2.4.0 fix multisite not all sites

rdmo/core/managers.py

@@ -1,13 +1,17 @@
 from django.conf import settings
 from django.db import models
+from django.db.models import Q
 
 from .constants import PERMISSIONS
 
 
 class CurrentSiteQuerySetMixin:
 
     def filter_current_site(self):
-        return self.filter(models.Q(sites=None) | models.Q(sites=settings.SITE_ID))
+        if settings.MULTISITE:
+            return self.filter(sites=settings.SITE_ID)
+        else:
+            return self.filter(models.Q(sites=None) | models.Q(sites=settings.SITE_ID))
 
 
 class GroupsQuerySetMixin:
@@ -20,15 +24,33 @@ def filter_group(self, user):
 class AvailabilityQuerySetMixin:
 
     def filter_availability(self, user):
-        model = str(self.model._meta)
-        permissions = PERMISSIONS[model]
-
-        if user.has_perms(permissions):
+        if user.has_perms(PERMISSIONS[self.model._meta.label_lower]):
             return self
         else:
             return self.filter(available=True)
 
 
+class ForGroupsQuerySetMixin:
+
+    def filter_for_groups(self, groups):
+        return self.filter(Q(groups=None) | Q(groups__in=groups))
+
+
+class ForSiteQuerySetMixin:
+
+    def filter_for_site(self, site):
+        if settings.MULTISITE:
+            return self.filter(sites=site)
+        else:
+            return self.filter(Q(sites=None) | Q(sites=site))
+
+
+class ForCatalogQuerySetMixin:
+
+    def filter_for_catalog(self, catalog):
+        return self.filter(models.Q(catalogs=None) | models.Q(catalogs=catalog))
+
+
 class CurrentSiteManagerMixin:
 
     def filter_current_site(self):

rdmo/management/managers.py

@@ -0,0 +1,32 @@
+
+from django.db.models import QuerySet
+
+from rdmo.core.managers import (
+    AvailabilityQuerySetMixin,
+    ForCatalogQuerySetMixin,
+    ForGroupsQuerySetMixin,
+    ForSiteQuerySetMixin,
+)
+
+
+class ForProjectQuerySet(ForSiteQuerySetMixin, ForGroupsQuerySetMixin, ForCatalogQuerySetMixin,
+                         AvailabilityQuerySetMixin, QuerySet):
+
+    def filter_for_project(self, project, user=None):
+        qs = (
+            self.filter_for_site(project.site)
+            .filter_for_catalog(project.catalog)
+            .filter_for_groups(project.groups)
+        )
+        if user is not None:
+            return qs.filter_availability(user)
+        else:
+            return qs.filter(available=True)
+
+class ForProjectManagerMixin:
+
+    def get_queryset(self):
+        return ForProjectQuerySet(self.model, using=self._db)
+
+    def filter_for_project(self, project, user=None):
+        return self.get_queryset().filter_for_project(project, user=user)

rdmo/projects/imports.py

@@ -106,10 +106,7 @@ def process(self):
         if self.current_project is None:
             catalog_uri = get_uri(self.root.find('catalog'), self.ns_map)
 
-            available_catalogs = Catalog.objects.filter_current_site() \
-                                                .filter_group(self.request.user) \
-                                                .filter_availability(self.request.user) \
-                                                .order_by('order')
+            available_catalogs = Catalog.objects.filter_for_user(self.request.user)
 
             try:
                 self.catalog = available_catalogs.get(uri=catalog_uri)

rdmo/projects/serializers/v1/__init__.py

@@ -53,10 +53,7 @@ class ProjectSerializer(serializers.ModelSerializer):
     class CatalogField(serializers.PrimaryKeyRelatedField):
 
         def get_queryset(self):
-            return Catalog.objects.filter_current_site() \
-                                  .filter_group(self.context['request'].user) \
-                                  .filter_availability(self.context['request'].user) \
-                                  .order_by('-available', 'order')
+            return Catalog.objects.filter_for_user(self.context['request'].user)
 
     class ParentField(serializers.PrimaryKeyRelatedField):
 

rdmo/projects/tests/conftest.py

@@ -2,6 +2,12 @@
 
 from django.apps import apps
 
+from .helpers.project_catalog import clear_sites_from_other_catalogs  # noqa: F401
+
+
+@pytest.fixture
+def enable_multisite(settings):
+    settings.MULTISITE = True
 
 @pytest.fixture
 def enable_project_views_sync(settings):

rdmo/projects/tests/helpers/project_catalog.py

@@ -0,0 +1,15 @@
+import pytest
+
+from rdmo.questions.models import Catalog
+
+
+@pytest.fixture
+def clear_sites_from_other_catalogs(settings):
+    # arrange, remove sites from the other catalogs
+    # for 'list': 'v1-projects:catalog-list'
+    # in non-multisite, they should appear
+    # however, in a multisite they should not appear
+    other_catalogs = Catalog.objects.exclude(sites=settings.SITE_ID)
+    assert set(other_catalogs.values_list('id',flat=True)) == {3,4}
+    for catalog in other_catalogs:
+        catalog.sites.clear()

rdmo/projects/tests/test_view_membership_multisite.py

@@ -32,16 +32,11 @@
 sites_domains = ('example.com', 'foo.com', 'bar.com')
 
