root/galaxy-central/test/functional/test_library_security.py

リビジョン 2, 34.0 KB (コミッタ: hatakeyama, 14 年 前)

import galaxy-central

行番号 
1from base.twilltestcase import *
2from base.test_db_util import *
3
4class TestLibrarySecurity( TwillTestCase ):
5    def test_000_initiate_users( self ):
6        """Ensuring all required user accounts exist"""
7        self.logout()
8        self.login( email='test1@bx.psu.edu', username='regular-user1' )
9        global regular_user1
10        regular_user1 = get_user( 'test1@bx.psu.edu' )
11        assert regular_user1 is not None, 'Problem retrieving user with email "test1@bx.psu.edu" from the database'
12        global regular_user1_private_role
13        regular_user1_private_role = get_private_role( regular_user1 )
14        self.logout()
15        self.login( email='test2@bx.psu.edu', username='regular-user2' )
16        global regular_user2
17        regular_user2 = get_user( 'test2@bx.psu.edu' )
18        assert regular_user2 is not None, 'Problem retrieving user with email "test2@bx.psu.edu" from the database'
19        global regular_user2_private_role
20        regular_user2_private_role = get_private_role( regular_user2 )
21        self.logout()
22        self.login( email='test3@bx.psu.edu', username='regular-user3' )
23        global regular_user3
24        regular_user3 = get_user( 'test3@bx.psu.edu' )
25        assert regular_user3 is not None, 'Problem retrieving user with email "test3@bx.psu.edu" from the database'
26        global regular_user3_private_role
27        regular_user3_private_role = get_private_role( regular_user3 )
28        self.logout()
29        self.login( email='test@bx.psu.edu', username='admin-user' )
30        global admin_user
31        admin_user = get_user( 'test@bx.psu.edu' )
32        assert admin_user is not None, 'Problem retrieving user with email "test@bx.psu.edu" from the database'
33        global admin_user_private_role
34        admin_user_private_role = get_private_role( admin_user )
35    def test_005_create_required_groups_and_roles( self ):
36        """Testing creating all required groups and roles for this script"""
37        # Logged in as admin_user
38        # Create Role1: admin_user, regular_user1, regular_user3
39        name = 'Role1'
40        description = "Role1 description"
41        self.create_role( name=name,
42                          description=description,
43                          in_user_ids=[ str( admin_user.id ), str( regular_user1.id ), str( regular_user3.id ) ],
44                          in_group_ids=[],
45                          create_group_for_role='no',
46                          private_role=admin_user.email )
47        global role1
48        role1 = get_role_by_name( name )
49        # Create Group1: regular_user1, admin_user, regular_user3
50        name = 'Group1'
51        self.create_group( name=name, in_user_ids=[ str( regular_user1.id ) ], in_role_ids=[ str( role1.id ) ] )
52        global group1
53        group1 = get_group_by_name( name )
54        assert group1 is not None, 'Problem retrieving group named "Group1" from the database'
55        # NOTE: To get this to work with twill, all select lists on the ~/admin/role page must contain at least
56        # 1 option value or twill throws an exception, which is: ParseError: OPTION outside of SELECT
57        # Due to this bug in twill, we create the role, we bypass the page and visit the URL in the
58        # associate_users_and_groups_with_role() method.
59        #
60        #create Role2: admin_user, regular_user1, regular_user3
61        name = 'Role2'
62        description = 'Role2 description'
63        private_role = admin_user.email
64        self.create_role( name=name,
65                          description=description,
66                          in_user_ids=[ str( admin_user.id ) ],
67                          in_group_ids=[ str( group1.id ) ],
68                          private_role=private_role )
69        global role2
70        role2 = get_role_by_name( name )
71        assert role2 is not None, 'Problem retrieving role named "Role2" from the database'
72    def test_010_create_libraries( self ):
73        """Creating new libraries used in this script"""
74        # Logged in as admin_user
75        for index in range( 0, 2 ):
76            name = 'library%s' % str( index + 1 )
77            description = '%s description' % name
78            synopsis = '%s synopsis' % name
79            self.create_library( name=name, description=description, synopsis=synopsis )
80        # Get the libraries for later use
81        global library1
82        library1 = get_library( 'library1', 'library1 description', 'library1 synopsis' )
83        assert library1 is not None, 'Problem retrieving library (library1) from the database'
84        global library2
85        library2 = get_library( 'library2', 'library2 description', 'library2 synopsis' )
86        assert library2 is not None, 'Problem retrieving library (library2) from the database'
87    def test_015_restrict_access_to_library1( self ):
88        """Testing restricting access to library1"""
89        # Logged in as admin_user
90        # Make sure library1 is public
91        assert 'access library' not in [ a.action for a in library1.actions ], 'Library %s is not public when first created' % library1.name
92        # Set permissions on the library, sort for later testing.
