of tuples: [ ( role_id, role_description ) ]
- self.home()
- self.visit_url( "%s/library_common/upload_library_dataset?cntrller=library&upload_option=upload_directory&library_id=%s&folder_id=%s" % \
- ( self.url, library_id, folder_id ) )
- self.check_page_for_string( 'Upload a directory of files' )
- tc.fv( "1", "folder_id", folder_id )
- tc.fv( "1", "file_type", file_type )
- tc.fv( "1", "dbkey", dbkey )
- tc.fv( "1", "message", message.replace( '+', ' ' ) )
- tc.fv( "1", "server_dir", selected_dir )
- for role_tuple in roles_tuple:
- tc.fv( "1", "roles", role_tuple[1] ) # role_tuple[1] is the role name
- # Add template field contents, if any...
- if template_field_name1:
- tc.fv( "1", template_field_name1, template_field_contents1 )
- tc.submit( "runtool_btn" )
- if check_str_after_submit:
- self.check_page_for_string( check_str_after_submit )
- self.library_wait( library_id, cntrller='library' )
- self.home()
+ def act_on_multiple_datasets( self, cntrller, library_id, do_action, ldda_ids='', check_str1='' ):
+ # Can't use the ~/library_admin/libraries form as twill barfs on it so we'll simulate the form submission
+ # by going directly to the form action
+ self.visit_url( '%s/library_common/act_on_multiple_datasets?cntrller=%s&library_id=%s&ldda_ids=%s&do_action=%s' \
+ % ( self.url, cntrller, library_id, ldda_ids, do_action ) )
+ if check_str1:
+ self.check_page_for_string( check_str1 )
def download_archive_of_library_files( self, cntrller, library_id, ldda_ids, format ):
self.home()
# Here it would be ideal to have twill set form values and submit the form, but
diff -r e39c9a2a0b4c -r 48e83411aa91 test/functional/test_admin_features.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/functional/test_admin_features.py Fri Mar 12 16:11:26 2010 -0500
@@ -0,0 +1,422 @@
+from base.twilltestcase import *
+from base.test_db_util import *
+
+class TestDataSecurity( TwillTestCase ):
+ def test_000_initiate_users( self ):
+ """Ensuring all required user accounts exist"""
+ self.logout()
+ self.login( email='test1 at bx.psu.edu' )
+ global regular_user1
+ regular_user1 = get_user( 'test1 at bx.psu.edu' )
+ assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
+ self.logout()
+ self.login( email='test2 at bx.psu.edu' )
+ global regular_user2
+ regular_user2 = get_user( 'test2 at bx.psu.edu' )
+ assert regular_user2 is not None, 'Problem retrieving user with email "test2 at bx.psu.edu" from the database'
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ global admin_user
+ admin_user = get_user( 'test at bx.psu.edu' )
+ assert admin_user is not None, 'Problem retrieving user with email "test at bx.psu.edu" from the database'
+ def test_005_create_new_user_account_as_admin( self ):
+ """Testing creating a new user account as admin"""
+ # Logged in as admin_user
+ email = 'test3 at bx.psu.edu'
+ password = 'testuser'
+ previously_created = self.create_new_account_as_admin( email=email, password=password )
+ # Get the user object for later tests
+ global regular_user3
+ regular_user3 = get_user( email )
+ assert regular_user3 is not None, 'Problem retrieving user with email "%s" from the database' % email
+ global regular_user3_private_role
+ regular_user3_private_role = get_private_role( regular_user3 )
+ # Make sure DefaultUserPermissions were created
+ if not regular_user3.default_permissions:
+ raise AssertionError( 'No DefaultUserPermissions were created for user %s when the admin created the account' % email )
+ # Make sure a private role was created for the user
+ if not regular_user3.roles:
+ raise AssertionError( 'No UserRoleAssociations were created for user %s when the admin created the account' % email )
+ if not previously_created and len( regular_user3.roles ) != 1:
+ raise AssertionError( '%d UserRoleAssociations were created for user %s when the admin created the account ( should have been 1 )' \
+ % ( len( regular_user3.roles ), regular_user3.email ) )
+ for ura in regular_user3.roles:
+ role = sa_session.query( galaxy.model.Role ).get( ura.role_id )
+ if not previously_created and role.type != 'private':
+ raise AssertionError( 'Role created for user %s when the admin created the account is not private, type is' \
+ % str( role.type ) )
+ if not previously_created:
+ # Make sure a history was not created ( previous test runs may have left deleted histories )
+ histories = get_all_histories_for_user( regular_user3 )
+ if histories:
+ raise AssertionError( 'Histories were incorrectly created for user %s when the admin created the account' % email )
+ # Make sure the user was not associated with any groups
+ if regular_user3.groups:
+ raise AssertionError( 'Groups were incorrectly associated with user %s when the admin created the account' % email )
+ def test_010_reset_password_as_admin( self ):
+ """Testing reseting a user password as admin"""
+ self.reset_password_as_admin( user_id=self.security.encode_id( regular_user3.id ), password='testreset' )
+ def test_015_login_after_password_reset( self ):
+ """Testing logging in after an admin reset a password - tests DefaultHistoryPermissions for accounts created by an admin"""
+ # logged in as admin_user
+ self.logout()
+ self.login( email=regular_user3.email, password='testreset' )
+ # Make sure a History and HistoryDefaultPermissions exist for the user
+ latest_history = get_latest_history_for_user( regular_user3 )
+ if not latest_history.user_id == regular_user3.id:
+ raise AssertionError( 'A history was not created for user %s when he logged in' % email )
+ if not latest_history.default_permissions:
+ raise AssertionError( 'No DefaultHistoryPermissions were created for history id %d when it was created' % latest_history.id )
+ dhps = get_default_history_permissions_by_history( latest_history )
+ if len( dhps ) > 1:
+ raise AssertionError( 'More than 1 DefaultHistoryPermissions were created for history id %d when it was created' % latest_history.id )
+ dhp = dhps[0]
+ if not dhp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
+ raise AssertionError( 'The DefaultHistoryPermission.action for history id %d is "%s", but it should be "manage permissions"' \
+ % ( latest_history.id, dhp.action ) )
+ # Upload a file to create a HistoryDatasetAssociation
+ self.upload_file( '1.bed' )
+ latest_dataset = get_latest_dataset()
+ for dp in latest_dataset.actions:
+ # Should only have 1 DatasetPermissions
+ if dp.action != galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
+ raise AssertionError( 'The DatasetPermissions for dataset id %d is %s ( should have been %s )' \
+ % ( latest_dataset.id,
+ latest_dataset.actions.action,
+ galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
+ self.logout()
+ # Reset the password to the default for later tests
+ self.login( email='test at bx.psu.edu' )
+ self.reset_password_as_admin( user_id=self.security.encode_id( regular_user3.id ), password='testuser' )
+ def test_020_mark_user_deleted( self ):
+ """Testing marking a user account as deleted"""
+ # Logged in as admin_user
+ self.mark_user_deleted( user_id=self.security.encode_id( regular_user3.id ), email=regular_user3.email )
+ if not regular_user3.active_histories:
+ raise AssertionError( 'HistoryDatasetAssociations for regular_user3 were incorrectly deleted when the user was marked deleted' )
+ def test_025_undelete_user( self ):
+ """Testing undeleting a user account"""
+ # Logged in as admin_user
+ self.undelete_user( user_id=self.security.encode_id( regular_user3.id ), email=regular_user3.email )
+ def test_030_create_role( self ):
+ """Testing creating new role with 3 members ( and a new group named the same ), then renaming the role"""
+ # Logged in as admin_user
+ name = 'Role One'
+ description = "This is Role Ones description"
+ user_ids=[ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ]
+ self.create_role( name=name,
+ description=description,
+ in_user_ids=user_ids,
+ in_group_ids=[],
+ create_group_for_role='yes',
+ private_role=admin_user.email )
+ # Get the role object for later tests
+ global role_one
+ role_one = sa_session.query( galaxy.model.Role ).filter( galaxy.model.Role.table.c.name==name ).first()
+ assert role_one is not None, 'Problem retrieving role named "Role One" from the database'
+ # Make sure UserRoleAssociations are correct
+ if len( role_one.users ) != len( user_ids ):
+ raise AssertionError( '%d UserRoleAssociations were created for role id %d when it was created ( should have been %d )' \
+ % ( len( role_one.users ), role_one.id, len( user_ids ) ) )
+ # Each of the following users should now have 2 role associations, their private role and role_one
+ for user in [ admin_user, regular_user1, regular_user3 ]:
+ refresh( user )
+ if len( user.roles ) != 2:
+ raise AssertionError( '%d UserRoleAssociations are associated with user %s ( should be 2 )' \
+ % ( len( user.roles ), user.email ) )
+ # Make sure the group was created
+ self.visit_url( '%s/admin/groups' % self.url )
+ self.check_page_for_string( name )
+ global group_zero
+ group_zero = get_group_by_name( name )
+ # Rename the role
+ rename = "Role One's been Renamed"
+ new_description="This is Role One's Re-described"
+ self.rename_role( self.security.encode_id( role_one.id ), name=rename, description=new_description )
+ self.visit_url( '%s/admin/roles' % self.url )
+ self.check_page_for_string( rename )
+ self.check_page_for_string( new_description )
+ # Reset the role back to the original name and description
+ self.rename_role( self.security.encode_id( role_one.id ), name=name, description=description )
+ def test_035_create_group( self ):
+ """Testing creating new group with 3 members and 1 associated role, then renaming it"""
+ # Logged in as admin_user
+ name = "Group One's Name"
+ user_ids=[ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ]
+ role_ids=[ str( role_one.id ) ]
+ self.create_group( name=name, in_user_ids=user_ids, in_role_ids=role_ids )
+ # Get the group object for later tests
+ global group_one
+ group_one = get_group_by_name( name )
+ assert group_one is not None, 'Problem retrieving group named "Group One" from the database'
+ # Make sure UserGroupAssociations are correct
+ if len( group_one.users ) != len( user_ids ):
+ raise AssertionError( '%d UserGroupAssociations were created for group id %d when it was created ( should have been %d )' \
+ % ( len( group_one.users ), group_one.id, len( user_ids ) ) )
+ # Each user should now have 1 group association, group_one
+ for user in [ admin_user, regular_user1, regular_user3 ]:
+ refresh( user )
+ if len( user.groups ) != 1:
+ raise AssertionError( '%d UserGroupAssociations are associated with user %s ( should be 1 )' % ( len( user.groups ), user.email ) )
+ # Make sure GroupRoleAssociations are correct
+ if len( group_one.roles ) != len( role_ids ):
+ raise AssertionError( '%d GroupRoleAssociations were created for group id %d when it was created ( should have been %d )' \
+ % ( len( group_one.roles ), group_one.id, len( role_ids ) ) )
+ # Rename the group
+ rename = "Group One's been Renamed"
+ self.rename_group( self.security.encode_id( group_one.id ), name=rename, )
+ self.home()
+ self.visit_url( '%s/admin/groups' % self.url )
+ self.check_page_for_string( rename )
+ # Reset the group back to the original name
+ self.rename_group( self.security.encode_id( group_one.id ), name=name )
+ def test_040_add_members_and_role_to_group( self ):
+ """Testing editing user membership and role associations of an existing group"""
+ # Logged in as admin_user
+ name = 'Group Two'
+ self.create_group( name=name, in_user_ids=[], in_role_ids=[] )
+ # Get the group object for later tests
+ global group_two
+ group_two = get_group_by_name( name )
+ assert group_two is not None, 'Problem retrieving group named "Group Two" from the database'
+ # group_two should have no associations
+ if group_two.users:
+ raise AssertionError( '%d UserGroupAssociations were created for group id %d when it was created ( should have been 0 )' \
+ % ( len( group_two.users ), group_two.id ) )
+ if group_two.roles:
+ raise AssertionError( '%d GroupRoleAssociations were created for group id %d when it was created ( should have been 0 )' \
+ % ( len( group_two.roles ), group_two.id ) )
+ user_ids = [ str( regular_user1.id ) ]
+ role_ids = [ str( role_one.id ) ]
+ self.associate_users_and_roles_with_group( self.security.encode_id( group_two.id ),
+ group_two.name,
+ user_ids=user_ids,
+ role_ids=role_ids )
+ def test_045_create_role_with_user_and_group_associations( self ):
+ """Testing creating a role with user and group associations"""
+ # Logged in as admin_user
+ # NOTE: To get this to work with twill, all select lists on the ~/admin/role page must contain at least
+ # 1 option value or twill throws an exception, which is: ParseError: OPTION outside of SELECT
+ # Due to this bug in twill, we create the role, we bypass the page and visit the URL in the
+ # associate_users_and_groups_with_role() method.