 
-@pytest.fixture
-def _multisite(settings):
-    settings.MULTISITE = True
-
-
 @pytest.mark.parametrize('username,password', users)
 @pytest.mark.parametrize('project_id', projects)
 @pytest.mark.parametrize('membership_role', membership_roles)
 @pytest.mark.parametrize('site_domain', sites_domains)
-@pytest.mark.usefixtures("_multisite")
+@pytest.mark.usefixtures("enable_multisite")
 def test_get_invite_email_project_path_function(db, client, username, password, project_id,
                                                 membership_role, site_domain):
     client.login(username=username, password=password)
@@ -70,7 +65,7 @@ def test_get_invite_email_project_path_function(db, client, username, password,
 @pytest.mark.parametrize('project_id', projects)
 @pytest.mark.parametrize('membership_role', membership_roles)
 @pytest.mark.parametrize('site_domain', sites_domains)
-@pytest.mark.usefixtures("_multisite")
+@pytest.mark.usefixtures("enable_multisite")
 def test_invite_email_project_path_email_body(db, client, username, password, project_id,
                                               membership_role, site_domain):
     client.login(username=username, password=password)

rdmo/projects/tests/test_viewset_catalog.py

@@ -1,10 +1,7 @@
 import pytest
 
-from django.contrib.sites.models import Site
 from django.urls import reverse
 
-from rdmo.questions.models import Catalog
-
 users = (
     ('owner', 'owner'),
     ('manager', 'manager'),
@@ -16,13 +13,23 @@
     ('anonymous', None),
 )
 
+view_project_catalog_permission_map = {  # id, available
+    'owner': [(1, True)],
+    'manager': [(1, True)],
+    'author': [(1, True)],
+    'guest': [(1, True)],
+    'user': [(1, True)],
+    'editor': [(1, True)],
+    'reviewer': [(1, True)],
+    'api': [(1, True),(2, False)],
+    'site': [(1, True)]
+}
+
 urlnames = {
     'list': 'v1-projects:catalog-list',
-    'user': 'v1-projects:catalog-user'
 }
 
-catalog_id = 1
-
+other_sites_catalogs = [(3, True), (4, True)]
 
 @pytest.mark.parametrize('username,password', users)
 def test_list(db, client, username, password):
@@ -33,13 +40,30 @@ def test_list(db, client, username, password):
 
     if password:
         assert response.status_code == 200
-        assert isinstance(response.json(), list)
-
         data = response.json()
-        site = Site.objects.get_current()
-        catalogs = Catalog.objects.filter(sites=site)
+        assert isinstance(data, list)
+        assert view_project_catalog_permission_map[username] == [(i['id'],i['available']) for i in data]
+    else:
+        assert response.status_code == 401
 
-        assert {c['id'] for c in data} == {c.id for c in catalogs}
-        assert {c['available'] for c in data} == {c.available for c in catalogs}
+
+@pytest.mark.parametrize('username,password', users)
+def test_list_with_cleared_sites(db, client, clear_sites_from_other_catalogs, username, password):
+    client.login(username=username, password=password)
+
+    url = reverse(urlnames['list'])
+    response = client.get(url)
+
+    if password:
+        assert response.status_code == 200
+        data = response.json()
+        assert isinstance(data, list)
+        catalogs = view_project_catalog_permission_map[username] + other_sites_catalogs
+        if any(not available for _id,available in catalogs):  # api sees an available=False catalog
+            catalogs = sorted(
+                catalogs,
+                key=lambda i: (not i[1], i[0]),
+            )
+        assert catalogs == [(i['id'],i['available']) for i in data]
     else:
         assert response.status_code == 401