93        permissions_in = [ k for k, v in galaxy.model.Library.permitted_actions.items() ]
94        permissions_out = []
95        # Role1 members are: admin_user, regular_user1, regular_user3.  Each of these users will be permitted for
96        # LIBRARY_ACCESS, LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on library1 and it's contents.
97        self.library_permissions( self.security.encode_id( library1.id ),
98                                  library1.name,
99                                  str( role1.id ),
100                                  permissions_in,
101                                  permissions_out )
102        # Make sure the library is accessible by admin_user
103        self.visit_url( '%s/library/browse_libraries' % self.url )
104        self.check_page_for_string( library1.name )
105        # Make sure the library is not accessible by regular_user2 since regular_user2 does not have Role1.
106        self.logout()
107        self.login( email=regular_user2.email )
108        self.visit_url( '%s/library/browse_libraries' % self.url )
109        try:
110            self.check_page_for_string( library1.name )
111            raise AssertionError, 'Library %s is accessible by %s when it should be restricted' % ( library1.name, regular_user2.email )
112        except:
113            pass
114        self.logout()
115        self.login( email=admin_user.email )
116    def test_020_add_folder_to_library1( self ):
117        """Testing adding a folder1 to a library1"""
118        # logged in as admin_user
119        root_folder = library1.root_folder
120        name = "Folder1"
121        description = "Folder1 description"
122        self.add_folder( 'library_admin',
123                         self.security.encode_id( library1.id ),
124                         self.security.encode_id( root_folder.id ),
125                         name=name,
126                         description=description )
127        global folder1
128        folder1 = get_folder( root_folder.id, name, description )
129        assert folder1 is not None, 'Problem retrieving folder1 from the database'
130    def test_025_create_ldda1_with_private_role_restriction( self ):
131        """Testing create ldda1 with a private role restriction"""
132        # Logged in as admin_user
133        #
134        # Library1 LIBRARY_ACCESS = Role1: admin_user, regular_user1, regular_user3
135        #
136        # Add a dataset restricted by the following:
137        # DATASET_MANAGE_PERMISSIONS = admin_user via DefaultUserPermissions
138        # DATASET_ACCESS = regular_user1 private role via this test method
139        # LIBRARY_ADD = "Role1" via inheritance from parent folder
140        # LIBRARY_MODIFY = "Role1" via inheritance from parent folder
141        # LIBRARY_MANAGE = "Role1" via inheritance from parent folder
142        #
143        # This means that only regular_user1 can see the dataset from the Data Libraries view
144        filename = '1.bed'
145        ldda_message ='ldda1'
146        self.upload_library_dataset( cntrller='library_admin',
147                                     library_id=self.security.encode_id( library1.id ),
148                                     folder_id=self.security.encode_id( folder1.id ),
149                                     filename=filename,
150                                     file_type='bed',
151                                     dbkey='hg18',
152                                     roles=[ str( regular_user1_private_role.id ) ],
153                                     ldda_message=ldda_message,
154                                     strings_displayed=[ 'Upload files' ] )
155        global ldda1
156        ldda1 = get_latest_ldda_by_name( filename )
157        assert ldda1 is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda1 from the database'
158        self.browse_library( 'library_admin',
159                             self.security.encode_id( library1.id ),
160                             strings_displayed=[ ldda1.name, ldda1.message, admin_user.email ] )
161    def test_030_access_ldda1_with_private_role_restriction( self ):
162        """Testing accessing ldda1 with a private role restriction"""
163        # Logged in as admin_user
164        #
165        # LIBRARY_ACCESS = Role1: admin_user, regular_user1, regular_user3.  Each of these users will be permitted for
166        # LIBRARY_ACCESS, LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on this library and it's contents.
