From f5548b1f552175b351d0eaa6b4a1f3d6045b9329 Mon Sep 17 00:00:00 2001 From: nsyed22 Date: Wed, 18 Jan 2023 15:20:59 -0500 Subject: [PATCH] refactor and fix edge cases test --- pybossa/view/projects.py | 29 +++++++++++++++++------------ test/test_web.py | 16 +++++++--------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/pybossa/view/projects.py b/pybossa/view/projects.py index cb0cd92431..0f4724bcde 100644 --- a/pybossa/view/projects.py +++ b/pybossa/view/projects.py @@ -518,30 +518,35 @@ def clone(short_name): project=project_sanitized )) +def is_editor_disabled(): + return (not current_user.admin and + current_app.config.get( + 'DISABLE_TASK_PRESENTER_EDITOR')) + +def is_admin_or_owner(project): + return (current_user.admin or + (project.owner_id == current_user.id or + current_user.id in project.owners_ids)) + @blueprint.route('//tasks/taskpresenterimageupload', methods=['GET', 'POST']) @login_required @admin_or_subadmin_required @csrf.exempt def upload_task_guidelines_image(short_name): error = False + return_code = 200 project = project_by_shortname(short_name) - disable_editor = (not current_user.admin and - current_app.config.get( - 'DISABLE_TASK_PRESENTER_EDITOR')) - is_admin_or_owner = ( - current_user.admin or - (project.owner_id == current_user.id or - current_user.id in project.owners_ids)) imgurls = [] - if disable_editor: + if is_editor_disabled(): flash(gettext('Task presenter editor disabled!'), 'error') error = True - elif not is_admin_or_owner: + return_code = 400 + elif not is_admin_or_owner(project): flash(gettext('Ooops! Only project owners can upload files.'), 'error') error = True + return_code = 400 else: - large_file = False for file in request.files.getlist("image"): file_size_mb = file.seek(0, os.SEEK_END) / 1024 / 1024 file.seek(0, os.SEEK_SET) @@ -557,15 +562,15 @@ def upload_task_guidelines_image(short_name): )) else: flash(gettext('File must be smaller than ' + str(current_app.config.get('MAX_IMAGE_UPLOAD_SIZE_MB', 5)) + ' MB.')) - large_file = True error = True + return_code = 413 response = { "imgurls" : imgurls, "error": error } - return jsonify(response), 200 if large_file == False else 413 + return jsonify(response), return_code @blueprint.route('//tasks/taskpresentereditor', methods=['GET', 'POST']) @login_required diff --git a/test/test_web.py b/test/test_web.py index 104048625f..2df77511b9 100644 --- a/test/test_web.py +++ b/test/test_web.py @@ -4784,7 +4784,7 @@ def test_task_presenter_multiple_image_upload(self, mock): assert res_data['error'] == False, "There should be no errors for normal file upload" @with_context - @patch('pybossa.view.projects.uploader.upload_file', return_value=True) + @patch('pybossa.view.projects.is_admin_or_owner', return_value=False) def test_task_presenter_image_upload_user_not_owner_or_admin(self, mock): """Test API /tasks/taskpresenterimageupload to upload a task presenter guidelines image""" print("running test_task_presenter_image_upload_user_not_owner_or_admin...") @@ -4801,23 +4801,22 @@ def test_task_presenter_image_upload_user_not_owner_or_admin(self, mock): 'subproduct': 'def', }, owner=user) - user2 = UserFactory.create(id=505) - headers = [('Authorization', user2.api_key)] + headers = [('Authorization', user.api_key)] with open('./test/files/small-image1.jpg', 'rb') as img: imgStringIO = BytesIO(img.read()) # Call API method to upload image. res = self.app.post('/project/{}/tasks/taskpresenterimageupload'.format(project.short_name), headers=headers, data={'image': (imgStringIO, 'large-image.jpg')}) res_data = json.loads(res.data) - assert res.status_code == 200, "POST image upload should be successful" + assert res.status_code == 400, "POST image upload should be successful" assert len(res_data['imgurls']) == 0, "Image should not be uploaded." assert res_data['error'] == True, "There should be an error since the user is not owner or admin" mock_authenticated=mock_current_user(anonymous=False, admin=False, id=2) @with_context - @patch('pybossa.view.projects.uploader.upload_file', return_value=True) - @patch('flask_login.current_user', admin=False) - def test_task_presenter_image_upload_task_presenter_disabled(self, mock, mock_user): + @patch('pybossa.view.projects.is_editor_disabled', return_value=True) + def test_task_presenter_image_upload_task_presenter_disabled(self, disable_editor): + """Test API /tasks/taskpresenterimageupload to upload a task presenter guidelines image""" print("running test_task_presenter_image_upload_task_presenter_disabled...") user = UserFactory.create(id=2, admin=False) @@ -4841,8 +4840,7 @@ def test_task_presenter_image_upload_task_presenter_disabled(self, mock, mock_us # Call API method to upload image. res = self.app.post('/project/{}/tasks/taskpresenterimageupload'.format(project.short_name), headers=headers, data={'image': (imgStringIO, 'large-image.jpg')}) res_data = json.loads(res.data) - print(res_data) - assert res.status_code == 200, "POST image upload should be successful" + assert res.status_code == 400, "POST image upload should be successful" assert len(res_data['imgurls']) == 0, "Image should not be uploaded." assert res_data['error'] == True, "There should be an error since the task presenter is disabled"