Compare commits
36 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| 87771587e8 | |||
| 48c312c1e6 | |||
| d5d4d1a6d0 | |||
| 0ee4fdcd53 | |||
| a16649076a | |||
| 2c6becec97 | |||
| a0433b30ff | |||
| ba9541bd29 | |||
| 5632c868c2 | |||
| 40452d6fbb | |||
| 59f5314116 | |||
| 7b57b2f5ea | |||
| 5b413f7a7f | |||
| ec74630c3e | |||
| c9f9dd8144 | |||
| a32e636f27 | |||
| 154dc91dff | |||
| 87a836a5c2 | |||
| 2b436f40fb | |||
| 432b8ecc22 | |||
| 25e68535e8 | |||
| d63d5f1464 | |||
| fbc0c0d86c | |||
| e67e261208 | |||
| 175d80db16 | |||
| f8b8390758 | |||
| a1463e0a10 | |||
| 0b555eed9f | |||
| 1bf810d596 | |||
| 48e1370ba3 | |||
| b13571c6df | |||
| a2a63cd13e | |||
| 3ebb62d786 | |||
| 0caee61d86 | |||
| 10a319881d | |||
| 26620f3471 |
@@ -21,10 +21,10 @@ jobs:
|
||||
shell: bash
|
||||
run: |
|
||||
set -e
|
||||
HELMFILE=src/helm/helmfile.yaml
|
||||
HELMFILE=src/helm/helmfile.yaml.gotmpl
|
||||
environments=$(awk 'BEGIN {in_env=0} /^environments:/ {in_env=1; next} /^---/ {in_env=0} in_env && /^ [^ ]/ {gsub(/^ /,""); gsub(/:.*$/,""); print}' "$HELMFILE")
|
||||
for env in $environments; do
|
||||
echo "################### $env lint ###################"
|
||||
helmfile -e $env -f $HELMFILE lint || exit 1
|
||||
helmfile -e $env lint -f $HELMFILE || exit 1
|
||||
echo -e "\n"
|
||||
done
|
||||
done
|
||||
|
||||
@@ -43,6 +43,10 @@ venv.bak/
|
||||
env.d/development/*.local
|
||||
env.d/terraform
|
||||
|
||||
# Docker
|
||||
compose.override.yml
|
||||
docker/auth/*.local
|
||||
|
||||
# npm
|
||||
node_modules
|
||||
|
||||
|
||||
@@ -6,6 +6,11 @@ and this project adheres to
|
||||
|
||||
## [Unreleased]
|
||||
|
||||
### Fixed
|
||||
|
||||
- ♿(frontend) improve accessibility:
|
||||
- ♿(frontend) improve share modal button accessibility #1626
|
||||
|
||||
## [3.10.0] - 2025-11-18
|
||||
|
||||
### Added
|
||||
@@ -35,6 +40,7 @@ and this project adheres to
|
||||
### Security
|
||||
|
||||
- mitigate role escalation in the ask_for_access viewset #1580
|
||||
- 🐛(frontend) preserve left panel width on window resize #1588
|
||||
|
||||
### Removed
|
||||
|
||||
@@ -48,6 +54,7 @@ and this project adheres to
|
||||
- ✨(frontend) create skeleton component for DocEditor #1491
|
||||
- ✨(frontend) add an EmojiPicker in the document tree and title #1381
|
||||
- ✨(frontend) ajustable left panel #1456
|
||||
- ✨ Add comments feature to the editor #1330
|
||||
|
||||
### Changed
|
||||
|
||||
@@ -116,6 +123,9 @@ and this project adheres to
|
||||
- ♿ update labels and shared document icon accessibility #1442
|
||||
- 🍱(frontend) Fonts GDPR compliants #1453
|
||||
- ♻️(service-worker) improve SW registration and update handling #1473
|
||||
- ✨(backend) add async indexation of documents on save (or access save) #1276
|
||||
- ✨(backend) add debounce mechanism to limit indexation jobs #1276
|
||||
- ✨(api) add API route to search for indexed documents in Find #1276
|
||||
|
||||
### Fixed
|
||||
|
||||
@@ -176,6 +186,7 @@ and this project adheres to
|
||||
|
||||
### Added
|
||||
|
||||
- ✨(backend) Comments on text editor #1309
|
||||
- 👷(CI) add bundle size check job #1268
|
||||
- ✨(frontend) use title first emoji as doc icon in tree #1289
|
||||
|
||||
|
||||
@@ -247,6 +247,10 @@ demo: ## flush db then create a demo for load testing purpose
|
||||
@$(MANAGE) create_demo
|
||||
.PHONY: demo
|
||||
|
||||
index: ## index all documents to remote search
|
||||
@$(MANAGE) index
|
||||
.PHONY: index
|
||||
|
||||
# Nota bene: Black should come after isort just in case they don't agree...
|
||||
lint: ## lint back-end python sources
|
||||
lint: \
|
||||
|
||||
Executable
+6
@@ -0,0 +1,6 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# shellcheck source=bin/_config.sh
|
||||
source "$(dirname "${BASH_SOURCE[0]}")/_config.sh"
|
||||
|
||||
_dc_run app-dev python -c 'from cryptography.fernet import Fernet;import sys; sys.stdout.write("\n" + Fernet.generate_key().decode() + "\n");'
|
||||
+18
@@ -72,6 +72,11 @@ services:
|
||||
- env.d/development/postgresql.local
|
||||
ports:
|
||||
- "8071:8000"
|
||||
networks:
|
||||
default: {}
|
||||
lasuite:
|
||||
aliases:
|
||||
- impress
|
||||
volumes:
|
||||
- ./src/backend:/app
|
||||
- ./data/static:/data/static
|
||||
@@ -92,6 +97,9 @@ services:
|
||||
command: ["celery", "-A", "impress.celery_app", "worker", "-l", "DEBUG"]
|
||||
environment:
|
||||
- DJANGO_CONFIGURATION=Development
|
||||
networks:
|
||||
- default
|
||||
- lasuite
|
||||
env_file:
|
||||
- env.d/development/common
|
||||
- env.d/development/common.local
|
||||
@@ -107,6 +115,11 @@ services:
|
||||
image: nginx:1.25
|
||||
ports:
|
||||
- "8083:8083"
|
||||
networks:
|
||||
default: {}
|
||||
lasuite:
|
||||
aliases:
|
||||
- nginx
|
||||
volumes:
|
||||
- ./docker/files/etc/nginx/conf.d:/etc/nginx/conf.d:ro
|
||||
depends_on:
|
||||
@@ -217,3 +230,8 @@ services:
|
||||
kc_postgresql:
|
||||
condition: service_healthy
|
||||
restart: true
|
||||
|
||||
networks:
|
||||
lasuite:
|
||||
name: lasuite-network
|
||||
driver: bridge
|
||||
|
||||
@@ -12,6 +12,7 @@ flowchart TD
|
||||
Back --> DB("Database (PostgreSQL)")
|
||||
Back <--> Celery --> DB
|
||||
Back ----> S3("Minio (S3)")
|
||||
Back -- REST API --> Find
|
||||
```
|
||||
|
||||
### Architecture decision records
|
||||
|
||||
@@ -93,6 +93,13 @@ These are the environment variables you can set for the `impress-backend` contai
|
||||
| OIDC_USERINFO_SHORTNAME_FIELD | OIDC token claims to create shortname | first_name |
|
||||
| POSTHOG_KEY | Posthog key for analytics | |
|
||||
| REDIS_URL | Cache url | redis://redis:6379/1 |
|
||||
| SEARCH_INDEXER_CLASS | Class of the backend for document indexation & search | |
|
||||
| SEARCH_INDEXER_BATCH_SIZE | Size of each batch for indexation of all documents | 100000 |
|
||||
| SEARCH_INDEXER_COUNTDOWN | Minimum debounce delay of indexation jobs (in seconds) | 1 |
|
||||
| SEARCH_INDEXER_URL | Find application endpoint for indexation | |
|
||||
| SEARCH_INDEXER_SECRET | Token for indexation queries | |
|
||||
| SEARCH_INDEXER_QUERY_URL | Find application endpoint for search | |
|
||||
| SEARCH_INDEXER_QUERY_LIMIT | Maximum number of results expected from search endpoint | 50 |
|
||||
| SENTRY_DSN | Sentry host | |
|
||||
| SESSION_COOKIE_AGE | duration of the cookie session | 60*60*12 |
|
||||
| SPECTACULAR_SETTINGS_ENABLE_DJANGO_DEPLOY_CHECK | | false |
|
||||
|
||||
@@ -0,0 +1,41 @@
|
||||
# Setup the Find search for Impress
|
||||
|
||||
This configuration will enable the fulltext search feature for Docs :
|
||||
- Each save on **core.Document** or **core.DocumentAccess** will trigger the indexer
|
||||
- The `api/v1.0/documents/search/` will work as a proxy with the Find API for fulltext search.
|
||||
|
||||
## Create an index service for Docs
|
||||
|
||||
Configure a **Service** for Docs application with these settings
|
||||
|
||||
- **Name**: `docs`<br>_request.auth.name of the Docs application._
|
||||
- **Client id**: `impress`<br>_Name of the token audience or client_id of the Docs application._
|
||||
|
||||
See [how-to-use-indexer.md](how-to-use-indexer.md) for details.
|
||||
|
||||
## Configure settings of Docs
|
||||
|
||||
Add those Django settings the Docs application to enable the feature.
|
||||
|
||||
```shell
|
||||
SEARCH_INDEXER_CLASS="core.services.search_indexers.FindDocumentIndexer"
|
||||
SEARCH_INDEXER_COUNTDOWN=10 # Debounce delay in seconds for the indexer calls.
|
||||
|
||||
# The token from service "docs" of Find application (development).
|
||||
SEARCH_INDEXER_SECRET="find-api-key-for-docs-with-exactly-50-chars-length"
|
||||
SEARCH_INDEXER_URL="http://find:8000/api/v1.0/documents/index/"
|
||||
|
||||
# Search endpoint. Uses the OIDC token for authentication
|
||||
SEARCH_INDEXER_QUERY_URL="http://find:8000/api/v1.0/documents/search/"
|
||||
# Maximum number of results expected from the search endpoint
|
||||
SEARCH_INDEXER_QUERY_LIMIT=50
|
||||
```
|
||||
|
||||
We also need to enable the **OIDC Token** refresh or the authentication will fail quickly.
|
||||
|
||||
```shell
|
||||
# Store OIDC tokens in the session
|
||||
OIDC_STORE_ACCESS_TOKEN = True # Store the access token in the session
|
||||
OIDC_STORE_REFRESH_TOKEN = True # Store the encrypted refresh token in the session
|
||||
OIDC_STORE_REFRESH_TOKEN_KEY = "your-32-byte-encryption-key==" # Must be a valid Fernet key (32 url-safe base64-encoded bytes)
|
||||
```
|
||||
@@ -97,6 +97,17 @@ Production deployments differ significantly from development environments. The t
|
||||
| 5433 | PostgreSQL (Keycloak) |
|
||||
| 1081 | MailCatcher |
|
||||
|
||||
**With fulltext search service**
|
||||
|
||||
| Port | Service |
|
||||
| --------- | --------------------- |
|
||||
| 8081 | Find (Django) |
|
||||
| 9200 | Opensearch |
|
||||
| 9600 | Opensearch admin |
|
||||
| 5601 | Opensearch dashboard |
|
||||
| 25432 | PostgreSQL (Find) |
|
||||
|
||||
|
||||
## 6. Sizing Guidelines
|
||||
|
||||
**RAM** – start at 8 GB dev / 16 GB staging / 32 GB prod. Postgres and Keycloak are the first to OOM; scale them first.
|
||||
|
||||
@@ -36,6 +36,7 @@ OIDC_OP_JWKS_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/c
|
||||
OIDC_OP_AUTHORIZATION_ENDPOINT=http://localhost:8083/realms/impress/protocol/openid-connect/auth
|
||||
OIDC_OP_TOKEN_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/token
|
||||
OIDC_OP_USER_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/userinfo
|
||||
OIDC_OP_INTROSPECTION_ENDPOINT=http://nginx:8083/realms/impress/protocol/openid-connect/token/introspect
|
||||
|
||||
OIDC_RP_CLIENT_ID=impress
|
||||
OIDC_RP_CLIENT_SECRET=ThisIsAnExampleKeyForDevPurposeOnly
|
||||
@@ -49,6 +50,14 @@ LOGOUT_REDIRECT_URL=http://localhost:3000
|
||||
OIDC_REDIRECT_ALLOWED_HOSTS=["http://localhost:8083", "http://localhost:3000"]
|
||||
OIDC_AUTH_REQUEST_EXTRA_PARAMS={"acr_values": "eidas1"}
|
||||
|
||||
# Store OIDC tokens in the session. Needed by search/ endpoint.
|
||||
# OIDC_STORE_ACCESS_TOKEN = True
|
||||
# OIDC_STORE_REFRESH_TOKEN = True # Store the encrypted refresh token in the session.
|
||||
|
||||
# Must be a valid Fernet key (32 url-safe base64-encoded bytes)
|
||||
# To create one, use the bin/fernetkey command.
|
||||
# OIDC_STORE_REFRESH_TOKEN_KEY="your-32-byte-encryption-key=="
|
||||
|
||||
# AI
|
||||
AI_FEATURE_ENABLED=true
|
||||
AI_BASE_URL=https://openaiendpoint.com
|
||||
@@ -68,4 +77,10 @@ Y_PROVIDER_API_BASE_URL=http://y-provider-development:4444/api/
|
||||
Y_PROVIDER_API_KEY=yprovider-api-key
|
||||
|
||||
# Theme customization
|
||||
THEME_CUSTOMIZATION_CACHE_TIMEOUT=15
|
||||
THEME_CUSTOMIZATION_CACHE_TIMEOUT=15
|
||||
|
||||
# Indexer (disabled)
|
||||
# SEARCH_INDEXER_CLASS="core.services.search_indexers.SearchIndexer"
|
||||
SEARCH_INDEXER_SECRET=find-api-key-for-docs-with-exactly-50-chars-length # Key generated by create_demo in Find app.
|
||||
SEARCH_INDEXER_URL="http://find:8000/api/v1.0/documents/index/"
|
||||
SEARCH_INDEXER_QUERY_URL="http://find:8000/api/v1.0/documents/search/"
|
||||
|
||||
@@ -6,4 +6,9 @@ Y_PROVIDER_API_BASE_URL=http://y-provider:4444/api/
|
||||
|
||||
# Throttle
|
||||
API_DOCUMENT_THROTTLE_RATE=1000/min
|
||||
API_CONFIG_THROTTLE_RATE=1000/min
|
||||
API_CONFIG_THROTTLE_RATE=1000/min
|
||||
|
||||
# Store OIDC tokens in the session.
|
||||
OIDC_STORE_ACCESS_TOKEN = True
|
||||
OIDC_STORE_REFRESH_TOKEN = True # Store the encrypted refresh token in the session.
|
||||
OIDC_STORE_REFRESH_TOKEN_KEY = "na1hhus-OLhq9mb9SO3R-8E4dONuMnqpZSY_SX8xcFk="
|
||||
|
||||
@@ -171,3 +171,19 @@ class ResourceAccessPermission(IsAuthenticated):
|
||||
|
||||
action = view.action
|
||||
return abilities.get(action, False)
|
||||
|
||||
|
||||
class CommentPermission(permissions.BasePermission):
|
||||
"""Permission class for comments."""
|
||||
|
||||
def has_permission(self, request, view):
|
||||
"""Check permission for a given object."""
|
||||
if view.action in ["create", "list"]:
|
||||
document_abilities = view.get_document_or_404().get_abilities(request.user)
|
||||
return document_abilities["comment"]
|
||||
|
||||
return True
|
||||
|
||||
def has_object_permission(self, request, view, obj):
|
||||
"""Check permission for a given object."""
|
||||
return obj.get_abilities(request.user).get(view.action, False)
|
||||
|
||||
@@ -1,4 +1,5 @@
|
||||
"""Client serializers for the impress core app."""
|
||||
# pylint: disable=too-many-lines
|
||||
|
||||
import binascii
|
||||
import mimetypes
|
||||
@@ -24,22 +25,13 @@ from core.services.converter_services import (
|
||||
class UserSerializer(serializers.ModelSerializer):
|
||||
"""Serialize users."""
|
||||
|
||||
class Meta:
|
||||
model = models.User
|
||||
fields = ["id", "email", "full_name", "short_name", "language"]
|
||||
read_only_fields = ["id", "email", "full_name", "short_name"]
|
||||
|
||||
|
||||
class UserLightSerializer(UserSerializer):
|
||||
"""Serialize users with limited fields."""
|
||||
|
||||
full_name = serializers.SerializerMethodField(read_only=True)
|
||||
short_name = serializers.SerializerMethodField(read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = models.User
|
||||
fields = ["full_name", "short_name"]
|
||||
read_only_fields = ["full_name", "short_name"]
|
||||
fields = ["id", "email", "full_name", "short_name", "language"]
|
||||
read_only_fields = ["id", "email", "full_name", "short_name"]
|
||||
|
||||
def get_full_name(self, instance):
|
||||
"""Return the full name of the user."""
|
||||
@@ -58,6 +50,15 @@ class UserLightSerializer(UserSerializer):
|
||||
return instance.short_name
|
||||
|
||||
|
||||
class UserLightSerializer(UserSerializer):
|
||||
"""Serialize users with limited fields."""
|
||||
|
||||
class Meta:
|
||||
model = models.User
|
||||
fields = ["full_name", "short_name"]
|
||||
read_only_fields = ["full_name", "short_name"]
|
||||
|
||||
|
||||
class TemplateAccessSerializer(serializers.ModelSerializer):
|
||||
"""Serialize template accesses."""
|
||||
|
||||
@@ -891,3 +892,134 @@ class MoveDocumentSerializer(serializers.Serializer):
|
||||
choices=enums.MoveNodePositionChoices.choices,
|
||||
default=enums.MoveNodePositionChoices.LAST_CHILD,
|
||||
)
|
||||
|
||||
|
||||
class ReactionSerializer(serializers.ModelSerializer):
|
||||
"""Serialize reactions."""
|
||||
|
||||
users = UserLightSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = models.Reaction
|
||||
fields = [
|
||||
"id",
|
||||
"emoji",
|
||||
"created_at",
|
||||
"users",
|
||||
]
|
||||
read_only_fields = ["id", "created_at", "users"]
|
||||
|
||||
|
||||
class CommentSerializer(serializers.ModelSerializer):
|
||||
"""Serialize comments (nested under a thread) with reactions and abilities."""
|
||||
|
||||
user = UserLightSerializer(read_only=True)
|
||||
abilities = serializers.SerializerMethodField()
|
||||
reactions = ReactionSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = models.Comment
|
||||
fields = [
|
||||
"id",
|
||||
"user",
|
||||
"body",
|
||||
"created_at",
|
||||
"updated_at",
|
||||
"reactions",
|
||||
"abilities",
|
||||
]
|
||||
read_only_fields = [
|
||||
"id",
|
||||
"user",
|
||||
"created_at",
|
||||
"updated_at",
|
||||
"reactions",
|
||||
"abilities",
|
||||
]
|
||||
|
||||
def validate(self, attrs):
|
||||
"""Validate comment data."""
|
||||
|
||||
request = self.context.get("request")
|
||||
user = getattr(request, "user", None)
|
||||
|
||||
attrs["thread_id"] = self.context["thread_id"]
|
||||
attrs["user_id"] = user.id if user else None
|
||||
return attrs
|
||||
|
||||
def get_abilities(self, obj):
|
||||
"""Return comment's abilities."""
|
||||
request = self.context.get("request")
|
||||
if request:
|
||||
return obj.get_abilities(request.user)
|
||||
return {}
|
||||
|
||||
|
||||
class ThreadSerializer(serializers.ModelSerializer):
|
||||
"""Serialize threads in a backward compatible shape for current frontend.
|
||||
|
||||
We expose a flatten representation where ``content`` maps to the first
|
||||
comment's body. Creating a thread requires a ``content`` field which is
|
||||
stored as the first comment.
|
||||
"""
|
||||
|
||||
creator = UserLightSerializer(read_only=True)
|
||||
abilities = serializers.SerializerMethodField(read_only=True)
|
||||
body = serializers.JSONField(write_only=True, required=True)
|
||||
comments = serializers.SerializerMethodField(read_only=True)
|
||||
comments = CommentSerializer(many=True, read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = models.Thread
|
||||
fields = [
|
||||
"id",
|
||||
"body",
|
||||
"created_at",
|
||||
"updated_at",
|
||||
"creator",
|
||||
"abilities",
|
||||
"comments",
|
||||
"resolved",
|
||||
"resolved_at",
|
||||
"resolved_by",
|
||||
"metadata",
|
||||
]
|
||||
read_only_fields = [
|
||||
"id",
|
||||
"created_at",
|
||||
"updated_at",
|
||||
"creator",
|
||||
"abilities",
|
||||
"comments",
|
||||
"resolved",
|
||||
"resolved_at",
|
||||
"resolved_by",
|
||||
"metadata",
|
||||
]
|
||||
|
||||
def validate(self, attrs):
|
||||
"""Validate thread data."""
|
||||
request = self.context.get("request")
|
||||
user = getattr(request, "user", None)
|
||||
|
||||
attrs["document_id"] = self.context["resource_id"]
|
||||
attrs["creator_id"] = user.id if user else None
|
||||
|
||||
return attrs
|
||||
|
||||
def get_abilities(self, thread):
|
||||
"""Return thread's abilities."""
|
||||
request = self.context.get("request")
|
||||
if request:
|
||||
return thread.get_abilities(request.user)
|
||||
return {}
|
||||
|
||||
|
||||
class SearchDocumentSerializer(serializers.Serializer):
|
||||
"""Serializer for fulltext search requests through Find application"""
|
||||
|
||||
q = serializers.CharField(required=True, allow_blank=False, trim_whitespace=True)
|
||||
page_size = serializers.IntegerField(
|
||||
required=False, min_value=1, max_value=50, default=20
|
||||
)
|
||||
page = serializers.IntegerField(required=False, min_value=1, default=1)
|
||||
|
||||
@@ -21,6 +21,8 @@ from django.db.models.expressions import RawSQL
|
||||
from django.db.models.functions import Left, Length
|
||||
from django.http import Http404, StreamingHttpResponse
|
||||
from django.urls import reverse
|
||||
from django.utils import timezone
|
||||
from django.utils.decorators import method_decorator
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.text import capfirst, slugify
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
@@ -31,6 +33,7 @@ from botocore.exceptions import ClientError
|
||||
from csp.constants import NONE
|
||||
from csp.decorators import csp_update
|
||||
from lasuite.malware_detection import malware_detection
|
||||
from lasuite.oidc_login.decorators import refresh_oidc_access_token
|
||||
from rest_framework import filters, status, viewsets
|
||||
from rest_framework import response as drf_response
|
||||
from rest_framework.permissions import AllowAny
|
||||
@@ -47,6 +50,10 @@ from core.services.converter_services import (
|
||||
from core.services.converter_services import (
|
||||
YdocConverter,
|
||||
)
|
||||
from core.services.search_indexers import (
|
||||
get_document_indexer,
|
||||
get_visited_document_ids_of,
|
||||
)
|
||||
from core.tasks.mail import send_ask_for_access_mail
|
||||
from core.utils import extract_attachments, filter_descendants
|
||||
|
||||
@@ -373,6 +380,7 @@ class DocumentViewSet(
|
||||
list_serializer_class = serializers.ListDocumentSerializer
|
||||
trashbin_serializer_class = serializers.ListDocumentSerializer
|
||||
tree_serializer_class = serializers.ListDocumentSerializer
|
||||
search_serializer_class = serializers.ListDocumentSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
"""Get queryset performing all annotation and filtering on the document tree structure."""
|
||||
@@ -1064,6 +1072,83 @@ class DocumentViewSet(
|
||||
{"id": str(duplicated_document.id)}, status=status.HTTP_201_CREATED
|
||||
)
|
||||
|
||||
def _search_simple(self, request, text):
|
||||
"""
|
||||
Returns a queryset filtered by the content of the document title
|
||||
"""
|
||||
# As the 'list' view we get a prefiltered queryset (deleted docs are excluded)
|
||||
queryset = self.get_queryset()
|
||||
filterset = DocumentFilter({"title": text}, queryset=queryset)
|
||||
|
||||
if not filterset.is_valid():
|
||||
raise drf.exceptions.ValidationError(filterset.errors)
|
||||
|
||||
queryset = filterset.filter_queryset(queryset)
|
||||
|
||||
return self.get_response_for_queryset(
|
||||
queryset.order_by("-updated_at"),
|
||||
context={
|
||||
"request": request,
|
||||
},
|
||||
)
|
||||
|
||||
def _search_fulltext(self, indexer, request, params):
|
||||
"""
|
||||
Returns a queryset from the results the fulltext search of Find
|
||||
"""
|
||||
access_token = request.session.get("oidc_access_token")
|
||||
user = request.user
|
||||
text = params.validated_data["q"]
|
||||
queryset = models.Document.objects.all()
|
||||
|
||||
# Retrieve the documents ids from Find.
|
||||
results = indexer.search(
|
||||
text=text,
|
||||
token=access_token,
|
||||
visited=get_visited_document_ids_of(queryset, user),
|
||||
)
|
||||
|
||||
docs_by_uuid = {str(d.pk): d for d in queryset.filter(pk__in=results)}
|
||||
ordered_docs = [docs_by_uuid[id] for id in results]
|
||||
|
||||
page = self.paginate_queryset(ordered_docs)
|
||||
|
||||
serializer = self.get_serializer(
|
||||
page if page else ordered_docs,
|
||||
many=True,
|
||||
context={
|
||||
"request": request,
|
||||
},
|
||||
)
|
||||
|
||||
return self.get_paginated_response(serializer.data)
|
||||
|
||||
@drf.decorators.action(detail=False, methods=["get"], url_path="search")
|
||||
@method_decorator(refresh_oidc_access_token)
|
||||
def search(self, request, *args, **kwargs):
|
||||
"""
|
||||
Returns a DRF response containing the filtered, annotated and ordered document list.
|
||||
|
||||
Applies filtering based on request parameter 'q' from `SearchDocumentSerializer`.
|
||||
Depending of the configuration it can be:
|
||||
- A fulltext search through the opensearch indexation app "find" if the backend is
|
||||
enabled (see SEARCH_INDEXER_CLASS)
|
||||
- A filtering by the model field 'title'.
|
||||
|
||||
The ordering is always by the most recent first.
|
||||
"""
|
||||
params = serializers.SearchDocumentSerializer(data=request.query_params)
|
||||
params.is_valid(raise_exception=True)
|
||||
|
||||
indexer = get_document_indexer()
|
||||
|
||||
if indexer:
|
||||
return self._search_fulltext(indexer, request, params=params)
|
||||
|
||||
# The indexer is not configured, we fallback on a simple icontains filter by the
|
||||
# model field 'title'.
|
||||
return self._search_simple(request, text=params.validated_data["q"])
|
||||
|
||||
@drf.decorators.action(detail=True, methods=["get"], url_path="versions")
|
||||
def versions_list(self, request, *args, **kwargs):
|
||||
"""
|
||||
@@ -2150,3 +2235,132 @@ class ConfigView(drf.views.APIView):
|
||||
)
|
||||
|
||||
return theme_customization
|
||||
|
||||
|
||||
class CommentViewSetMixin:
|
||||
"""Comment ViewSet Mixin."""
|
||||
|
||||
_document = None
|
||||
|
||||
def get_document_or_404(self):
|
||||
"""Get the document related to the viewset or raise a 404 error."""
|
||||
if self._document is None:
|
||||
try:
|
||||
self._document = models.Document.objects.get(
|
||||
pk=self.kwargs["resource_id"],
|
||||
)
|
||||
except models.Document.DoesNotExist as e:
|
||||
raise drf.exceptions.NotFound("Document not found.") from e
|
||||
return self._document
|
||||
|
||||
|
||||
class ThreadViewSet(
|
||||
ResourceAccessViewsetMixin,
|
||||
CommentViewSetMixin,
|
||||
drf.mixins.CreateModelMixin,
|
||||
drf.mixins.ListModelMixin,
|
||||
drf.mixins.RetrieveModelMixin,
|
||||
drf.mixins.DestroyModelMixin,
|
||||
viewsets.GenericViewSet,
|
||||
):
|
||||
"""Thread API: list/create threads and nested comment operations."""
|
||||
|
||||
permission_classes = [permissions.CommentPermission]
|
||||
pagination_class = Pagination
|
||||
serializer_class = serializers.ThreadSerializer
|
||||
queryset = models.Thread.objects.select_related("creator", "document").filter(
|
||||
resolved=False
|
||||
)
|
||||
resource_field_name = "document"
|
||||
|
||||
def perform_create(self, serializer):
|
||||
"""Create the first comment of the thread."""
|
||||
body = serializer.validated_data["body"]
|
||||
del serializer.validated_data["body"]
|
||||
thread = serializer.save()
|
||||
|
||||
models.Comment.objects.create(
|
||||
thread=thread,
|
||||
user=self.request.user if self.request.user.is_authenticated else None,
|
||||
body=body,
|
||||
)
|
||||
|
||||
@drf.decorators.action(detail=True, methods=["post"], url_path="resolve")
|
||||
def resolve(self, request, *args, **kwargs):
|
||||
"""Resolve a thread."""
|
||||
thread = self.get_object()
|
||||
if not thread.resolved:
|
||||
thread.resolved = True
|
||||
thread.resolved_at = timezone.now()
|
||||
thread.resolved_by = request.user
|
||||
thread.save(update_fields=["resolved", "resolved_at", "resolved_by"])
|
||||
return drf.response.Response(status=status.HTTP_204_NO_CONTENT)
|
||||
|
||||
|
||||
class CommentViewSet(
|
||||
CommentViewSetMixin,
|
||||
viewsets.ModelViewSet,
|
||||
):
|
||||
"""Comment API: list/create comments and nested reaction operations."""
|
||||
|
||||
permission_classes = [permissions.CommentPermission]
|
||||
pagination_class = Pagination
|
||||
serializer_class = serializers.CommentSerializer
|
||||
queryset = models.Comment.objects.select_related("user").all()
|
||||
|
||||
def get_queryset(self):
|
||||
"""Override to filter on related resource."""
|
||||
return (
|
||||
super()
|
||||
.get_queryset()
|
||||
.filter(
|
||||
thread=self.kwargs["thread_id"],
|
||||
thread__document=self.kwargs["resource_id"],
|
||||
)
|
||||
)
|
||||
|
||||
def get_serializer_context(self):
|
||||
"""Extra context provided to the serializer class."""
|
||||
context = super().get_serializer_context()
|
||||
context["document_id"] = self.kwargs["resource_id"]
|
||||
context["thread_id"] = self.kwargs["thread_id"]
|
||||
return context
|
||||
|
||||
@drf.decorators.action(
|
||||
detail=True,
|
||||
methods=["post", "delete"],
|
||||
)
|
||||
def reactions(self, request, *args, **kwargs):
|
||||
"""POST: add reaction; DELETE: remove reaction.
|
||||
|
||||
Emoji is expected in request.data['emoji'] for both operations.
