From 5afa6e9b8b6a04eae9966d7343cfefa4dd8fb97a Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Tue, 25 Apr 2017 15:27:49 -0400
Subject: [PATCH 001/163] Add reindex buttons to admin

---
 admin/nodes/urls.py                           |  4 ++
 admin/nodes/views.py                          | 52 ++++++++++++++++++-
 admin/preprints/urls.py                       |  2 +
 admin/preprints/views.py                      | 36 ++++++++++++-
 admin/templates/nodes/node.html               | 26 ++++++++++
 .../templates/nodes/reindex_node_elastic.html | 13 +++++
 admin/templates/nodes/reindex_node_share.html | 13 +++++
 admin/templates/preprints/preprint.html       | 13 +++++
 .../preprints/reindex_preprint_share.html     | 13 +++++
 .../templates/users/reindex_user_elastic.html | 13 +++++
 admin/templates/users/user.html               | 13 +++++
 admin/users/urls.py                           |  2 +
 admin/users/views.py                          | 21 +++++++-
 osf/models/admin_log_entry.py                 |  2 +
 website/project/tasks.py                      | 47 +++++++++--------
 15 files changed, 244 insertions(+), 26 deletions(-)
 create mode 100644 admin/templates/nodes/reindex_node_elastic.html
 create mode 100644 admin/templates/nodes/reindex_node_share.html
 create mode 100644 admin/templates/preprints/reindex_preprint_share.html
 create mode 100644 admin/templates/users/reindex_user_elastic.html

diff --git a/admin/nodes/urls.py b/admin/nodes/urls.py
index 9fde2beb5a4..f947988cdac 100644
--- a/admin/nodes/urls.py
+++ b/admin/nodes/urls.py
@@ -23,6 +23,10 @@
         name='confirm-spam'),
     url(r'^(?P<guid>[a-z0-9]+)/confirm_ham/$', views.NodeConfirmHamView.as_view(),
         name='confirm-ham'),
+    url(r'^(?P<guid>[a-z0-9]+)/reindex_share_node/$', views.NodeReindexShare.as_view(),
+        name='reindex-share-node'),
+    url(r'^(?P<guid>[a-z0-9]+)/reindex_elastic_node/$', views.NodeReindexElastic.as_view(),
+        name='reindex-elastic-node'),
     url(r'^(?P<node_id>[a-z0-9]+)/remove_user/(?P<user_id>[a-z0-9]+)/$',
         views.NodeRemoveContributorView.as_view(), name='remove_user'),
 ]
diff --git a/admin/nodes/views.py b/admin/nodes/views.py
index 2dd4fa9435e..7002ace4873 100644
--- a/admin/nodes/views.py
+++ b/admin/nodes/views.py
@@ -8,6 +8,7 @@
 from django.contrib.auth.mixins import PermissionRequiredMixin
 from modularodm import Q
 
+from website import settings, search
 from website.models import NodeLog
 from osf.models.user import OSFUser
 from osf.models.node import Node
@@ -18,10 +19,15 @@
     NODE_REMOVED,
     NODE_RESTORED,
     CONTRIBUTOR_REMOVED,
-    CONFIRM_SPAM, CONFIRM_HAM)
+    CONFIRM_SPAM, 
+    CONFIRM_HAM,
+    REINDEX_SHARE,
+    REINDEX_ELASTIC,
+    )
 from admin.nodes.templatetags.node_extras import reverse_node
 from admin.nodes.serializers import serialize_node, serialize_simple_user_and_node_permissions
 from website.project.spam.model import SpamStatus
+from website.project.tasks import update_node_share, on_registration_updated
 from website.project.views.register import osf_admin_change_status_identifier
 
 
@@ -318,3 +324,47 @@ def delete(self, request, *args, **kwargs):
             action_flag=CONFIRM_HAM
         )
         return redirect(reverse_node(self.kwargs.get('guid')))
+
+class NodeReindexShare(PermissionRequiredMixin, NodeDeleteBase):
+    template_name = 'nodes/reindex_node_share.html'
+    permission_required = 'osf.mark_spam'
+    raise_exception = True
+
+    def get_object(self, queryset=None):
+        return Node.load(self.kwargs.get('guid')) or Registration.load(self.kwargs.get('guid'))
+
+    def delete(self, request, *args, **kwargs):
+        node = self.get_object()
+        if settings.SHARE_URL and settings.SHARE_API_TOKEN:
+            if node.is_registration:
+                on_registration_updated(node)
+            else:
+                update_node_share(node)
+            update_admin_log(
+                user_id=self.request.user.id,
+                object_id=node._id,
+                object_repr='Node',
+                message='Node Reindexed (SHARE): {}'.format(node._id),
+                action_flag=REINDEX_SHARE
+            )
+        return redirect(reverse_node(self.kwargs.get('guid')))
+
+class NodeReindexElastic(PermissionRequiredMixin, NodeDeleteBase):
+    template_name = 'nodes/reindex_node_elastic.html'
+    permission_required = 'osf.mark_spam'
+    raise_exception = True
+
+    def get_object(self, queryset=None):
+        return Node.load(self.kwargs.get('guid')) or Registration.load(self.kwargs.get('guid'))
+
+    def delete(self, request, *args, **kwargs):
+        node = self.get_object()
+        search.search.update_node(node, bulk=False, async=False)
+        update_admin_log(
+            user_id=self.request.user.id,
+            object_id=node._id,
+            object_repr='Node',
+            message='Node Reindexed (Elastic): {}'.format(node._id),
+            action_flag=REINDEX_SHARE
+        )
+        return redirect(reverse_node(self.kwargs.get('guid')))
diff --git a/admin/preprints/urls.py b/admin/preprints/urls.py
index b3980aaae0a..fff3bba55a6 100644
--- a/admin/preprints/urls.py
+++ b/admin/preprints/urls.py
@@ -5,4 +5,6 @@
 urlpatterns = [
     url(r'^$', views.PreprintFormView.as_view(), name='search'),
     url(r'^(?P<guid>[a-z0-9]+)/$', views.PreprintView.as_view(), name='preprint'),
+    url(r'^(?P<guid>[a-z0-9]+)/reindex_share_preprint/$', views.PreprintReindexShare.as_view(),
+        name='reindex-share-preprint'),
 ]
diff --git a/admin/preprints/views.py b/admin/preprints/views.py
index b795c3aa21f..d0603e25b82 100644
--- a/admin/preprints/views.py
+++ b/admin/preprints/views.py
@@ -1,11 +1,14 @@
 from __future__ import unicode_literals
 
-from django.views.generic import UpdateView
+from django.views.generic import UpdateView, DeleteView
 from django.core.urlresolvers import reverse_lazy
 from django.contrib.auth.mixins import PermissionRequiredMixin
+from django.shortcuts import redirect
 
-
+from osf.models.admin_log_entry import update_admin_log, REINDEX_SHARE
+from website import settings, search
 from website.preprints.model import PreprintService
+from website.preprints.tasks import on_preprint_updated
 from framework.exceptions import PermissionsError
 from admin.base.views import GuidFormView, GuidView
 from admin.nodes.templatetags.node_extras import reverse_preprint
@@ -57,3 +60,32 @@ def get_context_data(self, **kwargs):
         kwargs['change_provider_form'] = ChangeProviderForm(instance=preprint)
         kwargs['subjects'] = serialize_subjects(preprint.subjects)
         return super(PreprintView, self).get_context_data(**kwargs)
+
+
+class PreprintReindexShare(PermissionRequiredMixin, DeleteView):
+    template_name = 'preprints/reindex_preprint_share.html'
+    context_object_name = 'preprintservice'
+    object = None
+    permission_required = 'osf.view_preprintservice'
+    raise_exception = True
+
+    def get_context_data(self, **kwargs):
+        context = {}
+        context.setdefault('guid', kwargs.get('object')._id)
+        return super(PreprintReindexShare, self).get_context_data(**context)
+
+    def get_object(self, queryset=None):
+        return PreprintService.load(self.kwargs.get('guid'))
+
+    def delete(self, request, *args, **kwargs):
+        preprint = self.get_object()
+        if settings.SHARE_URL and settings.SHARE_API_TOKEN:
+            on_preprint_updated(preprint._id)
+            update_admin_log(
+                user_id=self.request.user.id,
+                object_id=preprint._id,
+                object_repr='Preprint',
+                message='Preprint Reindexed (SHARE): {}'.format(preprint._id),
+                action_flag=REINDEX_SHARE
+            )
+        return redirect(reverse_preprint(self.kwargs.get('guid')))
diff --git a/admin/templates/nodes/node.html b/admin/templates/nodes/node.html
index a70f1cf1989..97891caba28 100644
--- a/admin/templates/nodes/node.html
+++ b/admin/templates/nodes/node.html
@@ -72,6 +72,32 @@
                 </div>
             </div>
             {% endif %}
+            <span class="col-md-2">
+                <a href="{% url 'nodes:reindex-share-node' guid=node.id %}"
+                   data-toggle="modal" data-target="#confirmReindexShareNode"
+                   class="btn btn-default">
+                    SHARE Reindex
+                </a>
+            </span>
+            <div class="modal" id="confirmReindexShareNode">
+                <div class="modal-dialog">
+                    <div class="modal-content"></div>
+                    {# Data from above link #}
+                </div>
+            </div>
+            <span class="col-md-2">
+                <a href="{% url 'nodes:reindex-elastic-node' guid=node.id %}"
+                   data-toggle="modal" data-target="#confirmReindexElasticNode"
+                   class="btn btn-default">
+                    Elastic Reindex
+                </a>
+            </span>
+            <div class="modal" id="confirmReindexElasticNode">
+                <div class="modal-dialog">
+                    <div class="modal-content"></div>
+                    {# Data from above link #}
+                </div>
+            </div>
         </div>
         <div class="row">
             {% if node.is_registration %}
diff --git a/admin/templates/nodes/reindex_node_elastic.html b/admin/templates/nodes/reindex_node_elastic.html
new file mode 100644
index 00000000000..3bf45e3a1a3
--- /dev/null
+++ b/admin/templates/nodes/reindex_node_elastic.html
@@ -0,0 +1,13 @@
+<form class="well" method="post" action="{% url 'nodes:reindex-elastic-node' guid=guid %}">
+    <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal">x</button>
+        <h3>Are you sure you want to reindex this node (Elastic)? {{ guid }}</h3>
+    </div>
+    {% csrf_token %}
+    <div class="modal-footer">
+        <input class="btn btn-danger" type="submit" value="Confirm" />
+        <button type="button" class="btn btn-default" data-dismiss="modal">
+            Cancel
+        </button>
+    </div>
+</form>
diff --git a/admin/templates/nodes/reindex_node_share.html b/admin/templates/nodes/reindex_node_share.html
new file mode 100644
index 00000000000..67693b52665
--- /dev/null
+++ b/admin/templates/nodes/reindex_node_share.html
@@ -0,0 +1,13 @@
+<form class="well" method="post" action="{% url 'nodes:reindex-share-node' guid=guid %}">
+    <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal">x</button>
+        <h3>Are you sure you want to reindex this node (SHARE)? {{ guid }}</h3>
+    </div>
+    {% csrf_token %}
+    <div class="modal-footer">
+        <input class="btn btn-danger" type="submit" value="Confirm" />
+        <button type="button" class="btn btn-default" data-dismiss="modal">
+            Cancel
+        </button>
+    </div>
+</form>
diff --git a/admin/templates/preprints/preprint.html b/admin/templates/preprints/preprint.html
index f14357df0d9..92457449d70 100644
--- a/admin/templates/preprints/preprint.html
+++ b/admin/templates/preprints/preprint.html
@@ -39,6 +39,19 @@
                     </span>
                 {% endif %}
                 {% endif %}
+            <span class="col-md-2">
+                <a href="{% url 'preprints:reindex-share-preprint' guid=serialized_preprint.id %}"
+                   data-toggle="modal" data-target="#confirmReindexSharePreprint"
+                   class="btn btn-default">
+                    SHARE Reindex
+                </a>
+            </span>
+            <div class="modal" id="confirmReindexSharePreprint">
+                <div class="modal-dialog">
+                    <div class="modal-content"></div>
+                    {# Data from above link #}
+                </div>
+            </div>
             </div>
         </div>
         <div class="row">
diff --git a/admin/templates/preprints/reindex_preprint_share.html b/admin/templates/preprints/reindex_preprint_share.html
new file mode 100644
index 00000000000..f010cf19e50
--- /dev/null
+++ b/admin/templates/preprints/reindex_preprint_share.html
@@ -0,0 +1,13 @@
+<form class="well" method="post" action="{% url 'preprints:reindex-share-preprint' guid=guid %}">
+    <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal">x</button>
+        <h3>Are you sure you want to reindex this preprint (SHARE)? {{ guid }}</h3>
+    </div>
+    {% csrf_token %}
+    <div class="modal-footer">
+        <input class="btn btn-danger" type="submit" value="Confirm" />
+        <button type="button" class="btn btn-default" data-dismiss="modal">
+            Cancel
+        </button>
+    </div>
+</form>
diff --git a/admin/templates/users/reindex_user_elastic.html b/admin/templates/users/reindex_user_elastic.html
new file mode 100644
index 00000000000..44d8f6bbb30
--- /dev/null
+++ b/admin/templates/users/reindex_user_elastic.html
@@ -0,0 +1,13 @@
+<form class="well" method="post" action="{% url 'users:reindex-elastic-user' guid=guid %}">
+    <div class="modal-header">
+        <button type="button" class="close" data-dismiss="modal">x</button>
+        <h3>Are you sure you want to reindex this user (Elastic)? {{ guid }}</h3>
+    </div>
+    {% csrf_token %}
+    <div class="modal-footer">
+        <input class="btn btn-danger" type="submit" value="Confirm" />
+        <button type="button" class="btn btn-default" data-dismiss="modal">
+            Cancel
+        </button>
+    </div>
+</form>
diff --git a/admin/templates/users/user.html b/admin/templates/users/user.html
index 7fb5a220b08..3ffa56b669a 100644
--- a/admin/templates/users/user.html
+++ b/admin/templates/users/user.html
@@ -105,6 +105,19 @@
                         </div>
                     </div>
                     {% endif %}
+                    <span class="col-md-2">
+                        <a href="{% url 'users:reindex-elastic-user' guid=user.id %}"
+                        data-toggle="modal" data-target="#confirmReindexElasticUser"
+                        class="btn btn-default">
+                            Elastic Reindex
+                        </a>
+                    </span>
+                    <div class="modal" id="confirmReindexElasticUser">
+                        <div class="modal-dialog">
+                            <div class="modal-content"></div>
+                            {# Data from above link #}
+                        </div>
+                    </div>
                 </span>
             {% endif %}
         </div>
diff --git a/admin/users/urls.py b/admin/users/urls.py
index 162c7bffc11..9743796fc7b 100644
--- a/admin/users/urls.py
+++ b/admin/users/urls.py
@@ -29,4 +29,6 @@
     url(r'^(?P<guid>[a-z0-9]+)/two-factor/disable/$',
         views.User2FactorDeleteView.as_view(),
         name='remove2factor'),
+    url(r'^(?P<guid>[a-z0-9]+)/reindex_elastic_user/$', views.UserReindexElastic.as_view(),
+        name='reindex-elastic-user'),
 ]
diff --git a/admin/users/views.py b/admin/users/views.py
index 7d1dba04506..67c216556bc 100644
--- a/admin/users/views.py
+++ b/admin/users/views.py
@@ -19,6 +19,7 @@
 from framework.auth.core import generate_verification_key
 
 from website.mailchimp_utils import subscribe_on_confirm
+from website import search
 
 from admin.base.views import GuidFormView, GuidView
 from osf.models.admin_log_entry import (
@@ -27,7 +28,9 @@
     USER_EMAILED,
     USER_REMOVED,
     USER_RESTORED,
-    CONFIRM_SPAM)
+    CONFIRM_SPAM,
+    REINDEX_ELASTIC,
+    )
 
 from admin.users.serializers import serialize_user
 from admin.users.forms import EmailResetForm, WorkshopForm
@@ -439,3 +442,19 @@ def form_valid(self, form):
     @property
     def success_url(self):
         return reverse_user(self.kwargs.get('guid'))
+
+
+class UserReindexElastic(UserDeleteView):
+    template_name = 'users/reindex_user_elastic.html'
+
+    def delete(self, request, *args, **kwargs):
+        user = self.get_object()
+        search.search.update_user(user, async=False)
+        update_admin_log(
+            user_id=self.request.user.id,
+            object_id=user._id,
+            object_repr='User',
+            message='User Reindexed (Elastic): {}'.format(user._id),
+            action_flag=REINDEX_ELASTIC
+        )
+        return redirect(reverse_user(self.kwargs.get('guid')))
diff --git a/osf/models/admin_log_entry.py b/osf/models/admin_log_entry.py
index 6eb75cf9344..7795a8374be 100644
--- a/osf/models/admin_log_entry.py
+++ b/osf/models/admin_log_entry.py
@@ -18,6 +18,8 @@
 USER_2_FACTOR = 42
 USER_EMAILED = 43
 
+REINDEX_SHARE = 50
+REINDEX_ELASTIC = 51
 
 def update_admin_log(user_id, object_id, object_repr, message, action_flag=UNKNOWN):
     AdminLogEntry.objects.log_action(
diff --git a/website/project/tasks.py b/website/project/tasks.py
index f61fcdb12fb..f9f6d1cc3c8 100644
--- a/website/project/tasks.py
+++ b/website/project/tasks.py
@@ -38,28 +38,31 @@ def on_node_updated(node_id, user_id, first_save, saved_fields, request_headers=
             if node.is_registration:
                 on_registration_updated(node)
             else:
-                resp = requests.post('{}api/normalizeddata/'.format(settings.SHARE_URL), json={
-                    'data': {
-                        'type': 'NormalizedData',
-                        'attributes': {
-                            'tasks': [],
-                            'raw': None,
-                            'data': {'@graph': [{
-                                '@id': '_:123',
-                                '@type': 'workidentifier',
-                                'creative_work': {'@id': '_:789', '@type': 'project'},
-                                'uri': '{}{}/'.format(settings.DOMAIN, node._id),
-                            }, {
-                                '@id': '_:789',
-                                '@type': 'project',
-                                'is_deleted': not node.is_public or node.is_deleted or node.is_spammy,
-                            }]}
-                        }
-                    }
-                }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'})
-                logger.debug(resp.content)
-                resp.raise_for_status()
-
+                update_node_share(node)
+
+def update_node_share(node):
+    resp = requests.post('{}api/normalizeddata/'.format(settings.SHARE_URL),
+        json={
+            'data': {
+                'type': 'NormalizedData',
+                'attributes': {
+                    'tasks': [],
+                    'raw': None,
+                    'data': {'@graph': [{
+                        '@id': '_:123',
+                        '@type': 'workidentifier',
+                        'creative_work': {'@id': '_:789', '@type': 'project'},
+                        'uri': '{}{}/'.format(settings.DOMAIN, node._id),
+                    }, {
+                        '@id': '_:789',
+                        '@type': 'project',
+                        'is_deleted': not node.is_public or node.is_deleted or node.is_spammy,
+                    }]}
+                }
+            }
+        }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'})
+    logger.debug(resp.content)
+    resp.raise_for_status()
 
 def on_registration_updated(node):
     resp = requests.post('{}api/v2/normalizeddata/'.format(settings.SHARE_URL), json={

