minor cleanup (#1706)

samplesheets/tests/test_permissions_api_taskflow.py

@@ -10,8 +10,12 @@
 # Taskflowbackend dependency
 from taskflowbackend.tests.base import TaskflowAPIPermissionTestBase
 
-from samplesheets.models import IrodsDataRequest, IRODS_REQUEST_STATUS_ACTIVE
+from samplesheets.models import (
+    IRODS_REQUEST_ACTION_DELETE,
+    IRODS_REQUEST_STATUS_ACTIVE,
+)
 from samplesheets.tests.test_io import SampleSheetIOMixin
+from samplesheets.tests.test_models import IrodsDataRequestMixin
 from samplesheets.tests.test_permissions import SHEET_PATH
 from samplesheets.tests.test_views_api_taskflow import (
     IRODS_FILE_PATH,
@@ -31,23 +35,6 @@ class IrodsDataRequestAPIViewTestBase(
 ):
     """Base class for iRODS data request API view permission tests"""
 
-    # TODO: Is this needed? In permission tests we do not check for e.g. alerts
-    def create_request(self):
-        """Helper function to create a request with taskflow"""
-        self.assertEqual(IrodsDataRequest.objects.count(), 0)
-        url = reverse(
-            'samplesheets:api_irods_request_create',
-            kwargs={'project': self.project.sodar_uuid},
-        )
-        post_data = {'path': self.obj_path + '/', 'description': ''}
-        self.request_knox(
-            url,
-            'POST',
-            data=post_data,
-            token=self.get_token(self.user_contributor),
-        )
-        return IrodsDataRequest.objects.first()
-
     def setUp(self):
         super().setUp()
         # Import investigation
@@ -86,10 +73,10 @@ def setUp(self):
             IRODS_FILE_PATH, coll_path, **{REG_CHKSUM_KW: ''}
         )
         self.post_data = {'checksum': IRODS_FILE_MD5}
+        self.url = reverse('samplesheets:api_file_exists')
 
     def test_get(self):
         """Test SampleDataFileExistsAPIView GET"""
-        url = reverse('samplesheets:api_file_exists')
         good_users = [
             self.superuser,
             self.user_owner_cat,
@@ -103,15 +90,19 @@ def test_get(self):
             self.user_guest,
             self.user_no_roles,
         ]
-        self.assert_response_api(url, good_users, 200, data=self.post_data)
-        self.assert_response_api(url, self.anonymous, 401, data=self.post_data)
+        self.assert_response_api(self.url, good_users, 200, data=self.post_data)
+        self.assert_response_api(
+            self.url, self.anonymous, 401, data=self.post_data
+        )
 
-    # TODO: Test get anonymous
+    @override_settings(PROJECTROLES_ALLOW_ANONYMOUS=True)
+    def test_get_anon(self):
+        """Test GET with anonymous access"""
+        self.assert_response_api(self.url, self.anonymous, 401)
 
     def test_get_archive(self):
         """Test GET with archived project"""
         self.project.set_archive()
-        url = reverse('samplesheets:api_file_exists')
         good_users = [
             self.superuser,
             self.user_owner_cat,
@@ -125,8 +116,10 @@ def test_get_archive(self):
             self.user_guest,
             self.user_no_roles,
         ]
-        self.assert_response_api(url, good_users, 200, data=self.post_data)
-        self.assert_response_api(url, self.anonymous, 401, data=self.post_data)
+        self.assert_response_api(self.url, good_users, 200, data=self.post_data)
+        self.assert_response_api(
+            self.url, self.anonymous, 401, data=self.post_data
+        )
 
 
 class TestIrodsDataRequestListAPIView(
@@ -201,7 +194,7 @@ def setUp(self):
             'samplesheets:api_irods_request_create',
             kwargs={'project': self.project.sodar_uuid},
         )
-        self.post_data = {'path': self.obj_path + '/', 'description': 'bla'}
+        self.post_data = {'path': self.obj_path + '/', 'description': ''}
 
     def test_create(self):
         """Test IrodsDataRequestCreateAPIView POST"""
@@ -269,15 +262,23 @@ def test_create_archive(self):
         )
 
 
-class TestIrodsDataRequestUpdateAPIView(IrodsDataRequestAPIViewTestBase):
+class TestIrodsDataRequestUpdateAPIView(
+    IrodsDataRequestMixin, IrodsDataRequestAPIViewTestBase
+):
     """Test permissions for IrodsDataRequestUpdateAPIView"""
 
     def setUp(self):
         super().setUp()
-        self.irods_request = self.create_request()
+        self.request = self.make_irods_request(
+            project=self.project,
+            action=IRODS_REQUEST_ACTION_DELETE,
+            path=IRODS_FILE_PATH,
+            status=IRODS_REQUEST_STATUS_ACTIVE,
+            user=self.user_contributor,
+        )
         self.url = reverse(
             'samplesheets:api_irods_request_update',
-            kwargs={'irodsdatarequest': self.irods_request.sodar_uuid},
+            kwargs={'irodsdatarequest': self.request.sodar_uuid},
         )
         self.update_data = {'path': self.obj_path, 'description': 'Updated'}
 
@@ -346,7 +347,9 @@ def test_update_archive(self):
 # NOTE: For IrodsDataRequestDestroyAPIView, see test_permissions_api
 
 
-class TestIrodsDataRequestAcceptAPIView(IrodsDataRequestAPIViewTestBase):
+class TestIrodsDataRequestAcceptAPIView(
+    IrodsDataRequestMixin, IrodsDataRequestAPIViewTestBase
+):
     """Test permissions for TestIrodsDataRequestAcceptAPIView"""
 
     def _cleanup(self):
@@ -355,7 +358,13 @@ def _cleanup(self):
 
     def setUp(self):
         super().setUp()
-        self.request = self.create_request()
+        self.request = self.make_irods_request(
+            project=self.project,
+            action=IRODS_REQUEST_ACTION_DELETE,
+            path=IRODS_FILE_PATH,
+            status=IRODS_REQUEST_STATUS_ACTIVE,
+            user=self.user_contributor,
+        )
         self.url = reverse(
             'samplesheets:api_irods_request_accept',
             kwargs={'irodsdatarequest': self.request.sodar_uuid},

samplesheets/views.py

@@ -2513,7 +2513,6 @@ class IrodsDataRequestUpdateView(
     slug_url_kwarg = 'irodsdatarequest'
     slug_field = 'sodar_uuid'
 
-    # TODO: Make this a common method for UI and API views
     def has_permission(self):
         """Override has_permission() to check update perms"""
         if not self.has_irods_request_update_perms(
@@ -2556,7 +2555,6 @@ class IrodsDataRequestDeleteView(
     slug_field = 'sodar_uuid'
     template_name = 'samplesheets/irods_request_confirm_delete.html'
 
-    # TODO: Make this a common method for UI and API views
     def has_permission(self):
         """Override has_permission() to check update perms"""
         if not self.has_irods_request_update_perms(