|
||||
"""
|
||||
comment = self.get_object()
|
||||
serializer = serializers.ReactionSerializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
|
||||
if request.method == "POST":
|
||||
reaction, created = models.Reaction.objects.get_or_create(
|
||||
comment=comment,
|
||||
emoji=serializer.validated_data["emoji"],
|
||||
)
|
||||
if not created and reaction.users.filter(id=request.user.id).exists():
|
||||
return drf.response.Response(
|
||||
{"user_already_reacted": True}, status=status.HTTP_400_BAD_REQUEST
|
||||
)
|
||||
reaction.users.add(request.user)
|
||||
return drf.response.Response(status=status.HTTP_201_CREATED)
|
||||
|
||||
# DELETE
|
||||
try:
|
||||
reaction = models.Reaction.objects.get(
|
||||
comment=comment,
|
||||
emoji=serializer.validated_data["emoji"],
|
||||
users__in=[request.user],
|
||||
)
|
||||
except models.Reaction.DoesNotExist as e:
|
||||
raise drf.exceptions.NotFound("Reaction not found.") from e
|
||||
reaction.users.remove(request.user)
|
||||
if not reaction.users.exists():
|
||||
reaction.delete()
|
||||
return drf.response.Response(status=status.HTTP_204_NO_CONTENT)
|
||||
|
||||
@@ -1,11 +1,19 @@
|
||||
"""Impress Core application"""
|
||||
# from django.apps import AppConfig
|
||||
# from django.utils.translation import gettext_lazy as _
|
||||
|
||||
from django.apps import AppConfig
|
||||
from django.utils.translation import gettext_lazy as _
|
||||
|
||||
|
||||
# class CoreConfig(AppConfig):
|
||||
# """Configuration class for the impress core app."""
|
||||
class CoreConfig(AppConfig):
|
||||
"""Configuration class for the impress core app."""
|
||||
|
||||
# name = "core"
|
||||
# app_label = "core"
|
||||
# verbose_name = _("impress core application")
|
||||
name = "core"
|
||||
app_label = "core"
|
||||
verbose_name = _("Impress core application")
|
||||
|
||||
def ready(self):
|
||||
"""
|
||||
Import signals when the app is ready.
|
||||
"""
|
||||
# pylint: disable=import-outside-toplevel, unused-import
|
||||
from . import signals # noqa: PLC0415
|
||||
|
||||
@@ -33,6 +33,7 @@ class LinkRoleChoices(PriorityTextChoices):
|
||||
"""Defines the possible roles a link can offer on a document."""
|
||||
|
||||
READER = "reader", _("Reader") # Can read
|
||||
COMMENTER = "commenter", _("Commenter") # Can read and comment
|
||||
EDITOR = "editor", _("Editor") # Can read and edit
|
||||
|
||||
|
||||
@@ -40,6 +41,7 @@ class RoleChoices(PriorityTextChoices):
|
||||
"""Defines the possible roles a user can have in a resource."""
|
||||
|
||||
READER = "reader", _("Reader") # Can read
|
||||
COMMENTER = "commenter", _("Commenter") # Can read and comment
|
||||
EDITOR = "editor", _("Editor") # Can read and edit
|
||||
ADMIN = "administrator", _("Administrator") # Can read, edit, delete and share
|
||||
OWNER = "owner", _("Owner")
|
||||
|
||||
@@ -256,3 +256,49 @@ class InvitationFactory(factory.django.DjangoModelFactory):
|
||||
document = factory.SubFactory(DocumentFactory)
|
||||
role = factory.fuzzy.FuzzyChoice([role[0] for role in models.RoleChoices.choices])
|
||||
issuer = factory.SubFactory(UserFactory)
|
||||
|
||||
|
||||
class ThreadFactory(factory.django.DjangoModelFactory):
|
||||
"""A factory to create threads for a document"""
|
||||
|
||||
class Meta:
|
||||
model = models.Thread
|
||||
|
||||
document = factory.SubFactory(DocumentFactory)
|
||||
creator = factory.SubFactory(UserFactory)
|
||||
|
||||
|
||||
class CommentFactory(factory.django.DjangoModelFactory):
|
||||
"""A factory to create comments for a thread"""
|
||||
|
||||
class Meta:
|
||||
model = models.Comment
|
||||
|
||||
thread = factory.SubFactory(ThreadFactory)
|
||||
user = factory.SubFactory(UserFactory)
|
||||
body = factory.Faker("text")
|
||||
|
||||
|
||||
class ReactionFactory(factory.django.DjangoModelFactory):
|
||||
"""A factory to create reactions for a comment"""
|
||||
|
||||
class Meta:
|
||||
model = models.Reaction
|
||||
|
||||
comment = factory.SubFactory(CommentFactory)
|
||||
emoji = "test"
|
||||
|
||||
@factory.post_generation
|
||||
def users(self, create, extracted, **kwargs):
|
||||
"""Add users to reaction from a given list of users or create one if not provided."""
|
||||
if not create:
|
||||
return
|
||||
|
||||
if not extracted:
|
||||
# the factory is being created, but no users were provided
|
||||
user = UserFactory()
|
||||
self.users.add(user)
|
||||
return
|
||||
|
||||
# Add the iterable of groups using bulk addition
|
||||
self.users.add(*extracted)
|
||||
|
||||
@@ -0,0 +1,52 @@
|
||||
"""
|
||||
Handle search setup that needs to be done at bootstrap time.
|
||||
"""
|
||||
|
||||
import logging
|
||||
import time
|
||||
|
||||
from django.core.management.base import BaseCommand, CommandError
|
||||
|
||||
from core.services.search_indexers import get_document_indexer
|
||||
|
||||
logger = logging.getLogger("docs.search.bootstrap_search")
|
||||
|
||||
|
||||
class Command(BaseCommand):
|
||||
"""Index all documents to remote search service"""
|
||||
|
||||
help = __doc__
|
||||
|
||||
def add_arguments(self, parser):
|
||||
"""Add argument to require forcing execution when not in debug mode."""
|
||||
parser.add_argument(
|
||||
"--batch-size",
|
||||
action="store",
|
||||
dest="batch_size",
|
||||
type=int,
|
||||
default=50,
|
||||
help="Indexation query batch size",
|
||||
)
|
||||
|
||||
def handle(self, *args, **options):
|
||||
"""Launch and log search index generation."""
|
||||
indexer = get_document_indexer()
|
||||
|
||||
if not indexer:
|
||||
raise CommandError("The indexer is not enabled or properly configured.")
|
||||
|
||||
logger.info("Starting to regenerate Find index...")
|
||||
start = time.perf_counter()
|
||||
batch_size = options["batch_size"]
|
||||
|
||||
try:
|
||||
count = indexer.index(batch_size=batch_size)
|
||||
except Exception as err:
|
||||
raise CommandError("Unable to regenerate index") from err
|
||||
|
||||
duration = time.perf_counter() - start
|
||||
logger.info(
|
||||
"Search index regenerated from %d document(s) in %.2f seconds.",
|
||||
count,
|
||||
duration,
|
||||
)
|
||||
@@ -0,0 +1,275 @@
|
||||
# Generated by Django 5.2.6 on 2025-09-16 08:59
|
||||
|
||||
import uuid
|
||||
|
||||
import django.db.models.deletion
|
||||
from django.conf import settings
|
||||
from django.db import migrations, models
|
||||
|
||||
|
||||
class Migration(migrations.Migration):
|
||||
dependencies = [
|
||||
("core", "0025_alter_user_short_name"),
|
||||
]
|
||||
|
||||
operations = [
|
||||
migrations.AlterField(
|
||||
model_name="document",
|
||||
name="link_role",
|
||||
field=models.CharField(
|
||||
choices=[
|
||||
("reader", "Reader"),
|
||||
("commenter", "Commenter"),
|
||||
("editor", "Editor"),
|
||||
],
|
||||
default="reader",
|
||||
max_length=20,
|
||||
),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="documentaccess",
|
||||
name="role",
|
||||
field=models.CharField(
|
||||
choices=[
|
||||
("reader", "Reader"),
|
||||
("commenter", "Commenter"),
|
||||
("editor", "Editor"),
|
||||
("administrator", "Administrator"),
|
||||
("owner", "Owner"),
|
||||
],
|
||||
default="reader",
|
||||
max_length=20,
|
||||
),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="documentaskforaccess",
|
||||
name="role",
|
||||
field=models.CharField(
|
||||
choices=[
|
||||
("reader", "Reader"),
|
||||
("commenter", "Commenter"),
|
||||
("editor", "Editor"),
|
||||
("administrator", "Administrator"),
|
||||
("owner", "Owner"),
|
||||
],
|
||||
default="reader",
|
||||
max_length=20,
|
||||
),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="invitation",
|
||||
name="role",
|
||||
field=models.CharField(
|
||||
choices=[
|
||||
("reader", "Reader"),
|
||||
("commenter", "Commenter"),
|
||||
("editor", "Editor"),
|
||||
("administrator", "Administrator"),
|
||||
("owner", "Owner"),
|
||||
],
|
||||
default="reader",
|
||||
max_length=20,
|
||||
),
|
||||
),
|
||||
migrations.AlterField(
|
||||
model_name="templateaccess",
|
||||
name="role",
|
||||
field=models.CharField(
|
||||
choices=[
|
||||
("reader", "Reader"),
|
||||
("commenter", "Commenter"),
|
||||
("editor", "Editor"),
|
||||
("administrator", "Administrator"),
|
||||
("owner", "Owner"),
|
||||
],
|
||||
default="reader",
|
||||
max_length=20,
|
||||
),
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name="Thread",
|
||||
fields=[
|
||||
(
|
||||
"id",
|
||||
models.UUIDField(
|
||||
default=uuid.uuid4,
|
||||
editable=False,
|
||||
help_text="primary key for the record as UUID",
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
verbose_name="id",
|
||||
),
|
||||
),
|
||||
(
|
||||
"created_at",
|
||||
models.DateTimeField(
|
||||
auto_now_add=True,
|
||||
help_text="date and time at which a record was created",
|
||||
verbose_name="created on",
|
||||
),
|
||||
),
|
||||
(
|
||||
"updated_at",
|
||||
models.DateTimeField(
|
||||
auto_now=True,
|
||||
help_text="date and time at which a record was last updated",
|
||||
verbose_name="updated on",
|
||||
),
|
||||
),
|
||||
("resolved", models.BooleanField(default=False)),
|
||||
("resolved_at", models.DateTimeField(blank=True, null=True)),
|
||||
("metadata", models.JSONField(blank=True, default=dict)),
|
||||
(
|
||||
"creator",
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_NULL,
|
||||
related_name="threads",
|
||||
to=settings.AUTH_USER_MODEL,
|
||||
),
|
||||
),
|
||||
(
|
||||
"document",
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name="threads",
|
||||
to="core.document",
|
||||
),
|
||||
),
|
||||
(
|
||||
"resolved_by",
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_NULL,
|
||||
related_name="resolved_threads",
|
||||
to=settings.AUTH_USER_MODEL,
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "Thread",
|
||||
"verbose_name_plural": "Threads",
|
||||
"db_table": "impress_thread",
|
||||
"ordering": ("-created_at",),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name="Comment",
|
||||
fields=[
|
||||
(
|
||||
"id",
|
||||
models.UUIDField(
|
||||
default=uuid.uuid4,
|
||||
editable=False,
|
||||
help_text="primary key for the record as UUID",
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
verbose_name="id",
|
||||
),
|
||||
),
|
||||
(
|
||||
"created_at",
|
||||
models.DateTimeField(
|
||||
auto_now_add=True,
|
||||
help_text="date and time at which a record was created",
|
||||
verbose_name="created on",
|
||||
),
|
||||
),
|
||||
(
|
||||
"updated_at",
|
||||
models.DateTimeField(
|
||||
auto_now=True,
|
||||
help_text="date and time at which a record was last updated",
|
||||
verbose_name="updated on",
|
||||
),
|
||||
),
|
||||
("body", models.JSONField()),
|
||||
("metadata", models.JSONField(blank=True, default=dict)),
|
||||
(
|
||||
"user",
|
||||
models.ForeignKey(
|
||||
blank=True,
|
||||
null=True,
|
||||
on_delete=django.db.models.deletion.SET_NULL,
|
||||
related_name="thread_comment",
|
||||
to=settings.AUTH_USER_MODEL,
|
||||
),
|
||||
),
|
||||
(
|
||||
"thread",
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name="comments",
|
||||
to="core.thread",
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "Comment",
|
||||
"verbose_name_plural": "Comments",
|
||||
"db_table": "impress_comment",
|
||||
"ordering": ("created_at",),
|
||||
},
|
||||
),
|
||||
migrations.CreateModel(
|
||||
name="Reaction",
|
||||
fields=[
|
||||
(
|
||||
"id",
|
||||
models.UUIDField(
|
||||
default=uuid.uuid4,
|
||||
editable=False,
|
||||
help_text="primary key for the record as UUID",
|
||||
primary_key=True,
|
||||
serialize=False,
|
||||
verbose_name="id",
|
||||
),
|
||||
),
|
||||
(
|
||||
"created_at",
|
||||
models.DateTimeField(
|
||||
auto_now_add=True,
|
||||
help_text="date and time at which a record was created",
|
||||
verbose_name="created on",
|
||||
),
|
||||
),
|
||||
(
|
||||
"updated_at",
|
||||
models.DateTimeField(
|
||||
auto_now=True,
|
||||
help_text="date and time at which a record was last updated",
|
||||
verbose_name="updated on",
|
||||
),
|
||||
),
|
||||
("emoji", models.CharField(max_length=32)),
|
||||
(
|
||||
"comment",
|
||||
models.ForeignKey(
|
||||
on_delete=django.db.models.deletion.CASCADE,
|
||||
related_name="reactions",
|
||||
to="core.comment",
|
||||
),
|
||||
),
|
||||
(
|
||||
"users",
|
||||
models.ManyToManyField(
|
||||
related_name="reactions", to=settings.AUTH_USER_MODEL
|
||||
),
|
||||
),
|
||||
],
|
||||
options={
|
||||
"verbose_name": "Reaction",
|
||||
"verbose_name_plural": "Reactions",
|
||||
"db_table": "impress_comment_reaction",
|
||||
"constraints": [
|
||||
models.UniqueConstraint(
|
||||
fields=("comment", "emoji"),
|
||||
name="unique_comment_emoji",
|
||||
violation_error_message="This emoji has already been reacted to this comment.",
|
||||
)
|
||||
],
|
||||
},
|
||||
),
|
||||
]
|
||||
+182
-24
@@ -432,32 +432,35 @@ class Document(MP_Node, BaseModel):
|
||||
def save(self, *args, **kwargs):
|
||||
"""Write content to object storage only if _content has changed."""
|
||||
super().save(*args, **kwargs)
|
||||
|
||||
if self._content:
|
||||
file_key = self.file_key
|
||||
bytes_content = self._content.encode("utf-8")
|
||||
self.save_content(self._content)
|
||||
|
||||
# Attempt to directly check if the object exists using the storage client.
|
||||
try:
|
||||
response = default_storage.connection.meta.client.head_object(
|
||||
Bucket=default_storage.bucket_name, Key=file_key
|
||||
)
|
||||
except ClientError as excpt:
|
||||
# If the error is a 404, the object doesn't exist, so we should create it.
|
||||
if excpt.response["Error"]["Code"] == "404":
|
||||
has_changed = True
|
||||
else:
|
||||
raise
|
||||
def save_content(self, content):
|
||||
"""Save content to object storage."""
|
||||
|
||||
file_key = self.file_key
|
||||
bytes_content = content.encode("utf-8")
|
||||
|
||||
# Attempt to directly check if the object exists using the storage client.
|
||||
try:
|
||||
response = default_storage.connection.meta.client.head_object(
|
||||
Bucket=default_storage.bucket_name, Key=file_key
|
||||
)
|
||||
except ClientError as excpt:
|
||||
# If the error is a 404, the object doesn't exist, so we should create it.
|
||||
if excpt.response["Error"]["Code"] == "404":
|
||||
has_changed = True
|
||||
else:
|
||||
# Compare the existing ETag with the MD5 hash of the new content.
|
||||
has_changed = (
|
||||
response["ETag"].strip('"')
|
||||
!= hashlib.md5(bytes_content).hexdigest() # noqa: S324
|
||||
)
|
||||
raise
|
||||
else:
|
||||
# Compare the existing ETag with the MD5 hash of the new content.
|
||||
has_changed = (
|
||||
response["ETag"].strip('"') != hashlib.md5(bytes_content).hexdigest() # noqa: S324
|
||||
)
|
||||
|
||||
if has_changed:
|
||||
content_file = ContentFile(bytes_content)
|
||||
default_storage.save(file_key, content_file)
|
||||
if has_changed:
|
||||
content_file = ContentFile(bytes_content)
|
||||
default_storage.save(file_key, content_file)
|
||||
|
||||
def is_leaf(self):
|
||||
"""
|
||||
@@ -756,6 +759,7 @@ class Document(MP_Node, BaseModel):
|
||||
can_update = (
|
||||
is_owner_or_admin or role == RoleChoices.EDITOR
|
||||
) and not is_deleted
|
||||
can_comment = (can_update or role == RoleChoices.COMMENTER) and not is_deleted
|
||||
can_create_children = can_update and user.is_authenticated
|
||||
can_destroy = (
|
||||
is_owner
|
||||
@@ -786,6 +790,7 @@ class Document(MP_Node, BaseModel):
|
||||
"children_list": can_get,
|
||||
"children_create": can_create_children,
|
||||
"collaboration_auth": can_get,
|
||||
"comment": can_comment,
|
||||
"content": can_get,
|
||||
"cors_proxy": can_get,
|
||||
"descendants": can_get,
|
||||
@@ -901,7 +906,8 @@ class Document(MP_Node, BaseModel):
|
||||
|
||||
# Mark all descendants as soft deleted
|
||||
self.get_descendants().filter(ancestors_deleted_at__isnull=True).update(
|
||||
ancestors_deleted_at=self.ancestors_deleted_at
|
||||
ancestors_deleted_at=self.ancestors_deleted_at,
|
||||
updated_at=self.updated_at,
|
||||
)
|
||||
|
||||
@transaction.atomic
|
||||
@@ -1146,7 +1152,12 @@ class DocumentAccess(BaseAccess):
|
||||
set_role_to = []
|
||||
if is_owner_or_admin:
|
||||
set_role_to.extend(
|
||||
[RoleChoices.READER, RoleChoices.EDITOR, RoleChoices.ADMIN]
|
||||
[
|
||||
RoleChoices.READER,
|
||||
RoleChoices.COMMENTER,
|
||||
RoleChoices.EDITOR,
|
||||
RoleChoices.ADMIN,
|
||||
]
|
||||
)
|
||||
if role == RoleChoices.OWNER:
|
||||
set_role_to.append(RoleChoices.OWNER)
|
||||
@@ -1270,6 +1281,153 @@ class DocumentAskForAccess(BaseModel):
|
||||
self.document.send_email(subject, [email], context, language)
|
||||
|
||||
|
||||
class Thread(BaseModel):
|
||||
"""Discussion thread attached to a document.
|
||||
|
||||
A thread groups one or many comments. For backward compatibility with the
|
||||
existing frontend (useComments hook) we still expose a flattened serializer
|
||||
that returns a "content" field representing the first comment's body.
|
||||
"""
|
||||
|
||||
document = models.ForeignKey(
|
||||
Document,
|
||||
on_delete=models.CASCADE,
|
||||
related_name="threads",
|
||||
)
|
||||
creator = models.ForeignKey(
|
||||
User,
|
||||
on_delete=models.SET_NULL,
|
||||
related_name="threads",
|
||||
null=True,
|
||||
blank=True,
|
||||
)
|
||||
resolved = models.BooleanField(default=False)
|
||||
resolved_at = models.DateTimeField(null=True, blank=True)
|
||||
resolved_by = models.ForeignKey(
|
||||
User,
|
||||
on_delete=models.SET_NULL,
|
||||
related_name="resolved_threads",
|
||||
null=True,
|
||||
blank=True,
|
||||
)
|
||||
metadata = models.JSONField(default=dict, blank=True)
|
||||
|
||||
class Meta:
|
||||
db_table = "impress_thread"
|
||||
ordering = ("-created_at",)
|
||||
verbose_name = _("Thread")
|
||||
verbose_name_plural = _("Threads")
|
||||
|
||||
def __str__(self):
|
||||
author = self.creator or _("Anonymous")
|
||||
return f"Thread by {author!s} on {self.document!s}"
|
||||
|
||||
def get_abilities(self, user):
|
||||
"""Compute and return abilities for a given user (mirrors comment logic)."""
|
||||
role = self.document.get_role(user)
|
||||
doc_abilities = self.document.get_abilities(user)
|
||||
read_access = doc_abilities.get("comment", False)
|
||||
write_access = self.creator == user or role in [
|
||||
RoleChoices.OWNER,
|
||||
RoleChoices.ADMIN,
|
||||
]
|
||||
return {
|
||||
"destroy": write_access,
|
||||
"update": write_access,
|
||||
"partial_update": write_access,
|
||||
"resolve": write_access,
|
||||
"retrieve": read_access,
|
||||
}
|
||||
|
||||
@property
|
||||
def first_comment(self):
|
||||
"""Return the first createdcomment of the thread."""
|
||||
return self.comments.order_by("created_at").first()
|
||||
|
||||
|
||||
class Comment(BaseModel):
|
||||
"""A comment belonging to a thread."""
|
||||
|
||||
thread = models.ForeignKey(
|
||||
Thread,
|
||||
on_delete=models.CASCADE,
|
||||
related_name="comments",
|
||||
)
|
||||
user = models.ForeignKey(
|
||||
User,
|
||||
on_delete=models.SET_NULL,
|
||||
related_name="thread_comment",
|
||||
null=True,
|
||||
blank=True,
|
||||
)
|
||||
body = models.JSONField()
|
||||
metadata = models.JSONField(default=dict, blank=True)
|
||||
|
||||
class Meta:
|
||||
db_table = "impress_comment"
|
||||
ordering = ("created_at",)
|
||||
verbose_name = _("Comment")
|
||||
verbose_name_plural = _("Comments")
|
||||
|
||||
def __str__(self):
|
||||
"""Return the string representation of the comment."""
|
||||
author = self.user or _("Anonymous")
|
||||
return f"Comment by {author!s} on thread {self.thread_id}"
|
||||
|
||||
def get_abilities(self, user):
|
||||
"""Return the abilities of the comment."""
|
||||
role = self.thread.document.get_role(user)
|
||||
doc_abilities = self.thread.document.get_abilities(user)
|
||||
read_access = doc_abilities.get("comment", False)
|
||||
can_react = read_access and user.is_authenticated
|
||||
write_access = self.user == user or role in [
|
||||
RoleChoices.OWNER,
|
||||
RoleChoices.ADMIN,
|
||||
]
|
||||
return {
|
||||
"destroy": write_access,
|
||||
"update": write_access,
|
||||
"partial_update": write_access,
|
||||
"reactions": can_react,
|
||||
"retrieve": read_access,
|
||||
}
|
||||
|
||||
|
||||
class Reaction(BaseModel):
|
||||
"""Aggregated reactions for a given emoji on a comment.
|
||||
|
||||
We store one row per (comment, emoji) and maintain the list of user IDs who
|
||||
reacted with that emoji. This matches the frontend interface where a
|
||||
reaction exposes: emoji, createdAt (first reaction date) and userIds.
|
||||
"""
|
||||
|
||||
comment = models.ForeignKey(
|
||||
Comment,
|
||||
on_delete=models.CASCADE,
|
||||
related_name="reactions",
|
||||
)
|
||||
emoji = models.CharField(max_length=32)
|
||||
users = models.ManyToManyField(User, related_name="reactions")
|
||||
|
||||
class Meta:
|
||||
db_table = "impress_comment_reaction"
|
||||
constraints = [
|
||||
models.UniqueConstraint(
|
||||
fields=["comment", "emoji"],
|
||||
name="unique_comment_emoji",
|
||||
violation_error_message=_(
|
||||
"This emoji has already been reacted to this comment."
|
||||
),
|
||||
),
|
||||
]
|
||||
verbose_name = _("Reaction")
|
||||
verbose_name_plural = _("Reactions")
|
||||
|
||||
def __str__(self):
|
||||
"""Return the string representation of the reaction."""
|
||||
return f"Reaction {self.emoji} on comment {self.comment.id}"
|
||||
|
||||
|
||||
class Template(BaseModel):
|
||||
"""HTML and CSS code used for formatting the print around the MarkDown body."""
|
||||
|
||||
|
||||
@@ -0,0 +1,298 @@
|
||||
"""Document search index management utilities and indexers"""
|
||||
|
||||
import logging
|
||||
from abc import ABC, abstractmethod
|
||||
from collections import defaultdict
|
||||
from functools import cache
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
from django.db.models import Subquery
|
||||
from django.utils.module_loading import import_string
|
||||
|
||||
import requests
|
||||
|
||||
from core import models, utils
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
@cache
|
||||
def get_document_indexer():
|
||||
"""Returns an instance of indexer service if enabled and properly configured."""
|
||||
classpath = settings.SEARCH_INDEXER_CLASS
|
||||
|
||||
# For this usecase an empty indexer class is not an issue but a feature.
|
||||
if not classpath:
|
||||
logger.info("Document indexer is not configured (see SEARCH_INDEXER_CLASS)")
|
||||
return None
|
||||
|
||||
try:
|
||||
indexer_class = import_string(settings.SEARCH_INDEXER_CLASS)
|
||||
return indexer_class()
|
||||
except ImportError as err:
|
||||
logger.error("SEARCH_INDEXER_CLASS setting is not valid : %s", err)
|
||||
except ImproperlyConfigured as err:
|
||||
logger.error("Document indexer is not properly configured : %s", err)
|
||||
|
||||
return None
|
||||
|
||||
|
||||
def get_batch_accesses_by_users_and_teams(paths):
|
||||
"""
|
||||
Get accesses related to a list of document paths,
|
||||
grouped by users and teams, including all ancestor paths.
|
||||
"""
|
||||
ancestor_map = utils.get_ancestor_to_descendants_map(
|
||||
paths, steplen=models.Document.steplen
|
||||
)
|
||||
ancestor_paths = list(ancestor_map.keys())
|
||||
|
||||
access_qs = models.DocumentAccess.objects.filter(
|
||||
document__path__in=ancestor_paths
|
||||
).values("document__path", "user__sub", "team")
|
||||
|
||||
access_by_document_path = defaultdict(lambda: {"users": set(), "teams": set()})
|
||||
|
||||
for access in access_qs:
|
||||
ancestor_path = access["document__path"]
|
||||
user_sub = access["user__sub"]
|
||||
team = access["team"]
|
||||
|
||||
for descendant_path in ancestor_map.get(ancestor_path, []):
|
||||
if user_sub:
|
||||
access_by_document_path[descendant_path]["users"].add(str(user_sub))
|
||||
if team:
|
||||
access_by_document_path[descendant_path]["teams"].add(team)
|
||||
|
||||
return dict(access_by_document_path)
|
||||
|
||||
|
||||
def get_visited_document_ids_of(queryset, user):
|
||||
"""
|
||||
Returns the ids of the documents that have a linktrace to the user and NOT owned.
|
||||
It will be use to limit the opensearch responses to the public documents already
|
||||
"visited" by the user.
|
||||
"""
|
||||
if isinstance(user, AnonymousUser):
|
||||
return []
|
||||
|
||||
qs = models.LinkTrace.objects.filter(user=user)
|
||||
|
||||
docs = (
|
||||
queryset.exclude(accesses__user=user)
|
||||
.filter(
|
||||
deleted_at__isnull=True,
|
||||
ancestors_deleted_at__isnull=True,
|
||||
)
|
||||
.filter(pk__in=Subquery(qs.values("document_id")))
|
||||
.order_by("pk")
|
||||
.distinct("pk")
|
||||
)
|
||||
|
||||
return [str(id) for id in docs.values_list("pk", flat=True)]
|
||||
|
||||
|
||||
class BaseDocumentIndexer(ABC):
|
||||
"""
|
||||
Base class for document indexers.
|
||||
|
||||
Handles batching and access resolution. Subclasses must implement both
|
||||
`serialize_document()` and `push()` to define backend-specific behavior.
|
||||
"""
|
||||
|
||||
def __init__(self):
|
||||
"""
|
||||
Initialize the indexer.
|
||||
"""
|
||||
self.batch_size = settings.SEARCH_INDEXER_BATCH_SIZE
|
||||
self.indexer_url = settings.SEARCH_INDEXER_URL
|
||||
self.indexer_secret = settings.SEARCH_INDEXER_SECRET
|
||||
self.search_url = settings.SEARCH_INDEXER_QUERY_URL
|
||||
self.search_limit = settings.SEARCH_INDEXER_QUERY_LIMIT
|
||||
|
||||
if not self.indexer_url:
|
||||
raise ImproperlyConfigured(
|
||||
"SEARCH_INDEXER_URL must be set in Django settings."
|
||||
)
|
||||
|
||||
if not self.indexer_secret:
|
||||
raise ImproperlyConfigured(
|
||||
"SEARCH_INDEXER_SECRET must be set in Django settings."
|
||||
)
|
||||
|
||||
if not self.search_url:
|
||||
raise ImproperlyConfigured(
|
||||
"SEARCH_INDEXER_QUERY_URL must be set in Django settings."
|
||||
)
|
||||
|
||||
def index(self, queryset=None, batch_size=None):
|
||||
"""
|
||||
Fetch documents in batches, serialize them, and push to the search backend.
|
||||
|
||||
Args:
|
||||
queryset (optional): Document queryset
|
||||
Defaults to all documents without filter.
|
||||
batch_size (int, optional): Number of documents per batch.
|
||||
Defaults to settings.SEARCH_INDEXER_BATCH_SIZE.
|
||||
"""
|
||||
last_id = 0
|
||||
count = 0
|
||||
queryset = queryset or models.Document.objects.all()
|
||||
batch_size = batch_size or self.batch_size
|
||||
|
||||
while True:
|
||||
documents_batch = list(
|
||||
queryset.filter(
|
||||
id__gt=last_id,
|
||||
).order_by("id")[:batch_size]
|
||||
)
|
||||
|
||||
if not documents_batch:
|
||||
break
|
||||
|
||||
doc_paths = [doc.path for doc in documents_batch]
|
||||
last_id = documents_batch[-1].id
|
||||
accesses_by_document_path = get_batch_accesses_by_users_and_teams(doc_paths)
|
||||
|
||||
serialized_batch = [
|
||||
self.serialize_document(document, accesses_by_document_path)
|
||||
for document in documents_batch
|
||||
if document.content or document.title
|
||||
]
|
||||
|
||||
if serialized_batch:
|
||||
self.push(serialized_batch)
|
||||
count += len(serialized_batch)
|
||||
|
||||
return count
|
||||
|
||||
@abstractmethod
|
||||
def serialize_document(self, document, accesses):
|
||||
"""
|
||||
Convert a Document instance to a JSON-serializable format for indexing.
|
||||
|
||||
Must be implemented by subclasses.
|
||||
"""
|
||||
|
||||
@abstractmethod
|
||||
def push(self, data):
|
||||
"""
|
||||
Push a batch of serialized documents to the backend.
|
||||
|
||||
Must be implemented by subclasses.
|
||||
"""
|
||||
|
||||
# pylint: disable-next=too-many-arguments,too-many-positional-arguments
|
||||
def search(self, text, token, visited=(), nb_results=None):
|
||||
"""
|
||||
Search for documents in Find app.