From 7ed9bea02f371c90fdb484961ff38f40eca8a08f Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Wed, 26 Apr 2017 12:32:41 -0400
Subject: [PATCH 002/163] Add node tests; cleanup

---
 admin/nodes/views.py            | 30 ++++++-------
 admin/preprints/views.py        |  2 +-
 admin/users/views.py            |  2 +-
 admin_tests/nodes/test_views.py | 77 +++++++++++++++++++++++++++++++--
 website/project/tasks.py        | 19 ++++----
 5 files changed, 100 insertions(+), 30 deletions(-)

diff --git a/admin/nodes/views.py b/admin/nodes/views.py
index 7002ace4873..141ec8fa598 100644
--- a/admin/nodes/views.py
+++ b/admin/nodes/views.py
@@ -8,7 +8,7 @@
 from django.contrib.auth.mixins import PermissionRequiredMixin
 from modularodm import Q
 
-from website import settings, search
+from website import search
 from website.models import NodeLog
 from osf.models.user import OSFUser
 from osf.models.node import Node
@@ -19,15 +19,15 @@
     NODE_REMOVED,
     NODE_RESTORED,
     CONTRIBUTOR_REMOVED,
-    CONFIRM_SPAM, 
+    CONFIRM_SPAM,
     CONFIRM_HAM,
     REINDEX_SHARE,
     REINDEX_ELASTIC,
-    )
+)
 from admin.nodes.templatetags.node_extras import reverse_node
 from admin.nodes.serializers import serialize_node, serialize_simple_user_and_node_permissions
 from website.project.spam.model import SpamStatus
-from website.project.tasks import update_node_share, on_registration_updated
+from website.project.tasks import update_share, on_registration_updated
 from website.project.views.register import osf_admin_change_status_identifier
 
 
@@ -335,18 +335,14 @@ def get_object(self, queryset=None):
 
     def delete(self, request, *args, **kwargs):
         node = self.get_object()
-        if settings.SHARE_URL and settings.SHARE_API_TOKEN:
-            if node.is_registration:
-                on_registration_updated(node)
-            else:
-                update_node_share(node)
-            update_admin_log(
-                user_id=self.request.user.id,
-                object_id=node._id,
-                object_repr='Node',
-                message='Node Reindexed (SHARE): {}'.format(node._id),
-                action_flag=REINDEX_SHARE
-            )
+        update_share(node)
+        update_admin_log(
+            user_id=self.request.user.id,
+            object_id=node._id,
+            object_repr='Node',
+            message='Node Reindexed (SHARE): {}'.format(node._id),
+            action_flag=REINDEX_SHARE
+        )
         return redirect(reverse_node(self.kwargs.get('guid')))
 
 class NodeReindexElastic(PermissionRequiredMixin, NodeDeleteBase):
@@ -365,6 +361,6 @@ def delete(self, request, *args, **kwargs):
             object_id=node._id,
             object_repr='Node',
             message='Node Reindexed (Elastic): {}'.format(node._id),
-            action_flag=REINDEX_SHARE
+            action_flag=REINDEX_ELASTIC
         )
         return redirect(reverse_node(self.kwargs.get('guid')))
diff --git a/admin/preprints/views.py b/admin/preprints/views.py
index d0603e25b82..2d413274098 100644
--- a/admin/preprints/views.py
+++ b/admin/preprints/views.py
@@ -6,7 +6,7 @@
 from django.shortcuts import redirect
 
 from osf.models.admin_log_entry import update_admin_log, REINDEX_SHARE
-from website import settings, search
+from website import settings
 from website.preprints.model import PreprintService
 from website.preprints.tasks import on_preprint_updated
 from framework.exceptions import PermissionsError
diff --git a/admin/users/views.py b/admin/users/views.py
index 67c216556bc..761c402a82a 100644
--- a/admin/users/views.py
+++ b/admin/users/views.py
@@ -30,7 +30,7 @@
     USER_RESTORED,
     CONFIRM_SPAM,
     REINDEX_ELASTIC,
-    )
+)
 
 from admin.users.serializers import serialize_user
 from admin.users.forms import EmailResetForm, WorkshopForm
diff --git a/admin_tests/nodes/test_views.py b/admin_tests/nodes/test_views.py
index 95549bf5311..ae62136e760 100644
--- a/admin_tests/nodes/test_views.py
+++ b/admin_tests/nodes/test_views.py
@@ -1,13 +1,18 @@
 import mock
 from osf.models.admin_log_entry import AdminLogEntry
-from admin.nodes.views import (NodeDeleteView, NodeRemoveContributorView,
-                               NodeView)
+from admin.nodes.views import (
+    NodeDeleteView, 
+    NodeRemoveContributorView,
+    NodeView,
+    NodeReindexShare,
+    NodeReindexElastic,
+)
 from admin_tests.utilities import setup_log_view, setup_view
 from django.test import RequestFactory
 from framework.auth import User
 from nose import tools as nt
 from tests.base import AdminTestCase
-from tests.factories import AuthUserFactory, ProjectFactory
+from osf_tests.factories import AuthUserFactory, ProjectFactory, RegistrationFactory
 from website.project.model import Node, NodeLog
 
 
@@ -135,3 +140,69 @@ def test_no_log(self):
                               user_id=self.user_2._id)
         view.delete(self.request)
         nt.assert_not_equal(self.node.logs.latest().action, NodeLog.CONTRIB_REMOVED)
+
+class TestNodeReindex(AdminTestCase):
+    def setUp(self):
+        super(TestNodeReindex, self).setUp()
+        self.request = RequestFactory().post('/fake_path')
+
+        self.user = AuthUserFactory()
+        self.node = ProjectFactory(creator=self.user)
+        self.registration = RegistrationFactory(project=self.node, creator=self.user)
+
+        self.patcher_share_url = mock.patch('website.settings.SHARE_URL', 'ima_real_website')
+        self.patcher_share_token = mock.patch('website.settings.SHARE_API_TOKEN', 'ima_real_token')
+        self.patcher_mock_reindex_node = mock.patch('website.project.tasks.update_node_share')
+        self.patcher_mock_reindex_registration = mock.patch('website.project.tasks.on_registration_updated')
+        self.patcher_mock_reindex_elastic = mock.patch('website.search.search.update_node')
+
+        self.patcher_share_url.start()
+        self.patcher_share_token.start()
+        self.mock_reindex_node = self.patcher_mock_reindex_node.start()
+        self.mock_reindex_registration = self.patcher_mock_reindex_registration.start()
+        self.mock_reindex_elastic = self.patcher_mock_reindex_elastic.start()
+
+    def tearDown(self):
+        super(TestNodeReindex, self).tearDown()
+        self.patcher_share_url.stop()
+        self.patcher_share_token.stop()
+        self.patcher_mock_reindex_node.stop()
+        self.patcher_mock_reindex_registration.stop()
+
+    def test_reindex_node_share(self):
+        count = AdminLogEntry.objects.count()
+        view = NodeReindexShare()
+        view = setup_log_view(view, self.request, guid=self.node._id)
+        view.delete(self.request)
+
+        nt.assert_true(self.mock_reindex_node.called)
+        nt.assert_false(self.mock_reindex_registration.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
+
+    def test_reindex_registration_share(self):
+        count = AdminLogEntry.objects.count()
+        view = NodeReindexShare()
+        view = setup_log_view(view, self.request, guid=self.registration._id)
+        view.delete(self.request)
+    
+        nt.assert_false(self.mock_reindex_node.called)
+        nt.assert_true(self.mock_reindex_registration.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
+
+    def test_reindex_node_elastic(self):
+        count = AdminLogEntry.objects.count()
+        view = NodeReindexElastic()
+        view = setup_log_view(view, self.request, guid=self.node._id)
+        view.delete(self.request)
+
+        nt.assert_true(self.mock_reindex_elastic.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
+
+    def test_reindex_registration_elastic(self):
+        count = AdminLogEntry.objects.count()
+        view = NodeReindexElastic()
+        view = setup_log_view(view, self.request, guid=self.registration._id)
+        view.delete(self.request)
+
+        nt.assert_true(self.mock_reindex_elastic.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
diff --git a/website/project/tasks.py b/website/project/tasks.py
index f9f6d1cc3c8..25f3cfb8a85 100644
--- a/website/project/tasks.py
+++ b/website/project/tasks.py
@@ -31,14 +31,16 @@ def on_node_updated(node_id, user_id, first_save, saved_fields, request_headers=
 
     if need_update:
         node.update_search()
+        update_share(node)
 
-        if settings.SHARE_URL:
-            if not settings.SHARE_API_TOKEN:
-                return logger.warning('SHARE_API_TOKEN not set. Could not send %s to SHARE.'.format(node))
-            if node.is_registration:
-                on_registration_updated(node)
-            else:
-                update_node_share(node)
+def update_share(node):
+    if settings.SHARE_URL:
+        if not settings.SHARE_API_TOKEN:
+            return logger.warning('SHARE_API_TOKEN not set. Could not send %s to SHARE.'.format(node))
+        if node.is_registration:
+            on_registration_updated(node)
+        else:
+            update_node_share(node)
 
 def update_node_share(node):
     resp = requests.post('{}api/normalizeddata/'.format(settings.SHARE_URL),
@@ -60,7 +62,8 @@ def update_node_share(node):
                     }]}
                 }
             }
-        }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'})
+        }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'}
+    )
     logger.debug(resp.content)
     resp.raise_for_status()
 

From 9758eff85107defee2832e2ee3a782a1bb2fa0f4 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Wed, 26 Apr 2017 12:43:47 -0400
Subject: [PATCH 003/163] Fix import

---
 admin/nodes/views.py            |  2 +-
 admin_tests/nodes/test_views.py |  4 ++--
 website/project/tasks.py        | 38 ++++++++++++++++-----------------
 3 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/admin/nodes/views.py b/admin/nodes/views.py
index 141ec8fa598..386ba955f87 100644
--- a/admin/nodes/views.py
+++ b/admin/nodes/views.py
@@ -27,7 +27,7 @@
 from admin.nodes.templatetags.node_extras import reverse_node
 from admin.nodes.serializers import serialize_node, serialize_simple_user_and_node_permissions
 from website.project.spam.model import SpamStatus
-from website.project.tasks import update_share, on_registration_updated
+from website.project.tasks import update_share
 from website.project.views.register import osf_admin_change_status_identifier
 
 
diff --git a/admin_tests/nodes/test_views.py b/admin_tests/nodes/test_views.py
index ae62136e760..984edbac07b 100644
--- a/admin_tests/nodes/test_views.py
+++ b/admin_tests/nodes/test_views.py
@@ -1,7 +1,7 @@
 import mock
 from osf.models.admin_log_entry import AdminLogEntry
 from admin.nodes.views import (
-    NodeDeleteView, 
+    NodeDeleteView,
     NodeRemoveContributorView,
     NodeView,
     NodeReindexShare,
@@ -184,7 +184,7 @@ def test_reindex_registration_share(self):
         view = NodeReindexShare()
         view = setup_log_view(view, self.request, guid=self.registration._id)
         view.delete(self.request)
-    
+
         nt.assert_false(self.mock_reindex_node.called)
         nt.assert_true(self.mock_reindex_registration.called)
         nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
diff --git a/website/project/tasks.py b/website/project/tasks.py
index 25f3cfb8a85..45b53641eb6 100644
--- a/website/project/tasks.py
+++ b/website/project/tasks.py
@@ -43,26 +43,26 @@ def update_share(node):
             update_node_share(node)
 
 def update_node_share(node):
-    resp = requests.post('{}api/normalizeddata/'.format(settings.SHARE_URL),
-        json={
-            'data': {
-                'type': 'NormalizedData',
-                'attributes': {
-                    'tasks': [],
-                    'raw': None,
-                    'data': {'@graph': [{
-                        '@id': '_:123',
-                        '@type': 'workidentifier',
-                        'creative_work': {'@id': '_:789', '@type': 'project'},
-                        'uri': '{}{}/'.format(settings.DOMAIN, node._id),
-                    }, {
-                        '@id': '_:789',
-                        '@type': 'project',
-                        'is_deleted': not node.is_public or node.is_deleted or node.is_spammy,
-                    }]}
-                }
+    resp = requests.post('{}api/normalizeddata/'.format(settings.SHARE_URL), json={
+        'data': {
+            'type': 'NormalizedData',
+            'attributes': {
+                'tasks': [],
+                'raw': None,
+                'data': {'@graph': [{
+                    '@id': '_:123',
+                    '@type': 'workidentifier',
+                    'creative_work': {'@id': '_:789', '@type': 'project'},
+                    'uri': '{}{}/'.format(settings.DOMAIN, node._id),
+                }, {
+                    '@id': '_:789',
+                    '@type': 'project',
+                    'is_deleted': not node.is_public or node.is_deleted or node.is_spammy,
+                }]}
             }
-        }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'}
+        }
+    }, 
+        headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'}
     )
     logger.debug(resp.content)
     resp.raise_for_status()

From 49c56e804b8b6919903339bc7876fab8134d6bd9 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Wed, 26 Apr 2017 13:19:34 -0400
Subject: [PATCH 004/163] Add user and preprint reindex tests

---
 admin_tests/preprints/__init__.py   |  0
 admin_tests/preprints/test_views.py | 28 ++++++++++++++++++++++++++++
 admin_tests/users/test_views.py     | 19 +++++++++++++++++++
 website/project/tasks.py            |  4 +---
 4 files changed, 48 insertions(+), 3 deletions(-)
 create mode 100644 admin_tests/preprints/__init__.py
 create mode 100644 admin_tests/preprints/test_views.py

diff --git a/admin_tests/preprints/__init__.py b/admin_tests/preprints/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/admin_tests/preprints/test_views.py b/admin_tests/preprints/test_views.py
new file mode 100644
index 00000000000..a1468050453
--- /dev/null
+++ b/admin_tests/preprints/test_views.py
@@ -0,0 +1,28 @@
+import mock
+from nose import tools as nt
+from django.test import RequestFactory
+
+from admin.preprints.views import PreprintReindexShare
+from admin_tests.utilities import setup_log_view
+from osf.models.admin_log_entry import AdminLogEntry
+from osf_tests.factories import AuthUserFactory, ProjectFactory, PreprintFactory
+from tests.base import AdminTestCase
+
+
+class TestPreprintReindex(AdminTestCase):
+    def setUp(self):
+        super(TestPreprintReindex, self).setUp()
+        self.request = RequestFactory().post('/fake_path')
+
+        self.user = AuthUserFactory()
+        self.preprint = PreprintFactory(creator=self.user)
+
+    @mock.patch('admin.preprints.views.on_preprint_updated')
+    def test_reindex_preprint_share(self, mock_reindex_preprint):
+        count = AdminLogEntry.objects.count()
+        view = PreprintReindexShare()
+        view = setup_log_view(view, self.request, guid=self.preprint._id)
+        view.delete(self.request)
+
+        nt.assert_true(mock_reindex_preprint.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
diff --git a/admin_tests/users/test_views.py b/admin_tests/users/test_views.py
index 7a3fd9297ff..0c9002b5855 100644
--- a/admin_tests/users/test_views.py
+++ b/admin_tests/users/test_views.py
@@ -30,6 +30,7 @@
     UserKnownSpamList,
     UserKnownHamList,
     UserWorkshopFormView,
+    UserReindexElastic,
 )
 from admin.users.forms import WorkshopForm
 from osf.models.admin_log_entry import AdminLogEntry
@@ -404,3 +405,21 @@ def test_form_valid(self):
     def tearDown(self):
         if os.path.isfile('test.csv'):
             os.remove('test.csv')
+
+
+class TestUserReindex(AdminTestCase):
+    def setUp(self):
+        super(TestUserReindex, self).setUp()
+        self.request = RequestFactory().post('/fake_path')
+
+        self.user = AuthUserFactory()
+
+    @mock.patch('website.search.search.update_user')
+    def test_reindex_user_elastic(self, mock_reindex_elastic):
+        count = AdminLogEntry.objects.count()
+        view = UserReindexElastic()
+        view = setup_log_view(view, self.request, guid=self.user._id)
+        view.delete(self.request)
+
+        nt.assert_true(mock_reindex_elastic.called)
+        nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
diff --git a/website/project/tasks.py b/website/project/tasks.py
index 45b53641eb6..4684694dc60 100644
--- a/website/project/tasks.py
+++ b/website/project/tasks.py
@@ -61,9 +61,7 @@ def update_node_share(node):
                 }]}
             }
         }
-    }, 
-        headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'}
-    )
+    }, headers={'Authorization': 'Bearer {}'.format(settings.SHARE_API_TOKEN), 'Content-Type': 'application/vnd.api+json'})
     logger.debug(resp.content)
     resp.raise_for_status()
 

From 3496cc8e2e70bc2aed65680c9977141124598c9b Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Wed, 26 Apr 2017 13:36:53 -0400
Subject: [PATCH 005/163] Fix imports

---
 admin_tests/preprints/test_views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin_tests/preprints/test_views.py b/admin_tests/preprints/test_views.py
index a1468050453..f40435a3dea 100644
--- a/admin_tests/preprints/test_views.py
+++ b/admin_tests/preprints/test_views.py
@@ -5,7 +5,7 @@
 from admin.preprints.views import PreprintReindexShare
 from admin_tests.utilities import setup_log_view
 from osf.models.admin_log_entry import AdminLogEntry
-from osf_tests.factories import AuthUserFactory, ProjectFactory, PreprintFactory
+from osf_tests.factories import AuthUserFactory, PreprintFactory
 from tests.base import AdminTestCase
 
 

From b264f47efdf9a75ac190edd6a3ed86f4cc02bb58 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Thu, 27 Apr 2017 10:37:13 -0400
Subject: [PATCH 006/163] Add url override for tests to pass

---
 tests/base.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tests/base.py b/tests/base.py
index c1f93d50be4..a380592c507 100644
--- a/tests/base.py
+++ b/tests/base.py
@@ -18,6 +18,7 @@
 
 from addons.wiki.models import NodeWikiPage
 from django.test import TestCase as DjangoTestCase
+from django.test import override_settings
 from faker import Factory
 from framework.auth import User
 from framework.auth.core import Auth
@@ -347,6 +348,7 @@ def tearDown(self):
             self.account.remove()
 
 
+@override_settings(ROOT_URLCONF='admin.base.urls')
 class AdminTestCase(DbTestCase, DjangoTestCase, SearchTestCase, MockRequestTestCase):
     pass
 

