diff --git a/reana_server/rest/ping.py b/reana_server/rest/ping.py index d2c57825..4f6c1a5a 100644 --- a/reana_server/rest/ping.py +++ b/reana_server/rest/ping.py @@ -10,7 +10,7 @@ from flask import Blueprint, jsonify -blueprint = Blueprint('ping', __name__) +blueprint = Blueprint('ping', __name__, url_prefix='/reana-api') @blueprint.route('/ping', methods=['GET']) diff --git a/reana_server/rest/secrets.py b/reana_server/rest/secrets.py index 1be1320c..b6f78a4e 100644 --- a/reana_server/rest/secrets.py +++ b/reana_server/rest/secrets.py @@ -20,7 +20,7 @@ from reana_commons.k8s.secrets import REANAUserSecretsStore from reana_server.utils import get_user_from_token -blueprint = Blueprint('secrets', __name__) +blueprint = Blueprint('secrets', __name__, url_prefix='/reana-api') @blueprint.route('/secrets/', methods=['POST']) @@ -112,7 +112,10 @@ def add_secrets(): # noqa } """ try: - user = get_user_from_token(request.args.get("access_token")) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) secrets_store = REANAUserSecretsStore(str(user.id_)) overwrite = json.loads(request.args.get('overwrite')) secrets_store.add_secrets(request.json, overwrite=overwrite) @@ -194,7 +197,10 @@ def get_secrets(): # noqa } """ try: - user = get_user_from_token(request.args.get("access_token")) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) secrets_store = REANAUserSecretsStore(str(user.id_)) user_secrets = secrets_store.get_secrets() return jsonify(user_secrets), 200 @@ -283,7 +289,10 @@ def delete_secrets(): # noqa } """ try: - user = get_user_from_token(request.args.get("access_token")) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) secrets_store = REANAUserSecretsStore(str(user.id_)) deleted_secrets_list = secrets_store.delete_secrets(request.json) return jsonify(deleted_secrets_list), 200 diff --git a/reana_server/rest/users.py b/reana_server/rest/users.py index 1a2c85b1..3dc36897 100644 --- a/reana_server/rest/users.py +++ b/reana_server/rest/users.py @@ -15,7 +15,7 @@ from reana_server.utils import _create_user, _get_users -blueprint = Blueprint('users', __name__) +blueprint = Blueprint('users', __name__, url_prefix='/reana-api') @blueprint.route('/users', methods=['GET']) diff --git a/reana_server/rest/workflows.py b/reana_server/rest/workflows.py index f382b421..eb7eb02b 100644 --- a/reana_server/rest/workflows.py +++ b/reana_server/rest/workflows.py @@ -17,6 +17,7 @@ from flask import Blueprint from flask import current_app as app from flask import jsonify, request, send_file +from flask_login import current_user from reana_commons.config import INTERACTIVE_SESSION_TYPES from reana_commons.utils import get_workspace_disk_usage from reana_db.database import Session @@ -26,9 +27,10 @@ from reana_server.api_client import current_rwc_api_client, \ current_workflow_submission_publisher from reana_server.config import SHARED_VOLUME_PATH -from reana_server.utils import get_user_from_token, is_uuid_v4 +from reana_server.utils import get_user_from_token, is_uuid_v4, \ + _get_user_from_invenio_user -blueprint = Blueprint('workflows', __name__) +blueprint = Blueprint('workflows', __name__, url_prefix='/reana-api') @blueprint.route('/workflows', methods=['GET']) @@ -148,7 +150,10 @@ def get_workflows(): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) type = request.args.get('type', 'batch') verbose = request.args.get('verbose', False) response, http_response = current_rwc_api_client.api.\ @@ -260,7 +265,10 @@ def create_workflow(): # noqa Request failed. Not implemented. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if request.json: # validate against schema reana_spec_file = request.json @@ -384,7 +392,10 @@ def get_workflow_logs(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -503,7 +514,10 @@ def get_workflow_status(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -635,7 +649,10 @@ def start_workflow(workflow_id_or_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -783,7 +800,10 @@ def set_workflow_status(workflow_id_or_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -886,7 +906,10 @@ def upload_file(workflow_id_or_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -982,7 +1005,10 @@ def download_file(workflow_id_or_name, file_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -1073,7 +1099,10 @@ def delete_file(workflow_id_or_name, file_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -1168,7 +1197,10 @@ def get_files(workflow_id_or_name): # noqa } """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -1274,7 +1306,10 @@ def get_workflow_parameters(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -1391,7 +1426,11 @@ def get_workflow_diff(workflow_id_or_name_a, workflow_id_or_name_b): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) + brief = request.args.get('brief', False) brief = True if brief == 'true' else False context_lines = request.args.get('context_lines', 5) @@ -1510,7 +1549,11 @@ def open_interactive_session(workflow_id_or_name, Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) + if interactive_session_type not in INTERACTIVE_SESSION_TYPES: return jsonify({ "message": "Interactive session type {0} not found, try " @@ -1614,7 +1657,10 @@ def close_interactive_session(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise KeyError("workflow_id_or_name is not supplied") response, http_response = current_rwc_api_client.api.