|
||||
Ensure the same default ordering as "Docs" list : -updated_at
|
||||
|
||||
Returns ids of the documents
|
||||
|
||||
Args:
|
||||
text (str): Text search content.
|
||||
token (str): OIDC Authentication token.
|
||||
visited (list, optional):
|
||||
List of ids of active public documents with LinkTrace
|
||||
Defaults to settings.SEARCH_INDEXER_BATCH_SIZE.
|
||||
nb_results (int, optional):
|
||||
The number of results to return.
|
||||
Defaults to 50 if not specified.
|
||||
"""
|
||||
nb_results = nb_results or self.search_limit
|
||||
response = self.search_query(
|
||||
data={
|
||||
"q": text,
|
||||
"visited": visited,
|
||||
"services": ["docs"],
|
||||
"nb_results": nb_results,
|
||||
"order_by": "updated_at",
|
||||
"order_direction": "desc",
|
||||
},
|
||||
token=token,
|
||||
)
|
||||
|
||||
return [d["_id"] for d in response]
|
||||
|
||||
@abstractmethod
|
||||
def search_query(self, data, token) -> dict:
|
||||
"""
|
||||
Retrieve documents from the Find app API.
|
||||
|
||||
Must be implemented by subclasses.
|
||||
"""
|
||||
|
||||
|
||||
class SearchIndexer(BaseDocumentIndexer):
|
||||
"""
|
||||
Document indexer that pushes documents to La Suite Find app.
|
||||
"""
|
||||
|
||||
def serialize_document(self, document, accesses):
|
||||
"""
|
||||
Convert a Document to the JSON format expected by La Suite Find.
|
||||
|
||||
Args:
|
||||
document (Document): The document instance.
|
||||
accesses (dict): Mapping of document ID to user/team access.
|
||||
|
||||
Returns:
|
||||
dict: A JSON-serializable dictionary.
|
||||
"""
|
||||
doc_path = document.path
|
||||
doc_content = document.content
|
||||
text_content = utils.base64_yjs_to_text(doc_content) if doc_content else ""
|
||||
|
||||
return {
|
||||
"id": str(document.id),
|
||||
"title": document.title or "",
|
||||
"content": text_content,
|
||||
"depth": document.depth,
|
||||
"path": document.path,
|
||||
"numchild": document.numchild,
|
||||
"created_at": document.created_at.isoformat(),
|
||||
"updated_at": document.updated_at.isoformat(),
|
||||
"users": list(accesses.get(doc_path, {}).get("users", set())),
|
||||
"groups": list(accesses.get(doc_path, {}).get("teams", set())),
|
||||
"reach": document.computed_link_reach,
|
||||
"size": len(text_content.encode("utf-8")),
|
||||
"is_active": not bool(document.ancestors_deleted_at),
|
||||
}
|
||||
|
||||
def search_query(self, data, token) -> requests.Response:
|
||||
"""
|
||||
Retrieve documents from the Find app API.
|
||||
|
||||
Args:
|
||||
data (dict): search data
|
||||
token (str): OICD token
|
||||
|
||||
Returns:
|
||||
dict: A JSON-serializable dictionary.
|
||||
"""
|
||||
response = requests.post(
|
||||
self.search_url,
|
||||
json=data,
|
||||
headers={"Authorization": f"Bearer {token}"},
|
||||
timeout=10,
|
||||
)
|
||||
response.raise_for_status()
|
||||
return response.json()
|
||||
|
||||
def push(self, data):
|
||||
"""
|
||||
Push a batch of documents to the Find backend.
|
||||
|
||||
Args:
|
||||
data (list): List of document dictionaries.
|
||||
"""
|
||||
response = requests.post(
|
||||
self.indexer_url,
|
||||
json=data,
|
||||
headers={"Authorization": f"Bearer {self.indexer_secret}"},
|
||||
timeout=10,
|
||||
)
|
||||
response.raise_for_status()
|
||||
@@ -0,0 +1,33 @@
|
||||
"""
|
||||
Declare and configure the signals for the impress core application
|
||||
"""
|
||||
|
||||
from functools import partial
|
||||
|
||||
from django.db import transaction
|
||||
from django.db.models import signals
|
||||
from django.dispatch import receiver
|
||||
|
||||
from . import models
|
||||
from .tasks.search import trigger_batch_document_indexer
|
||||
|
||||
|
||||
@receiver(signals.post_save, sender=models.Document)
|
||||
def document_post_save(sender, instance, **kwargs): # pylint: disable=unused-argument
|
||||
"""
|
||||
Asynchronous call to the document indexer at the end of the transaction.
|
||||
Note : Within the transaction we can have an empty content and a serialization
|
||||
error.
|
||||
"""
|
||||
transaction.on_commit(partial(trigger_batch_document_indexer, instance))
|
||||
|
||||
|
||||
@receiver(signals.post_save, sender=models.DocumentAccess)
|
||||
def document_access_post_save(sender, instance, created, **kwargs): # pylint: disable=unused-argument
|
||||
"""
|
||||
Asynchronous call to the document indexer at the end of the transaction.
|
||||
"""
|
||||
if not created:
|
||||
transaction.on_commit(
|
||||
partial(trigger_batch_document_indexer, instance.document)
|
||||
)
|
||||
@@ -0,0 +1,95 @@
|
||||
"""Trigger document indexation using celery task."""
|
||||
|
||||
from logging import getLogger
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.cache import cache
|
||||
from django.db.models import Q
|
||||
|
||||
from django_redis.cache import RedisCache
|
||||
|
||||
from core import models
|
||||
from core.services.search_indexers import (
|
||||
get_document_indexer,
|
||||
)
|
||||
|
||||
from impress.celery_app import app
|
||||
|
||||
logger = getLogger(__file__)
|
||||
|
||||
|
||||
@app.task
|
||||
def document_indexer_task(document_id):
|
||||
"""Celery Task : Sends indexation query for a document."""
|
||||
indexer = get_document_indexer()
|
||||
|
||||
if indexer:
|
||||
logger.info("Start document %s indexation", document_id)
|
||||
indexer.index(models.Document.objects.filter(pk=document_id))
|
||||
|
||||
|
||||
def batch_indexer_throttle_acquire(timeout: int = 0, atomic: bool = True):
|
||||
"""
|
||||
Enable the task throttle flag for a delay.
|
||||
Uses redis locks if available to ensure atomic changes
|
||||
"""
|
||||
key = "document-batch-indexer-throttle"
|
||||
|
||||
# Redis is used as cache database (not in tests). Use the lock feature here
|
||||
# to ensure atomicity of changes to the throttle flag.
|
||||
if isinstance(cache, RedisCache) and atomic:
|
||||
with cache.locks(key):
|
||||
return batch_indexer_throttle_acquire(timeout, atomic=False)
|
||||
|
||||
# Use add() here :
|
||||
# - set the flag and returns true if not exist
|
||||
# - do nothing and return false if exist
|
||||
return cache.add(key, 1, timeout=timeout)
|
||||
|
||||
|
||||
@app.task
|
||||
def batch_document_indexer_task(timestamp):
|
||||
"""Celery Task : Sends indexation query for a batch of documents."""
|
||||
indexer = get_document_indexer()
|
||||
|
||||
if indexer:
|
||||
queryset = models.Document.objects.filter(
|
||||
Q(updated_at__gte=timestamp)
|
||||
| Q(deleted_at__gte=timestamp)
|
||||
| Q(ancestors_deleted_at__gte=timestamp)
|
||||
)
|
||||
|
||||
count = indexer.index(queryset)
|
||||
logger.info("Indexed %d documents", count)
|
||||
|
||||
|
||||
def trigger_batch_document_indexer(item):
|
||||
"""
|
||||
Trigger indexation task with debounce a delay set by the SEARCH_INDEXER_COUNTDOWN setting.
|
||||
|
||||
Args:
|
||||
document (Document): The document instance.
|
||||
"""
|
||||
countdown = int(settings.SEARCH_INDEXER_COUNTDOWN)
|
||||
|
||||
# DO NOT create a task if indexation if disabled
|
||||
if not settings.SEARCH_INDEXER_CLASS:
|
||||
return
|
||||
|
||||
if countdown > 0:
|
||||
# Each time this method is called during a countdown, we increment the
|
||||
# counter and each task decrease it, so the index be run only once.
|
||||
if batch_indexer_throttle_acquire(timeout=countdown):
|
||||
logger.info(
|
||||
"Add task for batch document indexation from updated_at=%s in %d seconds",
|
||||
item.updated_at.isoformat(),
|
||||
countdown,
|
||||
)
|
||||
|
||||
batch_document_indexer_task.apply_async(
|
||||
args=[item.updated_at], countdown=countdown
|
||||
)
|
||||
else:
|
||||
logger.info("Skip task for batch document %s indexation", item.pk)
|
||||
else:
|
||||
document_indexer_task.apply(args=[item.pk])
|
||||
@@ -0,0 +1,65 @@
|
||||
"""
|
||||
Unit test for `index` command.
|
||||
"""
|
||||
|
||||
from operator import itemgetter
|
||||
from unittest import mock
|
||||
|
||||
from django.core.management import CommandError, call_command
|
||||
from django.db import transaction
|
||||
|
||||
import pytest
|
||||
|
||||
from core import factories
|
||||
from core.services.search_indexers import SearchIndexer
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_index():
|
||||
"""Test the command `index` that run the Find app indexer for all the available documents."""
|
||||
user = factories.UserFactory()
|
||||
indexer = SearchIndexer()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory()
|
||||
empty_doc = factories.DocumentFactory(title=None, content="")
|
||||
no_title_doc = factories.DocumentFactory(title=None)
|
||||
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
factories.UserDocumentAccessFactory(document=empty_doc, user=user)
|
||||
factories.UserDocumentAccessFactory(document=no_title_doc, user=user)
|
||||
|
||||
accesses = {
|
||||
str(doc.path): {"users": [user.sub]},
|
||||
str(empty_doc.path): {"users": [user.sub]},
|
||||
str(no_title_doc.path): {"users": [user.sub]},
|
||||
}
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
call_command("index")
|
||||
|
||||
push_call_args = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
# called once but with a batch of docs
|
||||
mock_push.assert_called_once()
|
||||
|
||||
assert sorted(push_call_args[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc, accesses),
|
||||
indexer.serialize_document(no_title_doc, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_index_improperly_configured(indexer_settings):
|
||||
"""The command should raise an exception if the indexer is not configured"""
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = None
|
||||
|
||||
with pytest.raises(CommandError) as err:
|
||||
call_command("index")
|
||||
|
||||
assert str(err.value) == "The indexer is not enabled or properly configured."
|
||||
@@ -24,3 +24,30 @@ def mock_user_teams():
|
||||
"core.models.User.teams", new_callable=mock.PropertyMock
|
||||
) as mock_teams:
|
||||
yield mock_teams
|
||||
|
||||
|
||||
@pytest.fixture(name="indexer_settings")
|
||||
def indexer_settings_fixture(settings):
|
||||
"""
|
||||
Setup valid settings for the document indexer. Clear the indexer cache.
|
||||
"""
|
||||
|
||||
# pylint: disable-next=import-outside-toplevel
|
||||
from core.services.search_indexers import ( # noqa: PLC0415
|
||||
get_document_indexer,
|
||||
)
|
||||
|
||||
get_document_indexer.cache_clear()
|
||||
|
||||
settings.SEARCH_INDEXER_CLASS = "core.services.search_indexers.SearchIndexer"
|
||||
settings.SEARCH_INDEXER_SECRET = "ThisIsAKeyForTest"
|
||||
settings.SEARCH_INDEXER_URL = "http://localhost:8081/api/v1.0/documents/index/"
|
||||
settings.SEARCH_INDEXER_QUERY_URL = (
|
||||
"http://localhost:8081/api/v1.0/documents/search/"
|
||||
)
|
||||
settings.SEARCH_INDEXER_COUNTDOWN = 1
|
||||
|
||||
yield settings
|
||||
|
||||
# clear cache to prevent issues with other tests
|
||||
get_document_indexer.cache_clear()
|
||||
|
||||
@@ -293,6 +293,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
|
||||
}
|
||||
assert result_dict[str(document_access_other_user.id)] == [
|
||||
"reader",
|
||||
"commenter",
|
||||
"editor",
|
||||
"administrator",
|
||||
"owner",
|
||||
@@ -301,7 +302,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
|
||||
|
||||
# Add an access for the other user on the parent
|
||||
parent_access_other_user = factories.UserDocumentAccessFactory(
|
||||
document=parent, user=other_user, role="editor"
|
||||
document=parent, user=other_user, role="commenter"
|
||||
)
|
||||
|
||||
response = client.get(f"/api/v1.0/documents/{document.id!s}/accesses/")
|
||||
@@ -314,6 +315,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
|
||||
result["id"]: result["abilities"]["set_role_to"] for result in content
|
||||
}
|
||||
assert result_dict[str(document_access_other_user.id)] == [
|
||||
"commenter",
|
||||
"editor",
|
||||
"administrator",
|
||||
"owner",
|
||||
@@ -321,6 +323,7 @@ def test_api_document_accesses_retrieve_set_role_to_child():
|
||||
assert result_dict[str(parent_access.id)] == []
|
||||
assert result_dict[str(parent_access_other_user.id)] == [
|
||||
"reader",
|
||||
"commenter",
|
||||
"editor",
|
||||
"administrator",
|
||||
"owner",
|
||||
@@ -333,28 +336,28 @@ def test_api_document_accesses_retrieve_set_role_to_child():
|
||||
[
|
||||
["administrator", "reader", "reader", "reader"],
|
||||
[
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["owner", "reader", "reader", "reader"],
|
||||
[
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["owner", "reader", "reader", "owner"],
|
||||
[
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
],
|
||||
],
|
||||
],
|
||||
@@ -415,44 +418,44 @@ def test_api_document_accesses_list_authenticated_related_same_user(roles, resul
|
||||
[
|
||||
["administrator", "reader", "reader", "reader"],
|
||||
[
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["owner", "reader", "reader", "reader"],
|
||||
[
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["owner", "reader", "reader", "owner"],
|
||||
[
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["reader", "reader", "reader", "owner"],
|
||||
[
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
[],
|
||||
[],
|
||||
["reader", "editor", "administrator", "owner"],
|
||||
["reader", "commenter", "editor", "administrator", "owner"],
|
||||
],
|
||||
],
|
||||
[
|
||||
["reader", "administrator", "reader", "editor"],
|
||||
[
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
[],
|
||||
[],
|
||||
],
|
||||
@@ -460,7 +463,7 @@ def test_api_document_accesses_list_authenticated_related_same_user(roles, resul
|
||||
[
|
||||
["editor", "editor", "administrator", "editor"],
|
||||
[
|
||||
["reader", "editor", "administrator"],
|
||||
["reader", "commenter", "editor", "administrator"],
|
||||
[],
|
||||
["editor", "administrator"],
|
||||
[],
|
||||
|
||||
@@ -360,6 +360,7 @@ def test_api_documents_ask_for_access_list_owner_or_admin(role):
|
||||
|
||||
expected_set_role_to = [
|
||||
RoleChoices.READER,
|
||||
RoleChoices.COMMENTER,
|
||||
RoleChoices.EDITOR,
|
||||
RoleChoices.ADMIN,
|
||||
]
|
||||
@@ -480,6 +481,7 @@ def test_api_documents_ask_for_access_retrieve_owner_or_admin(role):
|
||||
assert response.status_code == 200
|
||||
expected_set_role_to = [
|
||||
RoleChoices.READER,
|
||||
RoleChoices.COMMENTER,
|
||||
RoleChoices.EDITOR,
|
||||
RoleChoices.ADMIN,
|
||||
]
|
||||
|
||||
@@ -0,0 +1,878 @@
|
||||
"""Test API for comments on documents."""
|
||||
|
||||
import random
|
||||
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
|
||||
import pytest
|
||||
from rest_framework.test import APIClient
|
||||
|
||||
from core import factories, models
|
||||
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
# List comments
|
||||
|
||||
|
||||
def test_list_comments_anonymous_user_public_document():
|
||||
"""Anonymous users should be allowed to list comments on a public document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment1, comment2 = factories.CommentFactory.create_batch(2, thread=thread)
|
||||
# other comments not linked to the document
|
||||
factories.CommentFactory.create_batch(2)
|
||||
|
||||
response = APIClient().get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/"
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert response.json() == {
|
||||
"count": 2,
|
||||
"next": None,
|
||||
"previous": None,
|
||||
"results": [
|
||||
{
|
||||
"id": str(comment1.id),
|
||||
"body": comment1.body,
|
||||
"created_at": comment1.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"updated_at": comment1.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"user": {
|
||||
"full_name": comment1.user.full_name,
|
||||
"short_name": comment1.user.short_name,
|
||||
},
|
||||
"abilities": comment1.get_abilities(AnonymousUser()),
|
||||
"reactions": [],
|
||||
},
|
||||
{
|
||||
"id": str(comment2.id),
|
||||
"body": comment2.body,
|
||||
"created_at": comment2.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"updated_at": comment2.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"user": {
|
||||
"full_name": comment2.user.full_name,
|
||||
"short_name": comment2.user.short_name,
|
||||
},
|
||||
"abilities": comment2.get_abilities(AnonymousUser()),
|
||||
"reactions": [],
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize("link_reach", ["restricted", "authenticated"])
|
||||
def test_list_comments_anonymous_user_non_public_document(link_reach):
|
||||
"""Anonymous users should not be allowed to list comments on a non-public document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach=link_reach, link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
factories.CommentFactory(thread=thread)
|
||||
# other comments not linked to the document
|
||||
factories.CommentFactory.create_batch(2)
|
||||
|
||||
response = APIClient().get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/"
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_list_comments_authenticated_user_accessible_document():
|
||||
"""Authenticated users should be allowed to list comments on an accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.COMMENTER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment1 = factories.CommentFactory(thread=thread)
|
||||
comment2 = factories.CommentFactory(thread=thread, user=user)
|
||||
# other comments not linked to the document
|
||||
factories.CommentFactory.create_batch(2)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/"
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert response.json() == {
|
||||
"count": 2,
|
||||
"next": None,
|
||||
"previous": None,
|
||||
"results": [
|
||||
{
|
||||
"id": str(comment1.id),
|
||||
"body": comment1.body,
|
||||
"created_at": comment1.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"updated_at": comment1.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"user": {
|
||||
"full_name": comment1.user.full_name,
|
||||
"short_name": comment1.user.short_name,
|
||||
},
|
||||
"abilities": comment1.get_abilities(user),
|
||||
"reactions": [],
|
||||
},
|
||||
{
|
||||
"id": str(comment2.id),
|
||||
"body": comment2.body,
|
||||
"created_at": comment2.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"updated_at": comment2.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"user": {
|
||||
"full_name": comment2.user.full_name,
|
||||
"short_name": comment2.user.short_name,
|
||||
},
|
||||
"abilities": comment2.get_abilities(user),
|
||||
"reactions": [],
|
||||
},
|
||||
],
|
||||
}
|
||||
|
||||
|
||||
def test_list_comments_authenticated_user_non_accessible_document():
|
||||
"""Authenticated users should not be allowed to list comments on a non-accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(link_reach="restricted")
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
factories.CommentFactory(thread=thread)
|
||||
# other comments not linked to the document
|
||||
factories.CommentFactory.create_batch(2)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/"
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
def test_list_comments_authenticated_user_not_enough_access():
|
||||
"""
|
||||
Authenticated users should not be allowed to list comments on a document they don't have
|
||||
comment access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.READER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
factories.CommentFactory(thread=thread)
|
||||
# other comments not linked to the document
|
||||
factories.CommentFactory.create_batch(2)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/"
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
# Create comment
|
||||
|
||||
|
||||
def test_create_comment_anonymous_user_public_document():
|
||||
"""
|
||||
Anonymous users should be allowed to create comments on a public document
|
||||
with commenter link_role.
|
||||
"""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
client = APIClient()
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/",
|
||||
{"body": "test"},
|
||||
)
|
||||
assert response.status_code == 201
|
||||
|
||||
assert response.json() == {
|
||||
"id": str(response.json()["id"]),
|
||||
"body": "test",
|
||||
"created_at": response.json()["created_at"],
|
||||
"updated_at": response.json()["updated_at"],
|
||||
"user": None,
|
||||
"abilities": {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": False,
|
||||
"retrieve": True,
|
||||
},
|
||||
"reactions": [],
|
||||
}
|
||||
|
||||
|
||||
def test_create_comment_anonymous_user_non_accessible_document():
|
||||
"""Anonymous users should not be allowed to create comments on a non-accessible document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
client = APIClient()
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/",
|
||||
{"body": "test"},
|
||||
)
|
||||
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_create_comment_authenticated_user_accessible_document():
|
||||
"""Authenticated users should be allowed to create comments on an accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.COMMENTER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/",
|
||||
{"body": "test"},
|
||||
)
|
||||
assert response.status_code == 201
|
||||
|
||||
assert response.json() == {
|
||||
"id": str(response.json()["id"]),
|
||||
"body": "test",
|
||||
"created_at": response.json()["created_at"],
|
||||
"updated_at": response.json()["updated_at"],
|
||||
"user": {
|
||||
"full_name": user.full_name,
|
||||
"short_name": user.short_name,
|
||||
},
|
||||
"abilities": {
|
||||
"destroy": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
},
|
||||
"reactions": [],
|
||||
}
|
||||
|
||||
|
||||
def test_create_comment_authenticated_user_not_enough_access():
|
||||
"""
|
||||
Authenticated users should not be allowed to create comments on a document they don't have
|
||||
comment access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.READER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/",
|
||||
{"body": "test"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
# Retrieve comment
|
||||
|
||||
|
||||
def test_retrieve_comment_anonymous_user_public_document():
|
||||
"""Anonymous users should be allowed to retrieve comments on a public document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 200
|
||||
assert response.json() == {
|
||||
"id": str(comment.id),
|
||||
"body": comment.body,
|
||||
"created_at": comment.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"updated_at": comment.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"user": {
|
||||
"full_name": comment.user.full_name,
|
||||
"short_name": comment.user.short_name,
|
||||
},
|
||||
"reactions": [],
|
||||
"abilities": comment.get_abilities(AnonymousUser()),
|
||||
}
|
||||
|
||||
|
||||
def test_retrieve_comment_anonymous_user_non_accessible_document():
|
||||
"""Anonymous users should not be allowed to retrieve comments on a non-accessible document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_retrieve_comment_authenticated_user_accessible_document():
|
||||
"""Authenticated users should be allowed to retrieve comments on an accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.COMMENTER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 200
|
||||
|
||||
|
||||
def test_retrieve_comment_authenticated_user_not_enough_access():
|
||||
"""
|
||||
Authenticated users should not be allowed to retrieve comments on a document they don't have
|
||||
comment access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.READER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.get(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
# Update comment
|
||||
|
||||
|
||||
def test_update_comment_anonymous_user_public_document():
|
||||
"""Anonymous users should not be allowed to update comments on a public document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_update_comment_anonymous_user_non_accessible_document():
|
||||
"""Anonymous users should not be allowed to update comments on a non-accessible document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_update_comment_authenticated_user_accessible_document():
|
||||
"""Authenticated users should not be able to update comments not their own."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted",
|
||||
users=[
|
||||
(
|
||||
user,
|
||||
random.choice(
|
||||
[models.LinkRoleChoices.COMMENTER, models.LinkRoleChoices.EDITOR]
|
||||
),
|
||||
)
|
||||
],
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
def test_update_comment_authenticated_user_own_comment():
|
||||
"""Authenticated users should be able to update comments not their own."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted",
|
||||
users=[
|
||||
(
|
||||
user,
|
||||
random.choice(
|
||||
[models.LinkRoleChoices.COMMENTER, models.LinkRoleChoices.EDITOR]
|
||||
),
|
||||
)
|
||||
],
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test", user=user)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 200
|
||||
|
||||
comment.refresh_from_db()
|
||||
assert comment.body == "other content"
|
||||
|
||||
|
||||
def test_update_comment_authenticated_user_not_enough_access():
|
||||
"""
|
||||
Authenticated users should not be allowed to update comments on a document they don't
|
||||
have comment access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.READER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
def test_update_comment_authenticated_no_access():
|
||||
"""
|
||||
Authenticated users should not be allowed to update comments on a document they don't
|
||||
have access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(link_reach="restricted")
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.parametrize("role", [models.RoleChoices.ADMIN, models.RoleChoices.OWNER])
|
||||
def test_update_comment_authenticated_admin_or_owner_can_update_any_comment(role):
|
||||
"""
|
||||
Authenticated users should be able to update comments on a document they don't have access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, role)])
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test")
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 200
|
||||
|
||||
comment.refresh_from_db()
|
||||
assert comment.body == "other content"
|
||||
|
||||
|
||||
@pytest.mark.parametrize("role", [models.RoleChoices.ADMIN, models.RoleChoices.OWNER])
|
||||
def test_update_comment_authenticated_admin_or_owner_can_update_own_comment(role):
|
||||
"""
|
||||
Authenticated users should be able to update comments on a document they don't have access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, role)])
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, body="test", user=user)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.put(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/",
|
||||
{"body": "other content"},
|
||||
)
|
||||
assert response.status_code == 200
|
||||
|
||||
comment.refresh_from_db()
|
||||
assert comment.body == "other content"
|
||||
|
||||
|
||||
# Delete comment
|
||||
|
||||
|
||||
def test_delete_comment_anonymous_user_public_document():
|
||||
"""Anonymous users should not be allowed to delete comments on a public document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_delete_comment_anonymous_user_non_accessible_document():
|
||||
"""Anonymous users should not be allowed to delete comments on a non-accessible document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_delete_comment_authenticated_user_accessible_document_own_comment():
|
||||
"""Authenticated users should be able to delete comments on an accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.COMMENTER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, user=user)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 204
|
||||
|
||||
|
||||
def test_delete_comment_authenticated_user_accessible_document_not_own_comment():
|
||||
"""Authenticated users should not be able to delete comments on an accessible document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.COMMENTER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.parametrize("role", [models.RoleChoices.ADMIN, models.RoleChoices.OWNER])
|
||||
def test_delete_comment_authenticated_user_admin_or_owner_can_delete_any_comment(role):
|
||||
"""Authenticated users should be able to delete comments on a document they have access to."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, role)])
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 204
|
||||
|
||||
|
||||
@pytest.mark.parametrize("role", [models.RoleChoices.ADMIN, models.RoleChoices.OWNER])
|
||||
def test_delete_comment_authenticated_user_admin_or_owner_can_delete_own_comment(role):
|
||||
"""Authenticated users should be able to delete comments on a document they have access to."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, role)])
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread, user=user)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 204
|
||||
|
||||
|
||||
def test_delete_comment_authenticated_user_not_enough_access():
|
||||
"""
|
||||
Authenticated users should not be able to delete comments on a document they don't
|
||||
have access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.LinkRoleChoices.READER)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/comments/{comment.id!s}/"
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
# Create reaction
|
||||
|
||||
|
||||
@pytest.mark.parametrize("link_role", models.LinkRoleChoices.values)
|
||||
def test_create_reaction_anonymous_user_public_document(link_role):
|
||||
"""No matter the link_role, an anonymous user can not react to a comment."""
