663 |
663 |
upload = PicklableUpload('test.txt', 'text/plain', 'ascii')
|
664 |
664 |
upload.receive(['base64me'])
|
665 |
665 |
formdata.data = {'0': 'FOO BAR %d' % i, '2': upload}
|
|
666 |
formdata.user_id = local_user.id
|
666 |
667 |
if i%4 == 0:
|
667 |
668 |
formdata.data['1'] = 'foo'
|
668 |
669 |
formdata.data['1_display'] = 'foo'
|
... | ... | |
699 |
700 |
assert 'receipt_time' in resp.json[0]
|
700 |
701 |
assert 'fields' in resp.json[0]
|
701 |
702 |
assert 'file' not in resp.json[0]['fields'] # no file export in full lists
|
|
703 |
assert 'user' in resp.json[0]
|
702 |
704 |
|
703 |
705 |
# check filtered results
|
704 |
706 |
resp = get_app(pub).get(sign_uri('/api/forms/test/list?filter-foobar3=foo', user=local_user))
|
... | ... | |
716 |
718 |
resp = get_app(pub).get(sign_uri('/api/forms/test/list?filter=all', user=local_user))
|
717 |
719 |
assert len(resp.json) == 30
|
718 |
720 |
|
|
721 |
def test_api_anonymized_formdata(pub, local_user):
|
|
722 |
Role.wipe()
|
|
723 |
role = Role(name='test')
|
|
724 |
role.store()
|
|
725 |
|
|
726 |
FormDef.wipe()
|
|
727 |
formdef = FormDef()
|
|
728 |
formdef.name = 'test'
|
|
729 |
formdef.workflow_roles = {'_receiver': role.id}
|
|
730 |
formdef.fields = [
|
|
731 |
fields.StringField(id='0', label='foobar', varname='foobar'),
|
|
732 |
fields.ItemField(id='1', label='foobar3', varname='foobar3', type='item',
|
|
733 |
items=['foo', 'bar', 'baz']),
|
|
734 |
fields.FileField(id='2', label='foobar4', varname='file'),
|
|
735 |
]
|
|
736 |
formdef.store()
|
|
737 |
|
|
738 |
data_class = formdef.data_class()
|
|
739 |
data_class.wipe()
|
|
740 |
|
|
741 |
for i in range(30):
|
|
742 |
formdata = data_class()
|
|
743 |
date = time.strptime('2014-01-20', '%Y-%m-%d')
|
|
744 |
upload = PicklableUpload('test.txt', 'text/plain', 'ascii')
|
|
745 |
upload.receive(['base64me'])
|
|
746 |
formdata.data = {'0': 'FOO BAR %d' % i, '2': upload}
|
|
747 |
formdata.user_id = local_user.id
|
|
748 |
if i%4 == 0:
|
|
749 |
formdata.data['1'] = 'foo'
|
|
750 |
formdata.data['1_display'] = 'foo'
|
|
751 |
elif i%4 == 1:
|
|
752 |
formdata.data['1'] = 'bar'
|
|
753 |
formdata.data['1_display'] = 'bar'
|
|
754 |
else:
|
|
755 |
formdata.data['1'] = 'baz'
|
|
756 |
formdata.data['1_display'] = 'baz'
|
|
757 |
|
|
758 |
formdata.just_created()
|
|
759 |
if i%3 == 0:
|
|
760 |
formdata.jump_status('new')
|
|
761 |
else:
|
|
762 |
formdata.jump_status('finished')
|
|
763 |
formdata.store()
|
|
764 |
|
|
765 |
# check access is granted even if the user has not the appropriate role
|
|
766 |
resp = get_app(pub).get(sign_uri('/api/forms/test/anonymized', user=local_user))
|
|
767 |
assert len(resp.json) == 30
|
|
768 |
assert 'receipt_time' in resp.json[0]
|
|
769 |
assert 'fields' in resp.json[0]
|
|
770 |
assert 'user' not in resp.json[0]
|
|
771 |
assert 'file' not in resp.json[0]['fields'] # no file export in full lists
|
|
772 |
assert 'foobar3' in resp.json[0]['fields']
|
|
773 |
assert 'foobar' not in resp.json[0]['fields']
|
|
774 |
|
|
775 |
# check access is granted event if there is no user
|
|
776 |
resp = get_app(pub).get(sign_uri('/api/forms/test/anonymized'))
|
|
777 |
assert len(resp.json) == 30
|
|
778 |
assert 'receipt_time' in resp.json[0]
|
|
779 |
assert 'fields' in resp.json[0]
|
|
780 |
assert 'user' not in resp.json[0]
|
|
781 |
assert 'file' not in resp.json[0]['fields'] # no file export in full lists
|
|
782 |
assert 'foobar3' in resp.json[0]['fields']
|
|
783 |
assert 'foobar' not in resp.json[0]['fields']
|
|
784 |
|
719 |
785 |
def test_roles(pub, local_user):
|
720 |
786 |
Role.wipe()
|
721 |
787 |
role = Role(name='Hello World')
|