From 05d0596d4d30d46e93e9c55c18a9211c30efa1d7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 8 May 2017 10:25:04 -0400
Subject: [PATCH 007/163] Add clipboard dependency

---
 bower.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bower.json b/bower.json
index f931d5fd9a3..38b16507d8b 100644
--- a/bower.json
+++ b/bower.json
@@ -21,6 +21,7 @@
     "zeroclipboard": "2.1.6",
     "osf-style": "https://github.com/CenterForOpenScience/osf-style.git#5dcf5997ad2808ffc7c8564f94cde102bf7a4a96",
     "At.js": "jquery.atwho#e18af47fdcb327605533a9da259225176e3013c8",
-    "academicons": "1.7.0"
+    "academicons": "1.7.0",
+    "clipboard": "^1.6.1"
   }
 }

From 5a115e75e69e7819165f5772891033797a2a0f3f Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 9 May 2017 11:03:54 -0400
Subject: [PATCH 008/163] Remove zeroclipboard dependency

---
 bower.json               | 1 -
 webpack.common.config.js | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/bower.json b/bower.json
index 38b16507d8b..beb7de659f2 100644
--- a/bower.json
+++ b/bower.json
@@ -18,7 +18,6 @@
     "styles": "https://github.com/CenterForOpenScience/styles.git#master",
     "locales": "https://github.com/CenterForOpenScience/locales.git#d2b612f8a6f764cbd66e67238636fac3888a7736",
     "raven-js": "2.1.0",
-    "zeroclipboard": "2.1.6",
     "osf-style": "https://github.com/CenterForOpenScience/osf-style.git#5dcf5997ad2808ffc7c8564f94cde102bf7a4a96",
     "At.js": "jquery.atwho#e18af47fdcb327605533a9da259225176e3013c8",
     "academicons": "1.7.0",
diff --git a/webpack.common.config.js b/webpack.common.config.js
index ef1e1fe6410..4ff95b0da52 100644
--- a/webpack.common.config.js
+++ b/webpack.common.config.js
@@ -139,7 +139,7 @@ var resolve = {
         'jquery-blockui': staticPath('vendor/jquery-blockui/jquery.blockui.js'),
         'bootstrap': staticPath('vendor/bower_components/bootstrap/dist/js/bootstrap.min.js'),
         'jquery-tagsinput': staticPath('vendor/bower_components/jquery.tagsinput/jquery.tagsinput.js'),
-        'zeroclipboard': staticPath('vendor/bower_components/zeroclipboard/dist/ZeroClipboard.js'),
+        'clipboard': staticPath('vendor/bower_components/clipboard/dist/clipboard.js'),
         'history': nodePath('historyjs/scripts/bundled/html4+html5/jquery.history.js'),
         // Needed for knockout-sortable
         'jquery.ui.sortable': staticPath('vendor/bower_components/jquery-ui/ui/jquery.ui.sortable.js'),

From 2f48b2e32c4bb175b1cef28be2de7cac7bbae476 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 9 May 2017 11:05:22 -0400
Subject: [PATCH 009/163] Modify clipboard abstraction to use ClipboardJS

---
 website/static/js/clipboard.js | 33 ++++++++++++++++++++-------------
 1 file changed, 20 insertions(+), 13 deletions(-)

diff --git a/website/static/js/clipboard.js b/website/static/js/clipboard.js
index c1d6d4f5744..6799633a788 100644
--- a/website/static/js/clipboard.js
+++ b/website/static/js/clipboard.js
@@ -1,26 +1,33 @@
 'use strict';
 
 var $ = require('jquery');
-var ZeroClipboard = require('zeroclipboard');
+var Clipboard = require('clipboard');
 
-ZeroClipboard.config({
-    swfPath: '/static/vendor/bower_components/zeroclipboard/dist/ZeroClipboard.swf'
-});
+var setTooltip = function (elm, message) {
+    $(elm).tooltip('hide')
+    .attr('title', message)
+    .tooltip('show');
+}
+
+var hideTooltip = function (elm) {
+    setTimeout(function() {
+        $(elm).tooltip('hide');
+    }, 2000);
+}
 
 var makeClient = function(elm) {
     var $elm = $(elm);
-    var client = new ZeroClipboard(elm);
 
-    $elm.on('mouseover', function() {
-        $elm.addClass('active');
-    });
-    $elm.on('mouseout', function() {
-        $elm.removeClass('active');
+    var client = new Clipboard(elm);
+
+    client.on('success', function(e){
+        setTooltip(e.trigger, 'Copied!');
+        hideTooltip(e.trigger);
     });
 
-    client.on('aftercopy', function() {
-        $elm.blur();
-        $elm.tooltip('hide');
+    client.on('error', function(e){
+        setTooltip(e.trigger, 'Copy failed!');
+        hideTooltip(e.trigger);
     });
 
     return client;

From ce92acf9af2ccbb45b813cbefd982a8d3e8f9237 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 9 May 2017 11:08:14 -0400
Subject: [PATCH 010/163] Test with ClipboardJS in Addon and Citations tests

---
 website/static/js/tests/addons/addonNodeConfig.test.js     | 4 ++--
 website/static/js/tests/addons/citationsNodeConfig.test.js | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/website/static/js/tests/addons/addonNodeConfig.test.js b/website/static/js/tests/addons/addonNodeConfig.test.js
index a89bf10afac..77fd4ea6375 100644
--- a/website/static/js/tests/addons/addonNodeConfig.test.js
+++ b/website/static/js/tests/addons/addonNodeConfig.test.js
@@ -7,7 +7,7 @@ var faker = require('faker');
 
 var $ = require('jquery');
 var $osf = require('js/osfHelpers');
-var ZeroClipboard = require('zeroclipboard');
+var Clipboard = require('clipboard');
 var AddonNodeConfigVM = require('js/addonNodeConfig')._AddonNodeConfigViewModel;
 var testUtils = require('./folderPickerTestUtils.js');
 
@@ -29,7 +29,7 @@ describe('AddonNodeConfig', () => {
             decodeFolder: decodeFolderSpy
         };
         var vm = new AddonNodeConfigVM('Fake Addon', settingsUrl, '#fakeAddonScope', '#fakeAddonPicker', opts);
-        
+
         describe('#constructor', () => {
             it('applies overrides from the opts param if supplied', () => {
                 vm.treebeardOptions.onPickFolder();
diff --git a/website/static/js/tests/addons/citationsNodeConfig.test.js b/website/static/js/tests/addons/citationsNodeConfig.test.js
index b84b5e94299..680fc0013a3 100644
--- a/website/static/js/tests/addons/citationsNodeConfig.test.js
+++ b/website/static/js/tests/addons/citationsNodeConfig.test.js
@@ -7,7 +7,7 @@ var faker = require('faker');
 
 var $ = require('jquery');
 var $osf = require('js/osfHelpers');
-var ZeroClipboard = require('zeroclipboard');
+var Clipboard = require('clipboard');
 var CitationsNodeConfigVM = require('js/citationsNodeConfig')._CitationsNodeConfigViewModel;
 var testUtils = require('./folderPickerTestUtils.js');
 var FolderPicker = require('js/folderpicker');
@@ -33,7 +33,7 @@ describe('CitationsNodeConfig', () => {
         var activateStub;
         before(() => {
             // Never actually call doActivatePicker
-            activateStub = sinon.stub(vm, 'doActivatePicker');        
+            activateStub = sinon.stub(vm, 'doActivatePicker');
         });
         after(() => {
             activateStub.restore();

From 19326e7ac54e3bcbdceb783331e310e503bb36e7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 9 May 2017 11:09:39 -0400
Subject: [PATCH 011/163] Replace ZeroClipboard with Clipboard

---
 website/static/js/addonNodeConfig.js        | 5 ++---
 website/static/js/folderPickerNodeConfig.js | 3 +--
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/website/static/js/addonNodeConfig.js b/website/static/js/addonNodeConfig.js
index 25fdc7f7f0d..d6a7e5533f0 100644
--- a/website/static/js/addonNodeConfig.js
+++ b/website/static/js/addonNodeConfig.js
@@ -8,8 +8,7 @@ var ko = require('knockout');
 var $ = require('jquery');
 var Raven = require('raven-js');
 
-var ZeroClipboard = require('zeroclipboard');
-ZeroClipboard.config('/static/vendor/bower_components/zeroclipboard/dist/ZeroClipboard.swf');
+var Clipboard = require('clipboard');
 var $osf = require('js/osfHelpers');
 var oop = require('js/oop');
 var FolderPickerViewModel = require('js/folderPickerNodeConfig');
@@ -64,7 +63,7 @@ var AddonFolderPickerViewModel = oop.extend(FolderPickerViewModel, {
         self.options = $.extend({}, defaults, opts);
         // Treebeard config
         self.treebeardOptions = $.extend(
-            {}, 
+            {},
             FolderPickerViewModel.prototype.treebeardOptions,
             {
                 onPickFolder: function(evt, item) {
diff --git a/website/static/js/folderPickerNodeConfig.js b/website/static/js/folderPickerNodeConfig.js
index ecebf0ea985..1c843e3e097 100644
--- a/website/static/js/folderPickerNodeConfig.js
+++ b/website/static/js/folderPickerNodeConfig.js
@@ -12,8 +12,7 @@ var m = require('mithril');
 
 
 var FolderPicker = require('js/folderpicker');
-var ZeroClipboard = require('zeroclipboard');
-ZeroClipboard.config('/static/vendor/bower_components/zeroclipboard/dist/ZeroClipboard.swf');
+var Clipboard = require('clipboard');
 var $osf = require('js/osfHelpers');
 
 var oop = require('js/oop');

From d2a4451e43db96c425f5546ed5b9fe08bb1588df Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 9 May 2017 12:11:26 -0400
Subject: [PATCH 012/163] Fix styling issues for travis tests

---
 website/static/js/clipboard.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/static/js/clipboard.js b/website/static/js/clipboard.js
index 6799633a788..f8d870e08e2 100644
--- a/website/static/js/clipboard.js
+++ b/website/static/js/clipboard.js
@@ -7,13 +7,13 @@ var setTooltip = function (elm, message) {
     $(elm).tooltip('hide')
     .attr('title', message)
     .tooltip('show');
-}
+};
 
 var hideTooltip = function (elm) {
     setTimeout(function() {
         $(elm).tooltip('hide');
     }, 2000);
-}
+};
 
 var makeClient = function(elm) {
     var $elm = $(elm);

From 1b46c3b80dd86dcc6b1cbc6cd073b7cd7bf44829 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Thu, 11 May 2017 16:31:24 -0400
Subject: [PATCH 013/163] add suffix to citation

---
 framework/auth/core.py | 5 ++++-
 osf/models/user.py     | 5 ++++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/framework/auth/core.py b/framework/auth/core.py
index e1a8a234821..98317334c33 100644
--- a/framework/auth/core.py
+++ b/framework/auth/core.py
@@ -803,7 +803,10 @@ def csl_given_name(self):
         parts = [self.given_name]
         if self.middle_names:
             parts.extend(each[0] for each in re.split(r'\s+', self.middle_names))
-        return ' '.join(parts)
+        given = ' '.join(parts)
+        if self.suffix:
+            given = '%s ,%s' % (given, self.suffix)
+        return given
 
     @property
     def csl_name(self):
diff --git a/osf/models/user.py b/osf/models/user.py
index c5a0afe378d..27184deffec 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -466,7 +466,10 @@ def csl_given_name(self):
         parts = [self.given_name]
         if self.middle_names:
             parts.extend(each[0] for each in re.split(r'\s+', self.middle_names))
-        return ' '.join(parts)
+        given = ' '.join(parts)
+        if self.suffix:
+            given = '%s ,%s' % (given, self.suffix)
+        return given
 
     @property
     def csl_name(self):

From c2f522718da8c7b96ea0d65922e92efb228feceb Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Fri, 12 May 2017 15:46:42 -0400
Subject: [PATCH 014/163] Fix bad id

---
 admin/templates/users/user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/templates/users/user.html b/admin/templates/users/user.html
index d6c9d3458a4..dc38e98f8ec 100644
--- a/admin/templates/users/user.html
+++ b/admin/templates/users/user.html
@@ -109,7 +109,7 @@
                     <div class="modal-content"></div>
                 </div>
             </div>
-            <div class="modal" id="#confirmReindexElasticUser">
+            <div class="modal" id="confirmReindexElasticUser">
                 <div class="modal-dialog">
                     <div class="modal-content"></div>
                 </div>

From 61b61ea0f12d9bb76f00ebecd5305924e3b540ba Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 11:24:54 -0400
Subject: [PATCH 015/163] PreprintListFilteringMixin converted to pytest

---
 api_tests/preprints/filters/test_filters.py | 145 +++++++++++++-------
 1 file changed, 97 insertions(+), 48 deletions(-)

diff --git a/api_tests/preprints/filters/test_filters.py b/api_tests/preprints/filters/test_filters.py
index 906a766f60b..1f4432fecdd 100644
--- a/api_tests/preprints/filters/test_filters.py
+++ b/api_tests/preprints/filters/test_filters.py
@@ -1,8 +1,8 @@
 # -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from framework.auth.core import Auth
-
+from tests.json_api_test_app import JSONAPITestApp
 from osf_tests.factories import (
     PreprintFactory,
     AuthUserFactory,
@@ -10,27 +10,74 @@
     PreprintProviderFactory
 )
 
-
+@pytest.mark.django_db
 class PreprintsListFilteringMixin(object):
 
-    def setUp(self):
-        super(PreprintsListFilteringMixin, self).setUp()
-        # user defined by subclasses to allow user preprints testing in the future
-        assert self.user, 'Subclasses of PreprintsListFilteringMixin must define self.user'
-        assert self.provider, 'Subclasses of PreprintsListFilteringMixin must define self.provider'
-        assert self.provider_two, 'Subclasses of PreprintsListFilteringMixin must define self.provider_two'
-        assert self.provider_three, 'Subclasses of PreprintsListFilteringMixin must define self.provider_three'
-        assert self.project, 'Subclasses of PreprintsListFilteringMixin must define self.project'
-        assert self.project_two, 'Subclasses of PreprintsListFilteringMixin must define self.projec_two'
-        assert self.project_three, 'Subclasses of PreprintsListFilteringMixin must define self.project_three'
-        assert self.url, 'Subclasses of PreprintsListFilteringMixin must define self.url'
-
-        self.subject = SubjectFactory(text='First Subject')
-        self.subject_two = SubjectFactory(text='Second Subject')
-
-        self.preprint = PreprintFactory(creator=self.user, project=self.project, provider=self.provider, subjects=[[self.subject._id]])
+    # FIXTURES
+
+    @pytest.fixture()
+    def user(self):
+        raise NotImplementedError("subclass must define a user fixture")
+
+    @pytest.fixture()
+    def provider_one(self):
+        raise NotImplementedError("subclass must define a provider_one fixture")
+
+    @pytest.fixture()
+    def provider_two(self):
+        raise NotImplementedError("subclass must define a provider_two fixture")
+
+    @pytest.fixture()
+    def provider_three(self):
+        raise NotImplementedError("subclass must define a provider_three fixture")
+
+    @pytest.fixture()
+    def project_one(self):
+        raise NotImplementedError("subclass must define a project_one fixture")
+
+    @pytest.fixture()
+    def project_two(self):
+        raise NotImplementedError("subclass must define a project_two fixture")
+
+    @pytest.fixture()
+    def project_three(self):
+        raise NotImplementedError("subclass must define a project_three fixture")
+
+    @pytest.fixture()
+    def url(self):
+        raise NotImplementedError("subclass must define a url fixture")
+
+    @pytest.fixture()
+    def app(self):
+        return JSONAPITestApp()
+
+    @pytest.fixture()
+    def subject_one(self):
+        return SubjectFactory(text='First Subject')
+
+    @pytest.fixture()
+    def subject_two(self):
+        return SubjectFactory(text='Second Subject')
+
+    # SETUP
+
+    @pytest.fixture(scope="function", autouse=True)
+    def int(self, user, provider_one, provider_two, provider_three, project_one, project_two, project_three, url, app, subject_one, subject_two):
+        self.user = user
+        self.provider_one = provider_one
+        self.provider_two = provider_two
+        self.provider_three = provider_three
+        self.project_one = project_one
+        self.project_two = project_two
+        self.project_three = project_three
+        self.url = url
+        self.app = app
+        self.subject_one = subject_one
+        self.subject_two = subject_two
+
+        self.preprint_one = PreprintFactory(creator=self.user, project=self.project_one, provider=self.provider_one, subjects=[[self.subject_one._id]])
         self.preprint_two = PreprintFactory(creator=self.user, project=self.project_two, filename='tough.txt', provider=self.provider_two, subjects=[[self.subject_two._id]])
-        self.preprint_three = PreprintFactory(creator=self.user, project=self.project_three, filename='darn.txt', provider=self.provider_three, subjects=[[self.subject._id], [self.subject_two._id]])
+        self.preprint_three = PreprintFactory(creator=self.user, project=self.project_three, filename='darn.txt', provider=self.provider_three, subjects=[[self.subject_one._id], [self.subject_two._id]])
 
         self.preprint_two.date_created = '2013-12-11 10:09:08.070605+00:00'
         self.preprint_two.date_published = '2013-12-11 10:09:08.070605+00:00'
@@ -52,85 +99,87 @@ def setUp(self):
 
         self.has_subject = '{}filter[subjects]='.format(self.url)
 