|
||||
|
||||
document = factories.DocumentFactory(link_reach="public", link_role=link_role)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 401
|
||||
|
||||
|
||||
def test_create_reaction_authenticated_user_public_document():
|
||||
"""
|
||||
Authenticated users should not be able to reaction to a comment on a public document with
|
||||
link_role reader.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
def test_create_reaction_authenticated_user_accessible_public_document():
|
||||
"""
|
||||
Authenticated users should be able to react to a comment on a public document.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="public", link_role=models.LinkRoleChoices.COMMENTER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 201
|
||||
|
||||
assert models.Reaction.objects.filter(
|
||||
comment=comment, emoji="test", users__in=[user]
|
||||
).exists()
|
||||
|
||||
|
||||
def test_create_reaction_authenticated_user_connected_document_link_role_reader():
|
||||
"""
|
||||
Authenticated users should not be able to react to a comment on a connected document
|
||||
with link_role reader.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="authenticated", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role",
|
||||
[
|
||||
role
|
||||
for role in models.LinkRoleChoices.values
|
||||
if role != models.LinkRoleChoices.READER
|
||||
],
|
||||
)
|
||||
def test_create_reaction_authenticated_user_connected_document(link_role):
|
||||
"""
|
||||
Authenticated users should be able to react to a comment on a connected document.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="authenticated", link_role=link_role
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 201
|
||||
|
||||
assert models.Reaction.objects.filter(
|
||||
comment=comment, emoji="test", users__in=[user]
|
||||
).exists()
|
||||
|
||||
|
||||
def test_create_reaction_authenticated_user_restricted_accessible_document():
|
||||
"""
|
||||
Authenticated users should not be able to react to a comment on a restricted accessible document
|
||||
they don't have access to.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(link_reach="restricted")
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
def test_create_reaction_authenticated_user_restricted_accessible_document_role_reader():
|
||||
"""
|
||||
Authenticated users should not be able to react to a comment on a restricted accessible
|
||||
document with role reader.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", link_role=models.LinkRoleChoices.READER
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 403
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"role",
|
||||
[role for role in models.RoleChoices.values if role != models.RoleChoices.READER],
|
||||
)
|
||||
def test_create_reaction_authenticated_user_restricted_accessible_document_role_commenter(
|
||||
role,
|
||||
):
|
||||
"""
|
||||
Authenticated users should be able to react to a comment on a restricted accessible document
|
||||
with role commenter.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(link_reach="restricted", users=[(user, role)])
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 201
|
||||
|
||||
assert models.Reaction.objects.filter(
|
||||
comment=comment, emoji="test", users__in=[user]
|
||||
).exists()
|
||||
|
||||
response = client.post(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": "test"},
|
||||
)
|
||||
assert response.status_code == 400
|
||||
assert response.json() == {"user_already_reacted": True}
|
||||
|
||||
|
||||
# Delete reaction
|
||||
|
||||
|
||||
def test_delete_reaction_not_owned_by_the_current_user():
|
||||
"""
|
||||
Users should not be able to delete reactions not owned by the current user.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.RoleChoices.ADMIN)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
reaction = factories.ReactionFactory(comment=comment)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": reaction.emoji},
|
||||
)
|
||||
assert response.status_code == 404
|
||||
|
||||
|
||||
def test_delete_reaction_owned_by_the_current_user():
|
||||
"""
|
||||
Users should not be able to delete reactions not owned by the current user.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_reach="restricted", users=[(user, models.RoleChoices.ADMIN)]
|
||||
)
|
||||
thread = factories.ThreadFactory(document=document)
|
||||
comment = factories.CommentFactory(thread=thread)
|
||||
reaction = factories.ReactionFactory(comment=comment)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
response = client.delete(
|
||||
f"/api/v1.0/documents/{document.id!s}/threads/{thread.id!s}/"
|
||||
f"comments/{comment.id!s}/reactions/",
|
||||
{"emoji": reaction.emoji},
|
||||
)
|
||||
assert response.status_code == 404
|
||||
|
||||
reaction.refresh_from_db()
|
||||
assert reaction.users.exists()
|
||||
@@ -36,6 +36,7 @@ def test_api_documents_retrieve_anonymous_public_standalone():
|
||||
"children_create": False,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": document.link_role in ["commenter", "editor"],
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
"descendants": True,
|
||||
@@ -46,8 +47,8 @@ def test_api_documents_retrieve_anonymous_public_standalone():
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": False,
|
||||
@@ -113,6 +114,7 @@ def test_api_documents_retrieve_anonymous_public_parent():
|
||||
"children_create": False,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": grand_parent.link_role in ["commenter", "editor"],
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -220,6 +222,7 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
|
||||
"children_create": document.link_role == "editor",
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": document.link_role in ["commenter", "editor"],
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -229,8 +232,8 @@ def test_api_documents_retrieve_authenticated_unrelated_public_or_authenticated(
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -304,6 +307,7 @@ def test_api_documents_retrieve_authenticated_public_or_authenticated_parent(rea
|
||||
"children_create": grand_parent.link_role == "editor",
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": grand_parent.link_role in ["commenter", "editor"],
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -494,13 +498,14 @@ def test_api_documents_retrieve_authenticated_related_parent():
|
||||
"abilities": {
|
||||
"accesses_manage": access.role in ["administrator", "owner"],
|
||||
"accesses_view": True,
|
||||
"ai_transform": access.role != "reader",
|
||||
"ai_translate": access.role != "reader",
|
||||
"attachment_upload": access.role != "reader",
|
||||
"can_edit": access.role != "reader",
|
||||
"children_create": access.role != "reader",
|
||||
"ai_transform": access.role not in ["reader", "commenter"],
|
||||
"ai_translate": access.role not in ["reader", "commenter"],
|
||||
"attachment_upload": access.role not in ["reader", "commenter"],
|
||||
"can_edit": access.role not in ["reader", "commenter"],
|
||||
"children_create": access.role not in ["reader", "commenter"],
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": access.role != "reader",
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -516,11 +521,11 @@ def test_api_documents_retrieve_authenticated_related_parent():
|
||||
"media_auth": True,
|
||||
"media_check": True,
|
||||
"move": access.role in ["administrator", "owner"],
|
||||
"partial_update": access.role != "reader",
|
||||
"partial_update": access.role not in ["reader", "commenter"],
|
||||
"restore": access.role == "owner",
|
||||
"retrieve": True,
|
||||
"tree": True,
|
||||
"update": access.role != "reader",
|
||||
"update": access.role not in ["reader", "commenter"],
|
||||
"versions_destroy": access.role in ["administrator", "owner"],
|
||||
"versions_list": True,
|
||||
"versions_retrieve": True,
|
||||
|
||||
@@ -0,0 +1,425 @@
|
||||
"""
|
||||
Tests for Documents API endpoint in impress's core app: list
|
||||
"""
|
||||
|
||||
import random
|
||||
from json import loads as json_loads
|
||||
|
||||
from django.test import RequestFactory
|
||||
|
||||
import pytest
|
||||
import responses
|
||||
from faker import Faker
|
||||
from rest_framework.test import APIClient
|
||||
|
||||
from core import factories, models
|
||||
from core.services.search_indexers import get_document_indexer
|
||||
|
||||
fake = Faker()
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
|
||||
def build_search_url(**kwargs):
|
||||
"""Build absolute uri for search endpoint with ORDERED query arguments"""
|
||||
return (
|
||||
RequestFactory()
|
||||
.get("/api/v1.0/documents/search/", dict(sorted(kwargs.items())))
|
||||
.build_absolute_uri()
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.parametrize("role", models.LinkRoleChoices.values)
|
||||
@pytest.mark.parametrize("reach", models.LinkReachChoices.values)
|
||||
@responses.activate
|
||||
def test_api_documents_search_anonymous(reach, role, indexer_settings):
|
||||
"""
|
||||
Anonymous users should not be allowed to search documents whatever the
|
||||
link reach and link role
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = "http://find/api/v1.0/search"
|
||||
|
||||
factories.DocumentFactory(link_reach=reach, link_role=role)
|
||||
|
||||
# Find response
|
||||
responses.add(
|
||||
responses.POST,
|
||||
"http://find/api/v1.0/search",
|
||||
json=[],
|
||||
status=200,
|
||||
)
|
||||
|
||||
response = APIClient().get("/api/v1.0/documents/search/", data={"q": "alpha"})
|
||||
|
||||
assert response.status_code == 200
|
||||
assert response.json() == {
|
||||
"count": 0,
|
||||
"next": None,
|
||||
"previous": None,
|
||||
"results": [],
|
||||
}
|
||||
|
||||
|
||||
def test_api_documents_search_endpoint_is_none(indexer_settings):
|
||||
"""
|
||||
Missing SEARCH_INDEXER_QUERY_URL, so the indexer is not properly configured.
|
||||
Should fallback on title filter
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = None
|
||||
|
||||
assert get_document_indexer() is None
|
||||
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(title="alpha")
|
||||
access = factories.UserDocumentAccessFactory(document=document, user=user)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.get("/api/v1.0/documents/search/", data={"q": "alpha"})
|
||||
|
||||
assert response.status_code == 200
|
||||
content = response.json()
|
||||
results = content.pop("results")
|
||||
assert content == {
|
||||
"count": 1,
|
||||
"next": None,
|
||||
"previous": None,
|
||||
}
|
||||
assert len(results) == 1
|
||||
assert results[0] == {
|
||||
"id": str(document.id),
|
||||
"abilities": document.get_abilities(user),
|
||||
"ancestors_link_reach": None,
|
||||
"ancestors_link_role": None,
|
||||
"computed_link_reach": document.computed_link_reach,
|
||||
"computed_link_role": document.computed_link_role,
|
||||
"created_at": document.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"creator": str(document.creator.id),
|
||||
"depth": 1,
|
||||
"excerpt": document.excerpt,
|
||||
"link_reach": document.link_reach,
|
||||
"link_role": document.link_role,
|
||||
"nb_accesses_ancestors": 1,
|
||||
"nb_accesses_direct": 1,
|
||||
"numchild": 0,
|
||||
"path": document.path,
|
||||
"title": document.title,
|
||||
"updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"deleted_at": None,
|
||||
"user_role": access.role,
|
||||
}
|
||||
|
||||
|
||||
@responses.activate
|
||||
def test_api_documents_search_invalid_params(indexer_settings):
|
||||
"""Validate the format of documents as returned by the search view."""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = "http://find/api/v1.0/search"
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
response = client.get("/api/v1.0/documents/search/")
|
||||
|
||||
assert response.status_code == 400
|
||||
assert response.json() == {"q": ["This field is required."]}
|
||||
|
||||
response = client.get("/api/v1.0/documents/search/", data={"q": " "})
|
||||
|
||||
assert response.status_code == 400
|
||||
assert response.json() == {"q": ["This field may not be blank."]}
|
||||
|
||||
response = client.get(
|
||||
"/api/v1.0/documents/search/", data={"q": "any", "page": "NaN"}
|
||||
)
|
||||
|
||||
assert response.status_code == 400
|
||||
assert response.json() == {"page": ["A valid integer is required."]}
|
||||
|
||||
|
||||
@responses.activate
|
||||
def test_api_documents_search_format(indexer_settings):
|
||||
"""Validate the format of documents as returned by the search view."""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = "http://find/api/v1.0/search"
|
||||
|
||||
assert get_document_indexer() is not None
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
user_a, user_b, user_c = factories.UserFactory.create_batch(3)
|
||||
document = factories.DocumentFactory(
|
||||
title="alpha",
|
||||
users=(user_a, user_c),
|
||||
link_traces=(user, user_b),
|
||||
)
|
||||
access = factories.UserDocumentAccessFactory(document=document, user=user)
|
||||
|
||||
# Find response
|
||||
responses.add(
|
||||
responses.POST,
|
||||
"http://find/api/v1.0/search",
|
||||
json=[
|
||||
{"_id": str(document.pk)},
|
||||
],
|
||||
status=200,
|
||||
)
|
||||
response = client.get("/api/v1.0/documents/search/", data={"q": "alpha"})
|
||||
|
||||
assert response.status_code == 200
|
||||
content = response.json()
|
||||
results = content.pop("results")
|
||||
assert content == {
|
||||
"count": 1,
|
||||
"next": None,
|
||||
"previous": None,
|
||||
}
|
||||
assert len(results) == 1
|
||||
assert results[0] == {
|
||||
"id": str(document.id),
|
||||
"abilities": document.get_abilities(user),
|
||||
"ancestors_link_reach": None,
|
||||
"ancestors_link_role": None,
|
||||
"computed_link_reach": document.computed_link_reach,
|
||||
"computed_link_role": document.computed_link_role,
|
||||
"created_at": document.created_at.isoformat().replace("+00:00", "Z"),
|
||||
"creator": str(document.creator.id),
|
||||
"depth": 1,
|
||||
"excerpt": document.excerpt,
|
||||
"link_reach": document.link_reach,
|
||||
"link_role": document.link_role,
|
||||
"nb_accesses_ancestors": 3,
|
||||
"nb_accesses_direct": 3,
|
||||
"numchild": 0,
|
||||
"path": document.path,
|
||||
"title": document.title,
|
||||
"updated_at": document.updated_at.isoformat().replace("+00:00", "Z"),
|
||||
"deleted_at": None,
|
||||
"user_role": access.role,
|
||||
}
|
||||
|
||||
|
||||
@responses.activate
|
||||
@pytest.mark.parametrize(
|
||||
"pagination, status, expected",
|
||||
(
|
||||
(
|
||||
{"page": 1, "page_size": 10},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": None,
|
||||
"next": None,
|
||||
"range": (0, None),
|
||||
},
|
||||
),
|
||||
(
|
||||
{},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": None,
|
||||
"next": None,
|
||||
"range": (0, None),
|
||||
"api_page_size": 21, # default page_size is 20
|
||||
},
|
||||
),
|
||||
(
|
||||
{"page": 2, "page_size": 10},
|
||||
404,
|
||||
{},
|
||||
),
|
||||
(
|
||||
{"page": 1, "page_size": 5},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": None,
|
||||
"next": {"page": 2, "page_size": 5},
|
||||
"range": (0, 5),
|
||||
},
|
||||
),
|
||||
(
|
||||
{"page": 2, "page_size": 5},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": {"page_size": 5},
|
||||
"next": None,
|
||||
"range": (5, None),
|
||||
},
|
||||
),
|
||||
({"page": 3, "page_size": 5}, 404, {}),
|
||||
),
|
||||
)
|
||||
def test_api_documents_search_pagination(
|
||||
indexer_settings, pagination, status, expected
|
||||
):
|
||||
"""Documents should be ordered by descending "score" by default"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = "http://find/api/v1.0/search"
|
||||
|
||||
assert get_document_indexer() is not None
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
docs = factories.DocumentFactory.create_batch(10, title="alpha", users=[user])
|
||||
|
||||
docs_by_uuid = {str(doc.pk): doc for doc in docs}
|
||||
api_results = [{"_id": id} for id in docs_by_uuid.keys()]
|
||||
|
||||
# reorder randomly to simulate score ordering
|
||||
random.shuffle(api_results)
|
||||
|
||||
# Find response
|
||||
# pylint: disable-next=assignment-from-none
|
||||
api_search = responses.add(
|
||||
responses.POST,
|
||||
"http://find/api/v1.0/search",
|
||||
json=api_results,
|
||||
status=200,
|
||||
)
|
||||
|
||||
response = client.get(
|
||||
"/api/v1.0/documents/search/",
|
||||
data={
|
||||
"q": "alpha",
|
||||
**pagination,
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == status
|
||||
|
||||
if response.status_code < 300:
|
||||
previous_url = (
|
||||
build_search_url(q="alpha", **expected["previous"])
|
||||
if expected["previous"]
|
||||
else None
|
||||
)
|
||||
next_url = (
|
||||
build_search_url(q="alpha", **expected["next"])
|
||||
if expected["next"]
|
||||
else None
|
||||
)
|
||||
start, end = expected["range"]
|
||||
|
||||
content = response.json()
|
||||
|
||||
assert content["count"] == expected["count"]
|
||||
assert content["previous"] == previous_url
|
||||
assert content["next"] == next_url
|
||||
|
||||
results = content.pop("results")
|
||||
|
||||
# The find api results ordering by score is kept
|
||||
assert [r["id"] for r in results] == [r["_id"] for r in api_results[start:end]]
|
||||
|
||||
# Check the query parameters.
|
||||
assert api_search.call_count == 1
|
||||
assert api_search.calls[0].response.status_code == 200
|
||||
assert json_loads(api_search.calls[0].request.body) == {
|
||||
"q": "alpha",
|
||||
"visited": [],
|
||||
"services": ["docs"],
|
||||
"nb_results": 50,
|
||||
"order_by": "updated_at",
|
||||
"order_direction": "desc",
|
||||
}
|
||||
|
||||
|
||||
@responses.activate
|
||||
@pytest.mark.parametrize(
|
||||
"pagination, status, expected",
|
||||
(
|
||||
(
|
||||
{"page": 1, "page_size": 10},
|
||||
200,
|
||||
{"count": 10, "previous": None, "next": None, "range": (0, None)},
|
||||
),
|
||||
(
|
||||
{},
|
||||
200,
|
||||
{"count": 10, "previous": None, "next": None, "range": (0, None)},
|
||||
),
|
||||
(
|
||||
{"page": 2, "page_size": 10},
|
||||
404,
|
||||
{},
|
||||
),
|
||||
(
|
||||
{"page": 1, "page_size": 5},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": None,
|
||||
"next": {"page": 2, "page_size": 5},
|
||||
"range": (0, 5),
|
||||
},
|
||||
),
|
||||
(
|
||||
{"page": 2, "page_size": 5},
|
||||
200,
|
||||
{
|
||||
"count": 10,
|
||||
"previous": {"page_size": 5},
|
||||
"next": None,
|
||||
"range": (5, None),
|
||||
},
|
||||
),
|
||||
({"page": 3, "page_size": 5}, 404, {}),
|
||||
),
|
||||
)
|
||||
def test_api_documents_search_pagination_endpoint_is_none(
|
||||
indexer_settings, pagination, status, expected
|
||||
):
|
||||
"""Documents should be ordered by descending "-updated_at" by default"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = None
|
||||
|
||||
assert get_document_indexer() is None
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
factories.DocumentFactory.create_batch(10, title="alpha", users=[user])
|
||||
|
||||
response = client.get(
|
||||
"/api/v1.0/documents/search/",
|
||||
data={
|
||||
"q": "alpha",
|
||||
**pagination,
|
||||
},
|
||||
)
|
||||
|
||||
assert response.status_code == status
|
||||
|
||||
if response.status_code < 300:
|
||||
previous_url = (
|
||||
build_search_url(q="alpha", **expected["previous"])
|
||||
if expected["previous"]
|
||||
else None
|
||||
)
|
||||
next_url = (
|
||||
build_search_url(q="alpha", **expected["next"])
|
||||
if expected["next"]
|
||||
else None
|
||||
)
|
||||
queryset = models.Document.objects.order_by("-updated_at")
|
||||
start, end = expected["range"]
|
||||
expected_results = [str(d.pk) for d in queryset[start:end]]
|
||||
|
||||
content = response.json()
|
||||
|
||||
assert content["count"] == expected["count"]
|
||||
assert content["previous"] == previous_url
|
||||
assert content["next"] == next_url
|
||||
|
||||
results = content.pop("results")
|
||||
|
||||
assert [r["id"] for r in results] == expected_results
|
||||
File diff suppressed because it is too large
Load Diff
@@ -81,6 +81,7 @@ def test_api_documents_trashbin_format():
|
||||
"collaboration_auth": False,
|
||||
"descendants": False,
|
||||
"cors_proxy": False,
|
||||
"comment": False,
|
||||
"content": False,
|
||||
"destroy": False,
|
||||
"duplicate": False,
|
||||
@@ -88,8 +89,8 @@ def test_api_documents_trashbin_format():
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": False,
|
||||
|
||||
@@ -278,6 +278,35 @@ def test_api_users_retrieve_me_authenticated():
|
||||
}
|
||||
|
||||
|
||||
def test_api_users_retrieve_me_authenticated_empty_name():
|
||||
"""
|
||||
Authenticated users should be able to retrieve their own user via the "/users/me" path.
|
||||
when no name is provided, the full name and short name should be the email without the domain.
|
||||
"""
|
||||
user = factories.UserFactory(
|
||||
email="test_foo@test.com",
|
||||
full_name=None,
|
||||
short_name=None,
|
||||
)
|
||||
|
||||
client = APIClient()
|
||||
client.force_login(user)
|
||||
|
||||
factories.UserFactory.create_batch(2)
|
||||
response = client.get(
|
||||
"/api/v1.0/users/me/",
|
||||
)
|
||||
|
||||
assert response.status_code == 200
|
||||
assert response.json() == {
|
||||
"id": str(user.id),
|
||||
"email": "test_foo@test.com",
|
||||
"full_name": "test_foo",
|
||||
"language": user.language,
|
||||
"short_name": "test_foo",
|
||||
}
|
||||
|
||||
|
||||
def test_api_users_retrieve_anonymous():
|
||||
"""Anonymous users should not be allowed to retrieve a user."""
|
||||
client = APIClient()
|
||||
|
||||
@@ -0,0 +1,283 @@
|
||||
"""Test the comment model."""
|
||||
|
||||
import random
|
||||
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
|
||||
import pytest
|
||||
|
||||
from core import factories
|
||||
from core.models import LinkReachChoices, LinkRoleChoices, RoleChoices
|
||||
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"role,can_comment",
|
||||
[
|
||||
(LinkRoleChoices.READER, False),
|
||||
(LinkRoleChoices.COMMENTER, True),
|
||||
(LinkRoleChoices.EDITOR, True),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_anonymous_user_public_document(role, can_comment):
|
||||
"""Anonymous users cannot comment on a document."""
|
||||
document = factories.DocumentFactory(
|
||||
link_role=role, link_reach=LinkReachChoices.PUBLIC
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document)
|
||||
user = AnonymousUser()
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": False,
|
||||
"retrieve": can_comment,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_reach", [LinkReachChoices.RESTRICTED, LinkReachChoices.AUTHENTICATED]
|
||||
)
|
||||
def test_comment_get_abilities_anonymous_user_restricted_document(link_reach):
|
||||
"""Anonymous users cannot comment on a restricted document."""
|
||||
document = factories.DocumentFactory(link_reach=link_reach)
|
||||
comment = factories.CommentFactory(thread__document=document)
|
||||
user = AnonymousUser()
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": False,
|
||||
"retrieve": False,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach,can_comment",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC, True),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC, True),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED, True),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED, True),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_reader(link_role, link_reach, can_comment):
|
||||
"""Readers cannot comment on a document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role, link_reach=link_reach, users=[(user, RoleChoices.READER)]
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": can_comment,
|
||||
"retrieve": can_comment,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach,can_comment",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC, True),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC, True),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED, False),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED, False),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED, True),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED, True),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_reader_own_comment(
|
||||
link_role, link_reach, can_comment
|
||||
):
|
||||
"""User with reader role on a document has all accesses to its own comment."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role, link_reach=link_reach, users=[(user, RoleChoices.READER)]
|
||||
)
|
||||
comment = factories.CommentFactory(
|
||||
thread__document=document, user=user if can_comment else None
|
||||
)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": can_comment,
|
||||
"update": can_comment,
|
||||
"partial_update": can_comment,
|
||||
"reactions": can_comment,
|
||||
"retrieve": can_comment,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_commenter(link_role, link_reach):
|
||||
"""Commenters can comment on a document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role,
|
||||
link_reach=link_reach,
|
||||
users=[(user, RoleChoices.COMMENTER)],
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_commenter_own_comment(link_role, link_reach):
|
||||
"""Commenters have all accesses to its own comment."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role,
|
||||
link_reach=link_reach,
|
||||
users=[(user, RoleChoices.COMMENTER)],
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document, user=user)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_editor(link_role, link_reach):
|
||||
"""Editors can comment on a document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role, link_reach=link_reach, users=[(user, RoleChoices.EDITOR)]
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": False,
|
||||
"update": False,
|
||||
"partial_update": False,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"link_role,link_reach",
|
||||
[
|
||||
(LinkRoleChoices.READER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.PUBLIC),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.RESTRICTED),
|
||||
(LinkRoleChoices.READER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.COMMENTER, LinkReachChoices.AUTHENTICATED),
|
||||
(LinkRoleChoices.EDITOR, LinkReachChoices.AUTHENTICATED),
|
||||
],
|
||||
)
|
||||
def test_comment_get_abilities_user_editor_own_comment(link_role, link_reach):
|
||||
"""Editors have all accesses to its own comment."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(
|
||||
link_role=link_role, link_reach=link_reach, users=[(user, RoleChoices.EDITOR)]
|
||||
)
|
||||
comment = factories.CommentFactory(thread__document=document, user=user)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
|
||||
|
||||
def test_comment_get_abilities_user_admin():
|
||||
"""Admins have all accesses to a comment."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, RoleChoices.ADMIN)])
|
||||
comment = factories.CommentFactory(
|
||||
thread__document=document, user=random.choice([user, None])
|
||||
)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
|
||||
|
||||
def test_comment_get_abilities_user_owner():
|
||||
"""Owners have all accesses to a comment."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, RoleChoices.OWNER)])
|
||||
comment = factories.CommentFactory(
|
||||
thread__document=document, user=random.choice([user, None])
|
||||
)
|
||||
|
||||
assert comment.get_abilities(user) == {
|
||||
"destroy": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"reactions": True,
|
||||
"retrieve": True,
|
||||
}
|
||||
@@ -123,7 +123,7 @@ def test_models_document_access_get_abilities_for_owner_of_self_allowed():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -166,7 +166,7 @@ def test_models_document_access_get_abilities_for_owner_of_self_last_on_child(
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -183,7 +183,7 @@ def test_models_document_access_get_abilities_for_owner_of_owner():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -200,7 +200,7 @@ def test_models_document_access_get_abilities_for_owner_of_administrator():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -217,7 +217,7 @@ def test_models_document_access_get_abilities_for_owner_of_editor():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -234,7 +234,7 @@ def test_models_document_access_get_abilities_for_owner_of_reader():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator", "owner"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator", "owner"],
|
||||
}
|
||||
|
||||
|
||||
@@ -271,7 +271,7 @@ def test_models_document_access_get_abilities_for_administrator_of_administrator
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator"],
|
||||
}
|
||||
|
||||
|
||||
@@ -288,7 +288,7 @@ def test_models_document_access_get_abilities_for_administrator_of_editor():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator"],
|
||||
}
|
||||
|
||||
|
||||
@@ -305,7 +305,7 @@ def test_models_document_access_get_abilities_for_administrator_of_reader():
|
||||
"retrieve": True,
|
||||
"update": True,
|
||||
"partial_update": True,
|
||||
"set_role_to": ["reader", "editor", "administrator"],
|
||||
"set_role_to": ["reader", "commenter", "editor", "administrator"],
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -134,10 +134,13 @@ def test_models_documents_soft_delete(depth):
|
||||
[
|
||||
(True, "restricted", "reader"),
|
||||
(True, "restricted", "editor"),
|
||||
(True, "restricted", "commenter"),
|
||||
(False, "restricted", "reader"),
|
||||
(False, "restricted", "editor"),
|
||||
(False, "restricted", "commenter"),
|
||||
(False, "authenticated", "reader"),
|
||||
(False, "authenticated", "editor"),
|
||||
(False, "authenticated", "commenter"),
|
||||
],
|
||||
)
|
||||
def test_models_documents_get_abilities_forbidden(
|
||||
@@ -165,6 +168,7 @@ def test_models_documents_get_abilities_forbidden(
|
||||
"destroy": False,
|
||||
"duplicate": False,
|
||||
"favorite": False,
|
||||
"comment": False,
|
||||
"invite_owner": False,
|
||||
"mask": False,
|
||||
"media_auth": False,
|
||||
@@ -172,8 +176,8 @@ def test_models_documents_get_abilities_forbidden(
|
||||
"move": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"partial_update": False,
|
||||
@@ -223,6 +227,7 @@ def test_models_documents_get_abilities_reader(
|
||||
"children_create": False,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": False,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -232,8 +237,78 @@ def test_models_documents_get_abilities_reader(
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": is_authenticated,
|
||||
"media_auth": True,
|
||||
"media_check": True,
|
||||
"move": False,
|
||||
"partial_update": False,
|
||||
"restore": False,
|
||||
"retrieve": True,
|
||||
"tree": True,
|
||||
"update": False,
|
||||
"versions_destroy": False,
|
||||
"versions_list": False,
|
||||
"versions_retrieve": False,
|
||||
}
|
||||
nb_queries = 1 if is_authenticated else 0
|
||||
with django_assert_num_queries(nb_queries):
|
||||
assert document.get_abilities(user) == expected_abilities
|
||||
|
||||
document.soft_delete()
|
||||
document.refresh_from_db()
|
||||
assert all(
|
||||
value is False
|
||||
for key, value in document.get_abilities(user).items()
|
||||
if key not in ["link_select_options", "ancestors_links_definition"]
|
||||
)
|
||||
|
||||
|
||||
@override_settings(
|
||||
AI_ALLOW_REACH_FROM=random.choice(["public", "authenticated", "restricted"])
|
||||
)
|
||||
@pytest.mark.parametrize(
|
||||
"is_authenticated,reach",
|
||||
[
|
||||
(True, "public"),
|
||||
(False, "public"),
|
||||
(True, "authenticated"),
|
||||
],
|
||||
)
|
||||
def test_models_documents_get_abilities_commenter(
|
||||
is_authenticated, reach, django_assert_num_queries
|
||||
):
|
||||
"""
|
||||
Check abilities returned for a document giving commenter role to link holders
|
||||
i.e anonymous users or authenticated users who have no specific role on the document.
|
||||
"""
|
||||
document = factories.DocumentFactory(link_reach=reach, link_role="commenter")
|
||||
user = factories.UserFactory() if is_authenticated else AnonymousUser()
|
||||
expected_abilities = {
|
||||
"accesses_manage": False,
|
||||
"accesses_view": False,
|
||||
"ai_transform": False,
|
||||
"ai_translate": False,
|
||||
"attachment_upload": False,
|
||||
"can_edit": False,
|
||||
"children_create": False,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"content": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"destroy": False,
|
||||
"duplicate": is_authenticated,
|
||||
"favorite": is_authenticated,
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": is_authenticated,
|
||||
@@ -289,6 +364,7 @@ def test_models_documents_get_abilities_editor(
|
||||
"children_create": is_authenticated,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -298,8 +374,8 @@ def test_models_documents_get_abilities_editor(
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": is_authenticated,
|
||||
@@ -344,6 +420,7 @@ def test_models_documents_get_abilities_owner(django_assert_num_queries):
|
||||
"children_create": True,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -353,8 +430,8 @@ def test_models_documents_get_abilities_owner(django_assert_num_queries):
|
||||
"invite_owner": True,
|
||||
"link_configuration": True,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -385,6 +462,7 @@ def test_models_documents_get_abilities_owner(django_assert_num_queries):
|
||||
"children_create": False,
|
||||
"children_list": False,
|
||||
"collaboration_auth": False,
|
||||
"comment": False,
|
||||
"descendants": False,
|
||||
"cors_proxy": False,
|
||||
"content": False,
|
||||
@@ -394,8 +472,8 @@ def test_models_documents_get_abilities_owner(django_assert_num_queries):
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": False,
|
||||
@@ -430,6 +508,7 @@ def test_models_documents_get_abilities_administrator(django_assert_num_queries)
|
||||
"children_create": True,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -439,8 +518,8 @@ def test_models_documents_get_abilities_administrator(django_assert_num_queries)
|
||||
"invite_owner": False,
|
||||
"link_configuration": True,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -485,6 +564,7 @@ def test_models_documents_get_abilities_editor_user(django_assert_num_queries):
|
||||
"children_create": True,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -494,8 +574,8 @@ def test_models_documents_get_abilities_editor_user(django_assert_num_queries):
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -547,6 +627,8 @@ def test_models_documents_get_abilities_reader_user(
|
||||
"children_create": access_from_link,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": document.link_reach != "restricted"
|
||||
and document.link_role in ["commenter", "editor"],
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -556,8 +638,73 @@ def test_models_documents_get_abilities_reader_user(
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
"media_auth": True,
|
||||
"media_check": True,
|
||||
"move": False,
|
||||
"partial_update": access_from_link,
|
||||
"restore": False,
|
||||
"retrieve": True,
|
||||
"tree": True,
|
||||
"update": access_from_link,
|
||||
"versions_destroy": False,
|
||||
"versions_list": True,
|
||||
"versions_retrieve": True,
|
||||
}
|
||||
|
||||
with override_settings(AI_ALLOW_REACH_FROM=ai_access_setting):
|
||||
with django_assert_num_queries(1):
|
||||
assert document.get_abilities(user) == expected_abilities
|
||||
|
||||
document.soft_delete()
|
||||
document.refresh_from_db()
|
||||
assert all(
|
||||
value is False
|
||||
for key, value in document.get_abilities(user).items()
|
||||
if key not in ["link_select_options", "ancestors_links_definition"]
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.parametrize("ai_access_setting", ["public", "authenticated", "restricted"])
|
||||
def test_models_documents_get_abilities_commenter_user(
|
||||
ai_access_setting, django_assert_num_queries
|
||||
):
|
||||
"""Check abilities returned for the commenter of a document."""