+ name = 'Role Two'
+ description = 'This is Role Two'
+ user_ids=[ str( admin_user.id ) ]
+ group_ids=[ str( group_two.id ) ]
+ private_role=admin_user.email
+ # Create the role
+ self.create_role( name=name,
+ description=description,
+ in_user_ids=user_ids,
+ in_group_ids=group_ids,
+ private_role=private_role )
+ # Get the role object for later tests
+ global role_two
+ role_two = get_role_by_name( name )
+ assert role_two is not None, 'Problem retrieving role named "Role Two" from the database'
+ # Make sure UserRoleAssociations are correct
+ if len( role_two.users ) != len( user_ids ):
+ raise AssertionError( '%d UserRoleAssociations were created for role id %d when it was created with %d members' \
+ % ( len( role_two.users ), role_two.id, len( user_ids ) ) )
+ # admin_user should now have 3 role associations, private role, role_one, role_two
+ refresh( admin_user )
+ if len( admin_user.roles ) != 3:
+ raise AssertionError( '%d UserRoleAssociations are associated with user %s ( should be 3 )' % ( len( admin_user.roles ), admin_user.email ) )
+ # Make sure GroupRoleAssociations are correct
+ refresh( role_two )
+ if len( role_two.groups ) != len( group_ids ):
+ raise AssertionError( '%d GroupRoleAssociations were created for role id %d when it was created ( should have been %d )' \
+ % ( len( role_two.groups ), role_two.id, len( group_ids ) ) )
+ # group_two should now be associated with 2 roles: role_one, role_two
+ refresh( group_two )
+ if len( group_two.roles ) != 2:
+ raise AssertionError( '%d GroupRoleAssociations are associated with group id %d ( should be 2 )' % ( len( group_two.roles ), group_two.id ) )
+ def test_050_change_user_role_associations( self ):
+ """Testing changing roles associated with a user"""
+ # Logged in as admin_user
+ # Create a new role with no associations
+ name = 'Role Three'
+ description = 'This is Role Three'
+ user_ids=[]
+ group_ids=[]
+ private_role=admin_user.email
+ self.create_role( name=name,
+ description=description,
+ in_user_ids=user_ids,
+ in_group_ids=group_ids,
+ private_role=private_role )
+ # Get the role object for later tests
+ global role_three
+ role_three = get_role_by_name( name )
+ assert role_three is not None, 'Problem retrieving role named "Role Three" from the database'
+ # Associate the role with a user
+ refresh( admin_user )
+ role_ids = []
+ for ura in admin_user.non_private_roles:
+ role_ids.append( str( ura.role_id ) )
+ role_ids.append( str( role_three.id ) )
+ group_ids = []
+ for uga in admin_user.groups:
+ group_ids.append( str( uga.group_id ) )
+ check_str = "User '%s' has been updated with %d associated roles and %d associated groups" % \
+ ( admin_user.email, len( role_ids ), len( group_ids ) )
+ self.manage_roles_and_groups_for_user( self.security.encode_id( admin_user.id ),
+ in_role_ids=role_ids,
+ in_group_ids=group_ids,
+ check_str=check_str )
+ refresh( admin_user )
+ # admin_user should now be associated with 4 roles: private, role_one, role_two, role_three
+ if len( admin_user.roles ) != 4:
+ raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 4 )' % \
+ ( len( admin_user.roles ), admin_user.email ) )
+ def test_055_mark_group_deleted( self ):
+ """Testing marking a group as deleted"""
+ # Logged in as admin_user
+ self.browse_groups( check_str1=group_two.name )
+ self.mark_group_deleted( self.security.encode_id( group_two.id ), group_two.name )
+ refresh( group_two )
+ if not group_two.deleted:
+ raise AssertionError( '%s was not correctly marked as deleted.' % group_two.name )
+ # Deleting a group should not delete any associations
+ if not group_two.members:
+ raise AssertionError( '%s incorrectly lost all members when it was marked as deleted.' % group_two.name )
+ if not group_two.roles:
+ raise AssertionError( '%s incorrectly lost all role associations when it was marked as deleted.' % group_two.name )
+ def test_060_undelete_group( self ):
+ """Testing undeleting a deleted group"""
+ # Logged in as admin_user
+ self.undelete_group( self.security.encode_id( group_two.id ), group_two.name )
+ refresh( group_two )
+ if group_two.deleted:
+ raise AssertionError( '%s was not correctly marked as not deleted.' % group_two.name )
+ def test_065_mark_role_deleted( self ):
+ """Testing marking a role as deleted"""
+ # Logged in as admin_user
+ self.home()
+ self.browse_roles( check_str1=role_two.name )
+ self.mark_role_deleted( self.security.encode_id( role_two.id ), role_two.name )
+ refresh( role_two )
+ if not role_two.deleted:
+ raise AssertionError( '%s was not correctly marked as deleted.' % role_two.name )
+ # Deleting a role should not delete any associations
+ if not role_two.users:
+ raise AssertionError( '%s incorrectly lost all user associations when it was marked as deleted.' % role_two.name )
+ if not role_two.groups:
+ raise AssertionError( '%s incorrectly lost all group associations when it was marked as deleted.' % role_two.name )
+ def test_070_undelete_role( self ):
+ """Testing undeleting a deleted role"""
+ # Logged in as admin_user
+ self.undelete_role( self.security.encode_id( role_two.id ), role_two.name )
+ def test_075_purge_user( self ):
+ """Testing purging a user account"""
+ # Logged in as admin_user
+ self.mark_user_deleted( user_id=self.security.encode_id( regular_user3.id ), email=regular_user3.email )
+ refresh( regular_user3 )
+ self.purge_user( self.security.encode_id( regular_user3.id ), regular_user3.email )
+ refresh( regular_user3 )
+ if not regular_user3.purged:
+ raise AssertionError( 'User %s was not marked as purged.' % regular_user3.email )
+ # Make sure DefaultUserPermissions deleted EXCEPT FOR THE PRIVATE ROLE
+ if len( regular_user3.default_permissions ) != 1:
+ raise AssertionError( 'DefaultUserPermissions for user %s were not deleted.' % regular_user3.email )
+ for dup in regular_user3.default_permissions:
+ role = sa_session.query( galaxy.model.Role ).get( dup.role_id )
+ if role.type != 'private':
+ raise AssertionError( 'DefaultUserPermissions for user %s are not related with the private role.' % regular_user3.email )
+ # Make sure History deleted
+ for history in regular_user3.histories:
+ refresh( history )
+ if not history.deleted:
+ raise AssertionError( 'User %s has active history id %d after their account was marked as purged.' % ( regular_user3.email, hda.id ) )
+ # NOTE: Not all hdas / datasets will be deleted at the time a history is deleted - the cleanup_datasets.py script
+ # is responsible for this.
+ # Make sure UserGroupAssociations deleted
+ if regular_user3.groups:
+ raise AssertionError( 'User %s has active group id %d after their account was marked as purged.' % ( regular_user3.email, uga.id ) )
+ # Make sure UserRoleAssociations deleted EXCEPT FOR THE PRIVATE ROLE
+ if len( regular_user3.roles ) != 1:
+ raise AssertionError( 'UserRoleAssociations for user %s were not deleted.' % regular_user3.email )
+ for ura in regular_user3.roles:
+ role = sa_session.query( galaxy.model.Role ).get( ura.role_id )
+ if role.type != 'private':
+ raise AssertionError( 'UserRoleAssociations for user %s are not related with the private role.' % regular_user3.email )
+ def test_080_manually_unpurge_user( self ):
+ """Testing manually un-purging a user account"""
+ # Logged in as admin_user
+ # Reset the user for later test runs. The user's private Role and DefaultUserPermissions for that role
+ # should have been preserved, so all we need to do is reset purged and deleted.
+ # TODO: If we decide to implement the GUI feature for un-purging a user, replace this with a method call
+ regular_user3.purged = False
+ regular_user3.deleted = False
+ flush( regular_user3 )
+ def test_085_purge_group( self ):
+ """Testing purging a group"""
+ # Logged in as admin_user
+ self.mark_group_deleted( self.security.encode_id( group_two.id ), group_two.name )
+ self.purge_group( self.security.encode_id( group_two.id ), group_two.name )
+ # Make sure there are no UserGroupAssociations
+ if get_user_group_associations_by_group( group_two ):
+ raise AssertionError( "Purging the group did not delete the UserGroupAssociations for group_id '%s'" % group_two.id )
+ # Make sure there are no GroupRoleAssociations
+ if get_group_role_associations_by_group( group_two ):
+ raise AssertionError( "Purging the group did not delete the GroupRoleAssociations for group_id '%s'" % group_two.id )
+ # Undelete the group for later test runs
+ self.undelete_group( self.security.encode_id( group_two.id ), group_two.name )
+ def test_090_purge_role( self ):
+ """Testing purging a role"""
+ # Logged in as admin_user
+ self.mark_role_deleted( self.security.encode_id( role_two.id ), role_two.name )
+ self.purge_role( self.security.encode_id( role_two.id ), role_two.name )
+ # Make sure there are no UserRoleAssociations
+ if get_user_role_associations_by_role( role_two ):
+ raise AssertionError( "Purging the role did not delete the UserRoleAssociations for role_id '%s'" % role_two.id )
+ # Make sure there are no DefaultUserPermissions associated with the Role
+ if get_default_user_permissions_by_role( role_two ):
+ raise AssertionError( "Purging the role did not delete the DefaultUserPermissions for role_id '%s'" % role_two.id )
+ # Make sure there are no DefaultHistoryPermissions associated with the Role
+ if get_default_history_permissions_by_role( role_two ):
+ raise AssertionError( "Purging the role did not delete the DefaultHistoryPermissions for role_id '%s'" % role_two.id )
+ # Make sure there are no GroupRoleAssociations
+ if get_group_role_associations_by_role( role_two ):
+ raise AssertionError( "Purging the role did not delete the GroupRoleAssociations for role_id '%s'" % role_two.id )
+ # Make sure there are no DatasetPermissionss
+ if get_dataset_permissions_by_role( role_two ):
+ raise AssertionError( "Purging the role did not delete the DatasetPermissionss for role_id '%s'" % role_two.id )
+ def test_095_manually_unpurge_role( self ):
+ """Testing manually un-purging a role"""
+ # Logged in as admin_user
+ # Manually unpurge, then undelete the role for later test runs
+ # TODO: If we decide to implement the GUI feature for un-purging a role, replace this with a method call
+ role_two.purged = False
+ flush( role_two )
+ self.undelete_role( self.security.encode_id( role_two.id ), role_two.name )
+ def test_999_reset_data_for_later_test_runs( self ):
+ """Reseting data to enable later test runs to pass"""
+ # Logged in as admin_user
+ ##################
+ # Eliminate all non-private roles
+ ##################
+ for role in [ role_one, role_two, role_three ]:
+ self.mark_role_deleted( self.security.encode_id( role.id ), role.name )
+ self.purge_role( self.security.encode_id( role.id ), role.name )
+ # Manually delete the role from the database
+ refresh( role )
+ sa_session.delete( role )
+ sa_session.flush()
+ ##################
+ # Eliminate all groups
+ ##################
+ for group in [ group_zero, group_one, group_two ]:
+ self.mark_group_deleted( self.security.encode_id( group.id ), group.name )
+ self.purge_group( self.security.encode_id( group.id ), group.name )
+ # Manually delete the group from the database
+ refresh( group )
+ sa_session.delete( group )
+ sa_session.flush()
+ ##################
+ # Make sure all users are associated only with their private roles
+ ##################
+ for user in [ admin_user, regular_user1, regular_user2, regular_user3 ]:
+ refresh( user )
+ if len( user.roles) != 1:
+ raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 1 )' % ( len( user.roles ), user.email ) )
diff -r e39c9a2a0b4c -r 48e83411aa91 test/functional/test_data_security.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/functional/test_data_security.py Fri Mar 12 16:11:26 2010 -0500
@@ -0,0 +1,196 @@
+from base.twilltestcase import *
+from base.test_db_util import *
+
+class TestDataSecurity( TwillTestCase ):
+ def test_000_initiate_users( self ):
+ """Ensuring all required user accounts exist"""
+ self.logout()
+ self.login( email='test1 at bx.psu.edu' )
+ global regular_user1
+ regular_user1 = get_user( 'test1 at bx.psu.edu' )
+ assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
+ global regular_user1_private_role
+ regular_user1_private_role = get_private_role( regular_user1 )
+ self.logout()
+ self.login( email='test2 at bx.psu.edu' )
+ global regular_user2
+ regular_user2 = get_user( 'test2 at bx.psu.edu' )
+ assert regular_user2 is not None, 'Problem retrieving user with email "test2 at bx.psu.edu" from the database'
+ global regular_user2_private_role
+ regular_user2_private_role = get_private_role( regular_user2 )
+ self.logout()
+ self.login( email='test3 at bx.psu.edu' )
+ global regular_user3
+ regular_user3 = get_user( 'test3 at bx.psu.edu' )
+ assert regular_user3 is not None, 'Problem retrieving user with email "test3 at bx.psu.edu" from the database'
+ global regular_user3_private_role
+ regular_user3_private_role = get_private_role( regular_user3 )
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ global admin_user
+ admin_user = get_user( 'test at bx.psu.edu' )
+ assert admin_user is not None, 'Problem retrieving user with email "test at bx.psu.edu" from the database'
+ global admin_user_private_role
+ admin_user_private_role = get_private_role( admin_user )
+ def test_005_default_permissions( self ):
+ """Testing initial settings for DefaultUserPermissions and DefaultHistoryPermissions"""
+ # Logged in as admin_user
+ # Make sure DefaultUserPermissions are correct
+ dups = get_default_user_permissions_by_user( admin_user )
+ if len( dups ) > 1:
+ raise AssertionError( '%d DefaultUserPermissions associated with user %s ( should be 1 )' \
+ % ( len( admin_user.default_permissions ), admin_user.email ) )
+ dup = dups[0]
+ if not dup.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
+ raise AssertionError( 'The DefaultUserPermission.action for user "%s" is "%s", but it should be "%s"' \
+ % ( admin_user.email, dup.action, galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
+ # Make sure DefaultHistoryPermissions are correct
+ latest_history = get_latest_history_for_user( admin_user )
+ dhps = get_default_history_permissions_by_history( latest_history )
+ if len( dhps ) > 1:
+ raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d when it was created ( should have been 1 )' \
+ % ( len( latest_history.default_permissions ), latest_history.id ) )
+ dhp = dhps[0]
+ if not dhp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
+ raise AssertionError( 'The DefaultHistoryPermission.action for history id %d is "%s", but it should be "%s"' \
+ % ( latest_history.id, dhp.action, galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
+ self.manage_roles_and_groups_for_user( self.security.encode_id( admin_user.id ),
+ check_str=admin_user.email )
+ # Try deleting the admin_user's private role
+ check_str = "You cannot eliminate a user's private role association."