+    # TESTS
+
     def test_provider_filter_null(self):
         expected = []
         res = self.app.get('{}null'.format(self.provider_url), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_id_filter_null(self):
         expected = []
         res = self.app.get('{}null'.format(self.id_url), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_id_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
         res = self.app.get('{}{}'.format(self.id_url, self.preprint_two._id), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_created_filter_equals_returns_none(self):
         expected = []
         res = self.app.get('{}{}'.format(self.date_created_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_created_filter_equals_returns_one(self):
-        expected = [self.preprint._id]
-        res = self.app.get('{}{}'.format(self.date_created_url, self.preprint.date_created), auth=self.user.auth)
+        expected = [self.preprint_one._id]
+        res = self.app.get('{}{}'.format(self.date_created_url, self.preprint_one.date_created), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_created_filter_equals_returns_multiple(self):
         expected = set([self.preprint_two._id, self.preprint_three._id])
         res = self.app.get('{}{}'.format(self.date_created_url, self.preprint_two.date_created), auth=self.user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_modified_filter_equals_returns_none(self):
         expected = []
         res = self.app.get('{}{}'.format(self.date_modified_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     # This test was causing problems because modifying anything caused set modified dates to update to current date
     # This test could hypothetically fail if the time between fixture creations splits a day (e.g., midnight)
     def test_date_modified_filter_equals_returns_multiple(self):
-        expected = set([self.preprint._id, self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.date_modified_url, self.preprint.date_modified), auth=self.user.auth)
+        expected = set([self.preprint_one._id, self.preprint_two._id, self.preprint_three._id])
+        res = self.app.get('{}{}'.format(self.date_modified_url, self.preprint_one.date_modified), auth=self.user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_published_filter_equals_returns_none(self):
         expected = []
         res = self.app.get('{}{}'.format(self.date_published_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_published_filter_equals_returns_one(self):
-        expected = [self.preprint._id]
-        res = self.app.get('{}{}'.format(self.date_published_url, self.preprint.date_published), auth=self.user.auth)
+        expected = [self.preprint_one._id]
+        res = self.app.get('{}{}'.format(self.date_published_url, self.preprint_one.date_published), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_date_published_filter_equals_returns_multiple(self):
         expected = set([self.preprint_two._id, self.preprint_three._id])
         res = self.app.get('{}{}'.format(self.date_published_url, self.preprint_two.date_published), auth=self.user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_is_published_false_filter_equals_returns_one(self):
         expected = [self.preprint_three._id]
         res = self.app.get('{}{}'.format(self.is_published_url, 'false'), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_is_published_true_filter_equals_returns_multiple(self):
-        expected = set([self.preprint._id, self.preprint_two._id])
+        expected = set([self.preprint_one._id, self.preprint_two._id])
         res = self.app.get('{}{}'.format(self.is_published_url, 'true'), auth=self.user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_multiple_filters_returns_one(self):
         expected = set([self.preprint_two._id])
@@ -138,26 +187,26 @@ def test_multiple_filters_returns_one(self):
             auth=self.user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_subject_filter_using_id(self):
-        expected = set([self.preprint._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.has_subject, self.subject._id),
+        expected = set([self.preprint_one._id, self.preprint_three._id])
+        res = self.app.get('{}{}'.format(self.has_subject, self.subject_one._id),
             auth=self.user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_subject_filter_using_text(self):
-        expected = set([self.preprint._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.has_subject, self.subject.text),
+        expected = set([self.preprint_one._id, self.preprint_three._id])
+        res = self.app.get('{}{}'.format(self.has_subject, self.subject_one.text),
             auth=self.user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
     def test_unknows_subject_filter(self):
         res = self.app.get('{}notActuallyASubjectIdOrTestMostLikely'.format(self.has_subject),
             auth=self.user.auth
         )
-        assert_equal(len(res.json['data']), 0)
+        assert len(res.json['data']) == 0

From 8584f549a3902850fc427f9e10d30f27d35ba345 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 11:28:11 -0400
Subject: [PATCH 016/163] TestPreprintsListFiltering pytest conversion

---
 .../preprints/views/test_preprint_list.py     | 44 ++++++++++++++-----
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/api_tests/preprints/views/test_preprint_list.py b/api_tests/preprints/views/test_preprint_list.py
index 2cdc39b34e5..614a9091f2c 100644
--- a/api_tests/preprints/views/test_preprint_list.py
+++ b/api_tests/preprints/views/test_preprint_list.py
@@ -76,24 +76,44 @@ def test_exclude_nodes_from_preprints_endpoint(self):
         assert_in(self.preprint._id, ids)
         assert_not_in(self.project._id, ids)
 
-class TestPreprintsListFiltering(PreprintsListFilteringMixin, ApiTestCase):
+class TestPreprintsListFiltering(PreprintsListFilteringMixin):
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-    def setUp(self):
-        self.user = AuthUserFactory()
-        self.provider = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = self.provider
-        self.project = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}preprints/?version=2.2&'.format(API_BASE)
-        super(TestPreprintsListFiltering, self).setUp()
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self):
+        return '/{}preprints/?version=2.2&'.format(API_BASE)
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
         res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
 
 class TestPreprintCreate(ApiTestCase):

From 2e7fc2da73a1319cede613f7ad85ba549ae31950 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 11:29:29 -0400
Subject: [PATCH 017/163] TestPreprintProviderPreprintsListFiltering pytest
 conversion

---
 .../test_preprint_provider_preprints_list.py  | 50 +++++++++++++------
 1 file changed, 34 insertions(+), 16 deletions(-)

diff --git a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
index 25c09a07857..9ff792488e1 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
@@ -14,26 +14,44 @@
     PreprintProviderFactory
 )
 
-class TestPreprintProviderPreprintsListFiltering(PreprintsListFilteringMixin, ApiTestCase):
+class TestPreprintProviderPreprintsListFiltering(PreprintsListFilteringMixin):
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-    def setUp(self):
-        self.user = AuthUserFactory()
-        # all the same provider
-        self.provider = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = self.provider
-        self.provider_three = self.provider
-        # all different projects
-        self.project = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, self.provider._id)
-        super(TestPreprintProviderPreprintsListFiltering, self).setUp()
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self, provider_one):
+        return '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, provider_one._id)
 
     def test_provider_filter_equals_returns_multiple(self):
-        expected = set([self.preprint._id, self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.provider_url, self.provider._id), auth=self.user.auth)
+        expected = set([self.preprint_one._id, self.preprint_two._id, self.preprint_three._id])
+        res = self.app.get('{}{}'.format(self.provider_url, self.provider_one._id), auth=self.user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
-        assert_equal(expected, actual)
+        assert expected == actual
 
 
 class TestPreprintProviderPreprintIsPublishedList(PreprintIsPublishedListMixin, ApiTestCase):

From 673a08a3213398476c0289de8ab363516bdc1bf7 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 11:30:36 -0400
Subject: [PATCH 018/163] TestUserPreprintsListFiltering pytest conversion

---
 .../users/views/test_user_preprints_list.py   | 44 ++++++++++++++-----
 1 file changed, 32 insertions(+), 12 deletions(-)

diff --git a/api_tests/users/views/test_user_preprints_list.py b/api_tests/users/views/test_user_preprints_list.py
index facb942ef9c..39077d7b406 100644
--- a/api_tests/users/views/test_user_preprints_list.py
+++ b/api_tests/users/views/test_user_preprints_list.py
@@ -72,24 +72,44 @@ def test_get_projects_logged_in_as_different_user(self):
         assert_not_in(self.public_project._id, ids)
         assert_not_in(self.private_project._id, ids)
 
-class TestUserPreprintsListFiltering(PreprintsListFilteringMixin, ApiTestCase):
+class TestUserPreprintsListFiltering(PreprintsListFilteringMixin):
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-    def setUp(self):
-        self.user = AuthUserFactory()
-        self.provider = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = self.provider
-        self.project = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, self.user._id)
-        super(TestUserPreprintsListFiltering, self).setUp()
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self, user):
+        return '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user._id)
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
         res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
 
 class TestUserPreprintIsPublishedList(PreprintIsPublishedListMixin, ApiTestCase):

From 734aacfc205ab79469c57e426af26dbd180a7fcb Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 11:32:28 -0400
Subject: [PATCH 019/163] TestNodePreprintsListFiltering pytest conversion &
 import statements added

---
 api_tests/nodes/views/test_node_preprints.py  | 47 +++++++++++++------
 .../test_preprint_provider_preprints_list.py  |  1 +
 .../preprints/views/test_preprint_list.py     |  1 +
 .../users/views/test_user_preprints_list.py   |  2 +-
 4 files changed, 36 insertions(+), 15 deletions(-)

diff --git a/api_tests/nodes/views/test_node_preprints.py b/api_tests/nodes/views/test_node_preprints.py
index a5286850268..4b03516bbae 100644
--- a/api_tests/nodes/views/test_node_preprints.py
+++ b/api_tests/nodes/views/test_node_preprints.py
@@ -1,3 +1,4 @@
+import pytest
 from nose.tools import *  # flake8: noqa
 
 from framework.auth.core import Auth
@@ -11,26 +12,44 @@
 from osf_tests.factories import PreprintFactory, AuthUserFactory, ProjectFactory, SubjectFactory, PreprintProviderFactory
 from api_tests import utils as test_utils
 
-class TestNodePreprintsListFiltering(PreprintsListFilteringMixin, ApiTestCase):
+class TestNodePreprintsListFiltering(PreprintsListFilteringMixin):
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-    def setUp(self):
-        self.user = AuthUserFactory()
-        # all different providers
-        self.provider = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = PreprintProviderFactory(name='Mockarxiv')
-        # all same project
-        self.project = ProjectFactory(creator=self.user)
-        self.project_two = self.project
-        self.project_three = self.project
-        self.url = '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, self.project._id)
-        super(TestNodePreprintsListFiltering, self).setUp()
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self):
+        return PreprintProviderFactory(name='Mockarxiv')
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, project_one):
+        return project_one
+
+    @pytest.fixture()
+    def project_three(self, project_one):
+        return project_one
+
+    @pytest.fixture()
+    def url(self, project_one):
+        return '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, project_one._id)
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
         res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
 class TestNodePreprintIsPublishedList(PreprintIsPublishedListMixin, ApiTestCase):
     def setUp(self):
diff --git a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
index 9ff792488e1..027c0b8258e 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
@@ -1,3 +1,4 @@
+import pytest
 from nose.tools import *  # flake8: noqa
 
 from api.base.settings.defaults import API_BASE
diff --git a/api_tests/preprints/views/test_preprint_list.py b/api_tests/preprints/views/test_preprint_list.py
index 614a9091f2c..f79069913e6 100644
--- a/api_tests/preprints/views/test_preprint_list.py
+++ b/api_tests/preprints/views/test_preprint_list.py
@@ -1,3 +1,4 @@
+import pytest
 from nose.tools import *  # flake8: noqa
 
 from addons.github.models import GithubFile
diff --git a/api_tests/users/views/test_user_preprints_list.py b/api_tests/users/views/test_user_preprints_list.py
index 39077d7b406..2b8fec587c3 100644
--- a/api_tests/users/views/test_user_preprints_list.py
+++ b/api_tests/users/views/test_user_preprints_list.py
@@ -1,4 +1,4 @@
-# -*- coding: utf-8 -*-
+import pytest
 from nose.tools import *  # flake8: noqa
 
 from tests.base import ApiTestCase

From 5ba1997815495749cc99501b8081f37e4f4a99de Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Fri, 19 May 2017 15:09:48 -0400
Subject: [PATCH 020/163] restructured fixtures & setup, reordered imports,
 cleaned comments

---
 api_tests/nodes/views/test_node_preprints.py  | 44 +++--------
 .../test_preprint_provider_preprints_list.py  | 44 +++--------
 api_tests/preprints/filters/test_filters.py   | 78 ++++---------------
 .../preprints/views/test_preprint_list.py     | 49 ++++--------
 .../users/views/test_user_preprints_list.py   | 55 ++++---------
 5 files changed, 68 insertions(+), 202 deletions(-)

diff --git a/api_tests/nodes/views/test_node_preprints.py b/api_tests/nodes/views/test_node_preprints.py
index 4b03516bbae..153b9f12e7b 100644
--- a/api_tests/nodes/views/test_node_preprints.py
+++ b/api_tests/nodes/views/test_node_preprints.py
@@ -1,4 +1,5 @@
 import pytest
+
 from nose.tools import *  # flake8: noqa
 
 from framework.auth.core import Auth
@@ -6,44 +7,23 @@
 from api.base.settings.defaults import API_BASE
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
-
 from website.preprints.model import PreprintService
 from website.files.models.osfstorage import OsfStorageFile
 from osf_tests.factories import PreprintFactory, AuthUserFactory, ProjectFactory, SubjectFactory, PreprintProviderFactory
 from api_tests import utils as test_utils
 
 class TestNodePreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture()
-    def user(self):
-        return AuthUserFactory()
-
-    @pytest.fixture()
-    def provider_one(self):
-        return PreprintProviderFactory(name='Sockarxiv')
-
-    @pytest.fixture()
-    def provider_two(self):
-        return PreprintProviderFactory(name='Piratearxiv')
-
-    @pytest.fixture()
-    def provider_three(self):
-        return PreprintProviderFactory(name='Mockarxiv')
-
-    @pytest.fixture()
-    def project_one(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_two(self, project_one):
-        return project_one
-
-    @pytest.fixture()
-    def project_three(self, project_one):
-        return project_one
-
-    @pytest.fixture()
-    def url(self, project_one):
-        return '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, project_one._id)
+    @pytest.fixture(autouse=True)
+    def setUp(self):
+        self.user = AuthUserFactory()
+        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
+        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
+        self.provider_three = PreprintProviderFactory(name='Mockarxiv')
+        self.project_one = ProjectFactory(creator=self.user)
+        self.project_two = self.project_one
+        self.project_three = self.project_one
+        self.url = '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, self.project_one._id)
+        super(TestNodePreprintsListFiltering, self).setUp()
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
diff --git a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
index 027c0b8258e..61ee700b354 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
@@ -1,10 +1,10 @@
 import pytest
+
 from nose.tools import *  # flake8: noqa
 
 from api.base.settings.defaults import API_BASE
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
-
 from framework.auth.core import Auth
 from tests.base import ApiTestCase
 from osf_tests.factories import (
@@ -16,37 +16,17 @@
 )
 
 class TestPreprintProviderPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture()
-    def user(self):
-        return AuthUserFactory()
-
-    @pytest.fixture()
-    def provider_one(self):
-        return PreprintProviderFactory(name='Sockarxiv')
-
-    @pytest.fixture()
-    def provider_two(self, provider_one):
-        return provider_one
-
-    @pytest.fixture()
-    def provider_three(self, provider_one):
-        return provider_one
-
-    @pytest.fixture()
-    def project_one(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_two(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_three(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def url(self, provider_one):
-        return '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, provider_one._id)
+    @pytest.fixture(autouse=True)
+    def setUp(self):
+        self.user = AuthUserFactory()
+        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
+        self.provider_two = self.provider_one
+        self.provider_three = self.provider_one
+        self.project_one = ProjectFactory(creator=self.user)
+        self.project_two = ProjectFactory(creator=self.user)
+        self.project_three = ProjectFactory(creator=self.user)
+        self.url = '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, self.provider_one._id)
+        super(TestPreprintProviderPreprintsListFiltering, self).setUp()
 
     def test_provider_filter_equals_returns_multiple(self):
         expected = set([self.preprint_one._id, self.preprint_two._id, self.preprint_three._id])
diff --git a/api_tests/preprints/filters/test_filters.py b/api_tests/preprints/filters/test_filters.py
index 1f4432fecdd..20a699f1ee7 100644
--- a/api_tests/preprints/filters/test_filters.py
+++ b/api_tests/preprints/filters/test_filters.py
@@ -1,4 +1,3 @@
-# -*- coding: utf-8 -*-
 import pytest
 
 from framework.auth.core import Auth
@@ -12,68 +11,19 @@
 
 @pytest.mark.django_db
 class PreprintsListFilteringMixin(object):
-
-    # FIXTURES
-
-    @pytest.fixture()
-    def user(self):
-        raise NotImplementedError("subclass must define a user fixture")
-
-    @pytest.fixture()
-    def provider_one(self):
-        raise NotImplementedError("subclass must define a provider_one fixture")
-
-    @pytest.fixture()
-    def provider_two(self):
-        raise NotImplementedError("subclass must define a provider_two fixture")
-
-    @pytest.fixture()
-    def provider_three(self):
-        raise NotImplementedError("subclass must define a provider_three fixture")
-
-    @pytest.fixture()
-    def project_one(self):
-        raise NotImplementedError("subclass must define a project_one fixture")
-
-    @pytest.fixture()
-    def project_two(self):
-        raise NotImplementedError("subclass must define a project_two fixture")
-
-    @pytest.fixture()
-    def project_three(self):
-        raise NotImplementedError("subclass must define a project_three fixture")
-
-    @pytest.fixture()
-    def url(self):
-        raise NotImplementedError("subclass must define a url fixture")
-
-    @pytest.fixture()
-    def app(self):
-        return JSONAPITestApp()
-
-    @pytest.fixture()
-    def subject_one(self):
-        return SubjectFactory(text='First Subject')
-
-    @pytest.fixture()
-    def subject_two(self):
-        return SubjectFactory(text='Second Subject')
-
-    # SETUP
-
-    @pytest.fixture(scope="function", autouse=True)
-    def int(self, user, provider_one, provider_two, provider_three, project_one, project_two, project_three, url, app, subject_one, subject_two):
-        self.user = user
-        self.provider_one = provider_one
-        self.provider_two = provider_two
-        self.provider_three = provider_three
-        self.project_one = project_one
-        self.project_two = project_two
-        self.project_three = project_three
-        self.url = url
-        self.app = app
-        self.subject_one = subject_one
-        self.subject_two = subject_two
+    def setUp(self):
+        assert self.user, 'Subclasses of PreprintsListFilteringMixin must define self.user'
+        assert self.provider_one, 'Subclasses of PreprintsListFilteringMixin must define self.provider_one'
+        assert self.provider_two, 'Subclasses of PreprintsListFilteringMixin must define self.provider_two'
+        assert self.provider_three, 'Subclasses of PreprintsListFilteringMixin must define self.provider_three'
+        assert self.project_one, 'Subclasses of PreprintsListFilteringMixin must define self.project_one'
+        assert self.project_two, 'Subclasses of PreprintsListFilteringMixin must define self.project_two'
+        assert self.project_three, 'Subclasses of PreprintsListFilteringMixin must define self.project_three'
+        assert self.url, 'Subclasses of PreprintsListFilteringMixin must define self.url'
+
+        self.app = JSONAPITestApp()
+        self.subject_one = SubjectFactory(text='First Subject')
+        self.subject_two = SubjectFactory(text='Second Subject')
 
         self.preprint_one = PreprintFactory(creator=self.user, project=self.project_one, provider=self.provider_one, subjects=[[self.subject_one._id]])
         self.preprint_two = PreprintFactory(creator=self.user, project=self.project_two, filename='tough.txt', provider=self.provider_two, subjects=[[self.subject_two._id]])
@@ -99,8 +49,6 @@ def int(self, user, provider_one, provider_two, provider_three, project_one, pro
 
         self.has_subject = '{}filter[subjects]='.format(self.url)
 
-    # TESTS
-
     def test_provider_filter_null(self):
         expected = []
         res = self.app.get('{}null'.format(self.provider_url), auth=self.user.auth)
diff --git a/api_tests/preprints/views/test_preprint_list.py b/api_tests/preprints/views/test_preprint_list.py
index f79069913e6..1e1a6bec368 100644
--- a/api_tests/preprints/views/test_preprint_list.py
+++ b/api_tests/preprints/views/test_preprint_list.py
@@ -1,4 +1,6 @@
 import pytest
+import mock
+
 from nose.tools import *  # flake8: noqa
 
 from addons.github.models import GithubFile
@@ -9,9 +11,8 @@
 from website.util import permissions
 from osf.models import PreprintService, Node
 from website.project import signals as project_signals
-import mock
-
 from tests.base import ApiTestCase, capture_signals
+from api_tests import utils as test_utils
 from osf_tests.factories import (
     ProjectFactory,
     PreprintFactory,
@@ -20,8 +21,6 @@
     PreprintProviderFactory
 )
 