|
||||
user = factories.UserFactory()
|
||||
document = factories.DocumentFactory(users=[(user, "commenter")])
|
||||
|
||||
access_from_link = (
|
||||
document.link_reach != "restricted" and document.link_role == "editor"
|
||||
)
|
||||
|
||||
expected_abilities = {
|
||||
"accesses_manage": False,
|
||||
"accesses_view": True,
|
||||
# If you get your editor rights from the link role and not your access role
|
||||
# You should not access AI if it's restricted to users with specific access
|
||||
"ai_transform": access_from_link and ai_access_setting != "restricted",
|
||||
"ai_translate": access_from_link and ai_access_setting != "restricted",
|
||||
"attachment_upload": access_from_link,
|
||||
"can_edit": access_from_link,
|
||||
"children_create": access_from_link,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": True,
|
||||
"content": True,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"destroy": False,
|
||||
"duplicate": True,
|
||||
"favorite": True,
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -607,6 +754,7 @@ def test_models_documents_get_abilities_preset_role(django_assert_num_queries):
|
||||
"children_create": False,
|
||||
"children_list": True,
|
||||
"collaboration_auth": True,
|
||||
"comment": False,
|
||||
"descendants": True,
|
||||
"cors_proxy": True,
|
||||
"content": True,
|
||||
@@ -616,8 +764,8 @@ def test_models_documents_get_abilities_preset_role(django_assert_num_queries):
|
||||
"invite_owner": False,
|
||||
"link_configuration": False,
|
||||
"link_select_options": {
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
"mask": True,
|
||||
@@ -1320,7 +1468,14 @@ def test_models_documents_restore_complex_bis(django_assert_num_queries):
|
||||
"public",
|
||||
"reader",
|
||||
{
|
||||
"public": ["reader", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
"public",
|
||||
"commenter",
|
||||
{
|
||||
"public": ["commenter", "editor"],
|
||||
},
|
||||
),
|
||||
("public", "editor", {"public": ["editor"]}),
|
||||
@@ -1328,8 +1483,16 @@ def test_models_documents_restore_complex_bis(django_assert_num_queries):
|
||||
"authenticated",
|
||||
"reader",
|
||||
{
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
"authenticated",
|
||||
"commenter",
|
||||
{
|
||||
"authenticated": ["commenter", "editor"],
|
||||
"public": ["commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
@@ -1342,8 +1505,17 @@ def test_models_documents_restore_complex_bis(django_assert_num_queries):
|
||||
"reader",
|
||||
{
|
||||
"restricted": None,
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
"restricted",
|
||||
"commenter",
|
||||
{
|
||||
"restricted": None,
|
||||
"authenticated": ["commenter", "editor"],
|
||||
"public": ["commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
@@ -1360,15 +1532,15 @@ def test_models_documents_restore_complex_bis(django_assert_num_queries):
|
||||
"public",
|
||||
None,
|
||||
{
|
||||
"public": ["reader", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
},
|
||||
),
|
||||
(
|
||||
None,
|
||||
"reader",
|
||||
{
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
),
|
||||
@@ -1376,8 +1548,8 @@ def test_models_documents_restore_complex_bis(django_assert_num_queries):
|
||||
None,
|
||||
None,
|
||||
{
|
||||
"public": ["reader", "editor"],
|
||||
"authenticated": ["reader", "editor"],
|
||||
"public": ["reader", "commenter", "editor"],
|
||||
"authenticated": ["reader", "commenter", "editor"],
|
||||
"restricted": None,
|
||||
},
|
||||
),
|
||||
|
||||
@@ -0,0 +1,441 @@
|
||||
"""
|
||||
Unit tests for the Document model
|
||||
"""
|
||||
# pylint: disable=too-many-lines
|
||||
|
||||
from operator import itemgetter
|
||||
from unittest import mock
|
||||
|
||||
from django.core.cache import cache
|
||||
from django.db import transaction
|
||||
|
||||
import pytest
|
||||
|
||||
from core import factories, models
|
||||
from core.services.search_indexers import SearchIndexer
|
||||
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
|
||||
def reset_batch_indexer_throttle():
|
||||
"""Reset throttle flag"""
|
||||
cache.delete("document-batch-indexer-throttle")
|
||||
|
||||
|
||||
@pytest.fixture(autouse=True)
|
||||
def reset_throttle():
|
||||
"""Reset throttle flag before each test"""
|
||||
reset_batch_indexer_throttle()
|
||||
yield
|
||||
reset_batch_indexer_throttle()
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer(mock_push):
|
||||
"""Test indexation task on document creation"""
|
||||
with transaction.atomic():
|
||||
doc1, doc2, doc3 = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
accesses = {}
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
indexer = SearchIndexer()
|
||||
|
||||
assert len(data) == 1
|
||||
|
||||
# One call
|
||||
assert sorted(data[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc1, accesses),
|
||||
indexer.serialize_document(doc2, accesses),
|
||||
indexer.serialize_document(doc3, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
# The throttle counters should be reset
|
||||
assert cache.get("document-batch-indexer-throttle") == 1
|
||||
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_no_batches(indexer_settings):
|
||||
"""Test indexation task on doculment creation, no throttle"""
|
||||
indexer_settings.SEARCH_INDEXER_COUNTDOWN = 0
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
with transaction.atomic():
|
||||
doc1, doc2, doc3 = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
accesses = {}
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
indexer = SearchIndexer()
|
||||
|
||||
# 3 calls
|
||||
assert len(data) == 3
|
||||
# one document per call
|
||||
assert [len(d) for d in data] == [1] * 3
|
||||
# all documents are indexed
|
||||
assert sorted([d[0] for d in data], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc1, accesses),
|
||||
indexer.serialize_document(doc2, accesses),
|
||||
indexer.serialize_document(doc3, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
# The throttle counters should be reset
|
||||
assert cache.get("file-batch-indexer-throttle") is None
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_not_configured(mock_push, indexer_settings):
|
||||
"""Task should not start an indexation when disabled"""
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = None
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory()
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
|
||||
assert mock_push.assert_not_called
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_wrongly_configured(
|
||||
mock_push, indexer_settings
|
||||
):
|
||||
"""Task should not start an indexation when disabled"""
|
||||
indexer_settings.SEARCH_INDEXER_URL = None
|
||||
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory()
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
|
||||
assert mock_push.assert_not_called
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_with_accesses(mock_push):
|
||||
"""Test indexation task on document creation"""
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc1, doc2, doc3 = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
factories.UserDocumentAccessFactory(document=doc1, user=user)
|
||||
factories.UserDocumentAccessFactory(document=doc2, user=user)
|
||||
factories.UserDocumentAccessFactory(document=doc3, user=user)
|
||||
|
||||
accesses = {
|
||||
str(doc1.path): {"users": [user.sub]},
|
||||
str(doc2.path): {"users": [user.sub]},
|
||||
str(doc3.path): {"users": [user.sub]},
|
||||
}
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
indexer = SearchIndexer()
|
||||
|
||||
assert len(data) == 1
|
||||
assert sorted(data[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc1, accesses),
|
||||
indexer.serialize_document(doc2, accesses),
|
||||
indexer.serialize_document(doc3, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_deleted(mock_push):
|
||||
"""Indexation task on deleted or ancestor_deleted documents"""
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory(
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
)
|
||||
main_doc = factories.DocumentFactory(
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
)
|
||||
child_doc = factories.DocumentFactory(
|
||||
parent=main_doc,
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED,
|
||||
)
|
||||
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
factories.UserDocumentAccessFactory(document=main_doc, user=user)
|
||||
factories.UserDocumentAccessFactory(document=child_doc, user=user)
|
||||
|
||||
# Manually reset the throttle flag here or the next indexation will be ignored for 1 second
|
||||
reset_batch_indexer_throttle()
|
||||
|
||||
with transaction.atomic():
|
||||
main_doc_deleted = models.Document.objects.get(pk=main_doc.pk)
|
||||
main_doc_deleted.soft_delete()
|
||||
|
||||
child_doc_deleted = models.Document.objects.get(pk=child_doc.pk)
|
||||
|
||||
main_doc_deleted.refresh_from_db()
|
||||
child_doc_deleted.refresh_from_db()
|
||||
|
||||
assert main_doc_deleted.deleted_at is not None
|
||||
assert child_doc_deleted.ancestors_deleted_at is not None
|
||||
|
||||
assert child_doc_deleted.deleted_at is None
|
||||
assert child_doc_deleted.ancestors_deleted_at is not None
|
||||
|
||||
accesses = {
|
||||
str(doc.path): {"users": [user.sub]},
|
||||
str(main_doc_deleted.path): {"users": [user.sub]},
|
||||
str(child_doc_deleted.path): {"users": [user.sub]},
|
||||
}
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
indexer = SearchIndexer()
|
||||
|
||||
assert len(data) == 2
|
||||
|
||||
# First indexation on document creation
|
||||
assert sorted(data[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc, accesses),
|
||||
indexer.serialize_document(main_doc, accesses),
|
||||
indexer.serialize_document(child_doc, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
# Even deleted items are re-indexed : only update their status in the future
|
||||
assert sorted(data[1], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(main_doc_deleted, accesses), # soft_delete()
|
||||
indexer.serialize_document(child_doc_deleted, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_models_documents_indexer_hard_deleted():
|
||||
"""Indexation task on hard deleted document"""
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory(
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
)
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
|
||||
# Call task on deleted document.
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
doc.delete()
|
||||
|
||||
# Hard delete document are not re-indexed.
|
||||
assert mock_push.assert_not_called
|
||||
|
||||
|
||||
@mock.patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_documents_post_save_indexer_restored(mock_push):
|
||||
"""Restart indexation task on restored documents"""
|
||||
user = factories.UserFactory()
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory(
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
)
|
||||
doc_deleted = factories.DocumentFactory(
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
)
|
||||
doc_ancestor_deleted = factories.DocumentFactory(
|
||||
parent=doc_deleted,
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED,
|
||||
)
|
||||
|
||||
factories.UserDocumentAccessFactory(document=doc, user=user)
|
||||
factories.UserDocumentAccessFactory(document=doc_deleted, user=user)
|
||||
factories.UserDocumentAccessFactory(document=doc_ancestor_deleted, user=user)
|
||||
|
||||
doc_deleted.soft_delete()
|
||||
|
||||
doc_deleted.refresh_from_db()
|
||||
doc_ancestor_deleted.refresh_from_db()
|
||||
|
||||
assert doc_deleted.deleted_at is not None
|
||||
assert doc_deleted.ancestors_deleted_at is not None
|
||||
|
||||
assert doc_ancestor_deleted.deleted_at is None
|
||||
assert doc_ancestor_deleted.ancestors_deleted_at is not None
|
||||
|
||||
# Manually reset the throttle flag here or the next indexation will be ignored for 1 second
|
||||
reset_batch_indexer_throttle()
|
||||
|
||||
with transaction.atomic():
|
||||
doc_restored = models.Document.objects.get(pk=doc_deleted.pk)
|
||||
doc_restored.restore()
|
||||
|
||||
doc_ancestor_restored = models.Document.objects.get(pk=doc_ancestor_deleted.pk)
|
||||
|
||||
assert doc_restored.deleted_at is None
|
||||
assert doc_restored.ancestors_deleted_at is None
|
||||
|
||||
assert doc_ancestor_restored.deleted_at is None
|
||||
assert doc_ancestor_restored.ancestors_deleted_at is None
|
||||
|
||||
accesses = {
|
||||
str(doc.path): {"users": [user.sub]},
|
||||
str(doc_deleted.path): {"users": [user.sub]},
|
||||
str(doc_ancestor_deleted.path): {"users": [user.sub]},
|
||||
}
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
indexer = SearchIndexer()
|
||||
|
||||
# All docs are re-indexed
|
||||
assert len(data) == 2
|
||||
|
||||
# First indexation on items creation & soft delete (in the same transaction)
|
||||
assert sorted(data[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc, accesses),
|
||||
indexer.serialize_document(doc_deleted, accesses),
|
||||
indexer.serialize_document(doc_ancestor_deleted, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
# Restored items are re-indexed : only update their status in the future
|
||||
assert sorted(data[1], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(doc_restored, accesses), # restore()
|
||||
indexer.serialize_document(doc_ancestor_restored, accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_models_documents_post_save_indexer_throttle():
|
||||
"""Test indexation task skipping on document update"""
|
||||
indexer = SearchIndexer()
|
||||
user = factories.UserFactory()
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push"):
|
||||
with transaction.atomic():
|
||||
docs = factories.DocumentFactory.create_batch(5, users=(user,))
|
||||
|
||||
accesses = {str(item.path): {"users": [user.sub]} for item in docs}
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
# Simulate 1 running task
|
||||
cache.set("document-batch-indexer-throttle", 1)
|
||||
|
||||
# save doc to trigger the indexer, but nothing should be done since
|
||||
# the flag is up
|
||||
with transaction.atomic():
|
||||
docs[0].save()
|
||||
docs[2].save()
|
||||
docs[3].save()
|
||||
|
||||
assert [call.args[0] for call in mock_push.call_args_list] == []
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
# No waiting task
|
||||
cache.delete("document-batch-indexer-throttle")
|
||||
|
||||
with transaction.atomic():
|
||||
docs[0].save()
|
||||
docs[2].save()
|
||||
docs[3].save()
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
# One call
|
||||
assert len(data) == 1
|
||||
|
||||
assert sorted(data[0], key=itemgetter("id")) == sorted(
|
||||
[
|
||||
indexer.serialize_document(docs[0], accesses),
|
||||
indexer.serialize_document(docs[2], accesses),
|
||||
indexer.serialize_document(docs[3], accesses),
|
||||
],
|
||||
key=itemgetter("id"),
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_models_documents_access_post_save_indexer():
|
||||
"""Test indexation task on DocumentAccess update"""
|
||||
users = factories.UserFactory.create_batch(3)
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push"):
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory(users=users)
|
||||
doc_accesses = models.DocumentAccess.objects.filter(document=doc).order_by(
|
||||
"user__sub"
|
||||
)
|
||||
|
||||
reset_batch_indexer_throttle()
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
with transaction.atomic():
|
||||
for doc_access in doc_accesses:
|
||||
doc_access.save()
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
# One call
|
||||
assert len(data) == 1
|
||||
|
||||
assert [d["id"] for d in data[0]] == [str(doc.pk)]
|
||||
|
||||
|
||||
@pytest.mark.django_db(transaction=True)
|
||||
def test_models_items_access_post_save_indexer_no_throttle(indexer_settings):
|
||||
"""Test indexation task on ItemAccess update, no throttle"""
|
||||
indexer_settings.SEARCH_INDEXER_COUNTDOWN = 0
|
||||
|
||||
users = factories.UserFactory.create_batch(3)
|
||||
|
||||
with transaction.atomic():
|
||||
doc = factories.DocumentFactory(users=users)
|
||||
doc_accesses = models.DocumentAccess.objects.filter(document=doc).order_by(
|
||||
"user__sub"
|
||||
)
|
||||
|
||||
reset_batch_indexer_throttle()
|
||||
|
||||
with mock.patch.object(SearchIndexer, "push") as mock_push:
|
||||
with transaction.atomic():
|
||||
for doc_access in doc_accesses:
|
||||
doc_access.save()
|
||||
|
||||
data = [call.args[0] for call in mock_push.call_args_list]
|
||||
|
||||
# 3 calls
|
||||
assert len(data) == 3
|
||||
# one document per call
|
||||
assert [len(d) for d in data] == [1] * 3
|
||||
# the same document is indexed 3 times
|
||||
assert [d[0]["id"] for d in data] == [str(doc.pk)] * 3
|
||||
@@ -0,0 +1,635 @@
|
||||
"""Tests for Documents search indexers"""
|
||||
|
||||
from functools import partial
|
||||
from json import dumps as json_dumps
|
||||
from unittest.mock import patch
|
||||
|
||||
from django.contrib.auth.models import AnonymousUser
|
||||
from django.core.exceptions import ImproperlyConfigured
|
||||
from django.utils.module_loading import import_string
|
||||
|
||||
import pytest
|
||||
import responses
|
||||
from requests import HTTPError
|
||||
|
||||
from core import factories, models, utils
|
||||
from core.services.search_indexers import (
|
||||
BaseDocumentIndexer,
|
||||
SearchIndexer,
|
||||
get_document_indexer,
|
||||
get_visited_document_ids_of,
|
||||
)
|
||||
|
||||
pytestmark = pytest.mark.django_db
|
||||
|
||||
|
||||
class FakeDocumentIndexer(BaseDocumentIndexer):
|
||||
"""Fake indexer for test purpose"""
|
||||
|
||||
def serialize_document(self, document, accesses):
|
||||
return {}
|
||||
|
||||
def push(self, data):
|
||||
pass
|
||||
|
||||
def search_query(self, data, token):
|
||||
return {}
|
||||
|
||||
|
||||
def test_services_search_indexer_class_invalid(indexer_settings):
|
||||
"""
|
||||
Should raise RuntimeError if SEARCH_INDEXER_CLASS cannot be imported.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = "unknown.Unknown"
|
||||
|
||||
assert get_document_indexer() is None
|
||||
|
||||
|
||||
def test_services_search_indexer_class(indexer_settings):
|
||||
"""
|
||||
Import indexer class defined in setting SEARCH_INDEXER_CLASS.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = (
|
||||
"core.tests.test_services_search_indexers.FakeDocumentIndexer"
|
||||
)
|
||||
|
||||
assert isinstance(
|
||||
get_document_indexer(),
|
||||
import_string("core.tests.test_services_search_indexers.FakeDocumentIndexer"),
|
||||
)
|
||||
|
||||
|
||||
def test_services_search_indexer_is_configured(indexer_settings):
|
||||
"""
|
||||
Should return true only when the indexer class and other configuration settings
|
||||
are valid.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = None
|
||||
|
||||
# None
|
||||
get_document_indexer.cache_clear()
|
||||
assert not get_document_indexer()
|
||||
|
||||
# Empty
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = ""
|
||||
|
||||
get_document_indexer.cache_clear()
|
||||
assert not get_document_indexer()
|
||||
|
||||
# Valid class
|
||||
indexer_settings.SEARCH_INDEXER_CLASS = (
|
||||
"core.services.search_indexers.SearchIndexer"
|
||||
)
|
||||
|
||||
get_document_indexer.cache_clear()
|
||||
assert get_document_indexer() is not None
|
||||
|
||||
indexer_settings.SEARCH_INDEXER_URL = ""
|
||||
|
||||
# Invalid url
|
||||
get_document_indexer.cache_clear()
|
||||
assert not get_document_indexer()
|
||||
|
||||
|
||||
def test_services_search_indexer_url_is_none(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_URL is None or empty.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_URL = None
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_URL must be set in Django settings." in str(exc_info.value)
|
||||
|
||||
|
||||
def test_services_search_indexer_url_is_empty(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_URL is empty string.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_URL = ""
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_URL must be set in Django settings." in str(exc_info.value)
|
||||
|
||||
|
||||
def test_services_search_indexer_secret_is_none(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_SECRET is None.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_SECRET = None
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_SECRET must be set in Django settings." in str(
|
||||
exc_info.value
|
||||
)
|
||||
|
||||
|
||||
def test_services_search_indexer_secret_is_empty(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_SECRET is empty string.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_SECRET = ""
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_SECRET must be set in Django settings." in str(
|
||||
exc_info.value
|
||||
)
|
||||
|
||||
|
||||
def test_services_search_endpoint_is_none(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_QUERY_URL is None.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = None
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_QUERY_URL must be set in Django settings." in str(
|
||||
exc_info.value
|
||||
)
|
||||
|
||||
|
||||
def test_services_search_endpoint_is_empty(indexer_settings):
|
||||
"""
|
||||
Indexer should raise RuntimeError if SEARCH_INDEXER_QUERY_URL is empty.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = ""
|
||||
|
||||
with pytest.raises(ImproperlyConfigured) as exc_info:
|
||||
SearchIndexer()
|
||||
|
||||
assert "SEARCH_INDEXER_QUERY_URL must be set in Django settings." in str(
|
||||
exc_info.value
|
||||
)
|
||||
|
||||
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_serialize_document_returns_expected_json():
|
||||
"""
|
||||
It should serialize documents with correct metadata and access control.
|
||||
"""
|
||||
user_a, user_b = factories.UserFactory.create_batch(2)
|
||||
document = factories.DocumentFactory()
|
||||
factories.DocumentFactory(parent=document)
|
||||
|
||||
factories.UserDocumentAccessFactory(document=document, user=user_a)
|
||||
factories.UserDocumentAccessFactory(document=document, user=user_b)
|
||||
factories.TeamDocumentAccessFactory(document=document, team="team1")
|
||||
factories.TeamDocumentAccessFactory(document=document, team="team2")
|
||||
|
||||
accesses = {
|
||||
document.path: {
|
||||
"users": {str(user_a.sub), str(user_b.sub)},
|
||||
"teams": {"team1", "team2"},
|
||||
}
|
||||
}
|
||||
|
||||
indexer = SearchIndexer()
|
||||
result = indexer.serialize_document(document, accesses)
|
||||
|
||||
assert set(result.pop("users")) == {str(user_a.sub), str(user_b.sub)}
|
||||
assert set(result.pop("groups")) == {"team1", "team2"}
|
||||
assert result == {
|
||||
"id": str(document.id),
|
||||
"title": document.title,
|
||||
"depth": 1,
|
||||
"path": document.path,
|
||||
"numchild": 1,
|
||||
"content": utils.base64_yjs_to_text(document.content),
|
||||
"created_at": document.created_at.isoformat(),
|
||||
"updated_at": document.updated_at.isoformat(),
|
||||
"reach": document.link_reach,
|
||||
"size": 13,
|
||||
"is_active": True,
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_serialize_document_deleted():
|
||||
"""Deleted documents are marked as just in the serialized json."""
|
||||
parent = factories.DocumentFactory()
|
||||
document = factories.DocumentFactory(parent=parent)
|
||||
|
||||
parent.soft_delete()
|
||||
document.refresh_from_db()
|
||||
|
||||
indexer = SearchIndexer()
|
||||
result = indexer.serialize_document(document, {})
|
||||
|
||||
assert result["is_active"] is False
|
||||
|
||||
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_serialize_document_empty():
|
||||
"""Empty documents returns empty content in the serialized json."""
|
||||
document = factories.DocumentFactory(content="", title=None)
|
||||
|
||||
indexer = SearchIndexer()
|
||||
result = indexer.serialize_document(document, {})
|
||||
|
||||
assert result["content"] == ""
|
||||
assert result["title"] == ""
|
||||
|
||||
|
||||
@responses.activate
|
||||
def test_services_search_indexers_index_errors(indexer_settings):
|
||||
"""
|
||||
Documents indexing response handling on Find API HTTP errors.
|
||||
"""
|
||||
factories.DocumentFactory()
|
||||
|
||||
indexer_settings.SEARCH_INDEXER_URL = "http://app-find/api/v1.0/documents/index/"
|
||||
|
||||
responses.add(
|
||||
responses.POST,
|
||||
"http://app-find/api/v1.0/documents/index/",
|
||||
status=401,
|
||||
body=json_dumps({"message": "Authentication failed."}),
|
||||
)
|
||||
|
||||
with pytest.raises(HTTPError):
|
||||
SearchIndexer().index()
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
def test_services_search_indexers_batches_pass_only_batch_accesses(
|
||||
mock_push, indexer_settings
|
||||
):
|
||||
"""
|
||||
Documents indexing should be processed in batches,
|
||||
and only the access data relevant to each batch should be used.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_BATCH_SIZE = 2
|
||||
documents = factories.DocumentFactory.create_batch(5)
|
||||
|
||||
# Attach a single user access to each document
|
||||
expected_user_subs = {}
|
||||
for document in documents:
|
||||
access = factories.UserDocumentAccessFactory(document=document)
|
||||
expected_user_subs[str(document.id)] = str(access.user.sub)
|
||||
|
||||
assert SearchIndexer().index() == 5
|
||||
|
||||
# Should be 3 batches: 2 + 2 + 1
|
||||
assert mock_push.call_count == 3
|
||||
|
||||
seen_doc_ids = set()
|
||||
|
||||
for call in mock_push.call_args_list:
|
||||
batch = call.args[0]
|
||||
assert isinstance(batch, list)
|
||||
|
||||
for doc_json in batch:
|
||||
doc_id = doc_json["id"]
|
||||
seen_doc_ids.add(doc_id)
|
||||
|
||||
# Only one user expected per document
|
||||
assert doc_json["users"] == [expected_user_subs[doc_id]]
|
||||
assert doc_json["groups"] == []
|
||||
|
||||
# Make sure all 5 documents were indexed
|
||||
assert seen_doc_ids == {str(d.id) for d in documents}
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_batch_size_argument(mock_push):
|
||||
"""
|
||||
Documents indexing should be processed in batches,
|
||||
batch_size overrides SEARCH_INDEXER_BATCH_SIZE
|
||||
"""
|
||||
documents = factories.DocumentFactory.create_batch(5)
|
||||
|
||||
# Attach a single user access to each document
|
||||
expected_user_subs = {}
|
||||
for document in documents:
|
||||
access = factories.UserDocumentAccessFactory(document=document)
|
||||
expected_user_subs[str(document.id)] = str(access.user.sub)
|
||||
|
||||
assert SearchIndexer().index(batch_size=2) == 5
|
||||
|
||||
# Should be 3 batches: 2 + 2 + 1
|
||||
assert mock_push.call_count == 3
|
||||
|
||||
seen_doc_ids = set()
|
||||
|
||||
for call in mock_push.call_args_list:
|
||||
batch = call.args[0]
|
||||
assert isinstance(batch, list)
|
||||
|
||||
for doc_json in batch:
|
||||
doc_id = doc_json["id"]
|
||||
seen_doc_ids.add(doc_id)
|
||||
|
||||
# Only one user expected per document
|
||||
assert doc_json["users"] == [expected_user_subs[doc_id]]
|
||||
assert doc_json["groups"] == []
|
||||
|
||||
# Make sure all 5 documents were indexed
|
||||
assert seen_doc_ids == {str(d.id) for d in documents}
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_ignore_empty_documents(mock_push):
|
||||
"""
|
||||
Documents indexing should be processed in batches,
|
||||
and only the access data relevant to each batch should be used.
|
||||
"""
|
||||
document = factories.DocumentFactory()
|
||||
factories.DocumentFactory(content="", title="")
|
||||
empty_title = factories.DocumentFactory(title="")
|
||||
empty_content = factories.DocumentFactory(content="")
|
||||
|
||||
assert SearchIndexer().index() == 3
|
||||
|
||||
assert mock_push.call_count == 1
|
||||
|
||||
# Make sure only not eempty documents are indexed
|
||||
results = {doc["id"] for doc in mock_push.call_args[0][0]}
|
||||
assert results == {
|
||||
str(d.id)
|
||||
for d in (
|
||||
document,
|
||||
empty_content,
|
||||
empty_title,
|
||||
)
|
||||
}
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
def test_services_search_indexers_skip_empty_batches(mock_push, indexer_settings):
|
||||
"""
|
||||
Documents indexing batch can be empty if all the docs are empty.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_BATCH_SIZE = 2
|
||||
|
||||
document = factories.DocumentFactory()
|
||||
|
||||
# Only empty docs
|
||||
factories.DocumentFactory.create_batch(5, content="", title="")
|
||||
|
||||
assert SearchIndexer().index() == 1
|
||||
assert mock_push.call_count == 1
|
||||
|
||||
results = [doc["id"] for doc in mock_push.call_args[0][0]]
|
||||
assert results == [str(document.id)]
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_ancestors_link_reach(mock_push):
|
||||
"""Document accesses and reach should take into account ancestors link reaches."""
|
||||
great_grand_parent = factories.DocumentFactory(link_reach="restricted")
|
||||
grand_parent = factories.DocumentFactory(
|
||||
parent=great_grand_parent, link_reach="authenticated"
|
||||
)
|
||||
parent = factories.DocumentFactory(parent=grand_parent, link_reach="public")
|
||||
document = factories.DocumentFactory(parent=parent, link_reach="restricted")
|
||||
|
||||
assert SearchIndexer().index() == 4
|
||||
|
||||
results = {doc["id"]: doc for doc in mock_push.call_args[0][0]}
|
||||
assert len(results) == 4
|
||||
assert results[str(great_grand_parent.id)]["reach"] == "restricted"
|
||||
assert results[str(grand_parent.id)]["reach"] == "authenticated"
|
||||
assert results[str(parent.id)]["reach"] == "public"
|
||||
assert results[str(document.id)]["reach"] == "public"
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_ancestors_users(mock_push):
|
||||
"""Document accesses and reach should include users from ancestors."""
|
||||
user_gp, user_p, user_d = factories.UserFactory.create_batch(3)
|
||||
|
||||
grand_parent = factories.DocumentFactory(users=[user_gp])
|
||||
parent = factories.DocumentFactory(parent=grand_parent, users=[user_p])
|
||||
document = factories.DocumentFactory(parent=parent, users=[user_d])
|
||||
|
||||
assert SearchIndexer().index() == 3
|
||||
|
||||
results = {doc["id"]: doc for doc in mock_push.call_args[0][0]}
|
||||
assert len(results) == 3
|
||||
assert results[str(grand_parent.id)]["users"] == [str(user_gp.sub)]
|
||||
assert set(results[str(parent.id)]["users"]) == {str(user_gp.sub), str(user_p.sub)}
|
||||
assert set(results[str(document.id)]["users"]) == {
|
||||
str(user_gp.sub),
|
||||
str(user_p.sub),
|
||||
str(user_d.sub),
|
||||
}
|
||||
|
||||
|
||||
@patch.object(SearchIndexer, "push")
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_services_search_indexers_ancestors_teams(mock_push):
|
||||
"""Document accesses and reach should include teams from ancestors."""
|
||||
grand_parent = factories.DocumentFactory(teams=["team_gp"])
|
||||
parent = factories.DocumentFactory(parent=grand_parent, teams=["team_p"])
|
||||
document = factories.DocumentFactory(parent=parent, teams=["team_d"])
|
||||
|
||||
assert SearchIndexer().index() == 3
|
||||
|
||||
results = {doc["id"]: doc for doc in mock_push.call_args[0][0]}
|
||||
assert len(results) == 3
|
||||
assert results[str(grand_parent.id)]["groups"] == ["team_gp"]
|
||||
assert set(results[str(parent.id)]["groups"]) == {"team_gp", "team_p"}
|
||||
assert set(results[str(document.id)]["groups"]) == {"team_gp", "team_p", "team_d"}
|
||||
|
||||
|
||||
@patch("requests.post")
|
||||
def test_push_uses_correct_url_and_data(mock_post, indexer_settings):
|
||||
"""
|
||||
push() should call requests.post with the correct URL from settings
|
||||
the timeout set to 10 seconds and the data as JSON.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_URL = "http://example.com/index"
|
||||
|
||||
indexer = SearchIndexer()
|
||||
sample_data = [{"id": "123", "title": "Test"}]
|
||||
|
||||
mock_response = mock_post.return_value
|
||||
mock_response.raise_for_status.return_value = None # No error
|
||||
|
||||
indexer.push(sample_data)
|
||||
|
||||
mock_post.assert_called_once()
|
||||
args, kwargs = mock_post.call_args
|
||||
|
||||
assert args[0] == indexer_settings.SEARCH_INDEXER_URL
|
||||
assert kwargs.get("json") == sample_data
|
||||
assert kwargs.get("timeout") == 10
|
||||
|
||||
|
||||
def test_get_visited_document_ids_of():
|
||||
"""
|
||||
get_visited_document_ids_of() returns the ids of the documents viewed
|
||||
by the user BUT without specific access configuration (like public ones)
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
other = factories.UserFactory()
|
||||
anonymous = AnonymousUser()
|
||||
queryset = models.Document.objects.all()
|
||||
|
||||
assert not get_visited_document_ids_of(queryset, anonymous)
|
||||
assert not get_visited_document_ids_of(queryset, user)
|
||||
|
||||
doc1, doc2, _ = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
create_link = partial(models.LinkTrace.objects.create, user=user, is_masked=False)
|
||||
|
||||
create_link(document=doc1)
|
||||
create_link(document=doc2)
|
||||
|
||||
# The third document is not visited
|
||||
assert sorted(get_visited_document_ids_of(queryset, user)) == sorted(
|
||||
[str(doc1.pk), str(doc2.pk)]
|
||||
)
|
||||
|
||||
factories.UserDocumentAccessFactory(user=other, document=doc1)
|
||||
factories.UserDocumentAccessFactory(user=user, document=doc2)
|
||||
|
||||
# The second document have an access for the user
|
||||
assert get_visited_document_ids_of(queryset, user) == [str(doc1.pk)]
|
||||
|
||||
|
||||
@pytest.mark.usefixtures("indexer_settings")
|
||||
def test_get_visited_document_ids_of_deleted():
|
||||
"""
|
||||
get_visited_document_ids_of() returns the ids of the documents viewed
|
||||
by the user if they are not deleted.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
anonymous = AnonymousUser()
|
||||
queryset = models.Document.objects.all()
|
||||
|
||||
assert not get_visited_document_ids_of(queryset, anonymous)
|
||||
assert not get_visited_document_ids_of(queryset, user)
|
||||
|
||||
doc = factories.DocumentFactory()
|
||||
doc_deleted = factories.DocumentFactory()
|
||||
doc_ancestor_deleted = factories.DocumentFactory(parent=doc_deleted)
|
||||
|
||||
create_link = partial(models.LinkTrace.objects.create, user=user, is_masked=False)
|
||||
|
||||
create_link(document=doc)
|
||||
create_link(document=doc_deleted)
|
||||
create_link(document=doc_ancestor_deleted)
|
||||
|
||||
# The all documents are visited
|
||||
assert sorted(get_visited_document_ids_of(queryset, user)) == sorted(
|
||||
[str(doc.pk), str(doc_deleted.pk), str(doc_ancestor_deleted.pk)]
|
||||
)
|
||||
|
||||
doc_deleted.soft_delete()
|
||||
|
||||
# Only the first document is not deleted
|
||||
assert get_visited_document_ids_of(queryset, user) == [str(doc.pk)]
|
||||
|
||||
|
||||
@responses.activate
|
||||
def test_services_search_indexers_search_errors(indexer_settings):
|
||||
"""
|
||||
Documents indexing response handling on Find API HTTP errors.