167        #
168        # Legitimate roles displayed on the permission form are as follows:
169        # 'Role1' since the LIBRARY_ACCESS permission is associated with Role1.  # Role one members are: admin_user, regular_user1, regular_user3.
170        # 'test@bx.psu.edu' ( admin_user's private role ) since admin_user has Role1
171        # 'Role2' since admin_user has Role2
172        # 'Role Three' since admin_user has Role Three
173        # 'test1@bx.psu.edu' ( regular_user1's private role ) since regular_user1 has Role1
174        # 'test3@bx.psu.edu' ( regular_user3's private role ) since regular_user3 has Role1
175        #
176        # admin_user should not be able to see 1.bed from the analysis view's access libraries
177        self.browse_library( 'library',
178                              self.security.encode_id( library1.id ),
179                              strings_not_displayed=[ folder1.name, ldda1.name, ldda1.message ] )
180        self.logout()
181        # regular_user1 should be able to see 1.bed from the Data Libraries view
182        # since it was associated with regular_user1's private role
183        self.login( email=regular_user1.email )
184        self.browse_library( 'library',
185                              self.security.encode_id( library1.id ),
186                              strings_displayed=[ folder1.name, ldda1.name, ldda1.message ] )
187        self.logout()
188        # regular_user2 should not be to see library1 since they do not have
189        # Role1 which is associated with the LIBRARY_ACCESS permission
190        self.login( email=regular_user2.email )
191        self.browse_libraries_regular_user( strings_not_displayed=[ library1.name ] )
192        self.logout()
193        # regular_user3 should not be able to see 1.bed from the analysis view's access librarys
194        self.login( email=regular_user3.email )
195        self.browse_library( 'library',
196                             self.security.encode_id( library1.id ),
197                             strings_not_displayed=[ folder1.name ] )
198        self.logout()
199        self.login( email=admin_user.email )
200    def test_035_change_ldda1_access_permission( self ):
201        """Testing changing the access permission on ldda1 with a private role restriction"""
202        # Logged in as admin_user
203        # We need admin_user to be able to access 1.bed
204        permissions_in = [ k for k, v in galaxy.model.Dataset.permitted_actions.items() ]
205        for k, v in galaxy.model.Library.permitted_actions.items():
206            if k != 'LIBRARY_ACCESS':
207                permissions_in.append( k )
208        permissions_out = []
209        # Attempt to associate multiple roles with the library dataset, with one of the
210        # roles being private.
211        role_ids_str = '%s,%s' % ( str( role1.id ), str( admin_user_private_role.id ) )
212        check_str = "At least 1 user must have every role associated with accessing datasets.  "
213        check_str += "Since you are associating more than 1 role, no private roles are allowed."
214        self.ldda_permissions( 'library_admin',
215                                self.security.encode_id( library1.id ),
216                                self.security.encode_id( folder1.id ),
217                                self.security.encode_id( ldda1.id ),
218                                role_ids_str,
219                                permissions_in,
220                                permissions_out,
221                                strings_displayed=[ check_str ] )
222        role_ids_str = str( role1.id )
223        self.ldda_permissions( 'library_admin',
224                                self.security.encode_id( library1.id ),
225                                self.security.encode_id( folder1.id ),
226                                self.security.encode_id( ldda1.id ),
227                                role_ids_str,
228                                permissions_in,
229                                permissions_out,
230                                ldda_name=ldda1.name )
231        # admin_user should now be able to see 1.bed from the analysis view's access libraries
232        self.browse_library( 'library',
233                             self.security.encode_id( library1.id ),
234                             strings_displayed=[ ldda1.name, ldda1.message ] )
235    def test_040_create_ldda2_with_role2_associated_with_group_and_users( self ):
236        """Testing creating ldda2 with a role that is associated with a group and users"""
237        # Logged in as admin_user
238        # Add a dataset restricted by role2, which is currently associated as follows:
239        # groups: group1
240        # users: test@bx.psu.edu, test1@bx.psu.edu via group1
241        #
242        # We first need to make library1 public, but leave it's contents permissions unchanged
243        self.make_library_item_public( self.security.encode_id( library1.id ),
244                                       self.security.encode_id( library1.id ),
245                                       item_type='library',
246                                       contents=False,
247                                       library_name=library1.name )
248        refresh( library1 )
249        filename = '2.bed'
250        ldda_message = 'ldda2'
251        self.upload_library_dataset( cntrller='library_admin',
252                                     library_id=self.security.encode_id( library1.id ),
253                                     folder_id=self.security.encode_id( folder1.id ),
254                                     filename=filename,
255                                     file_type='bed',
256                                     dbkey='hg17',
257                                     roles=[ str( role2.id ) ],
258                                     ldda_message=ldda_message,
259                                     strings_displayed=[ 'Upload files' ] )
260        global ldda2
261        ldda2 = get_latest_ldda_by_name( filename )
262        assert ldda2 is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda2 from the database'
263        self.browse_library( cntrller='library',
264                             id=self.security.encode_id( library1.id ),
265                             strings_displayed=[ ldda2.name, ldda2.message, admin_user.email ] )
266    def test_045_accessing_ldda2_with_role_associated_with_group_and_users( self ):
267        """Testing accessing ldda2 with a role that is associated with a group and users"""
268        # Logged in as admin_user
269        # admin_user should be able to see 2.bed since she is associated with role2
270        self.browse_library( 'library',
271                             self.security.encode_id( library1.id ),
272                             strings_displayed=[ ldda2.name, ldda2.message, admin_user.email ] )
273        self.logout()
274        # regular_user1 should be able to see 2.bed since she is associated with group_two
275        self.login( email = regular_user1.email )
276        self.browse_library( 'library',
277                             self.security.encode_id( library1.id ),
278                             strings_displayed=[ folder1.name, ldda2.name, ldda2.message, admin_user.email ] )
279        # Check the permissions on the dataset 2.bed - they are as folows:
280        # DATASET_MANAGE_PERMISSIONS = test@bx.psu.edu
281        # DATASET_ACCESS = Role2
282        #                  Role2 associations: test@bx.psu.edu and Group2
283        #                  Group2 members: Role1, Role2, test1@bx.psu.edu
284        #                  Role1 associations: test@bx.psu.edu, test1@bx.psu.edu, test3@bx.psu.edu
285        # LIBRARY_ADD = Role1
286        #               Role1 aassociations: test@bx.psu.edu, test1@bx.psu.edu, test3@bx.psu.edu
287        # LIBRARY_MODIFY = Role1
288        #                  Role1 aassociations: test@bx.psu.edu, test1@bx.psu.edu, test3@bx.psu.edu
289        # LIBRARY_MANAGE = Role1
290        #                  Role1 aassociations: test@bx.psu.edu, test1@bx.psu.edu, test3@bx.psu.edu       
291        self.ldda_edit_info( 'library',
292                             self.security.encode_id( library1.id ),
293                             self.security.encode_id( folder1.id ),
294                             self.security.encode_id( ldda2.id ),
295                             ldda2.name,
296                             strings_displayed=[ '2.bed',
297                                                 'This is the latest version of this library dataset',
298                                                 'Edit attributes of 2.bed' ] )
299        self.act_on_multiple_datasets( 'library',
300                                       self.security.encode_id( library1.id ),
301                                       'import_to_history',
302                                       ldda_ids=self.security.encode_id( ldda2.id ),
303                                       strings_displayed=[ '1 dataset(s) have been imported into your history' ] )
304        self.logout()
305        # regular_user2 should not be able to see ldda2
306        self.login( email=regular_user2.email )
307        self.browse_library( 'library',
308                             self.security.encode_id( library1.id ),