-from api_tests import utils as test_utils
-
 def build_preprint_create_payload(node_id=None, provider_id=None, file_id=None, attrs={}):
     payload = {
         "data": {
@@ -78,37 +77,17 @@ def test_exclude_nodes_from_preprints_endpoint(self):
         assert_not_in(self.project._id, ids)
 
 class TestPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture()
-    def user(self):
-        return AuthUserFactory()
-
-    @pytest.fixture()
-    def provider_one(self):
-        return PreprintProviderFactory(name='Sockarxiv')
-
-    @pytest.fixture()
-    def provider_two(self):
-        return PreprintProviderFactory(name='Piratearxiv')
-
-    @pytest.fixture()
-    def provider_three(self, provider_one):
-        return provider_one
-
-    @pytest.fixture()
-    def project_one(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_two(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_three(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def url(self):
-        return '/{}preprints/?version=2.2&'.format(API_BASE)
+    @pytest.fixture(autouse=True)
+    def setUp(self):
+        self.user = AuthUserFactory()
+        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
+        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
+        self.provider_three = self.provider_one
+        self.project_one = ProjectFactory(creator=self.user)
+        self.project_two = ProjectFactory(creator=self.user)
+        self.project_three = ProjectFactory(creator=self.user)
+        self.url = '/{}preprints/?version=2.2&'.format(API_BASE)
+        super(TestPreprintsListFiltering, self).setUp()
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]
diff --git a/api_tests/users/views/test_user_preprints_list.py b/api_tests/users/views/test_user_preprints_list.py
index 2b8fec587c3..675cbf29553 100644
--- a/api_tests/users/views/test_user_preprints_list.py
+++ b/api_tests/users/views/test_user_preprints_list.py
@@ -1,7 +1,13 @@
 import pytest
+
 from nose.tools import *  # flake8: noqa
 
 from tests.base import ApiTestCase
+from osf.models import PreprintService, Node
+from website.util import permissions
+from api.base.settings.defaults import API_BASE
+from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
+from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
 from osf_tests.factories import (
     ProjectFactory,
     PreprintFactory,
@@ -9,13 +15,6 @@
     SubjectFactory,
     PreprintProviderFactory
 )
-from osf.models import PreprintService, Node
-
-from website.util import permissions
-
-from api.base.settings.defaults import API_BASE
-from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
-from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
 
 class TestUserPreprints(ApiTestCase):
 
@@ -73,37 +72,17 @@ def test_get_projects_logged_in_as_different_user(self):
         assert_not_in(self.private_project._id, ids)
 
 class TestUserPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture()
-    def user(self):
-        return AuthUserFactory()
-
-    @pytest.fixture()
-    def provider_one(self):
-        return PreprintProviderFactory(name='Sockarxiv')
-
-    @pytest.fixture()
-    def provider_two(self):
-        return PreprintProviderFactory(name='Piratearxiv')
-
-    @pytest.fixture()
-    def provider_three(self, provider_one):
-        return provider_one
-
-    @pytest.fixture()
-    def project_one(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_two(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def project_three(self, user):
-        return ProjectFactory(creator=user)
-
-    @pytest.fixture()
-    def url(self, user):
-        return '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user._id)
+    @pytest.fixture(autouse=True)
+    def setUp(self):
+        self.user = AuthUserFactory()
+        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
+        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
+        self.provider_three = self.provider_one
+        self.project_one = ProjectFactory(creator=self.user)
+        self.project_two = ProjectFactory(creator=self.user)
+        self.project_three = ProjectFactory(creator=self.user)
+        self.url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, self.user._id)
+        super(TestUserPreprintsListFiltering, self).setUp()
 
     def test_provider_filter_equals_returns_one(self):
         expected = [self.preprint_two._id]

From dd32b678b9db276770afa4e770b92f649f051a1c Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Tue, 23 May 2017 10:36:37 -0400
Subject: [PATCH 021/163] add test

---
 framework/auth/core.py  |  8 +-------
 framework/auth/utils.py | 10 ++++++++++
 osf/models/user.py      | 10 ++--------
 tests/test_auth.py      |  9 ++++++++-
 tests/test_utils.py     |  1 +
 5 files changed, 22 insertions(+), 16 deletions(-)

diff --git a/framework/auth/core.py b/framework/auth/core.py
index 98317334c33..f6800391548 100644
--- a/framework/auth/core.py
+++ b/framework/auth/core.py
@@ -800,13 +800,7 @@ def check_password(self, raw_password):
 
     @property
     def csl_given_name(self):
-        parts = [self.given_name]
-        if self.middle_names:
-            parts.extend(each[0] for each in re.split(r'\s+', self.middle_names))
-        given = ' '.join(parts)
-        if self.suffix:
-            given = '%s ,%s' % (given, self.suffix)
-        return given
+        return utils.generate_csl_given_name(self.given_name, self.middle_names, self.suffix)
 
     @property
     def csl_name(self):
diff --git a/framework/auth/utils.py b/framework/auth/utils.py
index 9352ecbee76..b8a98e6dc6c 100644
--- a/framework/auth/utils.py
+++ b/framework/auth/utils.py
@@ -126,3 +126,13 @@ def validate_recaptcha(response, remote_ip=None):
         payload.update({'remoteip': remote_ip})
     resp = requests.post(settings.RECAPTCHA_VERIFY_URL, data=payload)
     return resp.status_code == httplib.OK and resp.json().get('success')
+
+
+def generate_csl_given_name(given_name, middle_names, suffix):
+    parts = [given_name]
+    if middle_names:
+        parts.extend(each[0] for each in re.split(r'\s+', middle_names))
+    given = ' '.join(parts)
+    if suffix:
+        given = '%s ,%s' % (given, suffix)
+    return given
\ No newline at end of file
diff --git a/osf/models/user.py b/osf/models/user.py
index 9a845243638..fab7ade9166 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -23,7 +23,7 @@
 from django.db.models.signals import post_save
 from django.db import models
 from django.utils import timezone
-from framework.auth import Auth, signals
+from framework.auth import Auth, signals, utils
 from framework.auth.core import generate_verification_key
 from framework.auth.exceptions import (ChangePasswordError, ExpiredTokenError,
                                        InvalidTokenError,
@@ -463,13 +463,7 @@ def system_tags(self):
 
     @property
     def csl_given_name(self):
-        parts = [self.given_name]
-        if self.middle_names:
-            parts.extend(each[0] for each in re.split(r'\s+', self.middle_names))
-        given = ' '.join(parts)
-        if self.suffix:
-            given = '%s ,%s' % (given, self.suffix)
-        return given
+        return utils.generate_csl_given_name(self.given_name, self.middle_names, self.suffix)
 
     @property
     def csl_name(self):
diff --git a/tests/test_auth.py b/tests/test_auth.py
index ad4e2dd53a7..e9d7e5c4aa2 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -13,7 +13,7 @@
 
 from framework import auth
 from framework.auth import cas
-from framework.auth.utils import validate_recaptcha
+from framework.auth.utils import validate_recaptcha, generate_csl_given_name
 from framework.sessions import Session
 from framework.exceptions import HTTPError
 from tests.base import OsfTestCase, assert_is_redirect, fake
@@ -42,6 +42,13 @@
 
 class TestAuthUtils(OsfTestCase):
 
+    def test_generate_csl_given_name(self):
+        given_name = 'Cause'
+        middle_names = 'Awesome'
+        suffix = 'Jr.'
+        csl_given_name = generate_csl_given_name(given_name, middle_names, suffix)
+        assert_equal(csl_given_name, 'Cause A ,Jr.')
+
     def test_unreg_user_can_register(self):
         user = UnregUserFactory()
 
diff --git a/tests/test_utils.py b/tests/test_utils.py
index 29dcd01c487..424c4b44c8b 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -324,6 +324,7 @@ def test_resolve_asset_not_found_and_not_in_debug_mode(self):
         with assert_raises(KeyError):
             paths.webpack_asset('bundle.js', self.asset_paths, debug=False)
 
+
 class TestWebsiteUtils(unittest.TestCase):
 
     def test_conjunct(self):

From 97975a38cdab51ad0f73ab9d881dfd8458c26c1a Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Tue, 23 May 2017 13:03:56 -0400
Subject: [PATCH 022/163] fix flake 8

---
 framework/auth/utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/framework/auth/utils.py b/framework/auth/utils.py
index b8a98e6dc6c..31a208a821b 100644
--- a/framework/auth/utils.py
+++ b/framework/auth/utils.py
@@ -135,4 +135,4 @@ def generate_csl_given_name(given_name, middle_names, suffix):
     given = ' '.join(parts)
     if suffix:
         given = '%s ,%s' % (given, suffix)
-    return given
\ No newline at end of file
+    return given

From 9b4fc7e53470acaaf488682e966e5cf85e39b771 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 10:23:07 -0400
Subject: [PATCH 023/163] conversion of test_serializers.py and
 test_node_citations.py

---
 .../nodes/serializers/test_serializers.py     | 98 +++++++++----------
 api_tests/nodes/views/test_node_citations.py  | 55 ++++++-----
 2 files changed, 73 insertions(+), 80 deletions(-)

diff --git a/api_tests/nodes/serializers/test_serializers.py b/api_tests/nodes/serializers/test_serializers.py
index 105907311f7..9d5e1e689d8 100644
--- a/api_tests/nodes/serializers/test_serializers.py
+++ b/api_tests/nodes/serializers/test_serializers.py
@@ -1,23 +1,21 @@
-# -*- coding: utf-8 -*-
-from urlparse import urlparse
+import pytest
 
-from nose.tools import *  # flake8: noqa
+from urlparse import urlparse
 from dateutil.parser import parse as parse_date
 
 from tests.base import DbTestCase, assert_datetime_equal
 from tests.utils import make_drf_request_with_version
 from osf_tests.factories import UserFactory, NodeFactory, RegistrationFactory, ProjectFactory
-
 from framework.auth import Auth
 from api.nodes.serializers import NodeSerializer
 from api.registrations.serializers import RegistrationSerializer
 from api.base.settings.defaults import API_BASE
 
+@pytest.mark.django_db
+class TestNodeSerializer(object):
 
-class TestNodeSerializer(DbTestCase):
-
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeSerializer, self).setUp()
         self.user = UserFactory()
 
     def test_node_serialization(self):
@@ -26,36 +24,35 @@ def test_node_serialization(self):
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(node, context={'request': req}).data
         data = result['data']
-        assert_equal(data['id'], node._id)
-        assert_equal(data['type'], 'nodes')
+        assert data['id'] == node._id
+        assert data['type'] == 'nodes'
 
         # Attributes
         attributes = data['attributes']
-        assert_equal(attributes['title'], node.title)
-        assert_equal(attributes['description'], node.description)
-        assert_equal(attributes['public'], node.is_public)
-        assert_equal(attributes['tags'], [str(each.name) for each in node.tags.all()])
-        assert_equal(attributes['current_user_can_comment'], False)
-        assert_equal(attributes['category'], node.category)
-        assert_equal(attributes['registration'], node.is_registration)
-        assert_equal(attributes['fork'], node.is_fork)
-        assert_equal(attributes['collection'], node.is_collection)
+        assert attributes['title'] == node.title
+        assert attributes['description'] == node.description
+        assert attributes['public'] == node.is_public
+        assert attributes['tags'] == [str(each.name) for each in node.tags.all()]
+        assert attributes['current_user_can_comment'] == False
+        assert attributes['category'] == node.category
+        assert attributes['registration'] == node.is_registration
+        assert attributes['fork'] == node.is_fork
+        assert attributes['collection'] == node.is_collection
 
         # Relationships
         relationships = data['relationships']
-        assert_in('children', relationships)
-        assert_in('contributors', relationships)
-        assert_in('files', relationships)
-        assert_in('parent', relationships)
-        assert_in('affiliated_institutions', relationships)
+        assert 'children' in relationships
+        assert 'contributors' in relationships
+        assert 'files' in relationships
+        assert 'parent' in relationships
+        assert 'affiliated_institutions' in relationships
         parent_link = relationships['parent']['links']['related']['href']
-        assert_equal(
-            urlparse(parent_link).path,
-            '/{}nodes/{}/'.format(API_BASE, parent._id)
-        )
-        assert_in('registrations', relationships)
+        assert (
+            urlparse(parent_link).path ==
+            '/{}nodes/{}/'.format(API_BASE, parent._id))
+        assert 'registrations' in relationships
         # Not a fork, so forked_from is removed entirely
-        assert_not_in('forked_from', relationships)
+        assert 'forked_from' not in relationships
 
     def test_fork_serialization(self):
         node = NodeFactory(creator=self.user)
@@ -67,10 +64,9 @@ def test_fork_serialization(self):
         # Relationships
         relationships = data['relationships']
         forked_from = relationships['forked_from']['links']['related']['href']
-        assert_equal(
-            urlparse(forked_from).path,
-            '/{}nodes/{}/'.format(API_BASE, node._id)
-        )
+        assert (
+            urlparse(forked_from).path ==
+            '/{}nodes/{}/'.format(API_BASE, node._id))
 
     def test_template_serialization(self):
         node = NodeFactory(creator=self.user)
@@ -82,10 +78,9 @@ def test_template_serialization(self):
         # Relationships
         relationships = data['relationships']
         templated_from = relationships['template_node']['links']['related']['href']
-        assert_equal(
-            urlparse(templated_from).path,
-            '/{}nodes/{}/'.format(API_BASE, node._id)
-        )
+        assert (
+            urlparse(templated_from).path ==
+            '/{}nodes/{}/'.format(API_BASE, node._id))
 
 class TestNodeRegistrationSerializer(DbTestCase):
 
@@ -95,8 +90,8 @@ def test_serialization(self):
         reg = RegistrationFactory(creator=user)
         result = RegistrationSerializer(reg, context={'request': req}).data
         data = result['data']
-        assert_equal(data['id'], reg._id)
-        assert_equal(data['type'], 'registrations')
+        assert data['id'] == reg._id
+        assert data['type'] == 'registrations'
         should_not_relate_to_registrations = [
             'registered_from',
             'registered_by',
@@ -109,28 +104,25 @@ def test_serialization(self):
             parse_date(attributes['date_registered']),
             reg.registered_date
         )
-        assert_equal(attributes['withdrawn'], reg.is_retracted)
+        assert attributes['withdrawn'] == reg.is_retracted
 
         # Relationships
         relationships = data['relationships']
         relationship_urls = {}
         for relationship in relationships:
             relationship_urls[relationship]=relationships[relationship]['links']['related']['href']
-        assert_in('registered_by', relationships)
+        assert 'registered_by' in relationships
         registered_by = relationships['registered_by']['links']['related']['href']
-        assert_equal(
-            urlparse(registered_by).path,
-            '/{}users/{}/'.format(API_BASE, user._id)
-        )
-        assert_in('registered_from', relationships)
+        assert (
+            urlparse(registered_by).path ==
+            '/{}users/{}/'.format(API_BASE, user._id))
+        assert 'registered_from' in relationships
         registered_from = relationships['registered_from']['links']['related']['href']
-        assert_equal(
-            urlparse(registered_from).path,
-            '/{}nodes/{}/'.format(API_BASE, reg.registered_from._id)
-        )
+        assert (
+            urlparse(registered_from).path ==
+            '/{}nodes/{}/'.format(API_BASE, reg.registered_from._id))
         for relationship in relationship_urls:
             if relationship in should_not_relate_to_registrations:
-                assert_not_in('/{}registrations/'.format(API_BASE), relationship_urls[relationship])
+                assert '/{}registrations/'.format(API_BASE) not in relationship_urls[relationship]
             else:
-                assert_in('/{}registrations/'.format(API_BASE), relationship_urls[relationship],
-                          'For key {}'.format(relationship))
+                assert '/{}registrations/'.format(API_BASE) in relationship_urls[relationship], 'For key {}'.format(relationship)
diff --git a/api_tests/nodes/views/test_node_citations.py b/api_tests/nodes/views/test_node_citations.py
index 6f456fbccf3..c9bd036b53a 100644
--- a/api_tests/nodes/views/test_node_citations.py
+++ b/api_tests/nodes/views/test_node_citations.py
@@ -1,22 +1,19 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from framework.auth.core import Auth
-
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from tests.factories import (
     ProjectFactory,
     AuthUserFactory,
 )
 
-
+@pytest.mark.django_db
 class NodeCitationsMixin(object):
 
 	def setUp(self):
-		super(NodeCitationsMixin, self).setUp()
-
+		self.app = JSONAPITestApp()
 		self.admin_contributor = AuthUserFactory()
 		self.rw_contributor = AuthUserFactory()
 		self.read_contributor = AuthUserFactory()
@@ -29,51 +26,55 @@ def setUp(self):
 		self.private_project.add_contributor(self.read_contributor, permissions=['read'], auth=Auth(self.admin_contributor))
 		self.private_project.save()
 
-	def test_admin_can_view_private_project_citations(self):
+	def test_node_citations(self):
+
+	#   test_admin_can_view_private_project_citations
 		res = self.app.get(self.private_url, auth=self.admin_contributor.auth)
-		assert_equal(res.status_code, 200)
+		assert res.status_code == 200
 
-	def test_rw_contributor_can_view_private_project_citations(self):
+	#   test_rw_contributor_can_view_private_project_citations
 		res = self.app.get(self.private_url, auth=self.rw_contributor.auth)
-		assert_equal(res.status_code, 200)
+		assert res.status_code == 200
 
-	def test_read_contributor_can_view_private_project_citations(self):
+	#   test_read_contributor_can_view_private_project_citations
 		res = self.app.get(self.private_url, auth=self.read_contributor.auth)
-		assert_equal(res.status_code, 200)
+		assert res.status_code == 200
 
-	def test_non_contributor_cannot_view_private_project_citations(self):
+	#   test_non_contributor_cannot_view_private_project_citations
 		res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
-		assert_equal(res.status_code, 403)
-		assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
+		assert res.status_code == 403
+		assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-	def test_unauthenticated_cannot_view_private_project_citations(self):
+	#   test_unauthenticated_cannot_view_private_project_citations
 		res = self.app.get(self.private_url, expect_errors=True)
-		assert_equal(res.status_code, 401)
-		assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
+		assert res.status_code == 401
+		assert res.json['errors'][0]['detail'] == 'Authentication credentials were not provided.'
 