\ @@ -1726,7 +1772,10 @@ def move_files(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) if not workflow_id_or_name: raise ValueError("workflow_id_or_name is not supplied") @@ -1848,7 +1897,10 @@ def get_workflow_disk_usage(workflow_id_or_name): # noqa Request failed. Internal controller error. """ try: - user = get_user_from_token(request.args.get('access_token')) + if current_user.is_authenticated: + user = _get_user_from_invenio_user(current_user.email) + else: + user = get_user_from_token(request.args.get('access_token')) parameters = request.json or {} if not workflow_id_or_name: diff --git a/reana_server/utils.py b/reana_server/utils.py index 2820afc1..9758c246 100644 --- a/reana_server/utils.py +++ b/reana_server/utils.py @@ -142,3 +142,10 @@ def _create_and_associate_reana_user(sender, token=None, except Exception: raise ValueError('Could not create user') return user + + +def _get_user_from_invenio_user(id): + user = Session.query(User).filter_by(email=id).one_or_none() + if not user: + raise ValueError('No users registered with this id') + return user diff --git a/setup.py b/setup.py index 106a7cd9..78ff8255 100644 --- a/setup.py +++ b/setup.py @@ -68,7 +68,7 @@ 'invenio-mail>=1.0.2,<1.1.0', 'invenio-rest>=1.0.0,<1.1.0', # From auth bundle - 'invenio-accounts-rest>=1.0.0a4', + 'invenio-accounts>=1.1.1', 'invenio-oauth2server>=1.0.3,<1.1.0', 'invenio-oauthclient>=1.1.2,<1.2.0', 'invenio-userprofiles>=1.0.1,<1.1.0', @@ -113,7 +113,7 @@ 'invenio_config.module': [ 'reana_server = reana_server.config', ], - "invenio_base.api_blueprints": [ + "invenio_base.blueprints": [ "reana_server_ping = reana_server.rest.ping:blueprint", "reana_server_workflows = reana_server.rest.workflows:blueprint", "reana_server_users = reana_server.rest.users:blueprint", diff --git a/tests/test_views.py b/tests/test_views.py index 9f9f1a53..b4a9c169 100644 --- a/tests/test_views.py +++ b/tests/test_views.py @@ -28,406 +28,444 @@ def test_get_workflows(app, default_user): """Test get_workflows view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.get( - url_for("workflows.get_workflows"), - query_string={"user_id": default_user.id_, - "type": "batch"}, - ) - assert res.status_code == 403 - - res = client.get( - url_for("workflows.get_workflows"), - query_string={"access_token": default_user.access_token, - "type": "batch"}, - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.get_workflows"), + query_string={"user_id": default_user.id_, + "type": "batch"}, + ) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.get_workflows"), + query_string={ + "access_token": default_user.access_token, + "type": "batch"}, + ) + assert res.status_code == 200 def test_create_workflow(app, default_user): """Test create_workflow view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - # access token needs to be passed instead of user_id - res = client.post( - url_for("workflows.create_workflow"), - query_string={"user_id": default_user.id_}, - ) - assert res.status_code == 403 - - # remote repository given as spec, not implemented - res = client.post( - url_for("workflows.create_workflow"), - query_string={"access_token": default_user.access_token, - "spec": "not_implemented"}, - ) - assert res.status_code == 501 - - # no specification provided - res = client.post( - url_for("workflows.create_workflow"), - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 500 - - # unknown workflow engine - workflow_data = { - "workflow": {"specification": {}, "type": "unknown"}, - "workflow_name": "test", - } - res = client.post( - url_for("workflows.create_workflow"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - data=json.dumps(workflow_data), - ) - assert res.status_code == 500 - - # name cannot be valid uuid4 - workflow_data['workflow']['type'] = 'serial' - res = client.post( - url_for("workflows.create_workflow"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token, - "workflow_name": str(uuid4())}, - data=json.dumps(workflow_data), - ) - assert res.status_code == 400 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + # access token needs to be passed instead of user_id + res = client.post( + url_for("workflows.create_workflow"), + query_string={"user_id": default_user.id_}, + ) + assert res.status_code == 403 - # wrong specification json - workflow_data = { - "nonsense": {"specification": {}, "type": "unknown"}, - } - res = client.post( - url_for("workflows.create_workflow"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - data=json.dumps(workflow_data), - ) - assert res.status_code == 400 + # remote repository given as spec, not implemented + res = client.post( + url_for("workflows.create_workflow"), + query_string={"access_token": default_user.access_token, + "spec": "not_implemented"}, + ) + assert res.status_code == 501 - # correct case - workflow_data = { - "workflow": {"specification": {}, "type": "serial"}, - "workflow_name": "test", - } - res = client.post( - url_for("workflows.create_workflow"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - data=json.dumps(workflow_data), - ) - assert res.status_code == 200 + # no specification provided + res = client.post( + url_for("workflows.create_workflow"), + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 500 + + # unknown workflow engine + workflow_data = { + "workflow": {"specification": {}, "type": "unknown"}, + "workflow_name": "test", + } + res = client.post( + url_for("workflows.create_workflow"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + data=json.dumps(workflow_data), + ) + assert res.status_code == 500 + + # name cannot be valid uuid4 + workflow_data['workflow']['type'] = 'serial' + res = client.post( + url_for("workflows.create_workflow"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token, + "workflow_name": str(uuid4())}, + data=json.dumps(workflow_data), + ) + assert res.status_code == 400 + + # wrong specification json + workflow_data = { + "nonsense": {"specification": {}, "type": "unknown"}, + } + res = client.post( + url_for("workflows.create_workflow"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + data=json.dumps(workflow_data), + ) + assert res.status_code == 400 + + # correct case + workflow_data = { + "workflow": {"specification": {}, "type": "serial"}, + "workflow_name": "test", + } + res = client.post( + url_for("workflows.create_workflow"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + data=json.dumps(workflow_data), + ) + assert res.status_code == 200 def test_get_workflow_logs(app, default_user): """Test get_workflow_logs view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.get( - url_for("workflows.get_workflow_logs", - workflow_id_or_name="1"), - query_string={"user_id": default_user.id_}, - ) - assert res.status_code == 403 - - res = client.get( - url_for("workflows.get_workflow_logs", - workflow_id_or_name="1"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.get_workflow_logs", + workflow_id_or_name="1"), + query_string={"user_id": default_user.id_}, + ) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.get_workflow_logs", + workflow_id_or_name="1"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 200 def test_get_workflow_status(app, default_user): """Test get_workflow_logs view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.get( - url_for("workflows.get_workflow_status", - workflow_id_or_name="1"), - query_string={"user_id": default_user.id_}, - ) - assert res.status_code == 403 - - res = client.get( - url_for("workflows.get_workflow_status", - workflow_id_or_name="1"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.get_workflow_status", + workflow_id_or_name="1"), + query_string={"user_id": default_user.id_}, + ) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.get_workflow_status", + workflow_id_or_name="1"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 200 def test_set_workflow_status(app, default_user): """Test get_workflow_logs view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.put( - url_for("workflows.set_workflow_status", - workflow_id_or_name="1"), - query_string={"user_id": default_user.id_}, - ) - assert res.status_code == 403 - - res = client.put( - url_for("workflows.set_workflow_status", - workflow_id_or_name="1"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 500 - - res = client.put( - url_for("workflows.set_workflow_status", - workflow_id_or_name="1"), - headers={"Content-Type": "application/json"}, - query_string={"access_token": default_user.access_token, - "status": "stop"}, - data=json.dumps(dict(parameters=None)) - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.put( + url_for("workflows.set_workflow_status", + workflow_id_or_name="1"), + query_string={"user_id": default_user.id_}, + ) + assert res.status_code == 403 + + res = client.put( + url_for("workflows.set_workflow_status", + workflow_id_or_name="1"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 500 + + res = client.put( + url_for("workflows.set_workflow_status", + workflow_id_or_name="1"), + headers={"Content-Type": "application/json"}, + query_string={"access_token": default_user.access_token, + "status": "stop"}, + data=json.dumps(dict(parameters=None)) + ) + assert res.status_code == 200 def test_upload_file(app, default_user): """Test upload_file view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.post( - url_for("workflows.upload_file", - workflow_id_or_name="1"), - query_string={"user_id": default_user.id_, - "file_name": "test_upload.txt"}, - data={ - "file_content": "tests/test_files/test_upload.txt" - } - ) - assert res.status_code == 403 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.post( + url_for("workflows.upload_file", + workflow_id_or_name="1"), + query_string={"user_id": default_user.id_, + "file_name": "test_upload.txt"}, + data={ + "file_content": "tests/test_files/test_upload.txt" + } + ) + assert res.status_code == 403 - res = client.post( - url_for("workflows.upload_file", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token, - "file_name": "test_upload.txt"}, - headers={"content_type": "multipart/form-data"}, - data={ - "file": (BytesIO(b"Upload this data."), - "tests/test_files/test_upload.txt") - } - ) - assert res.status_code == 400 + res = client.post( + url_for("workflows.upload_file", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token, + "file_name": "test_upload.txt"}, + headers={"content_type": "multipart/form-data"}, + data={ + "file": (BytesIO(b"Upload this data."), + "tests/test_files/test_upload.txt") + } + ) + assert res.status_code == 400 - res = client.post( - url_for("workflows.upload_file", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token, - "file_name": None}, - headers={"content_type": "multipart/form-data"}, - data={ - "file_content": (BytesIO(b"Upload this data."), - "tests/test_files/test_upload.txt") - } - ) - assert res.status_code == 400 + res = client.post( + url_for("workflows.upload_file", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token, + "file_name": None}, + headers={"content_type": "multipart/form-data"}, + data={ + "file_content": (BytesIO(b"Upload this data."), + "tests/test_files/test_upload.txt") + } + ) + assert res.status_code == 400 - res = client.post( - url_for("workflows.upload_file", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token, - "file_name": "test_upload.txt"}, - headers={"content_type": "multipart/form-data"}, - data={ - "file_content": (BytesIO(b"Upload this data."), - "tests/test_files/test_upload.txt") - } - ) - assert res.status_code == 200 + res = client.post( + url_for("workflows.upload_file", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token, + "file_name": "test_upload.txt"}, + headers={"content_type": "multipart/form-data"}, + data={ + "file_content": (BytesIO(b"Upload this data."), + "tests/test_files/test_upload.txt") + } + ) + assert res.status_code == 200 def test_download_file(app, default_user): """Test download_file view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.get( - url_for("workflows.download_file", - workflow_id_or_name="1", - file_name="test_download"), - query_string={"user_id": default_user.id_, - "file_name": "test_upload.txt"}, - ) - assert res.status_code == 403 - - res = client.get( - url_for("workflows.download_file", - workflow_id_or_name="1", - file_name="test_download"), - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.download_file", + workflow_id_or_name="1", + file_name="test_download"), + query_string={"user_id": default_user.id_, + "file_name": "test_upload.txt"}, + ) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.download_file", + workflow_id_or_name="1", + file_name="test_download"), + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 200 def test_delete_file(app, default_user): """Test delete_file view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.get( - url_for("workflows.delete_file", - workflow_id_or_name="1", - file_name="test_delete.txt"), - query_string={"user_id": default_user.id_}) - assert res.status_code == 403 - - res = client.get( - url_for("workflows.delete_file", - workflow_id_or_name="1", - file_name="test_delete.txt"), - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.delete_file", + workflow_id_or_name="1", + file_name="test_delete.txt"), + query_string={"user_id": default_user.id_}) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.delete_file", + workflow_id_or_name="1", + file_name="test_delete.txt"), + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 200 def test_get_files(app, default_user): """Test get_files view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.get( + url_for("workflows.get_files", + workflow_id_or_name="1"), + query_string={"user_id": default_user.id_}, + ) + assert res.status_code == 403 + + res = client.get( + url_for("workflows.get_files", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 500 + + mock_response = Mock() + mock_response.status_code = 200 + mock_response.json.return_value = dict(key='value') + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")( + mock_http_response=mock_response), + ): + res = client.get( + url_for("workflows.get_files", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token}, + ) + assert res.status_code == 200 + + +def test_get_user(app, default_user): + """Test get_user view.""" + with app.test_client() as client: + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): res = client.get( - url_for("workflows.get_files", - workflow_id_or_name="1"), - query_string={"user_id": default_user.id_}, + url_for("users.get_user"), + query_string={"id_": default_user.id_, + "email": default_user.email, + "user_token": default_user.access_token}, ) assert res.status_code == 403 res = client.get( - url_for("workflows.get_files", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token}, - ) - assert res.status_code == 500 - - mock_response = Mock() - mock_response.status_code = 200 - mock_response.json.return_value = dict(key='value') - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")( - mock_http_response=mock_response), - ): - res = client.get( - url_for("workflows.get_files", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token}, + url_for("users.get_user"), + query_string={"id_": default_user.id_, + "email": default_user.email, + "access_token": default_user.access_token}, ) assert res.status_code == 200 -def test_get_user(app, default_user): - """Test get_user view.""" - with app.test_client() as client: - res = client.get( - url_for("users.get_user"), - query_string={"id_": default_user.id_, - "email": default_user.email, - "user_token": default_user.access_token}, - ) - assert res.status_code == 403 - - res = client.get( - url_for("users.get_user"), - query_string={"id_": default_user.id_, - "email": default_user.email, - "access_token": default_user.access_token}, - ) - assert res.status_code == 200 - - def test_create_user(app, default_user): """Test create_user view.""" with app.test_client() as client: - res = client.post( - url_for("users.create_user"), - query_string={"id_": default_user.id_, - "email": default_user.email, - "user_token": default_user.access_token}, - ) - assert res.status_code == 403 - - res = client.post( - url_for("users.create_user"), - query_string={"id_": default_user.id_, - "email": default_user.email, - "access_token": default_user.access_token}, - ) - assert res.status_code == 403 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + res = client.post( + url_for("users.create_user"), + query_string={"id_": default_user.id_, + "email": default_user.email, + "user_token": default_user.access_token}, + ) + assert res.status_code == 403 - with app.test_client() as client: - res = client.post( - url_for("users.create_user"), - query_string={"email": "test_email", - "access_token": default_user.access_token}, - ) - assert res.status_code == 201 + res = client.post( + url_for("users.create_user"), + query_string={"id_": default_user.id_, + "email": default_user.email, + "access_token": default_user.access_token}, + ) + assert res.status_code == 403 + + with app.test_client() as client: + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + res = client.post( + url_for("users.create_user"), + query_string={"email": "test_email", + "access_token": default_user.access_token}, + ) + assert res.status_code == 201 def test_move_files(app, default_user): """Test move_files view.""" with app.test_client() as client: - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")(), - ): - res = client.put( - url_for("workflows.move_files", - workflow_id_or_name="1"), - query_string={"user": default_user.id_, - "source": "source.txt", - "target": "target.txt", - }) - assert res.status_code == 403 - - mock_response = Mock() - mock_response.status_code = 200 - mock_response.json.return_value = dict(key='value') - with patch( - "reana_server.rest.workflows.current_rwc_api_client", - make_mock_api_client("reana-workflow-controller")( - mock_http_response=mock_response), - ): - res = client.put( - url_for("workflows.move_files", - workflow_id_or_name="1"), - query_string={"access_token": default_user.access_token, - "source": "source.txt", - "target": "target.txt", - }) - assert res.status_code == 200 + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")(), + ): + res = client.put( + url_for("workflows.move_files", + workflow_id_or_name="1"), + query_string={"user": default_user.id_, + "source": "source.txt", + "target": "target.txt"}) + assert res.status_code == 403 + + mock_response = Mock() + mock_response.status_code = 200 + mock_response.json.return_value = dict(key='value') + with patch( + "reana_server.rest.workflows.current_rwc_api_client", + make_mock_api_client("reana-workflow-controller")( + mock_http_response=mock_response), + ): + res = client.put( + url_for("workflows.move_files", + workflow_id_or_name="1"), + query_string={"access_token": default_user.access_token, + "source": "source.txt", + "target": "target.txt"}) + assert res.status_code == 200 @pytest.mark.parametrize( @@ -441,6 +479,9 @@ def test_open_interactive_session(app, default_user, expected_status_code): """Test open interactive session.""" with app.test_client() as client: + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): with patch( "reana_server.rest.workflows.current_rwc_api_client", make_mock_api_client("reana-workflow-controller")(), @@ -461,6 +502,9 @@ def test_close_interactive_session(app, default_user, expected_status_code): """Test close an interactive session.""" with app.test_client() as client: + mock_current_user = Mock(is_authenticated=False) + with patch('flask_login.utils._get_user', + Mock(return_value=mock_current_user)): with patch( "reana_server.rest.workflows.current_rwc_api_client", make_mock_api_client("reana-workflow-controller")(),