309                             strings_not_displayed=[ folder1.name, ldda2.name, ldda2.message ] )
310       
311        self.logout()
312        # regular_user3 should not be able to see ldda2
313        self.login( email=regular_user3.email )
314        self.browse_library( 'library',
315                             self.security.encode_id( library1.id ),
316                             strings_displayed=[ folder1.name ],
317                             strings_not_displayed=[ ldda2.name, ldda2.message ] )
318        self.logout()
319        self.login( email=admin_user.email )
320        # Now makse ldda2 publicly accessible
321        self.make_library_item_public( self.security.encode_id( library1.id ),
322                                       self.security.encode_id( ldda2.id ),
323                                       item_type='ldda',
324                                       ldda_name=ldda2.name )
325        self.logout()
326        # regular_user2 should now be able to see ldda2
327        self.login( email=regular_user2.email )
328        self.browse_library( 'library',
329                             self.security.encode_id( library1.id ),
330                             strings_displayed=[ folder1.name, ldda2.name, ldda2.message ] )
331        self.logout()
332        self.login( email=admin_user.email )
333        # Now make folder1 publicly acessible
334        self.make_library_item_public( self.security.encode_id( library1.id ),
335                                       self.security.encode_id( folder1.id ),
336                                       item_type='folder',
337                                       folder_name=folder1.name )
338        self.logout()
339        # regular_user3 should now be able to see ldda1
340        self.login( email=regular_user3.email )
341        self.browse_library( 'library',
342                             self.security.encode_id( library1.id ),
343                             strings_displayed=[ folder1.name, ldda1.name, ldda1.message ] )
344        self.logout()
345        self.login( email=admin_user.email )
346    def test_050_upload_directory_of_files_from_admin_view( self ):
347        """Testing uploading a directory of files to library1 from the Admin view"""
348        # logged in as admin_user
349        ldda_message = 'This is a test for uploading a directory of files'
350        self.upload_library_dataset( cntrller='library_admin',
351                                     library_id=self.security.encode_id( library1.id ),
352                                     folder_id=self.security.encode_id( library1.root_folder.id ),
353                                     upload_option='upload_directory',
354                                     server_dir='library',
355                                     ldda_message=ldda_message,
356                                     strings_displayed=[ "Upload a directory of files" ] )
357        self.browse_library( 'library_admin',
358                             self.security.encode_id( library1.id ),
359                             strings_displayed=[ admin_user.email, ldda_message ] )
360    def test_055_change_permissions_on_datasets_uploaded_from_library_dir( self ):
361        """Testing changing the permissions on datasets uploaded from a directory from the Admin view"""
362        # logged in as admin_user
363        # It would be nice if twill functioned such that the above test resulted in a
364        # form with the uploaded datasets selected, but it does not ( they're not checked ),
365        # so we'll have to simulate this behavior ( not ideal ) for the 'edit' action.  We
366        # first need to get the ldda.id for the 3 new datasets
367        latest_3_lddas = get_latest_lddas( 3 )
368        ldda_ids = ''
369        for ldda in latest_3_lddas:
370            ldda_ids += '%s,' % self.security.encode_id( ldda.id )
371        ldda_ids = ldda_ids.rstrip( ',' )
372        # Set permissions
373        self.ldda_permissions( 'library_admin',
374                               self.security.encode_id( library1.id ),
375                               self.security.encode_id( folder1.id ),
376                               ldda_ids,
377                               str( role1.id ),
378                               permissions_in=[ 'DATASET_ACCESS', 'LIBRARY_MANAGE' ],
379                               strings_displayed=[ 'Permissions updated for 3 datasets.' ] )
380        # Make sure the permissions have been correctly updated for the 3 datasets.  Permissions should
381        # be all of the above on any of the 3 datasets that are imported into a history.