-	def test_unauthenticated_can_view_public_project_citations(self):
+	#   test_unauthenticated_can_view_public_project_citations
 		res = self.app.get(self.public_url)
-		assert_equal(res.status_code, 200)
+		assert res.status_code == 200
 
-	def test_citations_are_read_only(self):
+	#   test_citations_are_read_only
 		post_res = self.app.post_json_api(self.public_url, {}, auth=self.admin_contributor.auth, expect_errors=True)
-		assert_equal(post_res.status_code, 405)
+		assert post_res.status_code == 405
 		put_res = self.app.put_json_api(self.public_url, {}, auth=self.admin_contributor.auth, expect_errors=True)
-		assert_equal(put_res.status_code, 405)
+		assert put_res.status_code == 405
 		delete_res = self.app.delete_json_api(self.public_url, auth=self.admin_contributor.auth, expect_errors=True)
-		assert_equal(delete_res.status_code, 405)
+		assert delete_res.status_code == 405
 
 
-class TestNodeCitations(NodeCitationsMixin, ApiTestCase):
+class TestNodeCitations(NodeCitationsMixin):
 
+	@pytest.fixture(autouse=True)
 	def setUp(self):
 		super(TestNodeCitations, self).setUp()
 		self.public_url = '/{}nodes/{}/citation/'.format(API_BASE, self.public_project._id)
 		self.private_url = '/{}nodes/{}/citation/'.format(API_BASE, self.private_project._id)
 
 
-class TestNodeCitationsStyle(NodeCitationsMixin, ApiTestCase):
+class TestNodeCitationsStyle(NodeCitationsMixin):
 
+	@pytest.fixture(autouse=True)
 	def setUp(self):
 		super(TestNodeCitationsStyle, self).setUp()
 		self.public_url = '/{}nodes/{}/citation/apa/'.format(API_BASE, self.public_project._id)

From 34584546f9c8a5722fee7af185e2814fa36b574e Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 11:42:54 -0400
Subject: [PATCH 024/163] converted more simple node test files to pytest

---
 .../nodes/serializers/test_serializers.py     |   2 +-
 api_tests/nodes/views/test_node_citations.py  |   2 +-
 api_tests/nodes/views/test_node_embeds.py     |  59 ++++----
 api_tests/nodes/views/test_node_exceptions.py |  59 ++++----
 .../views/test_node_institutions_list.py      |  25 ++--
 .../nodes/views/test_node_links_detail.py     | 129 +++++++++---------
 6 files changed, 145 insertions(+), 131 deletions(-)

diff --git a/api_tests/nodes/serializers/test_serializers.py b/api_tests/nodes/serializers/test_serializers.py
index 9d5e1e689d8..7e7f5089171 100644
--- a/api_tests/nodes/serializers/test_serializers.py
+++ b/api_tests/nodes/serializers/test_serializers.py
@@ -12,7 +12,7 @@
 from api.base.settings.defaults import API_BASE
 
 @pytest.mark.django_db
-class TestNodeSerializer(object):
+class TestNodeSerializer:
 
     @pytest.fixture(autouse=True)
     def setUp(self):
diff --git a/api_tests/nodes/views/test_node_citations.py b/api_tests/nodes/views/test_node_citations.py
index c9bd036b53a..38635ac8ecd 100644
--- a/api_tests/nodes/views/test_node_citations.py
+++ b/api_tests/nodes/views/test_node_citations.py
@@ -10,7 +10,7 @@
 )
 
 @pytest.mark.django_db
-class NodeCitationsMixin(object):
+class NodeCitationsMixin:
 
 	def setUp(self):
 		self.app = JSONAPITestApp()
diff --git a/api_tests/nodes/views/test_node_embeds.py b/api_tests/nodes/views/test_node_embeds.py
index 962ad1a53a6..eb4784c2afb 100644
--- a/api_tests/nodes/views/test_node_embeds.py
+++ b/api_tests/nodes/views/test_node_embeds.py
@@ -1,8 +1,8 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 import functools
 
 from framework.auth.core import Auth
-
+from tests.json_api_test_app import JSONAPITestApp
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
 from osf_tests.factories import (
@@ -10,11 +10,12 @@
     AuthUserFactory
 )
 
-class TestNodeEmbeds(ApiTestCase):
+@pytest.mark.django_db
+class TestNodeEmbeds:
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeEmbeds, self).setUp()
-
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.auth = Auth(self.user)
         make_public_node = functools.partial(ProjectFactory, is_public=False, creator=self.user)
@@ -31,30 +32,32 @@ def setUp(self):
         self.contrib2 = self.contribs[1]
         self.subchild = ProjectFactory(parent=self.child2, creator=self.contrib1)
 
-    def test_embed_children(self):
+    def test_node_embeds(self):
+
+    #   test_embed_children
         url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, self.root_node._id)
 
         res = self.app.get(url, auth=self.user.auth)
         embeds = res.json['data']['embeds']
         ids = [self.child1._id, self.child2._id]
         for child in embeds['children']['data']:
-            assert_in(child['id'], ids)
+            assert child['id'] in ids
 
-    def test_embed_parent(self):
+    #   test_embed_parent
         url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.child1._id)
 
         res = self.app.get(url, auth=self.user.auth)
         embeds = res.json['data']['embeds']
-        assert_equal(embeds['parent']['data']['id'], self.root_node._id)
+        assert embeds['parent']['data']['id'] == self.root_node._id
 
-    def test_embed_no_parent(self):
+    #   test_embed_no_parent
         url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.root_node._id)
 
         res = self.app.get(url, auth=self.user.auth)
         data = res.json['data']
-        assert_not_in('embeds', data)
+        assert 'embeds' not in data
 
-    def test_embed_contributors(self):
+    #   test_embed_contributors
         url = '/{0}nodes/{1}/?embed=contributors'.format(API_BASE, self.child1._id)
 
         res = self.app.get(url, auth=self.user.auth)
@@ -62,39 +65,39 @@ def test_embed_contributors(self):
         ids = [c._id for c in self.contribs] + [self.user._id]
         ids = ['{}-{}'.format(self.child1._id, id_) for id_ in ids]
         for contrib in embeds['contributors']['data']:
-            assert_in(contrib['id'], ids)
+            assert contrib['id'] in ids
 
-    def test_embed_children_filters_unauthorized(self):
+    #   test_embed_children_filters_unauthorized
         url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, self.root_node._id)
 
         res = self.app.get(url, auth=self.contrib1.auth)
         embeds = res.json['data']['embeds']
         ids = [c['id'] for c in embeds['children']['data']]
-        assert_not_in(self.child2._id, ids)
-        assert_in(self.child1._id, ids)
+        assert self.child2._id not in ids
+        assert self.child1._id in ids
 
-    def test_embed_parent_unauthorized(self):
+    #   test_embed_parent_unauthorized
         url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.subchild._id)
 
         res = self.app.get(url, auth=self.contrib1.auth)
-        assert_in('errors', res.json['data']['embeds']['parent'])
-        assert_equal(res.json['data']['embeds']['parent']['errors'][0]['detail'], 'You do not have permission to perform this action.')
+        assert 'errors' in res.json['data']['embeds']['parent']
+        assert res.json['data']['embeds']['parent']['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-    def test_embed_attributes_not_relationships(self):
+    #   test_embed_attributes_not_relationships
         url = '/{}nodes/{}/?embed=title'.format(API_BASE, self.root_node._id)
 
         res = self.app.get(url, auth=self.contrib1.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], "The following fields are not embeddable: title")
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'The following fields are not embeddable: title'
 
-    def test_embed_contributors_pagination(self):
+    #   test_embed_contributors_pagination
         url = '/{}nodes/{}/?embed=contributors'.format(API_BASE, self.root_node._id)
         res = self.app.get(url, auth=self.contrib1.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic'], 3)
+        assert res.status_code == 200
+        assert res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic'] == 3
 
-    def test_embed_contributors_updated_pagination(self):
+    #   test_embed_contributors_updated_pagination
         url = '/{}nodes/{}/?version=2.1&embed=contributors'.format(API_BASE, self.root_node._id)
         res = self.app.get(url, auth=self.contrib1.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['embeds']['contributors']['meta']['total_bibliographic'], 3)
+        assert res.status_code == 200
+        assert res.json['data']['embeds']['contributors']['meta']['total_bibliographic'] == 3
diff --git a/api_tests/nodes/views/test_node_exceptions.py b/api_tests/nodes/views/test_node_exceptions.py
index a78c0117bac..80710971486 100644
--- a/api_tests/nodes/views/test_node_exceptions.py
+++ b/api_tests/nodes/views/test_node_exceptions.py
@@ -1,19 +1,19 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory
 )
 
+@pytest.mark.django_db
+class TestExceptionFormatting:
 
-class TestExceptionFormatting(ApiTestCase):
+    @pytest.fixture(autouse=True)
     def setUp(self):
-
-        super(TestExceptionFormatting, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.non_contrib = AuthUserFactory()
 
@@ -35,45 +35,48 @@ def setUp(self):
         self.public_project = ProjectFactory(is_public=True, creator=self.user)
         self.private_url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
 
-    def test_creates_project_with_no_title_formatting(self):
+    def test_exception_formatting(self):
+
+    #   test_creates_project_with_no_title_formatting
         url = '/{}nodes/'.format(API_BASE)
         res = self.app.post_json_api(url, self.project_no_title, auth=self.user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(res.json['errors'][0]['source'], {'pointer': '/data/attributes/title'})
-        assert_equal(res.json['errors'][0]['detail'], 'This field is required.')
+        assert res.json['errors'][0]['source'] == {'pointer': '/data/attributes/title'}
+        assert res.json['errors'][0]['detail'] == 'This field is required.'
 
-    def test_node_does_not_exist_formatting(self):
+    #   test_node_does_not_exist_formatting
         url = '/{}nodes/{}/'.format(API_BASE, '12345')
         res = self.app.get(url, auth=self.user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(errors[0], {'detail': 'Not found.'})
+        assert errors[0] == {'detail': 'Not found.'}
 
-    def test_forbidden_formatting(self):
+    #   test_forbidden_formatting
         res = self.app.get(self.private_url, auth=self.non_contrib.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(errors[0], {'detail': 'You do not have permission to perform this action.'})
+        assert errors[0] == {'detail': 'You do not have permission to perform this action.'}
 
-    def test_not_authorized_formatting(self):
+    #   test_not_authorized_formatting
         res = self.app.get(self.private_url, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(errors[0], {'detail': "Authentication credentials were not provided."})
+        assert errors[0] == {'detail': 'Authentication credentials were not provided.'}
 
-    def test_update_project_with_no_title_or_category_formatting(self):
+    #   test_update_project_with_no_title_or_category_formatting
         res = self.app.put_json_api(self.private_url, {'data': {'type': 'nodes', 'id': self.private_project._id, 'attributes': {'description': 'New description'}}}, auth=self.user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(len(errors), 2)
+        assert len(errors) == 2
         errors = res.json['errors']
-        assert_items_equal([errors[0]['source'], errors[1]['source']],
-                           [{'pointer': '/data/attributes/category'}, {'pointer': '/data/attributes/title'}])
-        assert_items_equal([errors[0]['detail'], errors[1]['detail']],
-                           ['This field is required.', 'This field is required.'])
+        assert errors[0]['source'] == {'pointer': '/data/attributes/category'}
+        assert errors[1]['source'] == {'pointer': '/data/attributes/title'}
+
+        assert errors[0]['detail'] == 'This field is required.'
+        assert errors[1]['detail'] == 'This field is required.'
 
-    def test_create_node_link_no_target_formatting(self):
+    #   test_create_node_link_no_target_formatting
         url = self.private_url + 'node_links/'
         res = self.app.post_json_api(url, {
             'data': {
@@ -90,11 +93,11 @@ def test_create_node_link_no_target_formatting(self):
         }, auth=self.user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source'], {'pointer': '/data/id'})
-        assert_equal(res.json['errors'][0]['detail'], 'This field may not be blank.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source'] == {'pointer': '/data/id'}
+        assert res.json['errors'][0]['detail'] == 'This field may not be blank.'
 
-    def test_node_link_already_exists(self):
+    #   test_node_link_already_exists
         url = self.private_url + 'node_links/'
         res = self.app.post_json_api(url, {
             'data': {
@@ -109,7 +112,7 @@ def test_node_link_already_exists(self):
                 }
             }
         }, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
 
         res = self.app.post_json_api(url, {'data': {
             'type': 'node_links',
@@ -124,5 +127,5 @@ def test_node_link_already_exists(self):
         }}, auth=self.user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
         assert(self.public_project._id in res.json['errors'][0]['detail'])
diff --git a/api_tests/nodes/views/test_node_institutions_list.py b/api_tests/nodes/views/test_node_institutions_list.py
index 4cbf39542c9..aff0fcd71ce 100644
--- a/api_tests/nodes/views/test_node_institutions_list.py
+++ b/api_tests/nodes/views/test_node_institutions_list.py
@@ -1,13 +1,16 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from tests.base import ApiTestCase
+from tests.json_api_test_app import JSONAPITestApp
 from osf_tests.factories import InstitutionFactory, NodeFactory, AuthUserFactory
-
 from api.base.settings.defaults import API_BASE
 
-class TestNodeInstitutionDetail(ApiTestCase):
+@pytest.mark.django_db
+class TestNodeInstitutionDetail:
+
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeInstitutionDetail, self).setUp()
+        self.app = JSONAPITestApp()
         self.institution = InstitutionFactory()
         self.node = NodeFactory(is_public=True)
         self.node.affiliated_institutions.add(self.institution)
@@ -15,19 +18,21 @@ def setUp(self):
         self.user = AuthUserFactory()
         self.node2 = NodeFactory(creator=self.user)
 
-    def test_return_institution(self):
+    def test_node_institution_detail(self):
+
+    #   test_return_institution
         url = '/{0}nodes/{1}/institutions/'.format(API_BASE, self.node._id)
         res = self.app.get(url)
 
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data'][0]['attributes']['name'], self.institution.name)
-        assert_equal(res.json['data'][0]['id'], self.institution._id)
+        assert res.status_code == 200
+        assert res.json['data'][0]['attributes']['name'] == self.institution.name
+        assert res.json['data'][0]['id'] == self.institution._id
 
-    def test_return_no_institution(self):
+    #   test_return_no_institution
         url = '/{0}nodes/{1}/institution/'.format(API_BASE, self.node2._id)
         res = self.app.get(
                 url, auth=self.user.auth,
                 expect_errors=True
         )
 
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
diff --git a/api_tests/nodes/views/test_node_links_detail.py b/api_tests/nodes/views/test_node_links_detail.py
index 1c3e6793967..f02dc2aebef 100644
--- a/api_tests/nodes/views/test_node_links_detail.py
+++ b/api_tests/nodes/views/test_node_links_detail.py
@@ -1,27 +1,27 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
+
 from urlparse import urlparse
-from framework.auth.core import Auth
 
+from framework.auth.core import Auth
 from website.models import NodeLog
-
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
+from tests.utils import assert_logs
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
     AuthUserFactory,
 )
-from tests.utils import assert_logs
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.mark.django_db
+class TestNodeLinkDetail:
 
-class TestNodeLinkDetail(ApiTestCase):
-
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeLinkDetail, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.private_project = ProjectFactory(creator=self.user, is_public=False)
         self.pointer_project = ProjectFactory(creator=self.user, is_public=False)
@@ -37,61 +37,64 @@ def setUp(self):
                                                               save=True)
         self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id)
 
-    def test_returns_embedded_public_node_pointer_detail_logged_out(self):
+    def test_node_link_detail(self):
+
+    #   test_returns_embedded_public_node_pointer_detail_logged_out
         res = self.app.get(self.public_url)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
-    def test_returns_public_node_pointer_detail_logged_in(self):
+    #   test_returns_public_node_pointer_detail_logged_in
         res = self.app.get(self.public_url, auth=self.user.auth)
         res_json = res.json['data']
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
-    def test_returns_private_node_pointer_detail_logged_out(self):
+    #   test_returns_private_node_pointer_detail_logged_out
         res = self.app.get(self.private_url, expect_errors=True)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
-        assert_in('errors', target_node)
-        assert_equal(target_node['errors'][0]['detail'], 'You do not have permission to perform this action.')
+        assert 'errors' in target_node
+        assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-    def test_returns_private_node_pointer_detail_logged_in_contributor(self):
+    #   test_returns_private_node_pointer_detail_logged_in_contributor
         res = self.app.get(self.private_url, auth=self.user.auth)
         res_json = res.json['data']
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.pointer_project._id)
+        assert embedded == self.pointer_project._id
 
-    def test_returns_private_node_pointer_detail_logged_in_non_contributor(self):
+    #   test_returns_private_node_pointer_detail_logged_in_non_contributor
         res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
-        assert_in('errors', target_node)
-        assert_equal(target_node['errors'][0]['detail'], 'You do not have permission to perform this action.')
+        assert 'errors' in target_node
+        assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-    def test_self_link_points_to_node_link_detail_url(self):
+    #   test_self_link_points_to_node_link_detail_url
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         url = res.json['data']['links']['self']
-        assert_in(self.public_url, url)
+        assert self.public_url in url
 
-    def test_node_links_bad_version(self):
+    #   test_node_links_bad_version
         url = '{}?version=2.1'.format(self.public_url)
         res = self.app.get(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_equal(res.json['errors'][0]['detail'], 'This feature is deprecated as of version 2.1')
-
+        assert res.status_code == 404
+        assert res.json['errors'][0]['detail'] == 'This feature is deprecated as of version 2.1'
 
-class TestDeleteNodeLink(ApiTestCase):
+@pytest.mark.django_db
+class TestDeleteNodeLink:
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestDeleteNodeLink, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.project = ProjectFactory(creator=self.user, is_public=False)
         self.pointer_project = ProjectFactory(creator=self.user, is_public=True)
@@ -110,13 +113,13 @@ def setUp(self):
     def test_delete_node_link_no_permissions_for_target_node(self):
         pointer_project = ProjectFactory(creator=self.user_two, is_public=False)
         pointer = self.public_project.add_pointer(pointer_project, auth=Auth(self.user), save=True)
-        assert_in(pointer.child, self.public_project.nodes)
+        assert pointer.child in self.public_project.nodes
         url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, pointer._id)
         res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
         self.public_project.reload()
-        assert_not_in(pointer, self.public_project.nodes)
+        assert pointer not in self.public_project.nodes
 
     def test_cannot_delete_if_registration(self):
         registration = RegistrationFactory(project=self.public_project)
@@ -126,7 +129,7 @@ def test_cannot_delete_if_registration(self):
             registration._id,
         )
         res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         pointer_id = res.json['data'][0]['id']
 
         url = '/{}registrations/{}/node_links/{}/'.format(
@@ -135,66 +138,66 @@ def test_cannot_delete_if_registration(self):
             pointer_id,
         )
         res = self.app.delete(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 405)
+        assert res.status_code == 405
 
     def test_deletes_public_node_pointer_logged_out(self):
         res = self.app.delete(self.public_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0].keys())
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0].keys()
 
     def test_deletes_public_node_pointer_fails_if_bad_auth(self):
         node_count_before = len(self.public_project.nodes_pointer)
         res = self.app.delete(self.public_url, auth=self.user_two.auth, expect_errors=True)
         # This is could arguably be a 405, but we don't need to go crazy with status codes
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
         self.public_project.reload()
-        assert_equal(node_count_before, len(self.public_project.nodes_pointer))
+        assert node_count_before == len(self.public_project.nodes_pointer)
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
     def test_deletes_public_node_pointer_succeeds_as_owner(self):
         node_count_before = len(self.public_project.nodes_pointer)
         res = self.app.delete(self.public_url, auth=self.user.auth)
         self.public_project.reload()
-        assert_equal(res.status_code, 204)
-        assert_equal(node_count_before - 1, len(self.public_project.nodes_pointer))
+        assert res.status_code == 204
+        assert node_count_before - 1 == len(self.public_project.nodes_pointer)
 
     def test_deletes_private_node_pointer_logged_out(self):
         res = self.app.delete(self.private_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'project')
     def test_deletes_private_node_pointer_logged_in_contributor(self):
         res = self.app.delete(self.private_url, auth=self.user.auth)
         self.project.reload()  # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
-        assert_equal(len(self.project.nodes_pointer), 0)
+        assert res.status_code == 204
+        assert len(self.project.nodes_pointer) == 0
 
     def test_deletes_private_node_pointer_logged_in_non_contributor(self):
         res = self.app.delete(self.private_url, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
     def test_return_deleted_public_node_pointer(self):
         res = self.app.delete(self.public_url, auth=self.user.auth)
         self.public_project.reload() # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
         #check that deleted pointer can not be returned
         res = self.app.get(self.public_url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'project')
     def test_return_deleted_private_node_pointer(self):
         res = self.app.delete(self.private_url, auth=self.user.auth)
         self.project.reload()  # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
         #check that deleted pointer can not be returned
         res = self.app.get(self.private_url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     # Regression test for https://openscience.atlassian.net/browse/OSF-4322
     def test_delete_link_that_is_not_linked_to_correct_node(self):
@@ -205,8 +208,8 @@ def test_delete_link_that_is_not_linked_to_correct_node(self):
             auth=self.user.auth,
             expect_errors=True
         )
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
         errors = res.json['errors']
-        assert_equal(len(errors), 1)
-        assert_equal(errors[0]['detail'], 'Not found.')
+        assert len(errors) == 1
+        assert errors[0]['detail'] == 'Not found.'
 