|
||||
"""
|
||||
factories.DocumentFactory()
|
||||
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_URL = (
|
||||
"http://app-find/api/v1.0/documents/search/"
|
||||
)
|
||||
|
||||
responses.add(
|
||||
responses.POST,
|
||||
"http://app-find/api/v1.0/documents/search/",
|
||||
status=401,
|
||||
body=json_dumps({"message": "Authentication failed."}),
|
||||
)
|
||||
|
||||
with pytest.raises(HTTPError):
|
||||
SearchIndexer().search("alpha", token="mytoken")
|
||||
|
||||
|
||||
@patch("requests.post")
|
||||
def test_services_search_indexers_search(mock_post, indexer_settings):
|
||||
"""
|
||||
search() should call requests.post to SEARCH_INDEXER_QUERY_URL with the
|
||||
document ids from linktraces.
|
||||
"""
|
||||
user = factories.UserFactory()
|
||||
indexer = SearchIndexer()
|
||||
|
||||
mock_response = mock_post.return_value
|
||||
mock_response.raise_for_status.return_value = None # No error
|
||||
|
||||
doc1, doc2, _ = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
create_link = partial(models.LinkTrace.objects.create, user=user, is_masked=False)
|
||||
|
||||
create_link(document=doc1)
|
||||
create_link(document=doc2)
|
||||
|
||||
visited = get_visited_document_ids_of(models.Document.objects.all(), user)
|
||||
|
||||
indexer.search("alpha", visited=visited, token="mytoken")
|
||||
|
||||
args, kwargs = mock_post.call_args
|
||||
|
||||
assert args[0] == indexer_settings.SEARCH_INDEXER_QUERY_URL
|
||||
|
||||
query_data = kwargs.get("json")
|
||||
assert query_data["q"] == "alpha"
|
||||
assert sorted(query_data["visited"]) == sorted([str(doc1.pk), str(doc2.pk)])
|
||||
assert query_data["services"] == ["docs"]
|
||||
assert query_data["nb_results"] == 50
|
||||
assert query_data["order_by"] == "updated_at"
|
||||
assert query_data["order_direction"] == "desc"
|
||||
|
||||
assert kwargs.get("headers") == {"Authorization": "Bearer mytoken"}
|
||||
assert kwargs.get("timeout") == 10
|
||||
|
||||
|
||||
@patch("requests.post")
|
||||
def test_services_search_indexers_search_nb_results(mock_post, indexer_settings):
|
||||
"""
|
||||
Find API call should have nb_results == SEARCH_INDEXER_QUERY_LIMIT
|
||||
or the given nb_results argument.
|
||||
"""
|
||||
indexer_settings.SEARCH_INDEXER_QUERY_LIMIT = 25
|
||||
|
||||
user = factories.UserFactory()
|
||||
indexer = SearchIndexer()
|
||||
|
||||
mock_response = mock_post.return_value
|
||||
mock_response.raise_for_status.return_value = None # No error
|
||||
|
||||
doc1, doc2, _ = factories.DocumentFactory.create_batch(3)
|
||||
|
||||
create_link = partial(models.LinkTrace.objects.create, user=user, is_masked=False)
|
||||
|
||||
create_link(document=doc1)
|
||||
create_link(document=doc2)
|
||||
|
||||
visited = get_visited_document_ids_of(models.Document.objects.all(), user)
|
||||
|
||||
indexer.search("alpha", visited=visited, token="mytoken")
|
||||
|
||||
args, kwargs = mock_post.call_args
|
||||
|
||||
assert args[0] == indexer_settings.SEARCH_INDEXER_QUERY_URL
|
||||
assert kwargs.get("json")["nb_results"] == 25
|
||||
|
||||
# The argument overrides the setting value
|
||||
indexer.search("alpha", visited=visited, token="mytoken", nb_results=109)
|
||||
|
||||
args, kwargs = mock_post.call_args
|
||||
|
||||
assert args[0] == indexer_settings.SEARCH_INDEXER_QUERY_URL
|
||||
assert kwargs.get("json")["nb_results"] == 109
|
||||
@@ -75,3 +75,28 @@ def test_utils_extract_attachments():
|
||||
base64_string = base64.b64encode(update).decode("utf-8")
|
||||
# image_key2 is missing the "/media/" part and shouldn't get extracted
|
||||
assert utils.extract_attachments(base64_string) == [image_key1, image_key3]
|
||||
|
||||
|
||||
def test_utils_get_ancestor_to_descendants_map_single_path():
|
||||
"""Test ancestor mapping of a single path."""
|
||||
paths = ["000100020005"]
|
||||
result = utils.get_ancestor_to_descendants_map(paths, steplen=4)
|
||||
|
||||
assert result == {
|
||||
"0001": {"000100020005"},
|
||||
"00010002": {"000100020005"},
|
||||
"000100020005": {"000100020005"},
|
||||
}
|
||||
|
||||
|
||||
def test_utils_get_ancestor_to_descendants_map_multiple_paths():
|
||||
"""Test ancestor mapping of multiple paths with shared prefixes."""
|
||||
paths = ["000100020005", "00010003"]
|
||||
result = utils.get_ancestor_to_descendants_map(paths, steplen=4)
|
||||
|
||||
assert result == {
|
||||
"0001": {"000100020005", "00010003"},
|
||||
"00010002": {"000100020005"},
|
||||
"000100020005": {"000100020005"},
|
||||
"00010003": {"00010003"},
|
||||
}
|
||||
|
||||
@@ -26,13 +26,24 @@ document_related_router.register(
|
||||
viewsets.InvitationViewset,
|
||||
basename="invitations",
|
||||
)
|
||||
|
||||
document_related_router.register(
|
||||
"threads",
|
||||
viewsets.ThreadViewSet,
|
||||
basename="threads",
|
||||
)
|
||||
document_related_router.register(
|
||||
"ask-for-access",
|
||||
viewsets.DocumentAskForAccessViewSet,
|
||||
basename="ask_for_access",
|
||||
)
|
||||
|
||||
thread_related_router = DefaultRouter()
|
||||
thread_related_router.register(
|
||||
"comments",
|
||||
viewsets.CommentViewSet,
|
||||
basename="comments",
|
||||
)
|
||||
|
||||
|
||||
urlpatterns = [
|
||||
path(
|
||||
@@ -45,6 +56,10 @@ urlpatterns = [
|
||||
r"^documents/(?P<resource_id>[0-9a-z-]*)/",
|
||||
include(document_related_router.urls),
|
||||
),
|
||||
re_path(
|
||||
r"^documents/(?P<resource_id>[0-9a-z-]*)/threads/(?P<thread_id>[0-9a-z-]*)/",
|
||||
include(thread_related_router.urls),
|
||||
),
|
||||
]
|
||||
),
|
||||
),
|
||||
|
||||
@@ -2,6 +2,7 @@
|
||||
|
||||
import base64
|
||||
import re
|
||||
from collections import defaultdict
|
||||
|
||||
import pycrdt
|
||||
from bs4 import BeautifulSoup
|
||||
@@ -9,6 +10,27 @@ from bs4 import BeautifulSoup
|
||||
from core import enums
|
||||
|
||||
|
||||
def get_ancestor_to_descendants_map(paths, steplen):
|
||||
"""
|
||||
Given a list of document paths, return a mapping of ancestor_path -> set of descendant_paths.
|
||||
|
||||
Each path is assumed to use materialized path format with fixed-length segments.
|
||||
|
||||
Args:
|
||||
paths (list of str): List of full document paths.
|
||||
steplen (int): Length of each path segment.
|
||||
|
||||
Returns:
|
||||
dict[str, set[str]]: Mapping from ancestor path to its descendant paths (including itself).
|
||||
"""
|
||||
ancestor_map = defaultdict(set)
|
||||
for path in paths:
|
||||
for i in range(steplen, len(path) + 1, steplen):
|
||||
ancestor = path[:i]
|
||||
ancestor_map[ancestor].add(path)
|
||||
return ancestor_map
|
||||
|
||||
|
||||
def filter_descendants(paths, root_paths, skip_sorting=False):
|
||||
"""
|
||||
Filters paths to keep only those that are descendants of any path in root_paths.
|
||||
|
||||
@@ -1,16 +1,19 @@
|
||||
# ruff: noqa: S311, S106
|
||||
"""create_demo management command"""
|
||||
|
||||
import base64
|
||||
import logging
|
||||
import math
|
||||
import random
|
||||
import time
|
||||
from collections import defaultdict
|
||||
from uuid import uuid4
|
||||
|
||||
from django import db
|
||||
from django.conf import settings
|
||||
from django.core.management.base import BaseCommand, CommandError
|
||||
|
||||
import pycrdt
|
||||
from faker import Faker
|
||||
|
||||
from core import models
|
||||
@@ -27,6 +30,16 @@ def random_true_with_probability(probability):
|
||||
return random.random() < probability
|
||||
|
||||
|
||||
def get_ydoc_for_text(text):
|
||||
"""Return a ydoc from plain text for demo purposes."""
|
||||
ydoc = pycrdt.Doc()
|
||||
paragraph = pycrdt.XmlElement("p", {}, [pycrdt.XmlText(text)])
|
||||
fragment = pycrdt.XmlFragment([paragraph])
|
||||
ydoc["document-store"] = fragment
|
||||
update = ydoc.get_update()
|
||||
return base64.b64encode(update).decode("utf-8")
|
||||
|
||||
|
||||
class BulkQueue:
|
||||
"""A utility class to create Django model instances in bulk by just pushing to a queue."""
|
||||
|
||||
@@ -48,7 +61,7 @@ class BulkQueue:
|
||||
self.queue[objects[0]._meta.model.__name__] = [] # noqa: SLF001
|
||||
|
||||
def push(self, obj):
|
||||
"""Add a model instance to queue to that it gets created in bulk."""
|
||||
"""Add a model instance to queue so that it gets created in bulk."""
|
||||
objects = self.queue[obj._meta.model.__name__] # noqa: SLF001
|
||||
objects.append(obj)
|
||||
if len(objects) > self.BATCH_SIZE:
|
||||
@@ -139,17 +152,19 @@ def create_demo(stdout):
|
||||
# pylint: disable=protected-access
|
||||
key = models.Document._int2str(i) # noqa: SLF001
|
||||
padding = models.Document.alphabet[0] * (models.Document.steplen - len(key))
|
||||
queue.push(
|
||||
models.Document(
|
||||
depth=1,
|
||||
path=f"{padding}{key}",
|
||||
creator_id=random.choice(users_ids),
|
||||
title=fake.sentence(nb_words=4),
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
if random_true_with_probability(0.5)
|
||||
else random.choice(models.LinkReachChoices.values),
|
||||
)
|
||||
title = fake.sentence(nb_words=4)
|
||||
document = models.Document(
|
||||
id=uuid4(),
|
||||
depth=1,
|
||||
path=f"{padding}{key}",
|
||||
creator_id=random.choice(users_ids),
|
||||
title=title,
|
||||
link_reach=models.LinkReachChoices.AUTHENTICATED
|
||||
if random_true_with_probability(0.5)
|
||||
else random.choice(models.LinkReachChoices.values),
|
||||
)
|
||||
document.save_content(get_ydoc_for_text(f"Content for {title:s}"))
|
||||
queue.push(document)
|
||||
|
||||
queue.flush()
|
||||
|
||||
|
||||
@@ -99,6 +99,31 @@ class Base(Configuration):
|
||||
}
|
||||
DEFAULT_AUTO_FIELD = "django.db.models.AutoField"
|
||||
|
||||
# Search
|
||||
SEARCH_INDEXER_CLASS = values.Value(
|
||||
default=None,
|
||||
environ_name="SEARCH_INDEXER_CLASS",
|
||||
environ_prefix=None,
|
||||
)
|
||||
SEARCH_INDEXER_BATCH_SIZE = values.IntegerValue(
|
||||
default=100_000, environ_name="SEARCH_INDEXER_BATCH_SIZE", environ_prefix=None
|
||||
)
|
||||
SEARCH_INDEXER_URL = values.Value(
|
||||
default=None, environ_name="SEARCH_INDEXER_URL", environ_prefix=None
|
||||
)
|
||||
SEARCH_INDEXER_COUNTDOWN = values.IntegerValue(
|
||||
default=1, environ_name="SEARCH_INDEXER_COUNTDOWN", environ_prefix=None
|
||||
)
|
||||
SEARCH_INDEXER_SECRET = values.Value(
|
||||
default=None, environ_name="SEARCH_INDEXER_SECRET", environ_prefix=None
|
||||
)
|
||||
SEARCH_INDEXER_QUERY_URL = values.Value(
|
||||
default=None, environ_name="SEARCH_INDEXER_QUERY_URL", environ_prefix=None
|
||||
)
|
||||
SEARCH_INDEXER_QUERY_LIMIT = values.PositiveIntegerValue(
|
||||
default=50, environ_name="SEARCH_INDEXER_QUERY_LIMIT", environ_prefix=None
|
||||
)
|
||||
|
||||
# Static files (CSS, JavaScript, Images)
|
||||
STATIC_URL = "/static/"
|
||||
STATIC_ROOT = os.path.join(DATA_DIR, "static")
|
||||
|
||||
@@ -0,0 +1,295 @@
|
||||
import { expect, test } from '@playwright/test';
|
||||
|
||||
import { createDoc, getOtherBrowserName, verifyDocName } from './utils-common';
|
||||
import { writeInEditor } from './utils-editor';
|
||||
import {
|
||||
addNewMember,
|
||||
connectOtherUserToDoc,
|
||||
updateRoleUser,
|
||||
updateShareLink,
|
||||
} from './utils-share';
|
||||
|
||||
test.beforeEach(async ({ page }) => {
|
||||
await page.goto('/');
|
||||
});
|
||||
|
||||
test.describe('Doc Comments', () => {
|
||||
test('it checks comments with 2 users in real time', async ({
|
||||
page,
|
||||
browserName,
|
||||
}) => {
|
||||
const [docTitle] = await createDoc(page, 'comment-doc', browserName, 1);
|
||||
|
||||
// We share the doc with another user
|
||||
const otherBrowserName = getOtherBrowserName(browserName);
|
||||
await page.getByRole('button', { name: 'Share' }).click();
|
||||
await addNewMember(page, 0, 'Administrator', otherBrowserName);
|
||||
|
||||
await expect(
|
||||
page
|
||||
.getByRole('listbox', { name: 'Suggestions' })
|
||||
.getByText(new RegExp(otherBrowserName)),
|
||||
).toBeVisible();
|
||||
|
||||
await page.getByRole('button', { name: 'close' }).click();
|
||||
|
||||
// We add a comment with the first user
|
||||
const editor = await writeInEditor({ page, text: 'Hello World' });
|
||||
await editor.getByText('Hello').selectText();
|
||||
await page.getByRole('button', { name: 'Comment' }).click();
|
||||
|
||||
const thread = page.locator('.bn-thread');
|
||||
await thread.getByRole('paragraph').first().fill('This is a comment');
|
||||
await thread.locator('[data-test="save"]').click();
|
||||
await expect(thread.getByText('This is a comment').first()).toBeHidden();
|
||||
|
||||
await editor.getByText('Hello').click();
|
||||
|
||||
await thread.getByText('This is a comment').first().hover();
|
||||
|
||||
// We add a reaction with the first user
|
||||
await thread.locator('[data-test="addreaction"]').first().click();
|
||||
await page.getByRole('button', { name: '👍' }).click();
|
||||
|
||||
await expect(
|
||||
thread.getByRole('img', { name: 'E2E Chromium' }).first(),
|
||||
).toBeVisible();
|
||||
await expect(thread.getByText('This is a comment').first()).toBeVisible();
|
||||
await expect(thread.getByText(`E2E ${browserName}`).first()).toBeVisible();
|
||||
await expect(thread.locator('.bn-comment-reaction')).toHaveText('👍1');
|
||||
|
||||
const urlCommentDoc = page.url();
|
||||
|
||||
const { otherPage, cleanup } = await connectOtherUserToDoc({
|
||||
otherBrowserName,
|
||||
docUrl: urlCommentDoc,
|
||||
docTitle,
|
||||
});
|
||||
|
||||
const otherEditor = otherPage.locator('.ProseMirror');
|
||||
await otherEditor.getByText('Hello').click();
|
||||
const otherThread = otherPage.locator('.bn-thread');
|
||||
|
||||
await otherThread.getByText('This is a comment').first().hover();
|
||||
await otherThread.locator('[data-test="addreaction"]').first().click();
|
||||
await otherPage.getByRole('button', { name: '👍' }).click();
|
||||
|
||||
// We check that the comment made by the first user is visible for the second user
|
||||
await expect(
|
||||
otherThread.getByText('This is a comment').first(),
|
||||
).toBeVisible();
|
||||
await expect(
|
||||
otherThread.getByText(`E2E ${browserName}`).first(),
|
||||
).toBeVisible();
|
||||
await expect(otherThread.locator('.bn-comment-reaction')).toHaveText('👍2');
|
||||
|
||||
// We add a comment with the second user
|
||||
await otherThread
|
||||
.getByRole('paragraph')
|
||||
.last()
|
||||
.fill('This is a comment from the other user');
|
||||
await otherThread.locator('[data-test="save"]').click();
|
||||
|
||||
// We check that the second user can see the comment he just made
|
||||
await expect(
|
||||
otherThread.getByRole('img', { name: `E2E ${otherBrowserName}` }).first(),
|
||||
).toBeVisible();
|
||||
await expect(
|
||||
otherThread.getByText('This is a comment from the other user').first(),
|
||||
).toBeVisible();
|
||||
await expect(
|
||||
otherThread.getByText(`E2E ${otherBrowserName}`).first(),
|
||||
).toBeVisible();
|
||||
|
||||
// We check that the first user can see the comment made by the second user in real time
|
||||
await expect(
|
||||
thread.getByText('This is a comment from the other user').first(),
|
||||
).toBeVisible();
|
||||
await expect(
|
||||
thread.getByText(`E2E ${otherBrowserName}`).first(),
|
||||
).toBeVisible();
|
||||
|
||||
await cleanup();
|
||||
});
|
||||
|
||||
test('it checks the comments interactions', async ({ page, browserName }) => {
|
||||
await createDoc(page, 'comment-interaction', browserName, 1);
|
||||
|
||||
// Checks add react reaction
|
||||
const editor = page.locator('.ProseMirror');
|
||||
await editor.locator('.bn-block-outer').last().fill('Hello World');
|
||||
await editor.getByText('Hello').selectText();
|
||||
await page.getByRole('button', { name: 'Comment' }).click();
|
||||
|
||||
const thread = page.locator('.bn-thread');
|
||||
await thread.getByRole('paragraph').first().fill('This is a comment');
|
||||
await thread.locator('[data-test="save"]').click();
|
||||
await expect(thread.getByText('This is a comment').first()).toBeHidden();
|
||||
|
||||
// Check background color changed
|
||||
await expect(editor.getByText('Hello')).toHaveCSS(
|
||||
'background-color',
|
||||
'rgba(237, 180, 0, 0.4)',
|
||||
);
|
||||
await editor.getByText('Hello').click();
|
||||
|
||||
await thread.getByText('This is a comment').first().hover();
|
||||
|
||||
// We add a reaction with the first user
|
||||
await thread.locator('[data-test="addreaction"]').first().click();
|
||||
await page.getByRole('button', { name: '👍' }).click();
|
||||
|
||||
await expect(thread.locator('.bn-comment-reaction')).toHaveText('👍1');
|
||||
|
||||
// Edit Comment
|
||||
await thread.getByText('This is a comment').first().hover();
|
||||
await thread.locator('[data-test="moreactions"]').first().click();
|
||||
await thread.getByRole('menuitem', { name: 'Edit comment' }).click();
|
||||
const commentEditor = thread.getByText('This is a comment').first();
|
||||
await commentEditor.fill('This is an edited comment');
|
||||
const saveBtn = thread.getByRole('button', { name: 'Save' });
|
||||
await saveBtn.click();
|
||||
await expect(saveBtn).toBeHidden();
|
||||
await expect(
|
||||
thread.getByText('This is an edited comment').first(),
|
||||
).toBeVisible();
|
||||
await expect(thread.getByText('This is a comment').first()).toBeHidden();
|
||||
|
||||
// Add second comment
|
||||
await thread.getByRole('paragraph').last().fill('This is a second comment');
|
||||
await thread.getByRole('button', { name: 'Save' }).click();
|
||||
await expect(
|
||||
thread.getByText('This is an edited comment').first(),
|
||||
).toBeVisible();
|
||||
await expect(
|
||||
thread.getByText('This is a second comment').first(),
|
||||
).toBeVisible();
|
||||
|
||||
// Delete second comment
|
||||
await thread.getByText('This is a second comment').first().hover();
|
||||
await thread.locator('[data-test="moreactions"]').first().click();
|
||||
await thread.getByRole('menuitem', { name: 'Delete comment' }).click();
|
||||
await expect(
|
||||
thread.getByText('This is a second comment').first(),
|
||||
).toBeHidden();
|
||||
|
||||
// Resolve thread
|
||||
await thread.getByText('This is an edited comment').first().hover();
|
||||
await thread.locator('[data-test="resolve"]').click();
|
||||
await expect(thread).toBeHidden();
|
||||
await expect(editor.getByText('Hello')).toHaveCSS(
|
||||
'background-color',
|
||||
'rgba(0, 0, 0, 0)',
|
||||
);
|
||||
});
|
||||
|
||||
test('it checks the comments abilities', async ({ page, browserName }) => {
|
||||
test.slow();
|
||||
|
||||
const [docTitle] = await createDoc(page, 'comment-doc', browserName, 1);
|
||||
|
||||
// We share the doc with another user
|
||||
const otherBrowserName = getOtherBrowserName(browserName);
|
||||
|
||||
// Add a new member with editor role
|
||||
await page.getByRole('button', { name: 'Share' }).click();
|
||||
await addNewMember(page, 0, 'Editor', otherBrowserName);
|
||||
|
||||
await expect(
|
||||
page
|
||||
.getByRole('listbox', { name: 'Suggestions' })
|
||||
.getByText(new RegExp(otherBrowserName)),
|
||||
).toBeVisible();
|
||||
|
||||
const urlCommentDoc = page.url();
|
||||
|
||||
const { otherPage, cleanup } = await connectOtherUserToDoc({
|
||||
otherBrowserName,
|
||||
docUrl: urlCommentDoc,
|
||||
docTitle,
|
||||
});
|
||||
|
||||
const otherEditor = await writeInEditor({
|
||||
page: otherPage,
|
||||
text: 'Hello, I can edit the document',
|
||||
});
|
||||
await expect(
|
||||
otherEditor.getByText('Hello, I can edit the document'),
|
||||
).toBeVisible();
|
||||
await otherEditor.getByText('Hello').selectText();
|
||||
await otherPage.getByRole('button', { name: 'Comment' }).click();
|
||||
const otherThread = otherPage.locator('.bn-thread');
|
||||
await otherThread
|
||||
.getByRole('paragraph')
|
||||
.first()
|
||||
.fill('I can add a comment');
|
||||
await otherThread.locator('[data-test="save"]').click();
|
||||
await expect(
|
||||
otherThread.getByText('I can add a comment').first(),
|
||||
).toBeHidden();
|
||||
|
||||
await expect(otherEditor.getByText('Hello')).toHaveCSS(
|
||||
'background-color',
|
||||
'rgba(237, 180, 0, 0.4)',
|
||||
);
|
||||
|
||||
// We change the role of the second user to reader
|
||||
await updateRoleUser(page, 'Reader', `user.test@${otherBrowserName}.test`);
|
||||
|
||||
// With the reader role, the second user cannot see comments
|
||||
await otherPage.reload();
|
||||
await verifyDocName(otherPage, docTitle);
|
||||
|
||||
await expect(otherEditor.getByText('Hello')).toHaveCSS(
|
||||
'background-color',
|
||||
'rgba(0, 0, 0, 0)',
|
||||
);
|
||||
await otherEditor.getByText('Hello').click();
|
||||
await expect(otherThread).toBeHidden();
|
||||
await otherEditor.getByText('Hello').selectText();
|
||||
await expect(
|
||||
otherPage.getByRole('button', { name: 'Comment' }),
|
||||
).toBeHidden();
|
||||
|
||||
await otherPage.reload();
|
||||
|
||||
// Change the link role of the doc to set it in commenting mode
|
||||
await updateShareLink(page, 'Public', 'Editing');
|
||||
|
||||
// Anonymous user can see and add comments
|
||||
await otherPage.getByRole('button', { name: 'Logout' }).click();
|
||||
|
||||
await otherPage.goto(urlCommentDoc);
|
||||
|
||||
await verifyDocName(otherPage, docTitle);
|
||||
|
||||
await expect(otherEditor.getByText('Hello')).toHaveCSS(
|
||||
'background-color',
|
||||
'rgba(237, 180, 0, 0.4)',
|
||||
);
|
||||
await otherEditor.getByText('Hello').click();
|
||||
await expect(
|
||||
otherThread.getByText('I can add a comment').first(),
|
||||
).toBeVisible();
|
||||
|
||||
await otherThread
|
||||
.locator('.ProseMirror.bn-editor[contenteditable="true"]')
|
||||
.getByRole('paragraph')
|
||||
.first()
|
||||
.fill('Comment by anonymous user');
|
||||
await otherThread.locator('[data-test="save"]').click();
|
||||
|
||||
await expect(
|
||||
otherThread.getByText('Comment by anonymous user').first(),
|
||||
).toBeVisible();
|
||||
|
||||
await expect(
|
||||
otherThread.getByRole('img', { name: `Anonymous` }).first(),
|
||||
).toBeVisible();
|
||||
|
||||
await otherThread.getByText('Comment by anonymous user').first().hover();
|
||||
await expect(otherThread.locator('[data-test="moreactions"]')).toBeHidden();
|
||||
|
||||
await cleanup();
|
||||
});
|
||||
});
|
||||
@@ -84,7 +84,7 @@ test.describe('Document create member', () => {
|
||||
|
||||
// Validate
|
||||
await page.getByRole('menuitem', { name: 'Administrator' }).click();
|
||||
await page.getByRole('button', { name: 'Invite' }).click();
|
||||
await page.getByRole('button', { name: /^Invite / }).click();
|
||||
|
||||
// Check invitation added
|
||||
await expect(
|
||||
@@ -135,7 +135,7 @@ test.describe('Document create member', () => {
|
||||
(response) =>
|
||||
response.url().includes('/invitations/') && response.status() === 201,
|
||||
);
|
||||
await page.getByRole('button', { name: 'Invite' }).click();
|
||||
await page.getByRole('button', { name: /^Invite / }).click();
|
||||
|
||||
// Check invitation sent
|
||||
|
||||
@@ -154,7 +154,7 @@ test.describe('Document create member', () => {
|
||||
response.url().includes('/invitations/') && response.status() === 400,
|
||||
);
|
||||
|
||||
await page.getByRole('button', { name: 'Invite' }).click();
|
||||
await page.getByRole('button', { name: /^Invite / }).click();
|
||||
await expect(
|
||||
page.getByText(`"${email}" is already invited to the document.`),
|
||||
).toBeVisible();
|
||||
@@ -191,7 +191,7 @@ test.describe('Document create member', () => {
|
||||
response.url().includes('/invitations/') && response.status() === 201,
|
||||
);
|
||||
|
||||
await page.getByRole('button', { name: 'Invite' }).click();
|
||||
await page.getByRole('button', { name: /^Invite / }).click();
|
||||
|
||||
// Check invitation sent
|
||||
const responseCreateInvitation = await responsePromiseCreateInvitation;
|
||||
|
||||
@@ -70,6 +70,14 @@ export const keyCloakSignIn = async (
|
||||
await page.click('button[type="submit"]', { force: true });
|
||||
};
|
||||
|
||||
export const getOtherBrowserName = (browserName: BrowserName) => {
|
||||
const otherBrowserName = BROWSERS.find((b) => b !== browserName);
|
||||
if (!otherBrowserName) {
|
||||
throw new Error('No alternative browser found');
|
||||
}
|
||||
return otherBrowserName;
|
||||
};
|
||||
|
||||
export const randomName = (name: string, browserName: string, length: number) =>
|
||||
Array.from({ length }, (_el, index) => {
|
||||
return `${browserName}-${Math.floor(Math.random() * 10000)}-${index}-${name}`;
|
||||
@@ -125,7 +133,9 @@ export const verifyDocName = async (page: Page, docName: string) => {
|
||||
try {
|
||||
await expect(
|
||||
page.getByRole('textbox', { name: 'Document title' }),
|
||||
).toContainText(docName);
|
||||
).toContainText(docName, {
|
||||
timeout: 1000,
|
||||
});
|
||||
} catch {
|
||||
await expect(page.getByRole('heading', { name: docName })).toBeVisible();
|
||||
}
|
||||
|
||||
@@ -1,8 +1,8 @@
|
||||
import { Page, chromium, expect } from '@playwright/test';
|
||||
|
||||
import {
|
||||
BROWSERS,
|
||||
BrowserName,
|
||||
getOtherBrowserName,
|
||||
keyCloakSignIn,
|
||||
verifyDocName,
|
||||
} from './utils-common';
|
||||
@@ -40,7 +40,7 @@ export const addNewMember = async (
|
||||
// Choose a role
|
||||
await page.getByLabel('doc-role-dropdown').click();
|
||||
await page.getByRole('menuitem', { name: role }).click();
|
||||
await page.getByRole('button', { name: 'Invite' }).click();
|
||||
await page.getByRole('button', { name: /^Invite / }).click();
|
||||
|
||||
return users[index].email;
|
||||
};
|
||||
@@ -88,21 +88,30 @@ export const updateRoleUser = async (
|
||||
* @param docTitle The title of the document (optional).
|
||||
* @returns An object containing the other browser, context, and page.