382        def check_edit_page( lddas, strings_displayed=[], strings_not_displayed=[] ):
383            for ldda in lddas:
384                # Import each library dataset into our history
385                self.act_on_multiple_datasets( 'library',
386                                               self.security.encode_id( library1.id ),
387                                               'import_to_history',
388                                               ldda_ids=self.security.encode_id( ldda.id ) )
389                # Determine the new HistoryDatasetAssociation id created when the library dataset was imported into our history
390                last_hda_created = get_latest_hda()           
391                self.edit_hda_attribute_info( str( last_hda_created.id ),
392                                              strings_displayed=strings_displayed )
393        # admin_user is associated with role1, so should have all permissions on imported datasets
394        check_edit_page( latest_3_lddas,
395                         strings_displayed=[ 'Manage dataset permissions on',
396                                           'Role members can manage the roles associated with permissions on this dataset',
397                                           'Role members can import this dataset into their history for analysis' ] )
398        self.logout()
399        # regular_user1 is associated with role1, so should have all permissions on imported datasets
400        self.login( email=regular_user1.email )
401        check_edit_page( latest_3_lddas )
402        self.logout()
403        # Since regular_user2 is not associated with role1, she should not have
404        # access to any of the 3 datasets, so she will not see folder1 on the libraries page
405        self.login( email=regular_user2.email )       
406        self.browse_library( 'library',
407                             self.security.encode_id( library1.id ),
408                             strings_not_displayed=[ folder1.name ] )
409        self.logout()
410        # regular_user3 is associated with role1, so should have all permissions on imported datasets
411        self.login( email=regular_user3.email )
412        check_edit_page( latest_3_lddas )
413        self.logout()
414        self.login( email=admin_user.email )
415        # Change the permissions and test again
416        self.ldda_permissions( 'library_admin',
417                               self.security.encode_id( library1.id ),
418                               self.security.encode_id( folder1.id ),
419                               ldda_ids,
420                               str( role1.id ),
421                               permissions_in=[ 'DATASET_ACCESS' ],
422                               strings_displayed=[ 'Permissions updated for 3 datasets.' ] )
423        check_edit_page( latest_3_lddas,
424                         strings_displayed=[ 'View Permissions' ],
425                         strings_not_displayed=[ 'Manage dataset permissions on',
426                                                 'Role members can manage roles associated with permissions on this library item',
427                                                 'Role members can import this dataset into their history for analysis' ] )
428    def test_060_restrict_access_to_library2( self ):
429        """Testing restricting access to library2"""
430        # Logged in as admin_user
431        # Make sure library2 is public
432        assert 'access library' not in [ a.action for a in library2.actions ], 'Library %s is not public when first created' % library2.name
433        # Set permissions on the library2
434        permissions_in = [ k for k, v in galaxy.model.Library.permitted_actions.items() ]
435        permissions_out = []
436        # Only admin_user will be permitted for
437        # LIBRARY_ACCESS, LIBRARY_ADD, LIBRARY_MODIFY, LIBRARY_MANAGE on library2 and it's contents.
438        self.library_permissions( self.security.encode_id( library1.id ),
439                                  library1.name,
440                                  str( admin_user_private_role.id ),
441                                  permissions_in,
442                                  permissions_out )
443        # Make sure library2 is not accessible by regular_user2.
444        self.logout()
445        self.login( email=regular_user2.email )
446        self.visit_url( '%s/library/browse_libraries' % self.url )
447        try:
448            self.check_page_for_string( library2.name )
449            raise AssertionError, 'Library %s is accessible by %s when it should be restricted' % ( library2.name, regular_user2.email )
450        except:
451            pass
452        self.logout()
453        self.login( email=admin_user.email )
454    def test_065_create_ldda6( self ):
455        """Testing create ldda6, restricting access on upload form to admin_user's private role"""
456        filename = '6.bed'
457        ldda_message = 'ldda6'
458        self.upload_library_dataset( cntrller='library_admin',
459                                     library_id=self.security.encode_id( library2.id ),
460                                     folder_id=self.security.encode_id( library2.root_folder.id ),
461                                     filename=filename,
462                                     file_type='bed',
463                                     dbkey='hg18',
464                                     roles=[ str( admin_user_private_role.id ) ],
465                                     ldda_message=ldda_message,
466                                     strings_displayed=[ 'Upload files' ] )
467        global ldda6
468        ldda6 = get_latest_ldda_by_name( filename )
469        assert ldda6 is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda6 from the database'
470    def test_070_add_folder2_to_library2( self ):
471        """Testing adding folder2 to a library2"""
472        # logged in as admin_user
473        root_folder = library2.root_folder
474        name = "Folder2"
475        description = "Folder2 description"
476        self.add_folder( 'library_admin',
477                         self.security.encode_id( library2.id ),
478                         self.security.encode_id( root_folder.id ),