From 9d5368218e7ac80edf858be8000e54e223bb2aa7 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 11:44:53 -0400
Subject: [PATCH 025/163] Removed (object) from mixing class

---
 api_tests/preprints/filters/test_filters.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api_tests/preprints/filters/test_filters.py b/api_tests/preprints/filters/test_filters.py
index 20a699f1ee7..fd55762aaff 100644
--- a/api_tests/preprints/filters/test_filters.py
+++ b/api_tests/preprints/filters/test_filters.py
@@ -10,7 +10,7 @@
 )
 
 @pytest.mark.django_db
-class PreprintsListFilteringMixin(object):
+class PreprintsListFilteringMixin:
     def setUp(self):
         assert self.user, 'Subclasses of PreprintsListFilteringMixin must define self.user'
         assert self.provider_one, 'Subclasses of PreprintsListFilteringMixin must define self.provider_one'

From b16538613902a9d90e2f20d152cdaae2a92aeed6 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 13:26:09 -0400
Subject: [PATCH 026/163] converted more simple node test files to pytest

---
 api_tests/nodes/views/test_node_links_list.py | 465 +++++++++---------
 api_tests/nodes/views/test_node_logs.py       | 124 ++---
 2 files changed, 297 insertions(+), 292 deletions(-)

diff --git a/api_tests/nodes/views/test_node_links_list.py b/api_tests/nodes/views/test_node_links_list.py
index 0c41b179eb1..83ef447eca1 100644
--- a/api_tests/nodes/views/test_node_links_list.py
+++ b/api_tests/nodes/views/test_node_links_list.py
@@ -1,27 +1,27 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
+
 from urlparse import urlparse
-from framework.auth.core import Auth
 
+from framework.auth.core import Auth
 from website.models import NodeLog
-
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
+from tests.utils import assert_logs
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
     AuthUserFactory
 )
-from tests.utils import assert_logs
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.mark.django_db
+class TestNodeLinksList:
 
-class TestNodeLinksList(ApiTestCase):
-
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeLinksList, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.project = ProjectFactory(is_public=False, creator=self.user)
         self.pointer_project = ProjectFactory(is_public=False, creator=self.user)
@@ -35,43 +35,51 @@ def setUp(self):
 
         self.user_two = AuthUserFactory()
 
-    def test_return_embedded_public_node_pointers_logged_out(self):
+    def test_non_mutational_node_links_list_tests(self):
+
+    #   test_return_embedded_public_node_pointers_logged_out
         res = self.app.get(self.public_url)
         res_json = res.json['data']
-        assert_equal(len(res_json), 1)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert len(res_json) == 1
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
 
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
-    def test_return_embedded_public_node_pointers_logged_in(self):
+    #   test_return_embedded_public_node_pointers_logged_in
         res = self.app.get(self.public_url, auth=self.user_two.auth)
         res_json = res.json['data']
-        assert_equal(len(res_json), 1)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert len(res_json) == 1
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
-    def test_return_private_node_pointers_logged_out(self):
+    #   test_return_private_node_pointers_logged_out
         res = self.app.get(self.private_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
-    def test_return_private_node_pointers_logged_in_contributor(self):
+    #   test_return_private_node_pointers_logged_in_contributor
         res = self.app.get(self.private_url, auth=self.user.auth)
         res_json = res.json['data']
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
-        assert_equal(len(res_json), 1)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
+        assert len(res_json) == 1
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.pointer_project._id)
+        assert embedded == self.pointer_project._id
 
-    def test_return_private_node_pointers_logged_in_non_contributor(self):
+    #   test_return_private_node_pointers_logged_in_non_contributor
         res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
+
+    #   test_node_links_bad_version
+        url = '{}?version=2.1'.format(self.public_url)
+        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
+        assert res.status_code == 404
+        assert res.json['errors'][0]['detail'] == 'This feature is deprecated as of version 2.1'
 
     def test_deleted_links_not_returned(self):
         res = self.app.get(self.public_url, expect_errors=True)
@@ -83,19 +91,14 @@ def test_deleted_links_not_returned(self):
 
         res = self.app.get(self.public_url)
         res_json = res.json['data']
-        assert_equal(len(res_json), original_length - 1)
-
-    def test_node_links_bad_version(self):
-        url = '{}?version=2.1'.format(self.public_url)
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_equal(res.json['errors'][0]['detail'], 'This feature is deprecated as of version 2.1')
+        assert len(res_json) == original_length - 1
 
+@pytest.mark.django_db
+class TestNodeLinkCreate:
 
-class TestNodeLinkCreate(ApiTestCase):
-
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeLinkCreate, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.project = ProjectFactory(is_public=False, creator=self.user)
         self.pointer_project = ProjectFactory(is_public=False, creator=self.user)
@@ -103,8 +106,8 @@ def setUp(self):
 
         self.private_payload = {
             'data': {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
                             'id': self.pointer_project._id,
@@ -120,8 +123,8 @@ def setUp(self):
         self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
         self.public_payload = {
             'data': {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
                             'id': self.public_pointer_project._id,
@@ -134,8 +137,8 @@ def setUp(self):
         self.fake_url = '/{}nodes/{}/node_links/'.format(API_BASE, 'fdxlq')
         self.fake_payload = {
             'data': {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
                             'id': 'fdxlq',
@@ -147,8 +150,8 @@ def setUp(self):
         }
         self.point_to_itself_payload = {
             'data': {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
                             'id': self.public_project._id,
@@ -184,13 +187,13 @@ def test_add_node_link_relationships_is_a_list(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Malformed request.'
 
     def test_create_node_link_invalid_data(self):
-        res = self.app.post_json_api(self.public_url, "Incorrect data", auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
+        res = self.app.post_json_api(self.public_url, 'Incorrect data', auth=self.user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Malformed request.'
 
 
     def test_add_node_link_no_relationships(self):
@@ -203,8 +206,8 @@ def test_add_node_link_no_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/relationships')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
 
     def test_add_node_links_empty_relationships(self):
         data = {
@@ -214,7 +217,7 @@ def test_add_node_links_empty_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/relationships')
+        assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
 
     def test_add_node_links_no_nodes_key_in_relationships(self):
         data = {
@@ -229,8 +232,8 @@ def test_add_node_links_no_nodes_key_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Malformed request.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Malformed request.'
 
     def test_add_node_links_no_data_in_relationships(self):
         data = {
@@ -245,8 +248,8 @@ def test_add_node_links_no_data_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /data.'
 
     def test_add_node_links_no_target_type_in_relationships(self):
         data = {
@@ -262,8 +265,8 @@ def test_add_node_links_no_target_type_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /type.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /type.'
 
 
     def test_add_node_links_no_target_id_in_relationships(self):
@@ -280,8 +283,8 @@ def test_add_node_links_no_target_id_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/id')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/id'
 
     def test_add_node_links_incorrect_target_id_in_relationships(self):
         data = {
@@ -298,7 +301,7 @@ def test_add_node_links_incorrect_target_id_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
 
     def test_add_node_links_incorrect_target_type_in_relationships(self):
         data = {
@@ -315,7 +318,7 @@ def test_add_node_links_incorrect_target_type_in_relationships(self):
             }
         }
         res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 409)
+        assert res.status_code == 409
 
     def test_creates_node_link_target_not_nested(self):
         payload = {
@@ -325,105 +328,105 @@ def test_creates_node_link_target_not_nested(self):
             }
         }
         res = self.app.post_json_api(self.public_url, payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/relationships')
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data/relationships.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
+        assert res.json['errors'][0]['detail'] == 'Request must include /data/relationships.'
 
     def test_creates_public_node_pointer_logged_out(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     def test_creates_public_node_pointer_logged_in(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
     def test_creates_private_node_pointer_logged_out(self):
         res = self.app.post_json_api(self.private_url, self.private_payload, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
     def test_creates_private_node_pointer_logged_in_contributor(self):
         res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.pointer_project._id)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert embedded == self.pointer_project._id
+        assert res.content_type == 'application/vnd.api+json'
 
     def test_creates_private_node_pointer_logged_in_non_contributor(self):
         res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     def test_create_node_pointer_non_contributing_node_to_contributing_node(self):
         res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'project')
     def test_create_node_pointer_contributing_node_to_non_contributing_node(self):
         res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.user_two_project._id)
+        assert embedded == self.user_two_project._id
 
     def test_create_pointer_non_contributing_node_to_fake_node(self):
         res = self.app.post_json_api(self.private_url, self.fake_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     def test_create_pointer_contributing_node_to_fake_node(self):
         res = self.app.post_json_api(self.private_url, self.fake_payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 400
+        assert 'detail' in res.json['errors'][0]
 
     def test_create_fake_node_pointing_to_contributing_node(self):
         res = self.app.post_json_api(self.fake_url, self.private_payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 404
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.post_json_api(self.fake_url, self.private_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 404
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     def test_create_node_pointer_to_itself(self):
         res = self.app.post_json_api(self.public_url, self.point_to_itself_payload, auth=self.user.auth)
         res_json = res.json['data']
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_project._id)
+        assert embedded == self.public_project._id
 
     def test_create_node_pointer_to_itself_unauthorized(self):
         res = self.app.post_json_api(self.public_url, self.point_to_itself_payload, auth=self.user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     def test_create_node_pointer_already_connected(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 400
+        assert 'detail' in res.json['errors'][0]
 
     def test_cannot_add_link_to_registration(self):
         registration = RegistrationFactory(creator=self.user)
@@ -443,7 +446,7 @@ def test_cannot_add_link_to_registration(self):
             }
         }
         res = self.app.post_json_api(url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     def test_create_node_pointer_no_type(self):
         payload = {
@@ -459,9 +462,9 @@ def test_create_node_pointer_no_type(self):
             }
         }
         res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'This field may not be null.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/type')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'This field may not be null.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data/type'
 
     def test_create_node_pointer_incorrect_type(self):
         payload = {
@@ -478,14 +481,15 @@ def test_create_node_pointer_incorrect_type(self):
             }
         }
         res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 409)
-        assert_equal(res.json['errors'][0]['detail'], 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.')
-
+        assert res.status_code == 409
+        assert res.json['errors'][0]['detail'] == 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
 
-class TestNodeLinksBulkCreate(ApiTestCase):
+@pytest.mark.django_db
+class TestNodeLinksBulkCreate:
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeLinksBulkCreate, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
 
         self.private_project = ProjectFactory(is_public=False, creator=self.user)
@@ -496,24 +500,24 @@ def setUp(self):
 
         self.private_payload = {
             'data': [{
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
-                            "id": self.private_pointer_project._id,
-                            "type": 'nodes'
+                            'id': self.private_pointer_project._id,
+                            'type': 'nodes'
                         }
                     }
 
                 }
             },
             {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
-                            "id": self.private_pointer_project_two._id,
-                            "type": 'nodes'
+                            'id': self.private_pointer_project_two._id,
+                            'type': 'nodes'
                         }
                     }
 
@@ -528,24 +532,24 @@ def setUp(self):
         self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
         self.public_payload = {
             'data': [{
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
-                            "id": self.public_pointer_project._id,
-                            "type": 'nodes'
+                            'id': self.public_pointer_project._id,
+                            'type': 'nodes'
                         }
                     }
 
                 }
             },
             {
-                "type": "node_links",
-                "relationships": {
+                'type': 'node_links',
+                'relationships': {
                     'nodes': {
                         'data': {
-                            "id": self.public_pointer_project_two._id,
-                            "type": 'nodes'
+                            'id': self.public_pointer_project_two._id,
+                            'type': 'nodes'
                         }
                     }
 
@@ -571,163 +575,163 @@ def setUp(self):
 
     def test_bulk_create_node_links_blank_request(self):
         res = self.app.post_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
 
     def test_bulk_creates_pointers_limits(self):
         payload = {'data': [self.public_payload['data'][0]] * 101}
         res = self.app.post_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
 
         res = self.app.get(self.public_url)
-        assert_equal(res.json['data'], [])
+        assert res.json['data'] == []
 
     def test_bulk_creates_project_target_not_nested(self):
         payload = {'data': [{'type': 'node_links', 'target_node_id': self.private_pointer_project._id}]}
         res = self.app.post_json_api(self.public_url, payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/relationships')
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data/relationships.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
+        assert res.json['errors'][0]['detail'] == 'Request must include /data/relationships.'
 
     def test_bulk_creates_public_node_pointers_logged_out(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.get(self.public_url)
-        assert_equal(res.json['data'], [])
+        assert res.json['data'] == []
 
     def test_bulk_creates_public_node_pointer_logged_in_non_contrib(self):
         res = self.app.post_json_api(self.public_url, self.public_payload,
                                      auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     def test_bulk_creates_public_node_pointer_logged_in_contrib(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
         embedded = res_json[1]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project_two._id)
+        assert embedded == self.public_pointer_project_two._id
 
 
     def test_bulk_creates_private_node_pointers_logged_out(self):
         res = self.app.post_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.get(self.private_url, auth=self.user.auth)
-        assert_equal(res.json['data'], [])
+        assert res.json['data'] == []
 
     @assert_logs(NodeLog.POINTER_CREATED, 'private_project', index=-1)
     @assert_logs(NodeLog.POINTER_CREATED, 'private_project')
     def test_bulk_creates_private_node_pointer_logged_in_contributor(self):
         res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.private_pointer_project._id)
+        assert embedded == self.private_pointer_project._id
 
         embedded = res_json[1]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.private_pointer_project_two._id)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert embedded == self.private_pointer_project_two._id
+        assert res.content_type == 'application/vnd.api+json'
 
     def test_bulk_creates_private_node_pointers_logged_in_non_contributor(self):
         res = self.app.post_json_api(self.private_url, self.private_payload,
                                      auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.get(self.private_url, auth=self.user.auth)
-        assert_equal(res.json['data'], [])
+        assert res.json['data'] == []
 
     def test_bulk_creates_node_pointers_non_contributing_node_to_contributing_node(self):
         res = self.app.post_json_api(self.private_url, self.user_two_payload,
                                      auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'private_project')
     def test_bulk_creates_node_pointers_contributing_node_to_non_contributing_node(self):
         res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.user_two_project._id)
+        assert embedded == self.user_two_project._id
 
         res = self.app.get(self.private_url, auth=self.user.auth)
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.user_two_project._id)
+        assert embedded == self.user_two_project._id
 
     def test_bulk_creates_pointers_non_contributing_node_to_fake_node(self):
         fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'fdxlq', 'type': 'nodes'}}}}]}
 
         res = self.app.post_json_api(self.private_url, fake_payload,
                                      auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     def test_bulk_creates_pointers_contributing_node_to_fake_node(self):
         fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'fdxlq', 'type': 'nodes'}}}}]}
 
         res = self.app.post_json_api(self.private_url, fake_payload,
                                      auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 400
+        assert 'detail' in res.json['errors'][0]
 
     def test_bulk_creates_fake_nodes_pointing_to_contributing_node(self):
         fake_url = '/{}nodes/{}/node_links/'.format(API_BASE, 'fdxlq')
 
         res = self.app.post_json_api(fake_url, self.private_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 404)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 404
+        assert 'detail' in res.json['errors'][0]
 
         res = self.app.post_json_api(fake_url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 404)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 404
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     def test_bulk_creates_node_pointer_to_itself(self):
         point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_project._id}}}}]}
 
         res = self.app.post_json_api(self.public_url, point_to_itself_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_project._id)
+        assert embedded == self.public_project._id
 
     def test_bulk_creates_node_pointer_to_itself_unauthorized(self):
         point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_project._id}}}}]}
 
         res = self.app.post_json_api(self.public_url, point_to_itself_payload, bulk=True, auth=self.user_two.auth,
                                      expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
     @assert_logs(NodeLog.POINTER_CREATED, 'public_project', index=-1)
     def test_bulk_creates_node_pointer_already_connected(self):
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert_equal(embedded, self.public_pointer_project._id)
+        assert embedded == self.public_pointer_project._id
 
         embedded_two = res_json[1]['embeds']['target_node']['data']['id']
-        assert_equal(embedded_two, self.public_pointer_project_two._id)
+        assert embedded_two == self.public_pointer_project_two._id
 
         res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_in("Target Node '{}' already pointed to by '{}'.".format(self.public_pointer_project._id, self.public_project._id), res.json['errors'][0]['detail'])
+        assert res.status_code == 400
+        assert 'Target Node \'{}\' already pointed to by \'{}\'.'.format(self.public_pointer_project._id, self.public_project._id) in res.json['errors'][0]['detail']
 
     def test_bulk_cannot_add_link_to_registration(self):
         registration = RegistrationFactory(creator=self.user)
@@ -735,26 +739,27 @@ def test_bulk_cannot_add_link_to_registration(self):
         url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id)
         payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_pointer_project._id}}}}]}
         res = self.app.post_json_api(url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     def test_bulk_creates_node_pointer_no_type(self):
         payload = {'data': [{'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.user_two_project._id}}}}]}
         res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'This field may not be null.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/0/type')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'This field may not be null.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data/0/type'
 
     def test_bulk_creates_node_pointer_incorrect_type(self):
         payload = {'data': [{'type': 'Wrong type.', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.user_two_project._id}}}}]}
         res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
-        assert_equal(res.json['errors'][0]['detail'], 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.')
+        assert res.status_code == 409
+        assert res.json['errors'][0]['detail'] == 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
 