+ self.manage_roles_and_groups_for_user( self.security.encode_id( admin_user.id ),
+ out_role_ids=str( admin_user_private_role.id ),
+ check_str=check_str )
+ def test_010_private_role_creation_and_default_history_permissions( self ):
+ """Testing private role creation and changing DefaultHistoryPermissions for new histories"""
+ # Logged in as admin_user
+ self.logout()
+ # Some of the history related tests here are similar to some tests in the
+ # test_history_functions.py script, so we could potentially eliminate 1 or 2 of them.
+ self.login( email='test1 at bx.psu.edu' )
+ global regular_user1
+ regular_user1 = get_user( 'test1 at bx.psu.edu' )
+ assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
+ # Add a dataset to the history
+ self.upload_file( '1.bed' )
+ latest_dataset = get_latest_dataset()
+ # Make sure DatasetPermissions are correct - default is 'manage permissions'
+ dps = get_dataset_permissions_by_dataset( latest_dataset )
+ if len( dps ) > 1:
+ raise AssertionError( '%d DatasetPermissions were created for dataset id %d when it was created ( should have been 1 )' \
+ % ( len( dps ), latest_dataset.id ) )
+ dp = dps[0]
+ if not dp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
+ raise AssertionError( 'The DatasetPermissions.action for dataset id %d is "%s", but it should be "manage permissions"' \
+ % ( latest_dataset.id, dp.action ) )
+ # Change DefaultHistoryPermissions for regular_user1
+ permissions_in = []
+ actions_in = []
+ for key, value in galaxy.model.Dataset.permitted_actions.items():
+ # Setting the 'access' permission with the private role makes this dataset private
+ permissions_in.append( key )
+ actions_in.append( value.action )
+ # Sort actions for later comparison
+ actions_in.sort()
+ self.user_set_default_permissions( permissions_in=permissions_in, role_id=str( regular_user1_private_role.id ) )
+ # Make sure the default permissions are changed for new histories
+ self.new_history()
+ # logged in as regular_user1
+ latest_history = get_latest_history_for_user( regular_user1 )
+ if len( latest_history.default_permissions ) != len( actions_in ):
+ raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d, should have been %d' % \
+ ( len( latest_history.default_permissions ), latest_history.id, len( actions_in ) ) )
+ dhps = []
+ for dhp in latest_history.default_permissions:
+ dhps.append( dhp.action )
+ # Sort permissions for later comparison
+ dhps.sort()
+ for key, value in galaxy.model.Dataset.permitted_actions.items():
+ if value.action not in dhps:
+ raise AssertionError( '%s not in history id %d default_permissions after they were changed' % ( value.action, latest_history.id ) )
+ # Add a dataset to the history
+ self.upload_file( '1.bed' )
+ latest_dataset = get_latest_dataset()
+ # Make sure DatasetPermissions are correct
+ if len( latest_dataset.actions ) != len( latest_history.default_permissions ):
+ raise AssertionError( '%d DatasetPermissions were created for dataset id %d when it was created ( should have been %d )' % \
+ ( len( latest_dataset.actions ), latest_dataset.id, len( latest_history.default_permissions ) ) )
+ dps = []
+ for dp in latest_dataset.actions:
+ dps.append( dp.action )
+ # Sort actions for later comparison
+ dps.sort()
+ # Compare DatasetPermissions with permissions_in - should be the same
+ if dps != actions_in:
+ raise AssertionError( 'DatasetPermissions "%s" for dataset id %d differ from changed default permissions "%s"' \
+ % ( str( dps ), latest_dataset.id, str( actions_in ) ) )
+ # Compare DefaultHistoryPermissions and DatasetPermissions - should be the same
+ if dps != dhps:
+ raise AssertionError( 'DatasetPermissions "%s" for dataset id %d differ from DefaultHistoryPermissions "%s" for history id %d' \
+ % ( str( dps ), latest_dataset.id, str( dhps ), latest_history.id ) )
+ def test_015_change_default_permissions_for_current_history( self ):
+ """Testing changing DefaultHistoryPermissions for the current history"""
+ # logged in a regular_user1
+ self.logout()
+ self.login( email=regular_user2.email )
+ latest_history = get_latest_history_for_user( regular_user2 )
+ self.upload_file( '1.bed' )
+ latest_dataset = get_latest_dataset()
+ permissions_in = [ 'DATASET_MANAGE_PERMISSIONS' ]
+ # Make sure these are in sorted order for later comparison
+ actions_in = [ 'manage permissions' ]
+ permissions_out = [ 'DATASET_ACCESS' ]
+ actions_out = [ 'access' ]
+ # Change DefaultHistoryPermissions for the current history
+ self.history_set_default_permissions( permissions_out=permissions_out, permissions_in=permissions_in, role_id=str( regular_user2_private_role.id ) )
+ if len( latest_history.default_permissions ) != len( actions_in ):
+ raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d, should have been %d' \
+ % ( len( latest_history.default_permissions ), latest_history.id, len( permissions_in ) ) )
+ # Make sure DefaultHistoryPermissions were correctly changed for the current history
+ dhps = []
+ for dhp in latest_history.default_permissions:
+ dhps.append( dhp.action )
+ # Sort permissions for later comparison
+ dhps.sort()
+ # Compare DefaultHistoryPermissions and actions_in - should be the same
+ if dhps != actions_in:
+ raise AssertionError( 'DefaultHistoryPermissions "%s" for history id %d differ from actions "%s" passed for changing' \
+ % ( str( dhps ), latest_history.id, str( actions_in ) ) )
+ # Make sure DatasetPermissionss are correct
+ if len( latest_dataset.actions ) != len( latest_history.default_permissions ):
+ raise AssertionError( '%d DatasetPermissionss were created for dataset id %d when it was created ( should have been %d )' \
+ % ( len( latest_dataset.actions ), latest_dataset.id, len( latest_history.default_permissions ) ) )
+ dps = []
+ for dp in latest_dataset.actions:
+ dps.append( dp.action )
+ # Sort actions for comparison
+ dps.sort()
+ # Compare DatasetPermissionss and DefaultHistoryPermissions - should be the same
+ if dps != dhps:
+ raise AssertionError( 'DatasetPermissionss "%s" for dataset id %d differ from DefaultHistoryPermissions "%s"' \
+ % ( str( dps ), latest_dataset.id, str( dhps ) ) )
+ def test_999_reset_data_for_later_test_runs( self ):
+ """Reseting data to enable later test runs to pass"""
+ # Logged in as regular_user2
+ self.logout()
+ self.login( email=admin_user.email )
+ ##################
+ # Make sure all users are associated only with their private roles
+ ##################
+ for user in [ admin_user, regular_user1, regular_user2, regular_user3 ]:
+ refresh( user )
+ if len( user.roles) != 1:
+ raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 1 )' % ( len( user.roles ), user.email ) )
+ #####################
+ # Reset DefaultHistoryPermissions for regular_user1
+ #####################
+ self.logout()
+ self.login( email=regular_user1.email )
+ # Change DefaultHistoryPermissions for regular_user1 back to the default
+ permissions_in = [ 'DATASET_MANAGE_PERMISSIONS' ]
+ permissions_out = [ 'DATASET_ACCESS' ]
+ self.user_set_default_permissions( permissions_in=permissions_in,
+ permissions_out=permissions_out,
+ role_id=str( regular_user1_private_role.id ) )
+ self.logout()
+ self.login( email=admin_user.email )
diff -r e39c9a2a0b4c -r 48e83411aa91 test/functional/test_library_features.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/functional/test_library_features.py Fri Mar 12 16:11:26 2010 -0500
@@ -0,0 +1,606 @@
+from base.twilltestcase import *
+from base.test_db_util import *
+
+class TestLibraryFeatures( TwillTestCase ):
+ def test_000_initiate_users( self ):
+ """Ensuring all required user accounts exist"""
+ self.logout()
+ self.login( email='test1 at bx.psu.edu' )
+ global regular_user1
+ regular_user1 = get_user( 'test1 at bx.psu.edu' )
+ assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
+ self.logout()
+ self.login( email='test2 at bx.psu.edu' )
+ global regular_user2
+ regular_user2 = get_user( 'test2 at bx.psu.edu' )
+ assert regular_user2 is not None, 'Problem retrieving user with email "test2 at bx.psu.edu" from the database'
+ self.logout()
+ self.login( email='test3 at bx.psu.edu' )
+ global regular_user3
+ regular_user3 = get_user( 'test3 at bx.psu.edu' )
+ assert regular_user3 is not None, 'Problem retrieving user with email "test3 at bx.psu.edu" from the database'
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ global admin_user
+ admin_user = get_user( 'test at bx.psu.edu' )
+ assert admin_user is not None, 'Problem retrieving user with email "test at bx.psu.edu" from the database'
+ def test_005_create_library( self ):
+ """Testing creating a new library, then renaming it"""
+ # Logged in as admin_user
+ name = "library features Library1"
+ description = "library features Library1 description"
+ synopsis = "library features Library1 synopsis"
+ self.create_library( name=name, description=description, synopsis=synopsis )
+ self.browse_libraries_admin( check_str1=name, check_str2=description )
+ # Get the library object for later tests
+ global library_one
+ library_one = get_library( name, description, synopsis )
+ assert library_one is not None, 'Problem retrieving library named "%s" from the database' % name
+ # Rename the library
+ new_name = "library features Library1 new name"
+ new_description = "library features Library1 new description"
+ new_synopsis = "library features Library1 new synopsis"
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ new_name=new_name,
+ new_description=new_description,
+ new_synopsis=new_synopsis )
+ self.browse_libraries_admin( check_str1=new_name, check_str2=new_description )
+ # Reset the library back to the original name and description
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ new_name=name,
+ new_description=description,
+ new_synopsis=synopsis )
+ refresh( library_one )
+ def test_010_library_template_features( self ):
+ """Testing adding a template to a library, then filling in the contents"""
+ # Logged in as admin_user
+ form_name = 'Library template Form One'
+ form_desc = 'This is Form One'
+ form_type = galaxy.model.FormDefinition.types.LIBRARY_INFO_TEMPLATE
+ # Create form for library template
+ self.create_form( name=form_name, desc=form_desc, formtype=form_type )
+ global form_one
+ form_one = get_form( form_name )
+ assert form_one is not None, 'Problem retrieving form named (%s) from the database' % form_name
+ # Add new template based on the form to the library
+ template_name = 'Library Template 1'
+ self.add_library_template( 'library_admin',
+ 'library',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( form_one.id ),
+ form_one.name )
+ # Make sure the template fields are displayed on the library information page
+ field_dict = form_one.fields[ 0 ]
+ global form_one_field_label
+ form_one_field_label = '%s' % str( field_dict.get( 'label', 'Field 0' ) )
+ global form_one_field_help
+ form_one_field_help = '%s' % str( field_dict.get( 'helptext', 'Field 0 help' ) )
+ global form_one_field_required
+ form_one_field_required = '%s' % str( field_dict.get( 'required', 'optional' ) ).capitalize()
+ # Add information to the library using the template
+ global form_one_field_name
+ form_one_field_name = 'field_0'
+ contents = '%s library contents' % form_one_field_label
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ ele_1_field_name=form_one_field_name,
+ ele_1_contents=contents )
+ def test_015_edit_template_contents_admin_view( self ):
+ """Test editing template contents from the Admin view"""
+ # Logged in as admin_user
+ # Make sure the template contents were from the previous method correctly saved
+ # Twill barfs if this test is run in the previous method.
+ contents = '%s library contents' % form_one_field_label
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ check_str1=contents )
+ contents = '%s library contents' % form_one_field_label
+ contents_edited = contents + ' edited'
+ # Edit the contents and then save them
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ ele_1_field_name=form_one_field_name,
+ ele_1_contents=contents_edited )
+ # Make sure the template contents were correctly saved
+ self.library_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ check_str1=contents_edited )
+ def test_020_add_public_dataset_to_root_folder( self ):
+ """Testing adding a public dataset to the root folder, making sure library template is inherited"""
+ # Logged in as admin_user
+ message = 'Testing adding a public dataset to the root folder'
+ # The template should be inherited to the library dataset upload form.