|
||||
*/
|
||||
type ConnectOtherUserToDocParams = {
|
||||
docUrl: string;
|
||||
docTitle?: string;
|
||||
withoutSignIn?: boolean;
|
||||
} & (
|
||||
| {
|
||||
otherBrowserName: BrowserName;
|
||||
browserName?: never;
|
||||
}
|
||||
| {
|
||||
browserName: BrowserName;
|
||||
otherBrowserName?: never;
|
||||
}
|
||||
);
|
||||
|
||||
export const connectOtherUserToDoc = async ({
|
||||
browserName,
|
||||
docUrl,
|
||||
docTitle,
|
||||
otherBrowserName: _otherBrowserName,
|
||||
withoutSignIn,
|
||||
}: {
|
||||
browserName: BrowserName;
|
||||
docUrl: string;
|
||||
docTitle?: string;
|
||||
withoutSignIn?: boolean;
|
||||
}) => {
|
||||
const otherBrowserName = BROWSERS.find((b) => b !== browserName);
|
||||
if (!otherBrowserName) {
|
||||
throw new Error('No alternative browser found');
|
||||
}
|
||||
}: ConnectOtherUserToDocParams) => {
|
||||
const otherBrowserName =
|
||||
_otherBrowserName || getOtherBrowserName(browserName);
|
||||
|
||||
const otherBrowser = await chromium.launch({ headless: true });
|
||||
const otherContext = await otherBrowser.newContext({
|
||||
|
||||
@@ -98,8 +98,8 @@ const dsfrTheme = {
|
||||
},
|
||||
font: {
|
||||
families: {
|
||||
base: 'Marianne',
|
||||
accent: 'Marianne',
|
||||
base: 'Marianne, Inter, Roboto Flex Variable, sans-serif',
|
||||
accent: 'Marianne, Inter, Roboto Flex Variable, sans-serif',
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
@@ -556,8 +556,10 @@
|
||||
--c--theme--logo--widthHeader: 110px;
|
||||
--c--theme--logo--widthFooter: 220px;
|
||||
--c--theme--logo--alt: gouvernement logo;
|
||||
--c--theme--font--families--base: marianne;
|
||||
--c--theme--font--families--accent: marianne;
|
||||
--c--theme--font--families--base:
|
||||
marianne, inter, roboto flex variable, sans-serif;
|
||||
--c--theme--font--families--accent:
|
||||
marianne, inter, roboto flex variable, sans-serif;
|
||||
--c--components--la-gaufre: true;
|
||||
--c--components--home-proconnect: true;
|
||||
--c--components--favicon--ico: /assets/favicon-dsfr.ico;
|
||||
|
||||
@@ -436,7 +436,12 @@ export const tokens = {
|
||||
widthFooter: '220px',
|
||||
alt: 'Gouvernement Logo',
|
||||
},
|
||||
font: { families: { base: 'Marianne', accent: 'Marianne' } },
|
||||
font: {
|
||||
families: {
|
||||
base: 'Marianne, Inter, Roboto Flex Variable, sans-serif',
|
||||
accent: 'Marianne, Inter, Roboto Flex Variable, sans-serif',
|
||||
},
|
||||
},
|
||||
},
|
||||
components: {
|
||||
'la-gaufre': true,
|
||||
|
||||
@@ -13,3 +13,5 @@ export interface User {
|
||||
short_name: string;
|
||||
language?: string;
|
||||
}
|
||||
|
||||
export type UserLight = Pick<User, 'full_name' | 'short_name'>;
|
||||
|
||||
@@ -0,0 +1,49 @@
|
||||
import React from 'react';
|
||||
|
||||
import { Box, BoxType } from '@/components';
|
||||
|
||||
type AvatarSvgProps = {
|
||||
initials: string;
|
||||
background: string;
|
||||
fontFamily?: string;
|
||||
} & BoxType;
|
||||
|
||||
export const AvatarSvg: React.FC<AvatarSvgProps> = ({
|
||||
initials,
|
||||
background,
|
||||
fontFamily,
|
||||
...props
|
||||
}) => (
|
||||
<Box
|
||||
as="svg"
|
||||
xmlns="http://www.w3.org/2000/svg"
|
||||
width="24"
|
||||
height="24"
|
||||
viewBox="0 0 24 24"
|
||||
{...props}
|
||||
>
|
||||
<rect
|
||||
x="0.5"
|
||||
y="0.5"
|
||||
width="23"
|
||||
height="23"
|
||||
rx="11.5"
|
||||
ry="11.5"
|
||||
fill={background}
|
||||
stroke="rgba(255,255,255,0.5)"
|
||||
strokeWidth="1"
|
||||
/>
|
||||
<text
|
||||
x="50%"
|
||||
y="50%"
|
||||
dy="0.35em"
|
||||
textAnchor="middle"
|
||||
fontSize="10"
|
||||
fontWeight="600"
|
||||
fill="rgba(255,255,255,0.9)"
|
||||
fontFamily={fontFamily || 'Arial'}
|
||||
>
|
||||
{initials}
|
||||
</text>
|
||||
</Box>
|
||||
);
|
||||
@@ -0,0 +1,70 @@
|
||||
import { renderToStaticMarkup } from 'react-dom/server';
|
||||
|
||||
import { tokens } from '@/cunningham';
|
||||
|
||||
import { AvatarSvg } from './AvatarSvg';
|
||||
|
||||
const colors = tokens.themes.default.theme.colors;
|
||||
|
||||
const avatarsColors = [
|
||||
colors['blue-500'],
|
||||
colors['brown-500'],
|
||||
colors['cyan-500'],
|
||||
colors['gold-500'],
|
||||
colors['green-500'],
|
||||
colors['olive-500'],
|
||||
colors['orange-500'],
|
||||
colors['pink-500'],
|
||||
colors['purple-500'],
|
||||
colors['yellow-500'],
|
||||
];
|
||||
|
||||
const getColorFromName = (name: string) => {
|
||||
let hash = 0;
|
||||
for (let i = 0; i < name.length; i++) {
|
||||
hash = name.charCodeAt(i) + ((hash << 5) - hash);
|
||||
}
|
||||
return avatarsColors[Math.abs(hash) % avatarsColors.length];
|
||||
};
|
||||
|
||||
const getInitialFromName = (name: string) => {
|
||||
const splitName = name?.split(' ');
|
||||
return (splitName[0]?.charAt(0) || '?') + (splitName?.[1]?.charAt(0) || '');
|
||||
};
|
||||
|
||||
type UserAvatarProps = {
|
||||
fullName?: string;
|
||||
background?: string;
|
||||
};
|
||||
|
||||
export const UserAvatar = ({ fullName, background }: UserAvatarProps) => {
|
||||
const name = fullName?.trim() || '?';
|
||||
|
||||
return (
|
||||
<AvatarSvg
|
||||
className="--docs--user-avatar"
|
||||
initials={getInitialFromName(name).toUpperCase()}
|
||||
background={background || getColorFromName(name)}
|
||||
/>
|
||||
);
|
||||
};
|
||||
|
||||
export const avatarUrlFromName = (
|
||||
fullName?: string,
|
||||
fontFamily?: string,
|
||||
): string => {
|
||||
const name = fullName?.trim() || '?';
|
||||
const initials = getInitialFromName(name).toUpperCase();
|
||||
const background = getColorFromName(name);
|
||||
|
||||
const svgMarkup = renderToStaticMarkup(
|
||||
<AvatarSvg
|
||||
className="--docs--user-avatar"
|
||||
initials={initials}
|
||||
background={background}
|
||||
fontFamily={fontFamily}
|
||||
/>,
|
||||
);
|
||||
|
||||
return `data:image/svg+xml;charset=UTF-8,${encodeURIComponent(svgMarkup)}`;
|
||||
};
|
||||
@@ -1,2 +1,3 @@
|
||||
export * from './Auth';
|
||||
export * from './ButtonLogin';
|
||||
export * from './UserAvatar';
|
||||
|
||||
+66
-9
@@ -12,13 +12,16 @@ import { BlockNoteView } from '@blocknote/mantine';
|
||||
import '@blocknote/mantine/style.css';
|
||||
import { useCreateBlockNote } from '@blocknote/react';
|
||||
import { HocuspocusProvider } from '@hocuspocus/provider';
|
||||
import { useEffect, useRef } from 'react';
|
||||
import { useEffect, useMemo, useRef } from 'react';
|
||||
import { useTranslation } from 'react-i18next';
|
||||
import { css } from 'styled-components';
|
||||
import * as Y from 'yjs';
|
||||
|
||||
import { Box, TextErrors } from '@/components';
|
||||
import { useCunninghamTheme } from '@/cunningham';
|
||||
import { Doc, useProviderStore } from '@/docs/doc-management';
|
||||
import { useAuth } from '@/features/auth';
|
||||
import { avatarUrlFromName, useAuth } from '@/features/auth';
|
||||
import { useResponsiveStore } from '@/stores';
|
||||
|
||||
import {
|
||||
useHeadings,
|
||||
@@ -34,6 +37,7 @@ import { randomColor } from '../utils';
|
||||
|
||||
import { BlockNoteSuggestionMenu } from './BlockNoteSuggestionMenu';
|
||||
import { BlockNoteToolbar } from './BlockNoteToolBar/BlockNoteToolbar';
|
||||
import { cssComments, useComments } from './comments/';
|
||||
import {
|
||||
AccessibleImageBlock,
|
||||
CalloutBlock,
|
||||
@@ -79,8 +83,11 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
const { user } = useAuth();
|
||||
const { setEditor } = useEditorStore();
|
||||
const { t } = useTranslation();
|
||||
const { themeTokens } = useCunninghamTheme();
|
||||
const { isDesktop } = useResponsiveStore();
|
||||
const { isSynced: isConnectedToCollabServer } = useProviderStore();
|
||||
const refEditorContainer = useRef<HTMLDivElement>(null);
|
||||
const canSeeComment = doc.abilities.comment && isDesktop;
|
||||
|
||||
useSaveDoc(doc.id, provider.document, isConnectedToCollabServer);
|
||||
const { i18n } = useTranslation();
|
||||
@@ -88,16 +95,25 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
|
||||
const { uploadFile, errorAttachment } = useUploadFile(doc.id);
|
||||
|
||||
const collabName = user?.full_name || user?.email || t('Anonymous');
|
||||
const collabName = user?.full_name || user?.email;
|
||||
const cursorName = collabName || t('Anonymous');
|
||||
const showCursorLabels: 'always' | 'activity' | (string & {}) = 'activity';
|
||||
|
||||
const threadStore = useComments(doc.id, canSeeComment, user);
|
||||
|
||||
const currentUserAvatarUrl = useMemo(() => {
|
||||
if (canSeeComment) {
|
||||
return avatarUrlFromName(collabName, themeTokens?.font?.families?.base);
|
||||
}
|
||||
}, [canSeeComment, collabName, themeTokens?.font?.families?.base]);
|
||||
|
||||
const editor: DocsBlockNoteEditor = useCreateBlockNote(
|
||||
{
|
||||
collaboration: {
|
||||
provider: provider,
|
||||
fragment: provider.document.getXmlFragment('document-store'),
|
||||
user: {
|
||||
name: collabName,
|
||||
name: cursorName,
|
||||
color: randomColor(),
|
||||
},
|
||||
/**
|
||||
@@ -138,11 +154,28 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
},
|
||||
showCursorLabels: showCursorLabels as 'always' | 'activity',
|
||||
},
|
||||
comments: { threadStore },
|
||||
dictionary: {
|
||||
...locales[lang as keyof typeof locales],
|
||||
multi_column:
|
||||
multiColumnLocales?.[lang as keyof typeof multiColumnLocales],
|
||||
},
|
||||
resolveUsers: async (userIds) => {
|
||||
return Promise.resolve(
|
||||
userIds.map((encodedURIUserId) => {
|
||||
const fullName = decodeURIComponent(encodedURIUserId);
|
||||
|
||||
return {
|
||||
id: encodedURIUserId,
|
||||
username: fullName || t('Anonymous'),
|
||||
avatarUrl: avatarUrlFromName(
|
||||
fullName,
|
||||
themeTokens?.font?.families?.base,
|
||||
),
|
||||
};
|
||||
}),
|
||||
);
|
||||
},
|
||||
tables: {
|
||||
splitCells: true,
|
||||
cellBackgroundColor: true,
|
||||
@@ -152,7 +185,7 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
uploadFile,
|
||||
schema: blockNoteSchema,
|
||||
},
|
||||
[collabName, lang, provider, uploadFile],
|
||||
[cursorName, lang, provider, uploadFile, threadStore],
|
||||
);
|
||||
|
||||
useHeadings(editor);
|
||||
@@ -170,7 +203,13 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
}, [setEditor, editor]);
|
||||
|
||||
return (
|
||||
<Box ref={refEditorContainer} $css={cssEditor}>
|
||||
<Box
|
||||
ref={refEditorContainer}
|
||||
$css={css`
|
||||
${cssEditor};
|
||||
${cssComments(canSeeComment, currentUserAvatarUrl)}
|
||||
`}
|
||||
>
|
||||
{errorAttachment && (
|
||||
<Box $margin={{ bottom: 'big', top: 'none', horizontal: 'large' }}>
|
||||
<TextErrors
|
||||
@@ -180,12 +219,13 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
/>
|
||||
</Box>
|
||||
)}
|
||||
|
||||
<BlockNoteView
|
||||
className="--docs--main-editor"
|
||||
editor={editor}
|
||||
formattingToolbar={false}
|
||||
slashMenu={false}
|
||||
theme="light"
|
||||
comments={canSeeComment}
|
||||
aria-label={t('Document editor')}
|
||||
>
|
||||
<BlockNoteSuggestionMenu />
|
||||
@@ -196,11 +236,17 @@ export const BlockNoteEditor = ({ doc, provider }: BlockNoteEditorProps) => {
|
||||
};
|
||||
|
||||
interface BlockNoteReaderProps {
|
||||
docId: Doc['id'];
|
||||
initialContent: Y.XmlFragment;
|
||||
}
|
||||
|
||||
export const BlockNoteReader = ({ initialContent }: BlockNoteReaderProps) => {
|
||||
export const BlockNoteReader = ({
|
||||
docId,
|
||||
initialContent,
|
||||
}: BlockNoteReaderProps) => {
|
||||
const { user } = useAuth();
|
||||
const { setEditor } = useEditorStore();
|
||||
const threadStore = useComments(docId, false, user);
|
||||
const { t } = useTranslation();
|
||||
const editor = useCreateBlockNote(
|
||||
{
|
||||
@@ -213,6 +259,10 @@ export const BlockNoteReader = ({ initialContent }: BlockNoteReaderProps) => {
|
||||
provider: undefined,
|
||||
},
|
||||
schema: blockNoteSchema,
|
||||
comments: { threadStore },
|
||||
resolveUsers: async () => {
|
||||
return Promise.resolve([]);
|
||||
},
|
||||
},
|
||||
[initialContent],
|
||||
);
|
||||
@@ -228,14 +278,21 @@ export const BlockNoteReader = ({ initialContent }: BlockNoteReaderProps) => {
|
||||
useHeadings(editor);
|
||||
|
||||
return (
|
||||
<Box $css={cssEditor}>
|
||||
<Box
|
||||
$css={css`
|
||||
${cssEditor};
|
||||
${cssComments(false)}
|
||||
`}
|
||||
>
|
||||
<BlockNoteView
|
||||
className="--docs--main-editor"
|
||||
editor={editor}
|
||||
editable={false}
|
||||
theme="light"
|
||||
aria-label={t('Document version viewer')}
|
||||
formattingToolbar={false}
|
||||
slashMenu={false}
|
||||
comments={false}
|
||||
/>
|
||||
</Box>
|
||||
);
|
||||
|
||||
+16
-1
@@ -10,6 +10,7 @@ import { useTranslation } from 'react-i18next';
|
||||
|
||||
import { useConfig } from '@/core/config/api';
|
||||
|
||||
import { CommentToolbarButton } from '../comments/CommentToolbarButton';
|
||||
import { getCalloutFormattingToolbarItems } from '../custom-blocks';
|
||||
|
||||
import { AIGroupButton } from './AIButton';
|
||||
@@ -25,10 +26,12 @@ export const BlockNoteToolbar = () => {
|
||||
const { data: conf } = useConfig();
|
||||
|
||||
const toolbarItems = useMemo(() => {
|
||||
const toolbarItems = getFormattingToolbarItems([
|
||||
let toolbarItems = getFormattingToolbarItems([
|
||||
...blockTypeSelectItems(dict),
|
||||
getCalloutFormattingToolbarItems(t),
|
||||
]);
|
||||
|
||||
// Find the index of the file download button
|
||||
const fileDownloadButtonIndex = toolbarItems.findIndex(
|
||||
(item) =>
|
||||
typeof item === 'object' &&
|
||||
@@ -36,6 +39,8 @@ export const BlockNoteToolbar = () => {
|
||||
'key' in item &&
|
||||
(item as { key: string }).key === 'fileDownloadButton',
|
||||
);
|
||||
|
||||
// Replace the default file download button with our custom FileDownloadButton
|
||||
if (fileDownloadButtonIndex !== -1) {
|
||||
toolbarItems.splice(
|
||||
fileDownloadButtonIndex,
|
||||
@@ -50,12 +55,22 @@ export const BlockNoteToolbar = () => {
|
||||
);
|
||||
}
|
||||
|
||||
// Remove default Comment button
|
||||
toolbarItems = toolbarItems.filter((item) => {
|
||||
if (typeof item === 'object' && item !== null && 'key' in item) {
|
||||
return item.key !== 'addCommentButton';
|
||||
}
|
||||
return true;
|
||||
});
|
||||
|
||||
return toolbarItems;
|
||||
}, [dict, t]);
|
||||
|
||||
const formattingToolbar = useCallback(() => {
|
||||
return (
|
||||
<FormattingToolbar>
|
||||
<CommentToolbarButton />
|
||||
|
||||
{toolbarItems}
|
||||
|
||||
{/* Extra button to do some AI powered actions */}
|
||||
|
||||
+16
-3
@@ -6,6 +6,9 @@ import {
|
||||
import { forEach, isArray } from 'lodash';
|
||||
import React, { useMemo } from 'react';
|
||||
import { useTranslation } from 'react-i18next';
|
||||
import { css } from 'styled-components';
|
||||
|
||||
import { Text } from '@/components';
|
||||
|
||||
type Block = {
|
||||
type: string;
|
||||
@@ -83,8 +86,18 @@ export function MarkdownButton() {
|
||||
mainTooltip={t('Convert Markdown')}
|
||||
onClick={handleConvertMarkdown}
|
||||
className="--docs--editor-markdown-button"
|
||||
>
|
||||
M
|
||||
</Components.FormattingToolbar.Button>
|
||||
label="M"
|
||||
icon={
|
||||
<Text
|
||||
aria-hidden={true}
|
||||
$css={css`
|
||||
font-family: var(--c--theme--font--families--base);
|
||||
`}
|
||||
$weight="bold"
|
||||
>
|
||||
M
|
||||
</Text>
|
||||
}
|
||||
/>
|
||||
);
|
||||
}
|
||||
|
||||
@@ -117,6 +117,7 @@ export const DocEditor = ({ doc }: DocEditorProps) => {
|
||||
initialContent={provider.document.getXmlFragment(
|
||||
'document-store',
|
||||
)}
|
||||
docId={doc.id}
|
||||
/>
|
||||
) : (
|
||||
<BlockNoteEditor doc={doc} provider={provider} />
|
||||
|
||||
+69
@@ -0,0 +1,69 @@
|
||||
import { useBlockNoteEditor, useComponentsContext } from '@blocknote/react';
|
||||
import { useTranslation } from 'react-i18next';
|
||||
import { css } from 'styled-components';
|
||||
|
||||
import { Box, Icon } from '@/components';
|
||||
import { useCunninghamTheme } from '@/cunningham';
|
||||
import { useDocStore } from '@/features/docs/doc-management';
|
||||
|
||||
import {
|
||||
DocsBlockSchema,
|
||||
DocsInlineContentSchema,
|
||||
DocsStyleSchema,
|
||||
} from '../../types';
|
||||
|
||||
export const CommentToolbarButton = () => {
|
||||
const Components = useComponentsContext();
|
||||
const { currentDoc } = useDocStore();
|
||||
const { t } = useTranslation();
|
||||
const { spacingsTokens, colorsTokens } = useCunninghamTheme();
|
||||
|
||||
const editor = useBlockNoteEditor<
|
||||
DocsBlockSchema,
|
||||
DocsInlineContentSchema,
|
||||
DocsStyleSchema
|
||||
>();
|
||||
|
||||
if (!editor.isEditable || !Components || !currentDoc?.abilities.comment) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return (
|
||||
<Box $direction="row" className="--docs--comment-toolbar-button">
|
||||
<Components.Generic.Toolbar.Button
|
||||
className="bn-button"
|
||||
onClick={() => {
|
||||
editor.comments?.startPendingComment();
|
||||
}}
|
||||
aria-haspopup="dialog"
|
||||
>
|
||||
<Box
|
||||
$direction="row"
|
||||
$align="center"
|
||||
$gap={spacingsTokens['xs']}
|
||||
$padding={{ right: '2xs' }}
|
||||
>
|
||||
<Icon
|
||||
iconName="comment"
|
||||
className="--docs--icon-bg"
|
||||
$theme="greyscale"
|
||||
$variation="600"
|
||||
$padding="0.15rem"
|
||||
$size="16px"
|
||||
$color={colorsTokens['greyscale-600']}
|
||||
/>
|
||||
{t('Comment')}
|
||||
</Box>
|
||||
</Components.Generic.Toolbar.Button>
|
||||
<Box
|
||||
$background={colorsTokens['greyscale-100']}
|
||||
$width="1px"
|
||||
$height="70%"
|
||||
$margin={{ left: '2px' }}
|
||||
$css={css`
|
||||
align-self: center;
|
||||
`}
|
||||
/>
|
||||
</Box>
|
||||
);
|
||||
};
|
||||
+569
@@ -0,0 +1,569 @@
|
||||
import { CommentBody, ThreadStore } from '@blocknote/core/comments';
|
||||
import type { Awareness } from 'y-protocols/awareness';
|
||||
|
||||
import { APIError, APIList, errorCauses, fetchAPI } from '@/api';
|
||||
import { Doc } from '@/features/docs/doc-management';
|
||||
|
||||
import { useEditorStore } from '../../stores';
|
||||
|
||||
import { DocsThreadStoreAuth } from './DocsThreadStoreAuth';
|
||||
import {
|
||||
ClientCommentData,
|
||||
ClientThreadData,
|
||||
ServerComment,
|
||||
ServerReaction,
|
||||
ServerThread,
|
||||
} from './types';
|
||||
|
||||
type ServerThreadListResponse = APIList<ServerThread>;
|
||||
|
||||
export class DocsThreadStore extends ThreadStore {
|
||||
protected static COMMENTS_PING = 'commentsPing';
|
||||
protected threads: Map<string, ClientThreadData> = new Map();
|
||||
private subscribers = new Set<
|
||||
(threads: Map<string, ClientThreadData>) => void
|
||||
>();
|
||||
private awareness?: Awareness;
|
||||
private lastPingAt = 0;
|
||||
private pingTimer?: ReturnType<typeof setTimeout>;
|
||||
|
||||
constructor(
|
||||
protected docId: Doc['id'],
|
||||
awareness: Awareness | undefined,
|
||||
protected docAuth: DocsThreadStoreAuth,
|
||||
) {
|
||||
super(docAuth);
|
||||
|
||||
if (docAuth.canSee) {
|
||||
this.awareness = awareness;
|
||||
this.awareness?.on('update', this.onAwarenessUpdate);
|
||||
void this.refreshThreads();
|
||||
}
|
||||
}
|
||||
|
||||
public destroy() {
|
||||
this.awareness?.off('update', this.onAwarenessUpdate);
|
||||
if (this.pingTimer) {
|
||||
clearTimeout(this.pingTimer);
|
||||
}
|
||||
}
|
||||
|
||||
private onAwarenessUpdate = async ({
|
||||
added,
|
||||
updated,
|
||||
}: {
|
||||
added: number[];
|
||||
updated: number[];
|
||||
}) => {
|
||||
if (!this.awareness) {
|
||||
return;
|
||||
}
|
||||
const states = this.awareness.getStates();
|
||||
const listClientIds = [...added, ...updated];
|
||||
for (const clientId of listClientIds) {
|
||||
// Skip our own client ID
|
||||
if (clientId === this.awareness.clientID) {
|
||||
continue;
|
||||
}
|
||||
|
||||
const state = states.get(clientId) as
|
||||
| {
|
||||
[DocsThreadStore.COMMENTS_PING]?: {
|
||||
at: number;
|
||||
docId: string;
|
||||
isResolving: boolean;
|
||||
threadId: string;
|
||||
};
|
||||
}
|
||||
| undefined;
|
||||
|
||||
const ping = state?.commentsPing;
|
||||
|
||||
// Skip if no ping information is available
|
||||
if (!ping) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Skip if the document ID doesn't match
|
||||
if (ping.docId !== this.docId) {
|
||||
continue;
|
||||
}
|
||||
|
||||
// Skip if the ping timestamp is past
|
||||
if (ping.at <= this.lastPingAt) {
|
||||
continue;
|
||||
}
|
||||
|
||||
this.lastPingAt = ping.at;
|
||||
|
||||
// If we know the threadId, schedule a targeted refresh. Otherwise, fall back to full refresh.