rdmo/projects/tests/test_viewset_catalog_multisite.py

@@ -0,0 +1,71 @@
+import pytest
+
+from django.urls import reverse
+
+users = (
+    ('owner', 'owner'),
+    ('manager', 'manager'),
+    ('author', 'author'),
+    ('guest', 'guest'),
+    ('api', 'api'),
+    ('user', 'user'),
+    ('site', 'site'),
+    ('anonymous', None),
+    ('foo-user','foo-user'),
+    ('foo-editor', 'foo-editor'),
+    ('bar-user','bar-user'),
+    ('bar-editor', 'bar-editor'),
+)
+
+view_project_catalog_permission_map = {  # id, available
+    'owner': [(1, True)],
+    'manager': [(1, True)],
+    'author': [(1, True)],
+    'guest': [(1, True)],
+    'user': [(1, True)],
+    'editor': [(1, True)],
+    'reviewer': [(1, True)],
+    'api': [(1, True),(2, False)],
+    'site': [(1, True)],
+    'foo-user': [(1, True)],
+    'foo-editor': [(1, True)],
+    'bar-user': [(1, True)],
+    'bar-editor': [(1, True)],
+}
+
+urlnames = {
+    'list': 'v1-projects:catalog-list',
+}
+
+
+@pytest.mark.parametrize('username,password', users)
+def test_list(db, settings, enable_multisite, client, username, password):
+    client.login(username=username, password=password)
+
+    url = reverse(urlnames['list'])
+    response = client.get(url)
+
+    if password:
+        assert response.status_code == 200
+        data = response.json()
+        assert isinstance(data, list)
+        assert view_project_catalog_permission_map[username] == [(i['id'],i['available']) for i in data]
+    else:
+        assert response.status_code == 401
+
+
+@pytest.mark.parametrize('username,password', users)
+def test_list_with_cleared_sites(db, settings, enable_multisite, clear_sites_from_other_catalogs,
+                                 client, username, password):
+    client.login(username=username, password=password)
+
+    url = reverse(urlnames['list'])
+    response = client.get(url)
+
+    if password:
+        assert response.status_code == 200
+        data = response.json()
+        assert isinstance(data, list)
+        assert view_project_catalog_permission_map[username] == [(i['id'],i['available']) for i in data]
+    else:
+        assert response.status_code == 401

rdmo/projects/views/project.py

@@ -60,31 +60,19 @@ def get_context_data(self, **kwargs):
             memberships = memberships.prefetch_related('user__socialaccount_set')
 
         integrations = Integration.objects.filter(project__in=ancestors)
-        context['catalogs'] = Catalog.objects.filter_current_site() \
-                                             .filter_group(self.request.user) \
-                                             .filter_availability(self.request.user)
+        context['catalogs'] = Catalog.objects.filter_for_user(self.request.user)
 
         if settings.PROJECT_TASKS_SYNC:
             # tasks should be synced, the user can not change them
             context['tasks_available'] = project.tasks.exists()
         else:
-            context['tasks_available'] = (
-                Task.objects
-                    .filter_for_project(project)
-                    .filter_availability(self.request.user)
-                    .exists()
-            )
+            context['tasks_available'] = Task.objects.filter_for_project(project, user=self.request.user).exists()
 
         if settings.PROJECT_VIEWS_SYNC:
             # views should be synced, the user can not change them
             context['views_available'] = project.views.exists()
         else:
-            context['views_available'] = (
-                View.objects
-                    .filter_for_project(project)
-                    .filter_availability(self.request.user)
-                    .exists()
-            )
+            context['views_available'] = View.objects.filter_for_project(project, user=self.request.user).exists()
 
         ancestors_import = []
         for instance in ancestors.exclude(id=project.id):

rdmo/projects/views/project_copy.py

@@ -21,10 +21,7 @@ class ProjectCopyView(ObjectPermissionMixin, RedirectViewMixin, UpdateView):
     permission_required = ('projects.add_project', 'projects.view_project_object')
 
     def get_form_kwargs(self):
-        catalogs = Catalog.objects.filter_current_site() \
-                                  .filter_group(self.request.user) \
-                                  .filter_availability(self.request.user) \
-                                  .order_by('-available', 'order')
+        catalogs = Catalog.objects.filter_for_user(self.request.user)
         projects = Project.objects.filter_user(self.request.user)
 
         form_kwargs = super().get_form_kwargs()

rdmo/projects/views/project_create.py

@@ -25,10 +25,7 @@ class ProjectCreateView(ObjectPermissionMixin, LoginRequiredMixin,
     permission_required = 'projects.add_project'
 
     def get_form_kwargs(self):
-        catalogs = Catalog.objects.filter_current_site() \
-                                  .filter_group(self.request.user) \
-                                  .filter_availability(self.request.user) \
-                                  .order_by('-available', 'order')
+        catalogs = Catalog.objects.filter_for_user(self.request.user)
         projects = Project.objects.filter_user(self.request.user)
 
         form_kwargs = super().get_form_kwargs()
@@ -51,13 +48,13 @@ def form_valid(self, form):
 
         # add all tasks to project
         if not settings.PROJECT_TASKS_SYNC:
-            tasks = Task.objects.filter_for_project(form.instance).filter_availability(self.request.user)
+            tasks = Task.objects.filter_for_project(form.instance, user=self.request.user)
             for task in tasks:
                 form.instance.tasks.add(task)
 
         # add all views to project
         if not settings.PROJECT_VIEWS_SYNC:
-            views = View.objects.filter_for_project(form.instance).filter_availability(self.request.user)
+            views = View.objects.filter_for_project(form.instance, user=self.request.user)
             for view in views:
                 form.instance.views.add(view)