+ template_contents = "%s contents for root folder 1.bed" % form_one_field_label
+ self.add_library_dataset( 'library_admin',
+ '1.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.root_folder.id ),
+ library_one.root_folder.name,
+ file_type='bed',
+ dbkey='hg18',
+ message=message.replace( ' ', '+' ),
+ root=True,
+ template_field_name1=form_one_field_name,
+ template_field_contents1=template_contents )
+ global ldda_one
+ ldda_one = get_latest_ldda()
+ assert ldda_one is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_one from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1='1.bed',
+ check_str2=message,
+ check_str3=admin_user.email )
+ # Make sure the library template contents were correctly saved
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.root_folder.id ),
+ self.security.encode_id( ldda_one.id ),
+ ldda_one.name,
+ check_str1=template_contents )
+ def test_025_add_new_folder_to_root_folder( self ):
+ """Testing adding a folder to a library root folder"""
+ # logged in as admin_user
+ root_folder = library_one.root_folder
+ name = "Root Folder's Folder One"
+ description = "This is the root folder's Folder One"
+ self.add_folder( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( root_folder.id ),
+ name=name,
+ description=description )
+ global folder_one
+ folder_one = get_folder( root_folder.id, name, description )
+ assert folder_one is not None, 'Problem retrieving library folder named "%s" from the database' % name
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=name,
+ check_str2=description )
+ # Make sure the template was inherited, but the contents were not
+ contents = '%s library contents' % form_one_field_label
+ self.folder_info( 'library_admin',
+ self.security.encode_id( folder_one.id ),
+ self.security.encode_id( library_one.id ),
+ check_str1=form_one_field_name,
+ not_displayed=contents )
+ # Add contents to the inherited template
+ template_contents = "%s contents for Folder One" % form_one_field_label
+ self.folder_info( 'library_admin',
+ self.security.encode_id( folder_one.id ),
+ self.security.encode_id( library_one.id ),
+ field_name=form_one_field_name,
+ contents=template_contents )
+ def test_030_add_subfolder_to_folder( self ):
+ """Testing adding a folder to a library folder"""
+ # logged in as admin_user
+ name = "Folder One's Subfolder"
+ description = "This is the Folder One's subfolder"
+ self.add_folder( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ name=name,
+ description=description )
+ global subfolder_one
+ subfolder_one = get_folder( folder_one.id, name, description )
+ assert subfolder_one is not None, 'Problem retrieving library folder named "Folder Ones Subfolder" from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=name,
+ check_str2=description )
+ # Make sure the template was inherited, but the contents were not
+ contents = '%s library contents' % form_one_field_label
+ self.folder_info( 'library_admin',
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( library_one.id ),
+ check_str1=form_one_field_name,
+ not_displayed=contents )
+ # Add contents to the inherited template
+ template_contents = "%s contents for Folder One" % form_one_field_label
+ self.folder_info( 'library_admin',
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( library_one.id ),
+ field_name=form_one_field_name,
+ contents=template_contents )
+ def test_035_add_2nd_new_folder_to_root_folder( self ):
+ """Testing adding a 2nd folder to a library root folder"""
+ # logged in as admin_user
+ root_folder = library_one.root_folder
+ name = "Folder Two"
+ description = "This is the root folder's Folder Two"
+ self.add_folder( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( root_folder.id ),
+ name=name,
+ description=description )
+ global folder_two
+ folder_two = get_folder( root_folder.id, name, description )
+ assert folder_two is not None, 'Problem retrieving library folder named "%s" from the database' % name
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=name,
+ check_str2=description )
+ def test_040_add_public_dataset_to_root_folders_2nd_subfolder( self ):
+ """Testing adding a public dataset to the root folder's 2nd sub-folder"""
+ # Logged in as admin_user
+ message = "Testing adding a public dataset to the folder named %s" % folder_two.name
+ # The form_one template should be inherited to the library dataset upload form.
+ template_contents = "%s contents for %s 2.bed" % ( form_one_field_label, folder_two.name )
+ self.add_library_dataset( 'library_admin',
+ '2.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ folder_two.name,
+ file_type='bed',
+ dbkey='hg18',
+ message=message.replace( ' ', '+' ),
+ root=False,
+ template_field_name1=form_one_field_name,
+ template_field_contents1=template_contents )
+ global ldda_two
+ ldda_two = get_latest_ldda()
+ assert ldda_two is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_two from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1='2.bed',
+ check_str2=message,
+ check_str3=admin_user.email )
+ # Make sure the library template contents were correctly saved
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ self.security.encode_id( ldda_two.id ),
+ ldda_two.name,
+ check_str1=template_contents )
+ def test_045_add_2nd_public_dataset_to_root_folders_2nd_subfolder( self ):
+ """Testing adding a 2nd public dataset to the root folder's 2nd sub-folder"""
+ # Logged in as admin_user
+ message = "Testing adding a 2nd public dataset to the folder named %s" % folder_two.name
+ # The form_one template should be inherited to the library dataset upload form.
+ template_contents = "%s contents for %s 3.bed" % ( form_one_field_label, folder_two.name )
+ self.add_library_dataset( 'library_admin',
+ '3.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ folder_two.name,
+ file_type='bed',
+ dbkey='hg18',
+ message=message.replace( ' ', '+' ),
+ root=False,
+ template_field_name1=form_one_field_name,
+ template_field_contents1=template_contents )
+ global ldda_three
+ ldda_three = get_latest_ldda()
+ assert ldda_three is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_three from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1='3.bed',
+ check_str2=message,
+ check_str3=admin_user.email )
+ # Make sure the library template contents were correctly saved
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ self.security.encode_id( ldda_three.id ),
+ ldda_three.name,
+ check_str1=template_contents )
+ def test_050_copy_dataset_from_history_to_subfolder( self ):
+ """Testing copying a dataset from the current history to a subfolder"""
+ # logged in as admin_user
+ self.new_history()
+ self.upload_file( "4.bed" )
+ latest_hda = get_latest_hda()
+ self.add_history_datasets_to_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ subfolder_one.name,
+ self.security.encode_id( latest_hda.id ),
+ root=False )
+ global ldda_four
+ ldda_four = get_latest_ldda()
+ assert ldda_four is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_four from the database'
+ # Make sure the correct template was inherited but the contents were not inherited
+ contents = "%s contents for Folder One's Subfolder" % form_one_field_label
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four.id ),
+ ldda_four.name,
+ check_str1=form_one_field_name,
+ not_displayed=contents )
+ def test_055_editing_dataset_attribute_info( self ):
+ """Testing editing a library dataset's attribute information"""
+ # logged in as admin_user
+ new_ldda_name = '4.bed ( version 1 )'
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four.id ),
+ ldda_four.name,
+ new_ldda_name=new_ldda_name )
+ refresh( ldda_four )
+ self.browse_library( 'library_admin', self.security.encode_id( library_one.id ), check_str1=new_ldda_name )
+ # Make sure the correct template was inherited but the contents were not inherited
+ contents = "%s contents for Folder One's Subfolder" % form_one_field_label
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four.id ),
+ ldda_four.name,
+ check_str1=form_one_field_name,
+ not_displayed=contents )
+ def test_060_uploading_new_dataset_version( self ):
+ """Testing uploading a new version of a library dataset"""
+ # logged in as admin_user
+ message = 'Testing uploading a new version of a dataset'
+ # The form_one template should be inherited to the library dataset upload form.
+ template_contents = "%s contents for %s new version of 4.bed" % ( form_one_field_label, folder_one.name )
+ self.upload_new_dataset_version( 'library_admin',
+ '4.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ subfolder_one.name,
+ self.security.encode_id( ldda_four.library_dataset.id ),
+ ldda_four.name,
+ file_type='auto',
+ dbkey='hg18',
+ message=message.replace( ' ', '+' ),
+ template_field_name1=form_one_field_name,
+ template_field_contents1=template_contents )
+ global ldda_four_version_two
+ ldda_four_version_two = get_latest_ldda()
+ assert ldda_four_version_two is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_four_version_two from the database'
+ # Make sure the correct template was inherited, but does not include any contents
+ contents = "%s contents for Folder One's Subfolder" % form_one_field_label
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four_version_two.id ),
+ ldda_four_version_two.name,
+ check_str1='This is the latest version of this library dataset',
+ not_displayed=contents )
+ # Fill in the template contents
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four_version_two.id ),
+ ldda_four_version_two.name,
+ ele_1_field_name=form_one_field_name,
+ ele_1_contents=template_contents )
+ # Check the previous version
+ self.ldda_edit_info( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( subfolder_one.id ),
+ self.security.encode_id( ldda_four.id ),
+ ldda_four.name,
+ check_str1='This is an expired version of this library dataset' )
+ # Make sure ldda_four is no longer displayed in the library
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ not_displayed=ldda_four.name )
+ def test_065_upload_directory_of_files_from_libraries_view( self ):
+ """Testing uploading a directory of files to a root folder from the Data Libraries view"""
+ # logged in as admin_user
+ # admin_user will not have the option to upload a directory of files from the
+ # Libraries view since a sub-directory named the same as their email is not contained
+ # in the configured user_library_import_dir. However, since members of role_one have
+ # the LIBRARY_ADD permission, we can test this feature as regular_user1 or regular_user3
+ self.logout()
+ self.login( email=regular_user1.email )
+ message = 'Uploaded all files in test-data/users/test1...'
+ # Since regular_user1 does not have any sub-directories contained within her configured
+ # user_library_import_dir, the only option in her server_dir select list will be the
+ # directory named the same as her email
+ check_str_after_submit = "Added 1 datasets to the library '%s' (each is selected)." % library_one.root_folder.name
+ # TODO: gvk( 3/12/10 )this is broken, so commenting until I have time to discover why...
+ """
+ self.upload_directory_of_files( 'library',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.root_folder.id ),
+ server_dir=regular_user1.email,
+ message=message,
+ check_str_after_submit=check_str_after_submit )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=regular_user1.email,
+ check_str2=message )
+ self.logout()
+ self.login( regular_user3.email )
+ message = 'Uploaded all files in test-data/users/test3.../run1'
+ # Since regular_user2 has a subdirectory contained within her configured user_library_import_dir,
+ # she will have a "None" option in her server_dir select list
+ self.upload_directory_of_files( 'library',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.root_folder.id ),
+ server_dir='run1',
+ message=message,
+ check_str1='<option>None</option>',
+ check_str_after_submit=check_str_after_submit )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=regular_user3.email,
+ check_str2=message )
+ """
+ def test_070_download_archive_of_library_files( self ):
+ """Testing downloading an archive of files from the library"""
+ # logged in as regular_user3
+ self.logout()
+ self.login( email=admin_user.email )
+ for format in ( 'tbz', 'tgz', 'zip' ):
+ archive = self.download_archive_of_library_files( cntrller='library',
+ library_id=self.security.encode_id( library_one.id ),
+ ldda_ids=[ self.security.encode_id( ldda_one.id ), self.security.encode_id( ldda_two.id ) ],
+ format=format )
+ self.check_archive_contents( archive, ( ldda_one, ldda_two ) )
+ os.remove( archive )
+ def test_075_mark_dataset_deleted( self ):
+ """Testing marking a library dataset as deleted"""
+ # Logged in as admin_user
+ self.delete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( ldda_two.library_dataset.id ),
+ ldda_two.name,
+ item_type='library_dataset' )
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ not_displayed=ldda_two.name )
+ def test_080_display_and_hide_deleted_dataset( self ):
+ """Testing displaying and hiding a deleted library dataset"""
+ # Logged in as admin_user
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ show_deleted=True,
+ check_str1=ldda_two.name )
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ not_displayed=ldda_two.name )
+ def test_085_mark_folder_deleted( self ):
+ """Testing marking a library folder as deleted"""
+ # Logged in as admin_user
+ self.delete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ folder_two.name,
+ item_type='folder' )
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ not_displayed=folder_two.name )
+ def test_090_mark_folder_undeleted( self ):
+ """Testing marking a library folder as undeleted"""
+ # Logged in as admin_user
+ self.undelete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ folder_two.name,
+ item_type='folder' )
+ # 2.bed was deleted before the folder was deleted, so state should have been saved. In order
+ # for 2.bed to be displayed, it would itself have to be marked undeleted.
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=folder_two.name,
+ not_displayed=ldda_two.name )
+ def test_095_mark_library_deleted( self ):
+ """Testing marking a library as deleted"""
+ # Logged in as admin_user
+ # First mark folder_two as deleted to further test state saving when we undelete the library
+ self.delete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_two.id ),
+ folder_two.name,
+ item_type='folder' )
+ self.delete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ item_type='library' )
+ self.browse_libraries_admin( not_displayed1=library_one.name )
+ self.browse_libraries_admin( deleted=True, check_str1=library_one.name )
+ def test_100_mark_library_undeleted( self ):
+ """Testing marking a library as undeleted"""
+ # Logged in as admin_user
+ self.undelete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ item_type='library' )
+ self.browse_libraries_admin( check_str1=library_one.name )
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=library_one.name,
+ not_displayed=folder_two.name )
+ def test_105_purge_library( self ):
+ """Testing purging a library"""
+ # Logged in as admin_user
+ self.delete_library_item( self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.id ),
+ library_one.name,
+ item_type='library' )
+ self.purge_library( self.security.encode_id( library_one.id ), library_one.name )
+ # Make sure the library was purged
+ refresh( library_one )
+ if not ( library_one.deleted and library_one.purged ):
+ raise AssertionError( 'The library id %s named "%s" has not been marked as deleted and purged.' % ( str( library_one.id ), library_one.name ) )
+ def check_folder( library_folder ):
+ for folder in library_folder.folders:
+ refresh( folder )
+ # Make sure all of the library_folders are purged
+ if not folder.purged:
+ raise AssertionError( 'The library_folder id %s named "%s" has not been marked purged.' % ( str( folder.id ), folder.name ) )
+ check_folder( folder )
+ # Make sure all of the LibraryDatasets and associated objects are deleted
+ refresh( library_folder )
+ for library_dataset in library_folder.datasets:
+ refresh( library_dataset )
+ ldda = library_dataset.library_dataset_dataset_association
+ if ldda:
+ refresh( ldda )
+ if not ldda.deleted:
+ raise AssertionError( 'The library_dataset_dataset_association id %s named "%s" has not been marked as deleted.' % \
+ ( str( ldda.id ), ldda.name ) )
+ # Make sure all of the datasets have been deleted
+ dataset = ldda.dataset
+ refresh( dataset )
+ if not dataset.deleted:
+ raise AssertionError( 'The dataset with id "%s" has not been marked as deleted when it should have been.' % \
+ str( ldda.dataset.id ) )
+ if not library_dataset.deleted:
+ raise AssertionError( 'The library_dataset id %s named "%s" has not been marked as deleted.' % \
+ ( str( library_dataset.id ), library_dataset.name ) )
+ check_folder( library_one.root_folder )
+ def test_110_no_library_template( self ):
+ """Test library features when library has no template"""
+ # Logged in as admin_user
+ name = "library features Library Two"
+ description = "library features This is Library Two"
+ synopsis = "library features Library Two synopsis"
+ # Create a library, adding no template
+ self.create_library( name=name, description=description, synopsis=synopsis )
+ self.browse_libraries_admin( check_str1=name, check_str2=description )
+ global library_two
+ library_two = get_library( name, description, synopsis )
+ assert library_two is not None, 'Problem retrieving library named "%s" from the database' % name
+ # Add a dataset to the library
+ self.add_library_dataset( 'library_admin',
+ '3.bed',
+ self.security.encode_id( library_two.id ),
+ self.security.encode_id( library_two.root_folder.id ),
+ library_two.root_folder.name,
+ file_type='bed',
+ dbkey='hg18',
+ message='',
+ root=True )
+ ldda_three = get_latest_ldda()
+ assert ldda_three is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_three from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_two.id ),
+ check_str1='3.bed',
+ check_str2=admin_user.email )
+ # TODO: add a functional test to cover adding a library dataset via url_paste here...