|
||||
if (ping.threadId) {
|
||||
await this.refreshThread(ping.threadId);
|
||||
} else {
|
||||
await this.refreshThreads();
|
||||
}
|
||||
}
|
||||
};
|
||||
|
||||
/**
|
||||
* To ping the other clients for updates on a specific thread
|
||||
* @param threadId
|
||||
*/
|
||||
private ping(threadId?: string) {
|
||||
this.awareness?.setLocalStateField(DocsThreadStore.COMMENTS_PING, {
|
||||
at: Date.now(),
|
||||
docId: this.docId,
|
||||
threadId,
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Notifies all subscribers about the current thread state
|
||||
*/
|
||||
private notifySubscribers() {
|
||||
// Always emit a new Map reference to help consumers detect changes
|
||||
const threads = new Map(this.threads);
|
||||
this.subscribers.forEach((cb) => {
|
||||
try {
|
||||
cb(threads);
|
||||
} catch (e) {
|
||||
console.warn('DocsThreadStore subscriber threw', e);
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
private upsertClientThreadData(thread: ClientThreadData) {
|
||||
const next = new Map(this.threads);
|
||||
next.set(thread.id, thread);
|
||||
this.threads = next;
|
||||
}
|
||||
|
||||
private removeThread(threadId: string) {
|
||||
const next = new Map(this.threads);
|
||||
next.delete(threadId);
|
||||
this.threads = next;
|
||||
}
|
||||
|
||||
/**
|
||||
* To subscribe to thread updates
|
||||
* @param cb
|
||||
* @returns
|
||||
*/
|
||||
public subscribe(cb: (threads: Map<string, ClientThreadData>) => void) {
|
||||
if (!this.docAuth.canSee) {
|
||||
return () => {};
|
||||
}
|
||||
|
||||
this.subscribers.add(cb);
|
||||
|
||||
// Emit initial state asynchronously to avoid running during editor init
|
||||
setTimeout(() => {
|
||||
if (this.subscribers.has(cb)) {
|
||||
cb(this.getThreads());
|
||||
}
|
||||
}, 0);
|
||||
|
||||
return () => {
|
||||
this.subscribers.delete(cb);
|
||||
};
|
||||
}
|
||||
|
||||
public addThreadToDocument = (options: {
|
||||
threadId: string;
|
||||
selection: {
|
||||
prosemirror: {
|
||||
head: number;
|
||||
anchor: number;
|
||||
};
|
||||
yjs: {
|
||||
head: unknown;
|
||||
anchor: unknown;
|
||||
};
|
||||
};
|
||||
}) => {
|
||||
const { threadId } = options;
|
||||
const { editor } = useEditorStore.getState();
|
||||
|
||||
// Should not happen
|
||||
if (!editor) {
|
||||
console.warn('Editor to add thread not ready');
|
||||
return Promise.resolve();
|
||||
}
|
||||
|
||||
editor._tiptapEditor
|
||||
.chain()
|
||||
.focus?.()
|
||||
.setMark?.('comment', { orphan: false, threadId })
|
||||
.run?.();
|
||||
|
||||
return Promise.resolve();
|
||||
};
|
||||
|
||||
public createThread = async (options: {
|
||||
initialComment: {
|
||||
body: CommentBody;
|
||||
metadata?: unknown;
|
||||
};
|
||||
metadata?: unknown;
|
||||
}) => {
|
||||
const response = await fetchAPI(`documents/${this.docId}/threads/`, {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
body: options.initialComment.body,
|
||||
}),
|
||||
});
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to create thread in document',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
const thread = (await response.json()) as ServerThread;
|
||||
const threadData: ClientThreadData = serverThreadToClientThread(thread);
|
||||
this.upsertClientThreadData(threadData);
|
||||
this.notifySubscribers();
|
||||
this.ping(threadData.id);
|
||||
return threadData;
|
||||
};
|
||||
|
||||
public getThread(threadId: string) {
|
||||
const thread = this.threads.get(threadId);
|
||||
if (!thread) {
|
||||
throw new Error('Thread not found');
|
||||
}
|
||||
|
||||
return thread;
|
||||
}
|
||||
|
||||
public getThreads(): Map<string, ClientThreadData> {
|
||||
if (!this.docAuth.canSee) {
|
||||
return new Map();
|
||||
}
|
||||
|
||||
return this.threads;
|
||||
}
|
||||
|
||||
public async refreshThread(threadId: string) {
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${threadId}/`,
|
||||
{ method: 'GET' },
|
||||
);
|
||||
|
||||
// If not OK and 404, the thread might have been deleted but the
|
||||
// thread modal is still open, so we close it to avoid side effects
|
||||
if (response.status === 404) {
|
||||
// use escape key event to close the thread modal
|
||||
document.dispatchEvent(
|
||||
new KeyboardEvent('keydown', {
|
||||
key: 'Escape',
|
||||
code: 'Escape',
|
||||
keyCode: 27,
|
||||
bubbles: true,
|
||||
cancelable: true,
|
||||
}),
|
||||
);
|
||||
|
||||
await this.refreshThreads();
|
||||
return;
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
`Failed to fetch thread ${threadId}`,
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
const serverThread = (await response.json()) as ServerThread;
|
||||
|
||||
const clientThread = serverThreadToClientThread(serverThread);
|
||||
this.upsertClientThreadData(clientThread);
|
||||
this.notifySubscribers();
|
||||
}
|
||||
|
||||
public async refreshThreads(): Promise<void> {
|
||||
const response = await fetchAPI(`documents/${this.docId}/threads/`, {
|
||||
method: 'GET',
|
||||
});
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to get threads in document',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
const threads = (await response.json()) as ServerThreadListResponse;
|
||||
const next = new Map<string, ClientThreadData>();
|
||||
threads.results.forEach((thread) => {
|
||||
const threadData: ClientThreadData = serverThreadToClientThread(thread);
|
||||
next.set(thread.id, threadData);
|
||||
});
|
||||
this.threads = next;
|
||||
this.notifySubscribers();
|
||||
}
|
||||
|
||||
public addComment = async (options: {
|
||||
comment: {
|
||||
body: CommentBody;
|
||||
metadata?: unknown;
|
||||
};
|
||||
threadId: string;
|
||||
}) => {
|
||||
const { threadId } = options;
|
||||
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${threadId}/comments/`,
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
body: options.comment.body,
|
||||
}),
|
||||
},
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError('Failed to add comment ', await errorCauses(response));
|
||||
}
|
||||
|
||||
const comment = (await response.json()) as ServerComment;
|
||||
|
||||
// Optimistically update local thread with new comment
|
||||
const existing = this.threads.get(threadId);
|
||||
if (existing) {
|
||||
const updated: ClientThreadData = {
|
||||
...existing,
|
||||
updatedAt: new Date(comment.updated_at || comment.created_at),
|
||||
comments: [...existing.comments, serverCommentToClientComment(comment)],
|
||||
};
|
||||
this.upsertClientThreadData(updated);
|
||||
this.notifySubscribers();
|
||||
} else {
|
||||
// Fallback to fetching the thread if we don't have it locally
|
||||
await this.refreshThread(threadId);
|
||||
}
|
||||
this.ping(threadId);
|
||||
return serverCommentToClientComment(comment);
|
||||
};
|
||||
|
||||
public updateComment = async (options: {
|
||||
comment: {
|
||||
body: CommentBody;
|
||||
metadata?: unknown;
|
||||
};
|
||||
threadId: string;
|
||||
commentId: string;
|
||||
}) => {
|
||||
const { threadId, commentId, comment } = options;
|
||||
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${threadId}/comments/${commentId}/`,
|
||||
{
|
||||
method: 'PUT',
|
||||
body: JSON.stringify({
|
||||
body: comment.body,
|
||||
}),
|
||||
},
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to add thread to document',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
await this.refreshThread(threadId);
|
||||
this.ping(threadId);
|
||||
|
||||
return;
|
||||
};
|
||||
|
||||
public deleteComment = async (options: {
|
||||
threadId: string;
|
||||
commentId: string;
|
||||
softDelete?: boolean;
|
||||
}) => {
|
||||
const { threadId, commentId } = options;
|
||||
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${threadId}/comments/${commentId}/`,
|
||||
{
|
||||
method: 'DELETE',
|
||||
},
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to delete comment',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
// Optimistically remove the comment locally if we have the thread
|
||||
const existing = this.threads.get(threadId);
|
||||
if (existing) {
|
||||
const updated: ClientThreadData = {
|
||||
...existing,
|
||||
updatedAt: new Date(),
|
||||
comments: existing.comments.filter((c) => c.id !== commentId),
|
||||
};
|
||||
this.upsertClientThreadData(updated);
|
||||
this.notifySubscribers();
|
||||
} else {
|
||||
// Fallback to fetching the thread
|
||||
await this.refreshThread(threadId);
|
||||
}
|
||||
this.ping(threadId);
|
||||
};
|
||||
|
||||
/**
|
||||
* UI not implemented
|
||||
* @param _options
|
||||
*/
|
||||
public deleteThread = async (_options: { threadId: string }) => {
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${_options.threadId}/`,
|
||||
{
|
||||
method: 'DELETE',
|
||||
},
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to delete thread',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
// Remove locally and notify; no need to refetch everything
|
||||
this.removeThread(_options.threadId);
|
||||
this.notifySubscribers();
|
||||
this.ping(_options.threadId);
|
||||
};
|
||||
|
||||
public resolveThread = async (_options: { threadId: string }) => {
|
||||
const { threadId } = _options;
|
||||
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${threadId}/resolve/`,
|
||||
{ method: 'POST' },
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to resolve thread',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
await this.refreshThreads();
|
||||
this.ping(threadId);
|
||||
};
|
||||
|
||||
/**
|
||||
* Todo: Not implemented backend side
|
||||
* @returns
|
||||
* @throws
|
||||
*/
|
||||
public unresolveThread = async (_options: { threadId: string }) => {
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${_options.threadId}/unresolve/`,
|
||||
{ method: 'POST' },
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to unresolve thread',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
await this.refreshThread(_options.threadId);
|
||||
this.ping(_options.threadId);
|
||||
};
|
||||
|
||||
public addReaction = async (options: {
|
||||
threadId: string;
|
||||
commentId: string;
|
||||
emoji: string;
|
||||
}) => {
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${options.threadId}/comments/${options.commentId}/reactions/`,
|
||||
{
|
||||
method: 'POST',
|
||||
body: JSON.stringify({ emoji: options.emoji }),
|
||||
},
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to add reaction to comment',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
await this.refreshThread(options.threadId);
|
||||
this.notifySubscribers();
|
||||
this.ping(options.threadId);
|
||||
};
|
||||
|
||||
public deleteReaction = async (options: {
|
||||
threadId: string;
|
||||
commentId: string;
|
||||
emoji: string;
|
||||
}) => {
|
||||
const response = await fetchAPI(
|
||||
`documents/${this.docId}/threads/${options.threadId}/comments/${options.commentId}/reactions/`,
|
||||
{ method: 'DELETE', body: JSON.stringify({ emoji: options.emoji }) },
|
||||
);
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError(
|
||||
'Failed to delete reaction from comment',
|
||||
await errorCauses(response),
|
||||
);
|
||||
}
|
||||
|
||||
await this.refreshThread(options.threadId);
|
||||
this.notifySubscribers();
|
||||
this.ping(options.threadId);
|
||||
};
|
||||
}
|
||||
|
||||
const serverReactionToReactionData = (r: ServerReaction) => {
|
||||
return {
|
||||
emoji: r.emoji,
|
||||
createdAt: new Date(r.created_at),
|
||||
userIds: r.users?.map((user) =>
|
||||
encodeURIComponent(user.full_name || ''),
|
||||
) || [''],
|
||||
};
|
||||
};
|
||||
|
||||
const serverCommentToClientComment = (c: ServerComment): ClientCommentData => ({
|
||||
type: 'comment',
|
||||
id: c.id,
|
||||
userId: encodeURIComponent(c.user?.full_name || ''),
|
||||
body: c.body,
|
||||
createdAt: new Date(c.created_at),
|
||||
updatedAt: new Date(c.updated_at),
|
||||
reactions: (c.reactions ?? []).map(serverReactionToReactionData),
|
||||
metadata: { abilities: c.abilities },
|
||||
});
|
||||
|
||||
const serverThreadToClientThread = (t: ServerThread): ClientThreadData => ({
|
||||
type: 'thread',
|
||||
id: t.id,
|
||||
createdAt: new Date(t.created_at),
|
||||
updatedAt: new Date(t.updated_at),
|
||||
comments: (t.comments ?? []).map(serverCommentToClientComment),
|
||||
resolved: t.resolved,
|
||||
resolvedUpdatedAt: t.resolved_updated_at
|
||||
? new Date(t.resolved_updated_at)
|
||||
: undefined,
|
||||
resolvedBy: t.resolved_by || undefined,
|
||||
metadata: { abilities: t.abilities, metadata: t.metadata },
|
||||
});
|
||||
+94
@@ -0,0 +1,94 @@
|
||||
import { ThreadStoreAuth } from '@blocknote/core/comments';
|
||||
|
||||
import { ClientCommentData, ClientThreadData } from './types';
|
||||
|
||||
export class DocsThreadStoreAuth extends ThreadStoreAuth {
|
||||
constructor(
|
||||
private readonly userId: string,
|
||||
public canSee: boolean,
|
||||
) {
|
||||
super();
|
||||
}
|
||||
|
||||
canCreateThread(): boolean {
|
||||
return true;
|
||||
}
|
||||
|
||||
canAddComment(_thread: ClientThreadData): boolean {
|
||||
return true;
|
||||
}
|
||||
|
||||
canUpdateComment(comment: ClientCommentData): boolean {
|
||||
if (
|
||||
comment.metadata.abilities.partial_update &&
|
||||
comment.userId === this.userId
|
||||
) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
canDeleteComment(comment: ClientCommentData): boolean {
|
||||
if (comment.metadata.abilities.destroy) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
canDeleteThread(thread: ClientThreadData): boolean {
|
||||
if (thread.metadata.abilities.destroy) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
canResolveThread(thread: ClientThreadData): boolean {
|
||||
if (thread.metadata.abilities.resolve) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
/**
|
||||
* Not implemented backend side
|
||||
* @param _thread
|
||||
* @returns
|
||||
*/
|
||||
canUnresolveThread(_thread: ClientThreadData): boolean {
|
||||
return false;
|
||||
}
|
||||
|
||||
canAddReaction(comment: ClientCommentData, emoji?: string): boolean {
|
||||
if (!comment.metadata.abilities.reactions) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!emoji) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return !comment.reactions.some(
|
||||
(reaction) =>
|
||||
reaction.emoji === emoji && reaction.userIds.includes(this.userId),
|
||||
);
|
||||
}
|
||||
|
||||
canDeleteReaction(comment: ClientCommentData, emoji?: string): boolean {
|
||||
if (!comment.metadata.abilities.reactions) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (!emoji) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return comment.reactions.some(
|
||||
(reaction) =>
|
||||
reaction.emoji === emoji && reaction.userIds.includes(this.userId),
|
||||
);
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,3 @@
|
||||
export * from './CommentToolbarButton';
|
||||
export * from './styles';
|
||||
export * from './useComments';
|
||||
+214
@@ -0,0 +1,214 @@
|
||||
import { css } from 'styled-components';
|
||||
|
||||
export const cssComments = (
|
||||
canSeeComment: boolean,
|
||||
currentUserAvatarUrl?: string,
|
||||
) => css`
|
||||
& .--docs--main-editor,
|
||||
& .--docs--main-editor .ProseMirror {
|
||||
// Comments marks in the editor
|
||||
.bn-editor {
|
||||
.bn-thread-mark:not([data-orphan='true']),
|
||||
.bn-thread-mark-selected:not([data-orphan='true']) {
|
||||
background: ${canSeeComment ? '#EDB40066' : 'transparent'};
|
||||
color: var(--c--theme--colors--greyscale-700);
|
||||
}
|
||||
}
|
||||
|
||||
em-emoji-picker {
|
||||
box-shadow: 0px 6px 18px 0px #00001229;
|
||||
min-height: 420px;
|
||||
}
|
||||
|
||||
// Thread modal
|
||||
.bn-thread {
|
||||
width: 400px;
|
||||
padding: 8px;
|
||||
box-shadow: 0px 6px 18px 0px #00001229;
|
||||
margin-left: 20px;
|
||||
gap: 0;
|
||||
overflow: auto;
|
||||
max-height: 500px;
|
||||
|
||||
.bn-default-styles {
|
||||
font-family: var(--c--theme--font--families--base);
|
||||
}
|
||||
|
||||
.bn-block {
|
||||
font-size: 14px;
|
||||
}
|
||||
|
||||
.bn-inline-content:has(> .ProseMirror-trailingBreak:only-child):before {
|
||||
font-style: normal;
|
||||
font-size: 14px;
|
||||
}
|
||||
|
||||
// Remove tooltip
|
||||
*[role='tooltip'] {
|
||||
display: none;
|
||||
}
|
||||
|
||||
.bn-thread-comment {
|
||||
padding: 8px;
|
||||
|
||||
& .bn-editor {
|
||||
padding-left: 32px;
|
||||
.bn-inline-content {
|
||||
color: var(--c--theme--colors--greyscale-700);
|
||||
}
|
||||
}
|
||||
|
||||
// Emoji
|
||||
& .bn-badge-group {
|
||||
padding-left: 32px;
|
||||
.bn-badge label {
|
||||
padding: 0 4px;
|
||||
background: none;
|
||||
border: 1px solid var(--c--theme--colors--greyscale-300);
|
||||
border-radius: 4px;
|
||||
height: 24px;
|
||||
}
|
||||
}
|
||||
|
||||
// Top bar (Name / Date / Actions) when actions displayed
|
||||
&:has(.bn-comment-actions) {
|
||||
& > .mantine-Group-root {
|
||||
max-width: 70%;
|
||||
right: 0.3rem !important;
|
||||
top: 0.3rem !important;
|
||||
}
|
||||
|
||||
.bn-menu-dropdown {
|
||||
box-shadow: 0px 0px 6px 0px #0000911a;
|
||||
}
|
||||
}
|
||||
|
||||
// Top bar (Name / Date / Actions)
|
||||
& > .mantine-Group-root {
|
||||
flex-wrap: nowrap;
|
||||
max-width: 100%;
|
||||
gap: 0.5rem;
|
||||
|
||||
// Date
|
||||
span.mantine-focus-auto {
|
||||
display: inline-block;
|
||||
}
|
||||
|
||||
.bn-comment-actions {
|
||||
background: transparent;
|
||||
border: none;
|
||||
|
||||
.mantine-Button-root {
|
||||
background-color: transparent;
|
||||
|
||||
&:hover {
|
||||
background-color: var(--c--theme--colors--greyscale-100);
|
||||
}
|
||||
}
|
||||
|
||||
button[role='menuitem'] svg {
|
||||
color: var(--c--theme--colors--greyscale-600);
|
||||
}
|
||||
}
|
||||
|
||||
& svg {
|
||||
color: var(--c--theme--colors--info-600);
|
||||
}
|
||||
}
|
||||
|
||||
// Actions button edit comment
|
||||
.bn-container + .bn-comment-actions-wrapper {
|
||||
.bn-comment-actions {
|
||||
flex-direction: row-reverse;
|
||||
background: none;
|
||||
border: none;
|
||||
gap: 0.4rem !important;
|
||||
|
||||
& > button {
|
||||
height: 24px;
|
||||
padding-inline: 4px;
|
||||
|
||||
&[data-test='save'] {
|
||||
border: 1px solid var(--c--theme--colors--info-600);
|
||||
background: var(--c--theme--colors--info-600);
|
||||
color: white;
|
||||
}
|
||||
|
||||
&[data-test='cancel'] {
|
||||
background: white;
|
||||
border: 1px solid var(--c--theme--colors--greyscale-300);
|
||||
color: var(--c--theme--colors--info-600);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Input to add a new comment
|
||||
.bn-thread-composer,
|
||||
&:has(> .bn-comment-editor + .bn-comment-actions-wrapper) {
|
||||
padding: 0.5rem 8px;
|
||||
flex-direction: row;
|
||||
gap: 10px;
|
||||
|
||||
.bn-container.bn-comment-editor {
|
||||
min-width: 0;
|
||||
}
|
||||
|
||||
&::before {
|
||||
content: '';
|
||||
width: 26px;
|
||||
height: 26px;
|
||||
flex: 0 0 26px;
|
||||
background-image: ${currentUserAvatarUrl
|
||||
? `url("${currentUserAvatarUrl}")`
|
||||
: 'none'};
|
||||
background-position: center;
|
||||
background-repeat: no-repeat;
|
||||
background-size: cover;
|
||||
}
|
||||
}
|
||||
|
||||
// Actions button send comment
|
||||
.bn-thread-composer .bn-comment-actions-wrapper,
|
||||
&:not(.selected) .bn-comment-actions-wrapper {
|
||||
flex-basis: fit-content;
|
||||
|
||||
.bn-action-toolbar.bn-comment-actions {
|
||||
border: none;
|
||||
|
||||
button {
|
||||
font-size: 0;
|
||||
background: var(--c--theme--colors--info-600);
|
||||
width: 24px;
|
||||
height: 24px;
|
||||
padding: 0;
|
||||
|
||||
&:disabled {
|
||||
background: var(--c--theme--colors--greyscale-300);
|
||||
}
|
||||
|
||||
& .mantine-Button-label::before {
|
||||
content: '🡡';
|
||||
font-size: 13px;
|
||||
color: var(--c--theme--colors--greyscale-100);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Input first comment
|
||||
&:not(.selected) {
|
||||
gap: 0.5rem;
|
||||
|
||||
.bn-container.bn-comment-editor {
|
||||
min-width: 0;
|
||||
|
||||
.ProseMirror.bn-editor {
|
||||
cursor: text;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
`;
|
||||
@@ -0,0 +1,55 @@
|
||||
import { CommentData, ThreadData } from '@blocknote/core/comments';
|
||||
|
||||
import { UserLight } from '@/features/auth';
|
||||
|
||||
export interface CommentAbilities {
|
||||
destroy: boolean;
|
||||
update: boolean;
|
||||
partial_update: boolean;
|
||||
retrieve: boolean;
|
||||
reactions: boolean;
|
||||
}
|
||||
export interface ThreadAbilities {
|
||||
destroy: boolean;
|
||||
update: boolean;
|
||||
partial_update: boolean;
|
||||
retrieve: boolean;
|
||||
resolve: boolean;
|
||||
}
|
||||
|
||||
export interface ServerReaction {
|
||||
emoji: string;
|
||||
created_at: string;
|
||||
users: UserLight[] | null;
|
||||
}
|
||||
|
||||
export interface ServerComment {
|
||||
id: string;
|
||||
user: UserLight | null;
|
||||
body: unknown;
|
||||
created_at: string;
|
||||
updated_at: string;
|
||||
reactions: ServerReaction[];
|
||||
abilities: CommentAbilities;
|
||||
}
|
||||
|
||||
export interface ServerThread {
|
||||
id: string;
|
||||
created_at: string;
|
||||
updated_at: string;
|
||||
user: UserLight | null;
|
||||
resolved: boolean;
|
||||
resolved_updated_at: string | null;
|
||||
resolved_by: string | null;
|
||||
metadata: unknown;
|
||||
comments: ServerComment[];
|
||||
abilities: ThreadAbilities;
|
||||
}
|
||||
|
||||
export type ClientCommentData = Omit<CommentData, 'metadata'> & {
|
||||
metadata: { abilities: CommentAbilities };
|
||||
};
|
||||
|
||||
export type ClientThreadData = Omit<ThreadData, 'metadata'> & {
|
||||
metadata: { abilities: ThreadAbilities; metadata: unknown };
|
||||
};
|
||||
+33
@@ -0,0 +1,33 @@
|
||||
import { useEffect, useMemo } from 'react';
|
||||
|
||||
import { User } from '@/features/auth';
|
||||
import { Doc, useProviderStore } from '@/features/docs/doc-management';
|
||||
|
||||
import { DocsThreadStore } from './DocsThreadStore';
|
||||
import { DocsThreadStoreAuth } from './DocsThreadStoreAuth';
|
||||
|
||||
export function useComments(
|
||||
docId: Doc['id'],
|
||||
canComment: boolean,
|
||||
user: User | null | undefined,
|
||||
) {
|
||||
const { provider } = useProviderStore();
|
||||
const threadStore = useMemo(() => {
|
||||
return new DocsThreadStore(
|
||||
docId,
|
||||
provider?.awareness ?? undefined,
|
||||
new DocsThreadStoreAuth(
|
||||
encodeURIComponent(user?.full_name || ''),
|
||||
canComment,
|
||||
),
|
||||
);
|
||||
}, [docId, canComment, provider?.awareness, user?.full_name]);
|
||||
|
||||
useEffect(() => {
|
||||
return () => {
|
||||
threadStore?.destroy();
|
||||
};
|
||||
}, [threadStore]);
|
||||
|
||||
return threadStore;
|
||||
}
|
||||
@@ -136,6 +136,10 @@ export const cssEditor = css`
|
||||
border-left: none;
|
||||
}
|
||||
|
||||
.bn-toolbar {
|
||||
max-width: 95vw;
|
||||
}
|
||||
|
||||
/**
|
||||
* Quotes
|
||||
*/
|
||||
|
||||
@@ -44,7 +44,16 @@ export const constructParams = (params: DocsParams): URLSearchParams => {
|
||||
export type DocsResponse = APIList<Doc>;
|
||||
export const getDocs = async (params: DocsParams): Promise<DocsResponse> => {
|
||||
const searchParams = constructParams(params);
|
||||
const response = await fetchAPI(`documents/?${searchParams.toString()}`);
|
||||
let response
|
||||
|
||||
// HACK for fulltext search feature
|
||||
if (searchParams.has('title')) {
|
||||
searchParams.set('q', searchParams.get('title') || '');
|
||||
searchParams.delete('title');
|
||||
response = await fetchAPI(`documents/search?${searchParams.toString()}`);
|
||||
} else {
|
||||
response = await fetchAPI(`documents/?${searchParams.toString()}`);
|
||||
}
|
||||
|
||||
if (!response.ok) {
|
||||
throw new APIError('Failed to get the docs', await errorCauses(response));
|
||||
|
||||
@@ -80,6 +80,7 @@ export interface Doc {
|
||||
children_create: boolean;
|
||||
children_list: boolean;
|
||||
collaboration_auth: boolean;
|
||||
comment: boolean;
|
||||
destroy: boolean;
|
||||
duplicate: boolean;
|
||||
favorite: boolean;
|
||||
|
||||
+11
-1
@@ -108,6 +108,12 @@ export const DocShareAddMemberList = ({
|
||||
afterInvite?.();
|
||||
setIsLoading(false);
|
||||
};
|
||||
const inviteLabel =
|
||||
selectedUsers.length === 1
|
||||
? t('Invite {{name}}', {
|
||||
name: selectedUsers[0].full_name || selectedUsers[0].email,
|
||||
})
|
||||
: t('Invite {{count}} members', { count: selectedUsers.length });
|
||||
|
||||
return (
|
||||
<Box
|
||||
@@ -143,7 +149,11 @@ export const DocShareAddMemberList = ({
|
||||
currentRole={invitationRole}
|
||||
onSelectRole={setInvitationRole}
|
||||
/>
|
||||
<Button onClick={() => void onInvite()} disabled={isLoading}>
|
||||
<Button
|
||||
onClick={() => void onInvite()}
|
||||
disabled={isLoading}
|
||||
aria-label={inviteLabel}
|
||||
>
|
||||
{t('Invite')}
|
||||
</Button>
|
||||
</Box>
|
||||
|
||||
+5
@@ -1,4 +1,5 @@
|
||||
import { Button } from '@openfun/cunningham-react';
|
||||
import { useTranslation } from 'react-i18next';
|
||||
import { css } from 'styled-components';
|
||||
|
||||
import { Box, Icon, Text } from '@/components';
|
||||
@@ -10,6 +11,7 @@ type Props = {
|
||||
onRemoveUser?: (user: User) => void;
|
||||
};
|
||||
export const DocShareAddMemberListItem = ({ user, onRemoveUser }: Props) => {
|
||||
const { t } = useTranslation();
|
||||
const { spacingsTokens, colorsTokens, fontSizesTokens } =
|
||||
useCunninghamTheme();
|
||||
|
||||
@@ -42,6 +44,9 @@ export const DocShareAddMemberListItem = ({ user, onRemoveUser }: Props) => {
|
||||
size="nano"
|
||||
onClick={() => onRemoveUser?.(user)}
|
||||
icon={<Icon $variation="600" $size="sm" iconName="close" />}
|
||||
aria-label={t('Remove {{name}} from the invite list', {
|
||||
name: user.full_name || user.email,
|
||||
})}
|
||||
/>
|
||||
</Box>
|
||||
);
|
||||
|
||||
@@ -4,9 +4,7 @@ import {
|
||||
QuickSearchItemContentProps,
|
||||
} from '@/components/quick-search';
|
||||
import { useCunninghamTheme } from '@/cunningham';
|
||||
import { User } from '@/features/auth';
|
||||
|
||||
import { UserAvatar } from './UserAvatar';
|
||||
import { User, UserAvatar } from '@/features/auth';
|
||||
|
||||
type Props = {
|
||||
user: User;
|
||||
@@ -36,7 +34,7 @@ export const SearchUserRow = ({
|
||||
className="--docs--search-user-row"
|
||||
>
|
||||
<UserAvatar
|
||||
user={user}
|
||||
fullName={user.full_name || user.email}
|
||||
background={
|
||||
isInvitation ? colorsTokens['greyscale-400'] : undefined
|
||||
}
|
||||
|
||||
@@ -1,62 +0,0 @@
|
||||
import { css } from 'styled-components';
|
||||
|
||||
import { Text } from '@/components';
|
||||
import { tokens } from '@/cunningham';
|
||||
import { User } from '@/features/auth';
|
||||
|
||||
const colors = tokens.themes.default.theme.colors;
|
||||
|
||||
const avatarsColors = [
|
||||
colors['blue-500'],
|
||||
colors['brown-500'],
|
||||
colors['cyan-500'],
|
||||
colors['gold-500'],
|
||||
colors['green-500'],
|
||||
colors['olive-500'],
|
||||
colors['orange-500'],
|
||||
colors['pink-500'],
|
||||
colors['purple-500'],
|
||||
colors['yellow-500'],
|
||||
];
|
||||
|
||||
const getColorFromName = (name: string) => {
|
||||
let hash = 0;
|
||||
for (let i = 0; i < name.length; i++) {
|
||||
hash = name.charCodeAt(i) + ((hash << 5) - hash);
|
||||
}
|
||||
return avatarsColors[Math.abs(hash) % avatarsColors.length];
|
||||
};
|
||||
|
||||
type Props = {
|
||||
user: User;
|
||||
background?: string;
|
||||
};
|
||||
|
||||
export const UserAvatar = ({ user, background }: Props) => {
|
||||
const name = user.full_name || user.email || '?';
|
||||
const splitName = name?.split(' ');
|
||||
|
||||
return (
|
||||
<Text
|
||||
className="--docs--user-avatar"
|
||||
$align="center"
|
||||
$color="rgba(255, 255, 255, 0.9)"
|
||||
$justify="center"
|
||||
$background={background || getColorFromName(name)}
|
||||
$width="24px"
|
||||
$height="24px"
|
||||
$radius="50%"
|
||||
$size="10px"
|
||||
$textAlign="center"
|
||||
$textTransform="uppercase"
|
||||
$weight={600}
|
||||
$css={css`
|
||||
border: 1px solid rgba(255, 255, 255, 0.5);
|
||||
contain: content;
|
||||
`}
|
||||
>
|
||||
{splitName[0]?.charAt(0)}
|
||||
{splitName?.[1]?.charAt(0)}
|
||||
</Text>
|
||||
);
|
||||
};
|
||||
+3
-1
@@ -77,7 +77,9 @@ export const DocVersionEditor = ({
|
||||
return (
|
||||
<DocEditorContainer
|
||||
docHeader={<DocVersionHeader />}
|
||||
docEditor={<BlockNoteReader initialContent={initialContent} />}
|
||||
docEditor={
|
||||
<BlockNoteReader initialContent={initialContent} docId={version.id} />
|
||||
}
|
||||
isDeletedDoc={false}
|
||||
readOnly={true}
|
||||
/>
|
||||
|
||||
+26
-48
@@ -5,23 +5,12 @@ import {
|
||||
PanelGroup,
|
||||
PanelResizeHandle,
|
||||
} from 'react-resizable-panels';
|
||||
import { createGlobalStyle } from 'styled-components';
|
||||
|
||||
import { useCunninghamTheme } from '@/cunningham';
|
||||
|
||||
interface PanelStyleProps {
|
||||
$isResizing: boolean;
|
||||
}
|
||||
|
||||
const PanelStyle = createGlobalStyle<PanelStyleProps>`
|
||||
${({ $isResizing }) => $isResizing && `body * { transition: none !important; }`}
|
||||
`;
|
||||
|
||||
// Convert a target pixel width to a percentage of the current viewport width.
|
||||
// react-resizable-panels expects sizes in %, not px.
|
||||
const calculateDefaultSize = (targetWidth: number) => {
|
||||
const windowWidth = window.innerWidth;
|
||||
return (targetWidth / windowWidth) * 100;
|
||||
const pxToPercent = (px: number) => {
|
||||
return (px / window.innerWidth) * 100;
|
||||
};
|
||||
|
||||
type ResizableLeftPanelProps = {
|
||||
@@ -37,60 +26,49 @@ export const ResizableLeftPanel = ({
|
||||
minPanelSizePx = 300,
|
||||
maxPanelSizePx = 450,
|
||||
}: ResizableLeftPanelProps) => {
|
||||
const [isResizing, setIsResizing] = useState(false);
|
||||
const { colorsTokens } = useCunninghamTheme();
|
||||
const ref = useRef<ImperativePanelHandle>(null);
|
||||
const resizeTimeoutRef = useRef<number | undefined>(undefined);
|
||||
const savedWidthPxRef = useRef<number>(minPanelSizePx);
|
||||
|
||||
const [minPanelSize, setMinPanelSize] = useState(0);
|
||||
const [maxPanelSize, setMaxPanelSize] = useState(0);
|
||||
const [panelSizePercent, setPanelSizePercent] = useState(() =>
|
||||
pxToPercent(minPanelSizePx),
|
||||
);
|
||||
|
||||
// Single resize listener that handles both panel size updates and transition disabling
|
||||
const minPanelSizePercent = pxToPercent(minPanelSizePx);
|
||||
const maxPanelSizePercent = Math.min(pxToPercent(maxPanelSizePx), 40);
|
||||
|
||||
// Keep pixel width constant on window resize
|
||||
useEffect(() => {
|
||||
const handleResize = () => {
|
||||
// Update panel sizes (px -> %)
|
||||
const min = Math.round(calculateDefaultSize(minPanelSizePx));
|
||||
const max = Math.round(
|
||||
Math.min(calculateDefaultSize(maxPanelSizePx), 40),
|
||||
);
|
||||
setMinPanelSize(min);
|
||||
setMaxPanelSize(max);
|
||||
|
||||
// Temporarily disable transitions to avoid flicker
|
||||
setIsResizing(true);
|
||||
if (resizeTimeoutRef.current) {
|
||||
clearTimeout(resizeTimeoutRef.current);
|
||||
const newPercent = pxToPercent(savedWidthPxRef.current);
|
||||
setPanelSizePercent(newPercent);
|
||||
if (ref.current) {
|
||||
ref.current.resize?.(newPercent - (ref.current.getSize() || 0));
|
||||
}
|
||||
resizeTimeoutRef.current = window.setTimeout(() => {
|
||||
setIsResizing(false);
|
||||
}, 150);
|
||||
};
|
||||
|
||||
handleResize();
|
||||
|
||||
window.addEventListener('resize', handleResize);
|
||||
|
||||
return () => {
|
||||
window.removeEventListener('resize', handleResize);
|
||||
if (resizeTimeoutRef.current) {
|
||||
clearTimeout(resizeTimeoutRef.current);
|
||||
}
|
||||
};
|
||||
}, [minPanelSizePx, maxPanelSizePx]);
|
||||
}, []);
|
||||
|
||||
const handleResize = (sizePercent: number) => {
|
||||
const widthPx = (sizePercent / 100) * window.innerWidth;
|
||||
savedWidthPxRef.current = widthPx;
|
||||
setPanelSizePercent(sizePercent);
|
||||
};
|
||||
|
||||
return (
|
||||
<>
|
||||
<PanelStyle $isResizing={isResizing} />
|
||||
<PanelGroup
|
||||
autoSaveId="docs-left-panel-persistence"
|
||||
direction="horizontal"
|
||||
>
|
||||
<PanelGroup direction="horizontal">
|
||||
<Panel
|
||||
ref={ref}
|
||||
order={0}
|
||||
defaultSize={minPanelSize}
|
||||
minSize={minPanelSize}
|
||||
maxSize={maxPanelSize}
|
||||
defaultSize={panelSizePercent}
|
||||
minSize={minPanelSizePercent}
|
||||
maxSize={maxPanelSizePercent}
|
||||
onResize={handleResize}
|
||||
>
|
||||
{leftPanel}
|
||||
</Panel>
|
||||
|
||||
@@ -188,6 +188,7 @@ export class ApiPlugin implements WorkboxPlugin {
|
||||
children_create: true,
|
||||
children_list: true,
|
||||
collaboration_auth: true,
|
||||
comment: true,
|
||||
destroy: true,
|
||||
duplicate: true,
|
||||
favorite: true,
|
||||
|
||||
@@ -1 +0,0 @@
|
||||
helmfile.yaml
|
||||
Reference in New Issue
Block a user