479                         name=name,
480                         description=description )
481        global folder2
482        folder2 = get_folder( root_folder.id, name, description )
483        assert folder2 is not None, 'Problem retrieving folder2 from the database'
484    def test_075_create_ldda7( self ):
485        """Testing create ldda7, restricting access on upload form to admin_user's private role"""
486        filename = '7.bed'
487        ldda_message = 'ldda7'
488        self.upload_library_dataset( cntrller='library_admin',
489                                     library_id=self.security.encode_id( library2.id ),
490                                     folder_id=self.security.encode_id( folder2.id ),
491                                     filename=filename,
492                                     file_type='bed',
493                                     dbkey='hg18',
494                                     roles=[ str( admin_user_private_role.id ) ],
495                                     ldda_message=ldda_message,
496                                     strings_displayed=[ 'Upload files' ] )
497        global ldda7
498        ldda7 = get_latest_ldda_by_name( filename )
499        assert ldda7 is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda7 from the database'
500    def test_080_add_subfolder2_to_folder2( self ):
501        """Testing adding subfolder2 to a folder2"""
502        # logged in as admin_user
503        name = "Subfolder2"
504        description = "Subfolder2 description"
505        self.add_folder( 'library_admin',
506                         self.security.encode_id( library2.id ),
507                         self.security.encode_id( folder2.id ),
508                         name=name,
509                         description=description )
510        global subfolder2
511        subfolder2 = get_folder( folder2.id, name, description )
512        assert subfolder2 is not None, 'Problem retrieving subfolder2 from the database'
513    def test_085_create_ldda8( self ):
514        """Testing create ldda8, restricting access on upload form to admin_user's private role"""
515        filename = '8.bed'
516        ldda_message = 'ldda8'
517        self.upload_library_dataset( cntrller='library_admin',
518                                     library_id=self.security.encode_id( library2.id ),
519                                     folder_id=self.security.encode_id( subfolder2.id ),
520                                     filename=filename,
521                                     file_type='bed',
522                                     dbkey='hg18',
523                                     roles=[ str( admin_user_private_role.id ) ],
524                                     ldda_message=ldda_message,
525                                     strings_displayed=[ 'Upload files' ] )
526        global ldda8
527        ldda8 = get_latest_ldda_by_name( filename )
528        assert ldda8 is not None, 'Problem retrieving LibraryDatasetDatasetAssociation ldda8 from the database'
529    def test_090_make_library2_and_contents_public( self ):
530        """Testing making library2 and all of it's contents public"""
531        self.make_library_item_public( self.security.encode_id( library2.id ),
532                                       self.security.encode_id( library2.id ),
533                                       item_type='library',
534                                       contents=True,
535                                       library_name=library2.name )
536        # Make sure library2 is now accessible by regular_user2
537        self.logout()
538        self.login( email=regular_user2.email )
539        self.visit_url( '%s/library/browse_libraries' % self.url )
540        self.check_page_for_string( library2.name )
541        self.browse_library( 'library',
542                             self.security.encode_id( library2.id ),
543                             strings_displayed=[ ldda6.name, ldda6.message, ldda7.name, ldda7.message, ldda8.name, ldda8.message ] )
544    def test_999_reset_data_for_later_test_runs( self ):
545        """Reseting data to enable later test runs to pass"""
546        # Logged in as regular_user2
547        self.logout()
548        self.login( email=admin_user.email )
549        ##################
550        # Purge all libraries
551        ##################
552        for library in [ library1, library2 ]:
553            self.delete_library_item( 'library_admin',
554                                      self.security.encode_id( library.id ),
555                                      self.security.encode_id( library.id ),
556                                      library.name,
557                                      item_type='library' )
558            self.purge_library( self.security.encode_id( library.id ), library.name )
559        ##################
560        # Eliminate all non-private roles
561        ##################
562        for role in [ role1, role2 ]:
563            self.mark_role_deleted( self.security.encode_id( role.id ), role.name )
564            self.purge_role( self.security.encode_id( role.id ), role.name )
565            # Manually delete the role from the database
566            refresh( role )
567            sa_session.delete( role )
568            sa_session.flush()
569        ##################
570        # Eliminate all groups
571        ##################
572        for group in [ group1 ]:
573            self.mark_group_deleted( self.security.encode_id( group.id ), group.name )
574            self.purge_group( self.security.encode_id( group.id ), group.name )
575            # Manually delete the group from the database
576            refresh( group )
577            sa_session.delete( group )
578            sa_session.flush()
579        ##################
580        # Make sure all users are associated only with their private roles
581        ##################
582        for user in [ admin_user, regular_user1, regular_user2, regular_user3 ]:
583            refresh( user )
584            if len( user.roles) != 1:
585                raise AssertionError( '%d UserRoleAssociations are associated with %s ( should be 1 )' % ( len( user.roles ), user.email ) )
Note: リポジトリブラウザについてのヘルプは TracBrowser を参照してください。