+ # TODO: Add a functional test to cover checking the space_to_tab checkbox here...
+ # Delete and purge the library
+ self.delete_library_item( self.security.encode_id( library_two.id ),
+ self.security.encode_id( library_two.id ),
+ library_two.name,
+ item_type='library' )
+ self.purge_library( self.security.encode_id( library_two.id ), library_two.name )
+ self.home()
+ def test_999_reset_data_for_later_test_runs( self ):
+ """Reseting data to enable later test runs to pass"""
+ # Logged in as admin_user
+ ##################
+ # Purge all libraries
+ ##################
+ for library in [ library_one, library_two ]:
+ self.delete_library_item( self.security.encode_id( library.id ),
+ self.security.encode_id( library.id ),
+ library.name,
+ item_type='library' )
+ self.purge_library( self.security.encode_id( library.id ), library.name )
+ ##################
+ # Make sure all users are associated only with their private roles
+ ##################
+ for user in [ admin_user, regular_user1, regular_user2, regular_user3 ]:
+ refresh( user )
+ if len( user.roles) != 1:
+ raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 1 )' % ( len( user.roles ), user.email ) )
+ self.logout()
diff -r e39c9a2a0b4c -r 48e83411aa91 test/functional/test_library_security.py
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/test/functional/test_library_security.py Fri Mar 12 16:11:26 2010 -0500
@@ -0,0 +1,603 @@
+from base.twilltestcase import *
+from base.test_db_util import *
+
+class TestLibrarySecurity( TwillTestCase ):
+ def test_000_initiate_users( self ):
+ """Ensuring all required user accounts exist"""
+ self.logout()
+ self.login( email='test1 at bx.psu.edu' )
+ global regular_user1
+ regular_user1 = get_user( 'test1 at bx.psu.edu' )
+ assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
+ global regular_user1_private_role
+ regular_user1_private_role = get_private_role( regular_user1 )
+ self.logout()
+ self.login( email='test2 at bx.psu.edu' )
+ global regular_user2
+ regular_user2 = get_user( 'test2 at bx.psu.edu' )
+ assert regular_user2 is not None, 'Problem retrieving user with email "test2 at bx.psu.edu" from the database'
+ global regular_user2_private_role
+ regular_user2_private_role = get_private_role( regular_user2 )
+ self.logout()
+ self.login( email='test3 at bx.psu.edu' )
+ global regular_user3
+ regular_user3 = get_user( 'test3 at bx.psu.edu' )
+ assert regular_user3 is not None, 'Problem retrieving user with email "test3 at bx.psu.edu" from the database'
+ global regular_user3_private_role
+ regular_user3_private_role = get_private_role( regular_user3 )
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ global admin_user
+ admin_user = get_user( 'test at bx.psu.edu' )
+ assert admin_user is not None, 'Problem retrieving user with email "test at bx.psu.edu" from the database'
+ global admin_user_private_role
+ admin_user_private_role = get_private_role( admin_user )
+ def test_005_create_required_groups_and_roles( self ):
+ """Testing creating all required groups and roles for this script"""
+ # Logged in as admin_user
+ # Create role_one
+ name = 'library security Role One'
+ description = "library security This is Role One's description"
+ user_ids = [ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ]
+ self.create_role( name=name,
+ description=description,
+ in_user_ids=user_ids,
+ in_group_ids=[],
+ create_group_for_role='no',
+ private_role=admin_user.email )
+ # Get the role object for later tests
+ global role_one
+ role_one = get_role_by_name( name )
+ # Create group_one
+ name = 'Group One'
+ self.create_group( name=name, in_user_ids=[ str( regular_user1.id ) ], in_role_ids=[ str( role_one.id ) ] )
+ # Get the group object for later tests
+ global group_one
+ group_one = get_group_by_name( name )
+ assert group_one is not None, 'Problem retrieving group named "Group One" from the database'
+ # NOTE: To get this to work with twill, all select lists on the ~/admin/role page must contain at least
+ # 1 option value or twill throws an exception, which is: ParseError: OPTION outside of SELECT
+ # Due to this bug in twill, we create the role, we bypass the page and visit the URL in the
+ # associate_users_and_groups_with_role() method.
+ #
+ #create role_two
+ name = 'library security Role Two'
+ description = 'library security This is Role Two'
+ user_ids = [ str( admin_user.id ) ]
+ group_ids = [ str( group_one.id ) ]
+ private_role = admin_user.email
+ self.create_role( name=name,
+ description=description,
+ in_user_ids=user_ids,
+ in_group_ids=group_ids,
+ private_role=private_role )
+ # Get the role object for later tests
+ global role_two
+ role_two = get_role_by_name( name )
+ assert role_two is not None, 'Problem retrieving role named "Role Two" from the database'
+ def test_010_create_library( self ):
+ """Testing creating a new library, then renaming it"""
+ # Logged in as admin_user
+ name = "library security Library1"
+ description = "library security Library1 description"
+ synopsis = "library security Library1 synopsis"
+ self.create_library( name=name, description=description, synopsis=synopsis )
+ # Get the library object for later tests
+ global library_one
+ library_one = get_library( name, description, synopsis )
+ assert library_one is not None, 'Problem retrieving library named "%s" from the database' % name
+ # Make sure library_one is public
+ assert 'access library' not in [ a.action for a in library_one.actions ], 'Library %s is not public when first created' % library_one.name
+ # Set permissions on the library, sort for later testing.
+ permissions_in = [ k for k, v in galaxy.model.Library.permitted_actions.items() ]
+ permissions_out = []
+ # Role one members are: admin_user, regular_user1, regular_user3. Each of these users will be permitted for
+ # LIBRARY_ACCESS, LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on this library and it's contents.
+ self.library_permissions( self.security.encode_id( library_one.id ),
+ library_one.name,
+ str( role_one.id ),
+ permissions_in,
+ permissions_out )
+ # Make sure the library is accessible by admin_user
+ self.visit_url( '%s/library/browse_libraries' % self.url )
+ self.check_page_for_string( library_one.name )
+ # Make sure the library is not accessible by regular_user2 since regular_user2 does not have Role1.
+ self.logout()
+ self.login( email=regular_user2.email )
+ self.visit_url( '%s/library/browse_libraries' % self.url )
+ try:
+ self.check_page_for_string( library_one.name )
+ raise AssertionError, 'Library %s is accessible by %s when it should be restricted' % ( library_one.name, regular_user2.email )
+ except:
+ pass
+ self.logout()
+ self.login( email=admin_user.email )
+ def test_015_add_new_folder_to_root_folder( self ):
+ """Testing adding a folder to a library root folder"""
+ # logged in as admin_user
+ root_folder = library_one.root_folder
+ name = "Root Folder's Folder One"
+ description = "This is the root folder's Folder One"
+ self.add_folder( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( root_folder.id ),
+ name=name,
+ description=description )
+ global folder_one
+ folder_one = get_folder( root_folder.id, name, description )
+ assert folder_one is not None, 'Problem retrieving library folder named "%s" from the database' % name
+ def test_020_add_dataset_with_private_role_restriction_to_folder( self ):
+ """Testing adding a dataset with a private role restriction to a folder"""
+ # Logged in as admin_user
+ #
+ # Keep in mind that # LIBRARY_ACCESS = "Role One" on the whole library
+ #
+ # Add a dataset restricted by the following:
+ # DATASET_MANAGE_PERMISSIONS = "test at bx.psu.edu" via DefaultUserPermissions
+ # DATASET_ACCESS = "regular_user1" private role via this test method
+ # LIBRARY_ADD = "Role One" via inheritance from parent folder
+ # LIBRARY_MODIFY = "Role One" via inheritance from parent folder
+ # LIBRARY_MANAGE = "Role One" via inheritance from parent folder
+ # "Role One" members are: test at bx.psu.edu, test1 at bx.psu.edu, test3 at bx.psu.edu
+ # This means that only user test1 at bx.psu.edu can see the dataset from the Libraries view
+ message ='This is a test of the fourth dataset uploaded'
+ self.add_library_dataset( 'library_admin',
+ '1.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ folder_one.name,
+ file_type='bed',
+ dbkey='hg18',
+ roles=[ str( regular_user1_private_role.id ) ],
+ message=message.replace( ' ', '+' ),
+ root=False )
+ global ldda_one
+ ldda_one = get_latest_ldda()
+ assert ldda_one is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_one from the database'
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1='1.bed',
+ check_str2=message,
+ check_str3=admin_user.email )
+ def test_025_accessing_dataset_with_private_role_restriction( self ):
+ """Testing accessing a dataset with a private role restriction"""
+ # Logged in as admin_user
+ #
+ # Keep in mind that # LIBRARY_ACCESS = "Role One" on the whole library
+ # Role one members are: admin_user, regular_user1, regular_user3. Each of these users will be permitted for
+ # LIBRARY_ACCESS, LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on this library and it's contents.
+ #
+ # Legitimate roles displayed on the permission form are as follows:
+ # 'Role One' since the LIBRARY_ACCESS permission is associated with Role One. # Role one members are: admin_user, regular_user1, regular_user3.
+ # 'test at bx.psu.edu' ( admin_user's private role ) since admin_user has Role One
+ # 'Role Two' since admin_user has Role Two
+ # 'Role Three' since admin_user has Role Three
+ # 'test1 at bx.psu.edu' ( regular_user1's private role ) since regular_user1 has Role One
+ # 'test3 at bx.psu.edu' ( regular_user3's private role ) since regular_user3 has Role One
+ #
+ # admin_user should not be able to see 1.bed from the analysis view's access libraries
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ not_displayed=folder_one.name,
+ not_displayed2='1.bed' )
+ self.logout()
+ # regular_user1 should be able to see 1.bed from the analysis view's access librarys
+ # since it was associated with regular_user1's private role
+ self.login( email=regular_user1.email )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=folder_one.name,
+ check_str2='1.bed' )
+ self.logout()
+ # regular_user2 should not be to see the library since they do not have
+ # Role One which is associated with the LIBRARY_ACCESS permission
+ self.login( email=regular_user2.email )
+ self.browse_libraries_regular_user( check_str1="You are not authorized to access any libraries" )
+ self.logout()
+ # regular_user3 should not be able to see 1.bed from the analysis view's access librarys
+ self.login( email=regular_user3.email )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ not_displayed=folder_one.name,
+ not_displayed2='1.bed' )
+ self.logout()
+ self.login( email=admin_user.email )
+ def test_030_change_dataset_access_permission( self ):
+ """Testing changing the access permission on a dataset with a private role restriction"""
+ # Logged in as admin_user
+ # We need admin_user to be able to access 1.bed
+ permissions_in = [ k for k, v in galaxy.model.Dataset.permitted_actions.items() ]
+ for k, v in galaxy.model.Library.permitted_actions.items():
+ if k != 'LIBRARY_ACCESS':
+ permissions_in.append( k )
+ permissions_out = []
+ # Attempt to associate multiple roles with the library dataset, with one of the
+ # roles being private.
+ role_ids_str = '%s,%s' % ( str( role_one.id ), str( admin_user_private_role.id ) )
+ check_str = "At least 1 user must have every role associated with accessing datasets. "
+ check_str += "Since you are associating more than 1 role, no private roles are allowed."
+ self.ldda_permissions( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ self.security.encode_id( ldda_one.id ),
+ role_ids_str,
+ permissions_in,
+ permissions_out,
+ check_str1=check_str )
+ role_ids_str = str( role_one.id )
+ self.ldda_permissions( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ self.security.encode_id( ldda_one.id ),
+ role_ids_str,
+ permissions_in,
+ permissions_out )
+ # admin_user should now be able to see 1.bed from the analysis view's access libraries
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=ldda_one.name )
+ def test_035_add_dataset_with_role_associated_with_group_and_users( self ):
+ """Testing adding a dataset with a role that is associated with a group and users"""
+ # Logged in as admin_user
+ # Add a dataset restricted by role_two, which is currently associated as follows:
+ # groups: group_one
+ # users: test at bx.psu.edu, test1 at bx.psu.edu via group_one
+ #
+ # We first need to make library_one public
+ permissions_in = []
+ for k, v in galaxy.model.Library.permitted_actions.items():
+ if k != 'LIBRARY_ACCESS':
+ permissions_in.append( k )
+ permissions_out = []
+ # Role one members are: admin_user, regular_user1, regular_user3. Each of these users will now be permitted for
+ # LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on this library and it's contents. The library will be public from
+ # this point on.
+ self.library_permissions( self.security.encode_id( library_one.id ),
+ library_one.name,
+ str( role_one.id ),
+ permissions_in,
+ permissions_out )
+ refresh( library_one )
+ message = 'Testing adding a dataset with a role that is associated with a group and users'
+ self.add_library_dataset( 'library_admin',
+ '2.bed',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ folder_one.name,
+ file_type='bed',
+ dbkey='hg17',
+ roles=[ str( role_two.id ) ],
+ message=message.replace( ' ', '+' ),
+ root=False )
+ global ldda_two
+ ldda_two = get_latest_ldda()
+ assert ldda_two is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda_two from the database'
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1='2.bed',
+ check_str2=message,
+ check_str3=admin_user.email )
+ def test_040_accessing_dataset_with_role_associated_with_group_and_users( self ):
+ """Testing accessing a dataset with a role that is associated with a group and users"""
+ # Logged in as admin_user
+ # admin_user should be able to see 2.bed since she is associated with role_two
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1='2.bed',
+ check_str2=admin_user.email )
+ self.logout()
+ # regular_user1 should be able to see 2.bed since she is associated with group_two
+ self.login( email = 'test1 at bx.psu.edu' )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=folder_one.name,
+ check_str2='2.bed',
+ check_str3=admin_user.email )
+ # Check the permissions on the dataset 2.bed - they are as folows:
+ # DATASET_MANAGE_PERMISSIONS = test at bx.psu.edu
+ # DATASET_ACCESS = Role Two
+ # Role Two associations: test at bx.psu.edu and Group Two
+ # Group Two members: Role One, Role Two, test1 at bx.psu.edu
+ # Role One associations: test at bx.psu.edu, test1 at bx.psu.edu, test3 at bx.psu.edu
+ # LIBRARY_ADD = Role One
+ # Role One aassociations: test at bx.psu.edu, test1 at bx.psu.edu, test3 at bx.psu.edu
+ # LIBRARY_MODIFY = Role One
+ # Role One aassociations: test at bx.psu.edu, test1 at bx.psu.edu, test3 at bx.psu.edu
+ # LIBRARY_MANAGE = Role One
+ # Role One aassociations: test at bx.psu.edu, test1 at bx.psu.edu, test3 at bx.psu.edu
+ self.ldda_edit_info( 'library',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ self.security.encode_id( ldda_two.id ),
+ ldda_two.name,
+ check_str1='2.bed',
+ check_str2='This is the latest version of this library dataset',
+ check_str3='Edit attributes of 2.bed' )
+ self.act_on_multiple_datasets( 'library',
+ self.security.encode_id( library_one.id ),
+ 'import_to_history',
+ ldda_ids=self.security.encode_id( ldda_two.id ),
+ check_str1='1 dataset(s) have been imported into your history' )
+ self.logout()
+ # regular_user2 should not be able to see 2.bed
+ self.login( email = 'test2 at bx.psu.edu' )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ not_displayed=folder_one.name,
+ not_displayed2='2.bed' )
+
+ self.logout()
+ # regular_user3 should not be able to see folder_one ( even though it does not contain any datasets that she
+ # can access ) since she has Role One, and Role One has all library permissions ( see above ).
+ self.login( email = 'test3 at bx.psu.edu' )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ check_str1=folder_one.name,
+ not_displayed='2.bed' )
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ def test_045_upload_directory_of_files_from_admin_view( self ):
+ """Testing uploading a directory of files to a root folder from the Admin view"""
+ # logged in as admin_user
+ message = 'This is a test for uploading a directory of files'
+ check_str_after_submit="Added 3 datasets to the library '%s' (each is selected)." % library_one.root_folder.name
+ self.upload_directory_of_files( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( library_one.root_folder.id ),
+ server_dir='library',
+ message=message,
+ check_str_after_submit=check_str_after_submit )
+ self.browse_library( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ check_str1=admin_user.email,
+ check_str2=message )
+ def test_050_change_permissions_on_datasets_uploaded_from_library_dir( self ):
+ """Testing changing the permissions on datasets uploaded from a directory from the Admin view"""
+ # logged in as admin_user
+ # It would be nice if twill functioned such that the above test resulted in a
+ # form with the uploaded datasets selected, but it does not ( they're not checked ),
+ # so we'll have to simulate this behavior ( not ideal ) for the 'edit' action. We
+ # first need to get the ldda.id for the 3 new datasets
+ latest_3_lddas = get_latest_lddas( 3 )
+ ldda_ids = ''
+ for ldda in latest_3_lddas:
+ ldda_ids += '%s,' % self.security.encode_id( ldda.id )
+ ldda_ids = ldda_ids.rstrip( ',' )
+ # Set permissions
+ self.ldda_permissions( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ ldda_ids,
+ str( role_one.id ),
+ permissions_in=[ 'DATASET_ACCESS', 'LIBRARY_MANAGE' ],
+ check_str1='Permissions have been updated on 3 datasets' )
+ # Make sure the permissions have been correctly updated for the 3 datasets. Permissions should
+ # be all of the above on any of the 3 datasets that are imported into a history.
+ def check_edit_page( lddas, check_str1='', check_str2='', check_str3='', check_str4='',
+ not_displayed1='', not_displayed2='', not_displayed3='' ):
+ for ldda in lddas:
+ # Import each library dataset into our history
+ self.act_on_multiple_datasets( 'library',
+ self.security.encode_id( library_one.id ),
+ 'import_to_history',
+ ldda_ids=self.security.encode_id( ldda.id ) )
+ # Determine the new HistoryDatasetAssociation id created when the library dataset was imported into our history
+ last_hda_created = get_latest_hda()
+ self.edit_hda_attribute_info( str( last_hda_created.id ),
+ check_str1=check_str1,
+ check_str2=check_str2,
+ check_str3=check_str3,
+ check_str4=check_str4 )
+ # admin_user is associated with role_one, so should have all permissions on imported datasets
+ check_edit_page( latest_3_lddas,
+ check_str1='Manage dataset permissions on',
+ check_str2='Role members can manage the roles associated with permissions on this dataset',
+ check_str3='Role members can import this dataset into their history for analysis' )
+ self.logout()
+ # regular_user1 is associated with role_one, so should have all permissions on imported datasets
+ self.login( email='test1 at bx.psu.edu' )
+ check_edit_page( latest_3_lddas )
+ self.logout()
+ # Since regular_user2 is not associated with role_one, she should not have
+ # access to any of the 3 datasets, so she will not see folder_one on the libraries page
+ self.login( email='test2 at bx.psu.edu' )
+ self.browse_library( 'library',
+ self.security.encode_id( library_one.id ),
+ not_displayed=folder_one.name )
+ self.logout()
+ # regular_user3 is associated with role_one, so should have all permissions on imported datasets
+ self.login( email='test3 at bx.psu.edu' )
+ check_edit_page( latest_3_lddas )
+ self.logout()
+ self.login( email='test at bx.psu.edu' )
+ # Change the permissions and test again
+ self.ldda_permissions( 'library_admin',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( folder_one.id ),
+ ldda_ids,
+ str( role_one.id ),
+ permissions_in=[ 'DATASET_ACCESS' ],
+ check_str1='Permissions have been updated on 3 datasets' )
+ check_edit_page( latest_3_lddas,
+ check_str1='View Permissions',
+ not_displayed1='Manage dataset permissions on',
+ not_displayed2='Role members can manage roles associated with permissions on this library item',
+ not_displayed3='Role members can import this dataset into their history for analysis' )
+ def test_055_library_permissions( self ):
+ """Test library permissions"""
+ # Logged in as admin_user
+ form_name = 'Library template Form One'
+ form_desc = 'This is Form One'
+ form_type = galaxy.model.FormDefinition.types.LIBRARY_INFO_TEMPLATE
+ # Create form for library template
+ self.create_form( name=form_name, desc=form_desc, formtype=form_type )
+ global form_one
+ form_one = get_form( form_name )
+ assert form_one is not None, 'Problem retrieving form named (%s) from the database' % form_name
+ # Make sure the template fields are displayed on the library information page
+ field_dict = form_one.fields[ 0 ]
+ global form_one_field_label
+ form_one_field_label = '%s' % str( field_dict.get( 'label', 'Field 0' ) )
+ global form_one_field_help
+ form_one_field_help = '%s' % str( field_dict.get( 'helptext', 'Field 0 help' ) )
+ global form_one_field_required
+ form_one_field_required = '%s' % str( field_dict.get( 'required', 'optional' ) ).capitalize()
+ # Add information to the library using the template
+ global form_one_field_name
+ form_one_field_name = 'field_0'
+ # Create a library, adding no template
+ name = "library security Library Two"
+ description = "library security This is Library Two"
+ synopsis = "library security Library Two synopsis"
+ self.create_library( name=name, description=description, synopsis=synopsis )
+ self.browse_libraries_admin( check_str1=name, check_str2=description )
+ global library_two
+ library_two = get_library( name, description, synopsis )
+ assert library_two is not None, 'Problem retrieving library named "%s" from the database' % name
+ # Set library permissions for regular_user1 and regular_user2. Each of these users will be permitted to
+ # LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE for library items.
+ permissions_in = [ k for k, v in galaxy.model.Library.permitted_actions.items() ]
+ permissions_out = []
+ role_ids_str = '%s,%s' % ( str( regular_user1_private_role.id ), str( regular_user2_private_role.id ) )
+ self.library_permissions( self.security.encode_id( library_two.id ),
+ library_two.name,
+ role_ids_str,
+ permissions_in,
+ permissions_out )
+ self.logout()
+ # Login as regular_user1 and make sure they can see the library
+ self.login( email=regular_user1.email )
+ self.browse_libraries_regular_user( check_str1=name )
+ self.logout()
+ # Login as regular_user2 and make sure they can see the library
+ self.login( email=regular_user2.email )
+ self.browse_libraries_regular_user( check_str1=name )
+ # Add a dataset to the library
+ message = 'Testing adding 1.bed to Library Two root folder'
+ self.add_library_dataset( 'library',
+ '1.bed',
+ self.security.encode_id( library_two.id ),
+ self.security.encode_id( library_two.root_folder.id ),
+ library_two.root_folder.name,
+ file_type='bed',
+ dbkey='hg18',
+ message=message,
+ root=True )
+ # Add a folder to the library
+ name = "Root Folder's Folder X"
+ description = "This is the root folder's Folder X"
+ self.add_folder( 'library',
+ self.security.encode_id( library_two.id ),
+ self.security.encode_id( library_two.root_folder.id ),
+ name=name,
+ description=description )
+ global folder_x
+ folder_x = get_folder( library_two.root_folder.id, name, description )
+ # Add an information template to the folder
+ template_name = 'Folder Template 1'
+ self.add_library_template( 'library',
+ 'folder',
+ self.security.encode_id( library_one.id ),
+ self.security.encode_id( form_one.id ),
+ form_one.name,
+ folder_id=self.security.encode_id( folder_x.id ) )
+ # Modify the folder's information
+ contents = '%s folder contents' % form_one_field_label
+ new_name = "Root Folder's Folder Y"
+ new_description = "This is the root folder's Folder Y"
+ self.folder_info( 'library',
+ self.security.encode_id( folder_x.id ),
+ self.security.encode_id( library_two.id ),
+ name,
+ new_name,
+ new_description,
+ contents=contents,
+ field_name=form_one_field_name )
+ # Twill barfs when self.check_page_for_string() is called after dealing with an information template,
+ # the exception is: TypeError: 'str' object is not callable
+ # the work-around it to end this method so any calls are in the next method.
+ def test_060_template_features_and_permissions( self ):
+ """Test library template and more permissions behavior from the Data Libraries view"""
+ # Logged in as regular_user2
+ refresh( folder_x )
+ # Add a dataset to the folder
+ message = 'Testing adding 2.bed to Library Three root folder'
+ self.add_library_dataset( 'library',
+ '2.bed',
+ self.security.encode_id( library_two.id ),
+ self.security.encode_id( folder_x.id ),
+ folder_x.name,
+ file_type='bed',
+ dbkey='hg18',
+ message=message.replace( ' ', '+' ),
+ root=False )
+ global ldda_x
+ ldda_x = get_latest_ldda()
+ assert ldda_x is not None, 'Problem retrieving ldda_x from the database'
+ # Add an information template to the library
+ template_name = 'Library Template 3'
+ self.add_library_template( 'library',
+ 'library',
+ self.security.encode_id( library_two.id ),
+ self.security.encode_id( form_one.id ),
+ form_one.name )
+ # Add information to the library using the template
+ contents = '%s library contents' % form_one_field_label
+ self.visit_url( '%s/library_common/library_info?cntrller=library&id=%s' % ( self.url, self.security.encode_id( library_two.id ) ) )
+ # There are 2 forms on this page and the template is the 2nd form
+ tc.fv( '2', form_one_field_name, contents )
+ tc.submit( 'edit_info_button' )
+ # For some reason, the following check:
+ # self.check_page_for_string ( 'The information has been updated.' )
+ # ...throws the following exception - I have not idea why!
+ # TypeError: 'str' object is not callable
+ # The work-around is to not make ANY self.check_page_for_string() calls until the next method
+ def test_065_permissions_as_different_regular_user( self ):
+ """Test library template and more permissions behavior from the Data Libraries view as a different user"""
+ # Logged in as regular_user2
+ self.logout()
+ self.login( email=regular_user1.email )
+ self.browse_library( 'library',
+ self.security.encode_id( library_two.id ),
+ check_str1=ldda_x.name )
+ def test_999_reset_data_for_later_test_runs( self ):
+ """Reseting data to enable later test runs to pass"""
+ # Logged in as regular_user1
+ self.logout()
+ self.login( email=admin_user.email )
+ ##################
+ # Purge all libraries
+ ##################
+ for library in [ library_one, library_two ]:
+ self.delete_library_item( self.security.encode_id( library.id ),
+ self.security.encode_id( library.id ),
+ library.name,
+ item_type='library' )
+ self.purge_library( self.security.encode_id( library.id ), library.name )
+ ##################
+ # Eliminate all non-private roles
+ ##################
+ for role in [ role_one, role_two ]:
+ self.mark_role_deleted( self.security.encode_id( role.id ), role.name )
+ self.purge_role( self.security.encode_id( role.id ), role.name )
+ # Manually delete the role from the database
+ refresh( role )
+ sa_session.delete( role )
+ sa_session.flush()
+ ##################
+ # Eliminate all groups
+ ##################
+ for group in [ group_one ]:
+ self.mark_group_deleted( self.security.encode_id( group.id ), group.name )
+ self.purge_group( self.security.encode_id( group.id ), group.name )
+ # Manually delete the group from the database
+ refresh( group )
+ sa_session.delete( group )
+ sa_session.flush()
+ ##################
+ # Make sure all users are associated only with their private roles
+ ##################
+ for user in [ admin_user, regular_user1, regular_user2, regular_user3 ]:
+ refresh( user )
+ if len( user.roles) != 1:
+ raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 1 )' % ( len( user.roles ), user.email ) )
diff -r e39c9a2a0b4c -r 48e83411aa91 test/functional/test_security_and_libraries.py
--- a/test/functional/test_security_and_libraries.py Fri Mar 12 14:27:04 2010 -0500
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,2141 +0,0 @@
-import galaxy.model
-from galaxy.model.orm import *
-from galaxy.model.mapping import context as sa_session
-from base.twilltestcase import *
-
-not_logged_in_security_msg = 'You must be logged in as an administrator to access this feature.'
-logged_in_security_msg = 'You must be an administrator to access this feature.'
-
-import sys
-class TestSecurityAndLibraries( TwillTestCase ):
- def test_000_admin_features_when_not_logged_in( self ):
- """Testing admin_features when not logged in"""
- self.logout()
- self.visit_url( "%s/admin" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/reload_tool?tool_id=upload1" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/roles" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/create_role" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/create_role" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/manage_users_and_groups_for_role" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/groups" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/create_group" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- self.check_page_for_string( not_logged_in_security_msg )
- self.visit_url( "%s/admin/users" % self.url )
- self.check_page_for_string( not_logged_in_security_msg )
- def test_005_login_as_admin_user( self ):
- """Testing logging in as an admin user test at bx.psu.edu - tests initial settings for DefaultUserPermissions and DefaultHistoryPermissions"""
- self.login( email='test at bx.psu.edu' ) # test at bx.psu.edu is configured as our admin user
- self.visit_page( "admin" )
- self.check_page_for_string( 'Administration' )
- global admin_user
- admin_user = sa_session.query( galaxy.model.User ) \
- .filter( galaxy.model.User.table.c.email=='test at bx.psu.edu' ) \
- .first()
- assert admin_user is not None, 'Problem retrieving user with email "test at bx.psu.edu" from the database'
- # Get the admin user's private role for later use
- global admin_user_private_role
- admin_user_private_role = None
- for role in admin_user.all_roles():
- if role.name == admin_user.email and role.description == 'Private Role for %s' % admin_user.email:
- admin_user_private_role = role
- break
- if not admin_user_private_role:
- raise AssertionError( "Private role not found for user '%s'" % admin_user.email )
- # Make sure DefaultUserPermissions are correct
- if len( admin_user.default_permissions ) > 1:
- raise AssertionError( '%d DefaultUserPermissions associated with user %s ( should be 1 )' \
- % ( len( admin_user.default_permissions ), admin_user.email ) )
- dup = sa_session.query( galaxy.model.DefaultUserPermissions ) \
- .filter( galaxy.model.DefaultUserPermissions.table.c.user_id==admin_user.id ) \
- .first()
- if not dup.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
- raise AssertionError( 'The DefaultUserPermission.action for user "%s" is "%s", but it should be "%s"' \
- % ( admin_user.email, dup.action, galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
- # Make sure DefaultHistoryPermissions are correct
- # Logged in as admin_user
- latest_history = sa_session.query( galaxy.model.History ) \
- .filter( and_( galaxy.model.History.table.c.deleted==False,
- galaxy.model.History.table.c.user_id==admin_user.id ) ) \
- .order_by( desc( galaxy.model.History.table.c.create_time ) ) \
- .first()
- if len( latest_history.default_permissions ) > 1:
- raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d when it was created ( should have been 1 )' \
- % ( len( latest_history.default_permissions ), latest_history.id ) )
- dhp = sa_session.query( galaxy.model.DefaultHistoryPermissions ) \
- .filter( galaxy.model.DefaultHistoryPermissions.table.c.history_id==latest_history.id ) \
- .first()
- if not dhp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
- raise AssertionError( 'The DefaultHistoryPermission.action for history id %d is "%s", but it should be "%s"' \
- % ( latest_history.id, dhp.action, galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
- self.home()
- self.visit_url( "%s/admin/manage_roles_and_groups_for_user?id=%s" % ( self.url, self.security.encode_id( admin_user.id ) ) )
- self.check_page_for_string( admin_user.email )
- # Try deleting the admin_user's private role
- check_str = "You cannot eliminate a user's private role association."
- self.associate_roles_and_groups_with_user( self.security.encode_id( admin_user.id ), admin_user.email,
- out_role_ids=str( admin_user_private_role.id ),
- check_str=check_str )
- self.logout()
- def test_010_login_as_regular_user1( self ):
- """Testing logging in as regular user test1 at bx.psu.edu - tests private role creation and changing DefaultHistoryPermissions for new histories"""
- # Some of the history related tests here are similar to some tests in the
- # test_history_functions.py script, so we could potentially eliminate 1 or 2 of them.
- self.login( email='test1 at bx.psu.edu' ) # test1 at bx.psu.edu is not an admin user
- global regular_user1
- regular_user1 = sa_session.query( galaxy.model.User ) \
- .filter( galaxy.model.User.table.c.email=='test1 at bx.psu.edu' ) \
- .first()
- assert regular_user1 is not None, 'Problem retrieving user with email "test1 at bx.psu.edu" from the database'
- self.visit_page( "admin" )
- self.check_page_for_string( logged_in_security_msg )
- # Make sure a private role exists for regular_user1
- private_role = None
- for role in regular_user1.all_roles():
- if role.name == regular_user1.email and role.description == 'Private Role for %s' % regular_user1.email:
- private_role = role
- break
- if not private_role:
- raise AssertionError( "Private role not found for user '%s'" % regular_user1.email )
- global regular_user1_private_role
- regular_user1_private_role = private_role
- # Add a dataset to the history
- self.upload_file( '1.bed' )
- latest_dataset = sa_session.query( galaxy.model.Dataset ) \
- .order_by( desc( galaxy.model.Dataset.table.c.create_time ) ) \
- .first()
- # Make sure DatasetPermissions is correct - default is 'manage permissions'
- if len( latest_dataset.actions ) > 1:
- actions = [ a.action for a in latest_dataset.actions ]
- raise AssertionError( '%d DatasetPermissions (%s) were created for dataset id %d when it was created ( should have been 1 )' \
- % ( len( latest_dataset.actions ), str( actions ), latest_dataset.id ) )
- dp = sa_session.query( galaxy.model.DatasetPermissions ) \
- .filter( galaxy.model.DatasetPermissions.table.c.dataset_id==latest_dataset.id ) \
- .first()
- if not dp.action:
- raise AssertionError( 'The Dataset id %d has no associated DatasetPermissions when is should have "manage permissions".' \
- % latest_dataset.id )
- elif not dp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
- raise AssertionError( 'The DatasetPermissions.action for dataset id %d is "%s", but it should be "manage permissions"' \
- % ( latest_dataset.id, dp.action ) )
- # Change DefaultHistoryPermissions for regular_user1
- permissions_in = []
- actions_in = []
- for key, value in galaxy.model.Dataset.permitted_actions.items():
- # NOTE: setting the 'access' permission with the private role makes this dataset private
- permissions_in.append( key )
- actions_in.append( value.action )
- # Sort actions for later comparison
- actions_in.sort()
- role_id = str( private_role.id )
- self.user_set_default_permissions( permissions_in=permissions_in, role_id=role_id )
- # Make sure the default permissions are changed for new histories
- self.new_history()
- # logged in as regular_user1
- latest_history = sa_session.query( galaxy.model.History ) \
- .filter( and_( galaxy.model.History.table.c.deleted==False,
- galaxy.model.History.table.c.user_id==regular_user1.id ) ) \
- .order_by( desc( galaxy.model.History.table.c.create_time ) ) \
- .first()
- if len( latest_history.default_permissions ) != len( galaxy.model.Dataset.permitted_actions.items() ):
- raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d, should have been %d' % \
- ( len( latest_history.default_permissions ), latest_history.id, len( galaxy.model.Dataset.permitted_actions.items() ) ) )
- dhps = []
- for dhp in latest_history.default_permissions:
- dhps.append( dhp.action )
- # Sort permissions for later comparison
- dhps.sort()
- for key, value in galaxy.model.Dataset.permitted_actions.items():
- if value.action not in dhps:
- raise AssertionError( '%s not in history id %d default_permissions after they were changed' % ( value.action, latest_history.id ) )
- # Add a dataset to the history
- self.upload_file( '1.bed' )
- latest_dataset = sa_session.query( galaxy.model.Dataset ).order_by( desc( galaxy.model.Dataset.table.c.create_time ) ).first()
- # Make sure DatasetPermissionss are correct
- if len( latest_dataset.actions ) != len( latest_history.default_permissions ):
- raise AssertionError( '%d DatasetPermissionss were created for dataset id %d when it was created ( should have been %d )' % \
- ( len( latest_dataset.actions ), latest_dataset.id, len( latest_history.default_permissions ) ) )
- dps = []
- for dp in latest_dataset.actions:
- dps.append( dp.action )
- # Sort actions for later comparison
- dps.sort()
- # Compare DatasetPermissions with permissions_in - should be the same
- if dps != actions_in:
- raise AssertionError( 'DatasetPermissionss "%s" for dataset id %d differ from changed default permissions "%s"' \
- % ( str( dps ), latest_dataset.id, str( actions_in ) ) )
- # Compare DefaultHistoryPermissions and DatasetPermissionss - should be the same
- if dps != dhps:
- raise AssertionError( 'DatasetPermissionss "%s" for dataset id %d differ from DefaultHistoryPermissions "%s" for history id %d' \
- % ( str( dps ), latest_dataset.id, str( dhps ), latest_history.id ) )
- self.logout()
-
- def test_015_login_as_regular_user2( self ):
- """Testing logging in as regular user test2 at bx.psu.edu - tests changing DefaultHistoryPermissions for the current history"""
- email = 'test2 at bx.psu.edu'
- self.login( email=email ) # This will not be an admin user
- global regular_user2
- regular_user2 = sa_session.query( galaxy.model.User ) \
- .filter( galaxy.model.User.table.c.email==email ) \
- .first()
- assert regular_user2 is not None, 'Problem retrieving user with email "" from the database' % email
- # Logged in as regular_user2
- latest_history = sa_session.query( galaxy.model.History ) \
- .filter( and_( galaxy.model.History.table.c.deleted==False,
- galaxy.model.History.table.c.user_id==regular_user2.id ) ) \
- .order_by( desc( galaxy.model.History.table.c.create_time ) ) \
- .first()
- self.upload_file( '1.bed' )
- latest_dataset = sa_session.query( galaxy.model.Dataset ).order_by( desc( galaxy.model.Dataset.table.c.create_time ) ).first()
- permissions_in = [ 'DATASET_MANAGE_PERMISSIONS' ]
- # Make sure these are in sorted order for later comparison
- actions_in = [ 'manage permissions' ]
- permissions_out = [ 'DATASET_ACCESS' ]
- actions_out = [ 'access' ]
- global regular_user2_private_role
- regular_user2_private_role = None
- for role in regular_user2.all_roles():
- if role.name == regular_user2.email and role.description == 'Private Role for %s' % regular_user2.email:
- regular_user2_private_role = role
- break
- if not regular_user2_private_role:
- raise AssertionError( "Private role not found for user '%s'" % regular_user2.email )
- role_id = str( regular_user2_private_role.id )
- # Change DefaultHistoryPermissions for the current history
- self.history_set_default_permissions( permissions_out=permissions_out, permissions_in=permissions_in, role_id=role_id )
- if len( latest_history.default_permissions ) != len( actions_in ):
- raise AssertionError( '%d DefaultHistoryPermissions were created for history id %d, should have been %d' \
- % ( len( latest_history.default_permissions ), latest_history.id, len( permissions_in ) ) )
- # Make sure DefaultHistoryPermissions were correctly changed for the current history
- dhps = []
- for dhp in latest_history.default_permissions:
- dhps.append( dhp.action )
- # Sort permissions for later comparison
- dhps.sort()
- # Compare DefaultHistoryPermissions and actions_in - should be the same
- if dhps != actions_in:
- raise AssertionError( 'DefaultHistoryPermissions "%s" for history id %d differ from actions "%s" passed for changing' \
- % ( str( dhps ), latest_history.id, str( actions_in ) ) )
- # Make sure DatasetPermissionss are correct
- if len( latest_dataset.actions ) != len( latest_history.default_permissions ):
- raise AssertionError( '%d DatasetPermissionss were created for dataset id %d when it was created ( should have been %d )' \
- % ( len( latest_dataset.actions ), latest_dataset.id, len( latest_history.default_permissions ) ) )
- dps = []
- for dp in latest_dataset.actions:
- dps.append( dp.action )
- # Sort actions for comparison
- dps.sort()
- # Compare DatasetPermissionss and DefaultHistoryPermissions - should be the same
- if dps != dhps:
- raise AssertionError( 'DatasetPermissionss "%s" for dataset id %d differ from DefaultHistoryPermissions "%s"' \
- % ( str( dps ), latest_dataset.id, str( dhps ) ) )
- self.logout()
- def test_020_create_new_user_account_as_admin( self ):
- """Testing creating a new user account as admin"""
- self.login( email=admin_user.email )
- email = 'test3 at bx.psu.edu'
- password = 'testuser'
- previously_created = self.create_new_account_as_admin( email=email, password=password )
- # Get the user object for later tests
- global regular_user3
- regular_user3 = sa_session.query( galaxy.model.User ).filter( galaxy.model.User.table.c.email==email ).first()
- assert regular_user3 is not None, 'Problem retrieving user with email "%s" from the database' % email
- global regular_user3_private_role
- regular_user3_private_role = None
- for role in regular_user3.all_roles():
- if role.name == regular_user3.email and role.description == 'Private Role for %s' % regular_user3.email:
- regular_user3_private_role = role
- break
- if not regular_user3_private_role:
- raise AssertionError( "Private role not found for user '%s'" % regular_user3.email )
- # Make sure DefaultUserPermissions were created
- if not regular_user3.default_permissions:
- raise AssertionError( 'No DefaultUserPermissions were created for user %s when the admin created the account' % email )
- # Make sure a private role was created for the user
- if not regular_user3.roles:
- raise AssertionError( 'No UserRoleAssociations were created for user %s when the admin created the account' % email )
- if not previously_created and len( regular_user3.roles ) != 1:
- raise AssertionError( '%d UserRoleAssociations were created for user %s when the admin created the account ( should have been 1 )' \
- % ( len( regular_user3.roles ), regular_user3.email ) )
- for ura in regular_user3.roles:
- role = sa_session.query( galaxy.model.Role ).get( ura.role_id )
- if not previously_created and role.type != 'private':
- raise AssertionError( 'Role created for user %s when the admin created the account is not private, type is' \
- % str( role.type ) )
- if not previously_created:
- # Make sure a history was not created ( previous test runs may have left deleted histories )
- histories = sa_session.query( galaxy.model.History ) \
- .filter( and_( galaxy.model.History.table.c.user_id==regular_user3.id,
- galaxy.model.History.table.c.deleted==False ) ) \
- .all()
- if histories:
- raise AssertionError( 'Histories were incorrectly created for user %s when the admin created the account' % email )
- # Make sure the user was not associated with any groups
- if regular_user3.groups:
- raise AssertionError( 'Groups were incorrectly associated with user %s when the admin created the account' % email )
- def test_025_reset_password_as_admin( self ):
- """Testing reseting a user password as admin"""
- email = 'test3 at bx.psu.edu'
- self.reset_password_as_admin( user_id=self.security.encode_id( regular_user3.id ), password='testreset' )
- self.logout()
- def test_030_login_after_password_reset( self ):
- """Testing logging in after an admin reset a password - tests DefaultHistoryPermissions for accounts created by an admin"""
- self.login( email='test3 at bx.psu.edu', password='testreset' )
- # Make sure a History and HistoryDefaultPermissions exist for the user
- # Logged in as regular_user3
- latest_history = sa_session.query( galaxy.model.History ) \
- .filter( and_( galaxy.model.History.table.c.deleted==False,
- galaxy.model.History.table.c.user_id==regular_user3.id ) ) \
- .order_by( desc( galaxy.model.History.table.c.create_time ) ) \
- .first()
- if not latest_history.user_id == regular_user3.id:
- raise AssertionError( 'A history was not created for user %s when he logged in' % email )
- if not latest_history.default_permissions:
- raise AssertionError( 'No DefaultHistoryPermissions were created for history id %d when it was created' % latest_history.id )
- if len( latest_history.default_permissions ) > 1:
- raise AssertionError( 'More than 1 DefaultHistoryPermissions were created for history id %d when it was created' % latest_history.id )
- dhp = sa_session.query( galaxy.model.DefaultHistoryPermissions ) \
- .filter( galaxy.model.DefaultHistoryPermissions.table.c.history_id==latest_history.id ) \
- .first()
- if not dhp.action == galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
- raise AssertionError( 'The DefaultHistoryPermission.action for history id %d is "%s", but it should be "manage permissions"' \
- % ( latest_history.id, dhp.action ) )
- # Upload a file to create a HistoryDatasetAssociation
- self.upload_file( '1.bed' )
- latest_dataset = sa_session.query( galaxy.model.Dataset ).order_by( desc( galaxy.model.Dataset.table.c.create_time ) ).first()
- for dp in latest_dataset.actions:
- # Should only have 1 DatasetPermissions
- if dp.action != galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action:
- raise AssertionError( 'The DatasetPermissions for dataset id %d is %s ( should have been %s )' \
- % ( latest_dataset.id,
- latest_dataset.actions.action,
- galaxy.model.Dataset.permitted_actions.DATASET_MANAGE_PERMISSIONS.action ) )
- self.logout()
- # Reset the password to the default for later tests
- self.login( email='test at bx.psu.edu' )
- self.reset_password_as_admin( user_id=self.security.encode_id( regular_user3.id ), password='testuser' )
- def test_035_mark_user_deleted( self ):
- """Testing marking a user account as deleted"""
- # Logged in as admin_user
- self.mark_user_deleted( user_id=self.security.encode_id( regular_user3.id ), email=regular_user3.email )
- # Deleting a user should not delete any associations
- sa_session.refresh( regular_user3 )
- if not regular_user3.active_histories:
- raise AssertionError( 'HistoryDatasetAssociations for regular_user3 were incorrectly deleted when the user was marked deleted' )
- def test_040_undelete_user( self ):
- """Testing undeleting a user account"""
- # Logged in as admin_user
- self.undelete_user( user_id=self.security.encode_id( regular_user3.id ), email=regular_user3.email )
- def test_045_create_role( self ):
- """Testing creating new role with 3 members ( and a new group named the same ), then renaming the role"""
- # Logged in as admin_user
- name = 'Role One'
- description = "This is Role Ones description"
- user_ids=[ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ]
- self.create_role( name=name,
- description=description,
- in_user_ids=user_ids,
- in_group_ids=[],
- create_group_for_role='yes',
- private_role=admin_user.email )
- # Get the role object for later tests
- global role_one
- role_one = sa_session.query( galaxy.model.Role ).filter( galaxy.model.Role.table.c.name==name ).first()
- assert role_one is not None, 'Problem retrieving role named "Role One" from the database'
- # Make sure UserRoleAssociations are correct
- if len( role_one.users ) != len( user_ids ):
- raise AssertionError( '%d UserRoleAssociations were created for role id %d when it was created ( should have been %d )' \
- % ( len( role_one.users ), role_one.id, len( user_ids ) ) )
- # Each of the following users should now have 2 role associations, their private role and role_one
- for user in [ admin_user, regular_user1, regular_user3 ]:
- sa_session.refresh( user )
- if len( user.roles ) != 2:
- raise AssertionError( '%d UserRoleAssociations are associated with user %s ( should be 2 )' \
- % ( len( user.roles ), user.email ) )
- # Make sure the group was created
- self.home()
- self.visit_page( 'admin/groups' )
- self.check_page_for_string( name )
- global group_zero
- group_zero = sa_session.query( galaxy.model.Group ).filter( galaxy.model.Group.table.c.name==name ).first()
- # Rename the role
- rename = "Role One's been Renamed"
- new_description="This is Role One's Re-described"
- self.rename_role( self.security.encode_id( role_one.id ), name=rename, description=new_description )
- self.home()
- self.visit_page( 'admin/roles' )
- self.check_page_for_string( rename )
- self.check_page_for_string( new_description )
- # Reset the role back to the original name and description
- self.rename_role( self.security.encode_id( role_one.id ), name=name, description=description )
- def test_050_create_group( self ):
- """Testing creating new group with 3 members and 1 associated role, then renaming it"""
- # Logged in as admin_user
- name = "Group One's Name"
- user_ids=[ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ]
- role_ids=[ str( role_one.id ) ]
- self.create_group( name=name, in_user_ids=user_ids, in_role_ids=role_ids )
- # Get the group object for later tests
- global group_one
- group_one = sa_session.query( galaxy.model.Group ).filter( galaxy.model.Group.table.c.name==name ).first()
- assert group_one is not None, 'Problem retrieving group named "Group One" from the database'
- # Make sure UserGroupAssociations are correct
- if len( group_one.users ) != len( user_ids ):
- raise AssertionError( '%d UserGroupAssociations were created for group id %d when it was created ( should have been %d )' \
- % ( len( group_one.users ), group_one.id, len( user_ids ) ) )
- # Each user should now have 1 group association, group_one
- for user in [ admin_user, regular_user1, regular_user3 ]:
- sa_session.refresh( user )
- if len( user.groups ) != 1:
- raise AssertionError( '%d UserGroupAssociations are associated with user %s ( should be 1 )' % ( len( user.groups ), user.email ) )
- # Make sure GroupRoleAssociations are correct
- if len( group_one.roles ) != len( role_ids ):
- raise AssertionError( '%d GroupRoleAssociations were created for group id %d when it was created ( should have been %d )' \
- % ( len( group_one.roles ), group_one.id, len( role_ids ) ) )
- # Rename the group
- rename = "Group One's been Renamed"
- self.rename_group( self.security.encode_id( group_one.id ), name=rename, )
- self.home()
- self.visit_page( 'admin/groups' )
- self.check_page_for_string( rename )
- # Reset the group back to the original name
- self.rename_group( self.security.encode_id( group_one.id ), name=name )
- def test_055_add_members_and_role_to_group( self ):
- """Testing editing user membership and role associations of an existing group"""
- # Logged in as admin_user
- name = 'Group Two'
- self.create_group( name=name, in_user_ids=[], in_role_ids=[] )
- # Get the group object for later tests
- global group_two
- group_two = sa_session.query( galaxy.model.Group ).filter( galaxy.model.Group.table.c.name==name ).first()
- assert group_two is not None, 'Problem retrieving group named "Group Two" from the database'
- # group_two should have no associations
- if group_two.users:
- raise AssertionError( '%d UserGroupAssociations were created for group id %d when it was created ( should have been 0 )' \
- % ( len( group_two.users ), group_two.id ) )
- if group_two.roles:
- raise AssertionError( '%d GroupRoleAssociations were created for group id %d when it was created ( should have been 0 )' \
- % ( len( group_two.roles ), group_two.id ) )
- user_ids = [ str( regular_user1.id ) ]
- role_ids = [ str( role_one.id ) ]
- self.associate_users_and_roles_with_group( self.security.encode_id( group_two.id ),
- group_two.name,
- user_ids=user_ids,
- role_ids=role_ids )
- def test_060_create_role_with_user_and_group_associations( self ):
- """Testing creating a role with user and group associations"""
- # Logged in as admin_user
- # NOTE: To get this to work with twill, all select lists on the ~/admin/role page must contain at least
- # 1 option value or twill throws an exception, which is: ParseError: OPTION outside of SELECT
- # Due to this bug in twill, we create the role, we bypass the page and visit the URL in the
- # associate_users_and_groups_with_role() method.
- name = 'Role Two'
- description = 'This is Role Two'
- user_ids=[ str( admin_user.id ) ]
- group_ids=[ str( group_two.id ) ]
- private_role=admin_user.email
- # Create the role
- self.create_role( name=name,
- description=description,
- in_user_ids=user_ids,
- in_group_ids=group_ids,
- private_role=private_role )
- # Get the role object for later tests
- global role_two
- role_two = sa_session.query( galaxy.model.Role ).filter( galaxy.model.Role.table.c.name==name ).first()
- assert role_two is not None, 'Problem retrieving role named "Role Two" from the database'
- # Make sure UserRoleAssociations are correct
- if len( role_two.users ) != len( user_ids ):
- raise AssertionError( '%d UserRoleAssociations were created for role id %d when it was created with %d members' \
- % ( len( role_two.users ), role_two.id, len( user_ids ) ) )
- # admin_user should now have 3 role associations, private role, role_one, role_two
- sa_session.refresh( admin_user )
- if len( admin_user.roles ) != 3:
- raise AssertionError( '%d UserRoleAssociations are associated with user %s ( should be 3 )' % ( len( admin_user.roles ), admin_user.email ) )
- # Make sure GroupRoleAssociations are correct
- sa_session.refresh( role_two )
- if len( role_two.groups ) != len( group_ids ):
- raise AssertionError( '%d GroupRoleAssociations were created for role id %d when it was created ( should have been %d )' \
- % ( len( role_two.groups ), role_two.id, len( group_ids ) ) )
- # group_two should now be associated with 2 roles: role_one, role_two
- sa_session.refresh( group_two )
- if len( group_two.roles ) != 2:
- raise AssertionError( '%d GroupRoleAssociations are associated with group id %d ( should be 2 )' % ( len( group_two.roles ), group_two.id ) )
- def test_065_change_user_role_associations( self ):
- """Testing changing roles associated with a user"""
- # Logged in as admin_user
- # Create a new role with no associations
- name = 'Role Three'
- description = 'This is Role Three'
- user_ids=[]
- group_ids=[]
- private_role=admin_user.email
- self.create_role( name=name,
- description=description,
- in_user_ids=user_ids,
- in_group_ids=group_ids,
- private_role=private_role )
- # Get the role object for later tests
- global role_three
- role_three = sa_session.query( galaxy.model.Role ).filter( galaxy.model.Role.table.c.name==name ).first()
- assert role_three is not None, 'Problem retrieving role named "Role Three" from the database'
- # Associate the role with a user
- sa_session.refresh( admin_user )
- role_ids = []
- for ura in admin_user.non_private_roles:
- role_ids.append( str( ura.role_id ) )
- role_ids.append( str( role_three.id ) )
- group_ids = []
- for uga in admin_user.groups:
- group_ids.append( str( uga.group_id ) )
- check_str = "User '%s' has been updated with %d associated roles and %d associated groups" % ( admin_user.email, len( role_ids ), len( group_ids ) )
- self.associate_roles_and_groups_with_user( self.security.encode_id( admin_user.id ),
- str( admin_user.email ),
More information about the galaxy-dev
mailing list