+@pytest.mark.django_db
+class TestBulkDeleteNodeLinks:
 
-class TestBulkDeleteNodeLinks(ApiTestCase):
-
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestBulkDeleteNodeLinks, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.project = ProjectFactory(creator=self.user, is_public=False)
         self.pointer_project = ProjectFactory(creator=self.user, is_public=True)
@@ -764,9 +769,9 @@ def setUp(self):
         self.pointer_two = self.project.add_pointer(self.pointer_project_two, auth=Auth(self.user), save=True)
 
         self.private_payload = {
-              "data": [
-                {"type": "node_links", "id": self.pointer._id},
-                {"type": "node_links", "id": self.pointer_two._id}
+              'data': [
+                {'type': 'node_links', 'id': self.pointer._id},
+                {'type': 'node_links', 'id': self.pointer_two._id}
               ]
             }
 
@@ -796,20 +801,20 @@ def setUp(self):
 
     def test_bulk_delete_node_links_blank_request(self):
         res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
 
     def test_bulk_delete_pointer_limits(self):
         res = self.app.delete_json_api(self.public_url, {'data': [self.public_payload['data'][0]] * 101},
                                        auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
 
     def test_bulk_delete_dict_inside_data(self):
         res = self.app.delete_json_api(self.public_url, {'data': {'id': self.public_project._id, 'type': 'node_links'}},
                                        auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
 
     def test_bulk_delete_pointers_no_type(self):
         payload = {'data': [
@@ -817,8 +822,8 @@ def test_bulk_delete_pointers_no_type(self):
             {'id': self.public_pointer_two._id}
         ]}
         res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], "/data/type")
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/type'
 
     def test_bulk_delete_pointers_incorrect_type(self):
         payload = {'data': [
@@ -826,7 +831,7 @@ def test_bulk_delete_pointers_incorrect_type(self):
             {'id': self.public_pointer_two._id, 'type': 'Incorrect type.'}
         ]}
         res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
+        assert res.status_code == 409
 
     def test_bulk_delete_pointers_no_id(self):
         payload = {'data': [
@@ -834,18 +839,18 @@ def test_bulk_delete_pointers_no_id(self):
             {'type': 'node_links'}
         ]}
         res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], "/data/id")
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/id'
 
     def test_bulk_delete_pointers_no_data(self):
         res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must contain array of resource identifier objects.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must contain array of resource identifier objects.'
 
     def test_bulk_delete_pointers_payload_is_empty_dict(self):
         res = self.app.delete_json_api(self.public_url, {}, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /data.'
 
     def test_cannot_delete_if_registration(self):
         registration = RegistrationFactory(project=self.public_project)
@@ -853,22 +858,22 @@ def test_cannot_delete_if_registration(self):
         url = '/{}registrations/{}/node_links/'.format(API_BASE, registration._id)
 
         res = self.app.delete_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 405)
+        assert res.status_code == 405
 
     def test_bulk_deletes_public_node_pointers_logged_out(self):
         res = self.app.delete_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
     def test_bulk_deletes_public_node_pointers_fails_if_bad_auth(self):
         node_count_before = len(self.public_project.nodes_pointer)
         res = self.app.delete_json_api(self.public_url, self.public_payload,
                                        auth=self.user_two.auth, expect_errors=True, bulk=True)
         # This is could arguably be a 405, but we don't need to go crazy with status codes
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
         self.public_project.reload()
-        assert_equal(node_count_before, len(self.public_project.nodes_pointer))
+        assert node_count_before == len(self.public_project.nodes_pointer)
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1)
@@ -876,55 +881,55 @@ def test_bulk_deletes_public_node_pointers_succeeds_as_owner(self):
         node_count_before = len(self.public_project.nodes_pointer)
         res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
         self.public_project.reload()
-        assert_equal(res.status_code, 204)
-        assert_equal(node_count_before - 2, len(self.public_project.nodes_pointer))
+        assert res.status_code == 204
+        assert node_count_before - 2 == len(self.public_project.nodes_pointer)
 
         self.public_project.reload()
 
     def test_bulk_deletes_private_node_pointers_logged_out(self):
         res = self.app.delete_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1)
     @assert_logs(NodeLog.POINTER_REMOVED, 'project')
     def test_bulk_deletes_private_node_pointers_logged_in_contributor(self):
         res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
         self.project.reload()  # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
-        assert_equal(len(self.project.nodes_pointer), 0)
+        assert res.status_code == 204
+        assert len(self.project.nodes_pointer) == 0
 
     def test_bulk_deletes_private_node_pointers_logged_in_non_contributor(self):
         res = self.app.delete_json_api(self.private_url, self.private_payload,
                                        auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_in('detail', res.json['errors'][0])
+        assert res.status_code == 403
+        assert 'detail' in res.json['errors'][0]
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1)
     @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
     def test_return_bulk_deleted_public_node_pointer(self):
         res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
         self.public_project.reload()  # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
         pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id)
 
         #check that deleted pointer can not be returned
         res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1)
     @assert_logs(NodeLog.POINTER_REMOVED, 'project')
     def test_return_bulk_deleted_private_node_pointer(self):
         res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
         self.project.reload()  # Update the model to reflect changes made by post request
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
         pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id)
 
         #check that deleted pointer can not be returned
         res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        assert res.status_code == 404
 
     # Regression test for https://openscience.atlassian.net/browse/OSF-4322
     def test_bulk_delete_link_that_is_not_linked_to_correct_node(self):
@@ -936,8 +941,8 @@ def test_bulk_delete_link_that_is_not_linked_to_correct_node(self):
             expect_errors=True,
             bulk=True
         )
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
         errors = res.json['errors']
-        assert_equal(len(errors), 1)
-        assert_equal(errors[0]['detail'], 'Node link does not belong to the requested node.')
+        assert len(errors) == 1
+        assert errors[0]['detail'] == 'Node link does not belong to the requested node.'
 
diff --git a/api_tests/nodes/views/test_node_logs.py b/api_tests/nodes/views/test_node_logs.py
index a807dc425d7..2fb28c70e9a 100644
--- a/api_tests/nodes/views/test_node_logs.py
+++ b/api_tests/nodes/views/test_node_logs.py
@@ -1,31 +1,31 @@
+import pytest
 import urlparse
-
 import pytz
-from nose.tools import *  # flake8: noqa
+import datetime
+
 from dateutil.parser import parse as parse_date
-import pytest
 
 from framework.auth.core import Auth
 from website.models import NodeLog
 from website.util import disconnected_from_listeners
 from website.project.signals import contributor_removed
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase, assert_datetime_equal
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
 )
-import datetime
-
 
 API_LATEST = 0
 API_FIRST = -1
 
+@pytest.mark.django_db
+class TestNodeLogList:
 
-class TestNodeLogList(ApiTestCase):
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeLogList, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.contrib = AuthUserFactory()
         self.creator = AuthUserFactory()
@@ -41,112 +41,112 @@ def setUp(self):
 
     def test_add_tag(self):
         user_auth = Auth(self.user)
-        self.public_project.add_tag("Jeff Spies", auth=user_auth)
-        assert_equal("tag_added", self.public_project.logs.latest().action)
+        self.public_project.add_tag('Jeff Spies', auth=user_auth)
+        assert 'tag_added' == self.public_project.logs.latest().action
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_added')
-        assert_equal("Jeff Spies", self.public_project.logs.latest().params['tag'])
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'tag_added'
+        assert 'Jeff Spies' == self.public_project.logs.latest().params['tag']
 
     def test_remove_tag(self):
         user_auth = Auth(self.user)
-        self.public_project.add_tag("Jeff Spies", auth=user_auth)
-        assert_equal("tag_added", self.public_project.logs.latest().action)
-        self.public_project.remove_tag("Jeff Spies", auth=self.user_auth)
-        assert_equal("tag_removed", self.public_project.logs.latest().action)
+        self.public_project.add_tag('Jeff Spies', auth=user_auth)
+        assert 'tag_added' == self.public_project.logs.latest().action
+        self.public_project.remove_tag('Jeff Spies', auth=self.user_auth)
+        assert 'tag_removed' == self.public_project.logs.latest().action
         res = self.app.get(self.public_url, auth=self.user)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'tag_removed')
-        assert_equal("Jeff Spies", self.public_project.logs.latest().params['tag'])
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'tag_removed'
+        assert 'Jeff Spies' == self.public_project.logs.latest().params['tag']
 
     def test_project_created(self):
         res = self.app.get(self.public_url)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(self.public_project.logs.first().action, 'project_created')
-        assert_equal(self.public_project.logs.first().action, res.json['data'][API_LATEST]['attributes']['action'])
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert self.public_project.logs.first().action == 'project_created'
+        assert self.public_project.logs.first().action == res.json['data'][API_LATEST]['attributes']['action']
 
     def test_log_create_on_public_project(self):
         res = self.app.get(self.public_url)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
         assert_datetime_equal(parse_date(res.json['data'][API_FIRST]['attributes']['date']),
                               self.public_project.logs.first().date)
-        assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.public_project.logs.first().action)
+        assert res.json['data'][API_FIRST]['attributes']['action'] == self.public_project.logs.first().action
 
     def test_log_create_on_private_project(self):
         res = self.app.get(self.private_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
         assert_datetime_equal(parse_date(res.json['data'][API_FIRST]['attributes']['date']),
                               self.private_project.logs.first().date)
-        assert_equal(res.json['data'][API_FIRST]['attributes']['action'], self.private_project.logs.first().action)
+        assert res.json['data'][API_FIRST]['attributes']['action'] == self.private_project.logs.first().action
 
     def test_add_addon(self):
         self.public_project.add_addon('github', auth=self.user_auth)
-        assert_equal('addon_added', self.public_project.logs.latest().action)
+        assert 'addon_added' == self.public_project.logs.latest().action
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_added')
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'addon_added'
 
     def test_project_add_remove_contributor(self):
         self.public_project.add_contributor(self.contrib, auth=self.user_auth)
-        assert_equal('contributor_added', self.public_project.logs.latest().action)
+        assert 'contributor_added' == self.public_project.logs.latest().action
         # Disconnect contributor_removed so that we don't check in files
         # We can remove this when StoredFileNode is implemented in osf-models
         with disconnected_from_listeners(contributor_removed):
             self.public_project.remove_contributor(self.contrib, auth=self.user_auth)
-        assert_equal('contributor_removed', self.public_project.logs.latest().action)
+        assert 'contributor_removed' == self.public_project.logs.latest().action
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'contributor_removed')
-        assert_equal(res.json['data'][1]['attributes']['action'], 'contributor_added')
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed'
+        assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
 
     def test_remove_addon(self):
         self.public_project.add_addon('github', auth=self.user_auth)
-        assert_equal('addon_added', self.public_project.logs.latest().action)
+        assert 'addon_added' == self.public_project.logs.latest().action
         old_log_length = len(list(self.public_project.logs.all()))
         self.public_project.delete_addon('github', auth=self.user_auth)
-        assert_equal('addon_removed', self.public_project.logs.latest().action)
-        assert_equal((self.public_project.logs.count() - 1), old_log_length)
+        assert 'addon_removed' == self.public_project.logs.latest().action
+        assert (self.public_project.logs.count() - 1) == old_log_length
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'addon_removed')
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'addon_removed'
 
     def test_add_pointer(self):
         self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True)
-        assert_equal('pointer_created', self.public_project.logs.latest().action)
+        assert 'pointer_created' == self.public_project.logs.latest().action
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), self.public_project.logs.count())
-        assert_equal(res.json['data'][API_LATEST]['attributes']['action'], 'pointer_created')
-
+        assert res.status_code == 200
+        assert len(res.json['data']) == self.public_project.logs.count()
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'pointer_created'
 
+@pytest.mark.django_db
 class TestNodeLogFiltering(TestNodeLogList):
 
     def test_filter_action_not_equal(self):
-        self.public_project.add_tag("Jeff Spies", auth=self.user_auth)
-        assert_equal("tag_added", self.public_project.logs.latest().action)
+        self.public_project.add_tag('Jeff Spies', auth=self.user_auth)
+        assert 'tag_added' == self.public_project.logs.latest().action
         url = '/{}nodes/{}/logs/?filter[action][ne]=tag_added'.format(API_BASE, self.public_project._id)
         res = self.app.get(url, auth=self.user.auth)
-        assert_equal(len(res.json['data']), 1)
-        assert_equal(res.json['data'][0]['attributes']['action'], 'project_created')
+        assert len(res.json['data']) == 1
+        assert res.json['data'][0]['attributes']['action'] == 'project_created'
 
     def test_filter_date_not_equal(self):
         self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True)
-        assert_equal('pointer_created', self.public_project.logs.latest().action)
-        assert_equal(self.public_project.logs.count(), 2)
+        assert 'pointer_created' == self.public_project.logs.latest().action
+        assert self.public_project.logs.count() == 2
 
         pointer_added_log = self.public_project.logs.get(action='pointer_created')
         date_pointer_added = str(pointer_added_log.date).split('+')[0].replace(' ', 'T')
 
         url = '/{}nodes/{}/logs/?filter[date][ne]={}'.format(API_BASE, self.public_project._id, date_pointer_added)
         res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 1)
-        assert_equal(res.json['data'][0]['attributes']['action'], 'project_created')
+        assert res.status_code == 200
+        assert len(res.json['data']) == 1
+        assert res.json['data'][0]['attributes']['action'] == 'project_created'

From 30fbcf2a4b9c9c36b9cd6a1adbe01f1365a0e1a1 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 14:38:28 -0400
Subject: [PATCH 027/163] converted more simple node test files to pytest

---
 .../views/test_node_registrations_list.py     |  55 +++++-----
 .../views/test_node_view_only_links_detail.py |  84 +++++++-------
 .../views/test_node_view_only_links_list.py   |  87 ++++++++-------
 .../views/test_view_only_query_parameter.py   | 103 +++++++++---------
 4 files changed, 169 insertions(+), 160 deletions(-)

diff --git a/api_tests/nodes/views/test_node_registrations_list.py b/api_tests/nodes/views/test_node_registrations_list.py
index 4f13c54650f..8c8c251e850 100644
--- a/api_tests/nodes/views/test_node_registrations_list.py
+++ b/api_tests/nodes/views/test_node_registrations_list.py
@@ -1,8 +1,8 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
 from urlparse import urlparse
-from api.base.settings.defaults import API_BASE
 
+from api.base.settings.defaults import API_BASE
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
@@ -10,13 +10,14 @@
     AuthUserFactory,
 )
 
-
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.mark.django_db
+class TestNodeRegistrationList:
 
-class TestNodeRegistrationList(ApiTestCase):
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(TestNodeRegistrationList, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
 
         self.project = ProjectFactory(is_public=False, creator=self.user)
@@ -31,34 +32,36 @@ def setUp(self):
 
         self.user_two = AuthUserFactory()
 
-    def test_return_public_registrations_logged_out(self):
+    def test_node_registration_list(self):
+
+    #   test_return_public_registrations_logged_out
         res = self.app.get(self.public_url)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
-        assert_equal(res.json['data'][0]['attributes']['registration'], True)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
+        assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id))
-        assert_equal(res.json['data'][0]['type'], 'registrations')
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
+        assert res.json['data'][0]['type'] == 'registrations'
 
-    def test_return_public_registrations_logged_in(self):
+    #   test_return_public_registrations_logged_in
         res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data'][0]['attributes']['registration'], True)
+        assert res.status_code == 200
+        assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.public_project._id))
-        assert_equal(res.content_type, 'application/vnd.api+json')
-        assert_equal(res.json['data'][0]['type'], 'registrations')
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
+        assert res.content_type == 'application/vnd.api+json'
+        assert res.json['data'][0]['type'] == 'registrations'
 
-    def test_return_private_registrations_logged_out(self):
+    #   test_return_private_registrations_logged_out
         res = self.app.get(self.private_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-    def test_return_private_registrations_logged_in_contributor(self):
+    #   test_return_private_registrations_logged_in_contributor
         res = self.app.get(self.private_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data'][0]['attributes']['registration'], True)
+        assert res.status_code == 200
+        assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert_equal(urlparse(url).path, '/{}nodes/{}/'.format(API_BASE, self.project._id))
-        assert_equal(res.content_type, 'application/vnd.api+json')
-        assert_equal(res.json['data'][0]['type'], 'registrations')
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.project._id)
+        assert res.content_type == 'application/vnd.api+json'
+        assert res.json['data'][0]['type'] == 'registrations'
diff --git a/api_tests/nodes/views/test_node_view_only_links_detail.py b/api_tests/nodes/views/test_node_view_only_links_detail.py
index da6869e6541..e40b08b8fc3 100644
--- a/api_tests/nodes/views/test_node_view_only_links_detail.py
+++ b/api_tests/nodes/views/test_node_view_only_links_detail.py
@@ -1,55 +1,56 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from api.base.settings.defaults import API_BASE
-
 from website.util import permissions
-
 from test_node_view_only_links_list import ViewOnlyLinkTestCase
-
 from osf_tests.factories import NodeFactory, AuthUserFactory
 
-
+@pytest.mark.django_db
 class TestViewOnlyLinksDetail(ViewOnlyLinkTestCase):
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
         super(TestViewOnlyLinksDetail, self).setUp()
         self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
 
-    def test_admin_can_view_vol_detail(self):
+    def test_non_mutating_view_only_links_detail_tests(self):
+
+    #   test_admin_can_view_vol_detail
         res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['name'], 'testlink')
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['name'] == 'testlink'
 
-    def test_read_write_cannot_view_vol_detail(self):
+    #   test_read_write_cannot_view_vol_detail
         res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_read_only_cannot_view_vol_detail(self):
+    #   test_read_only_cannot_view_vol_detail
         res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_logged_in_user_cannot_view_vol_detail(self):
+    #   test_logged_in_user_cannot_view_vol_detail
         res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_view_vol_detail(self):
+    #   test_unauthenticated_user_cannot_view_vol_detail
         res = self.app.get(self.url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
 
     def test_deleted_vol_not_returned(self):
         res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['name'], 'testlink')
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['name'] == 'testlink'
 
         self.view_only_link.nodes.remove(self.public_project)
         self.view_only_link.save()
 
         res = self.app.get(self.url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-
+        assert res.status_code == 404
 
+@pytest.mark.django_db
 class TestViewOnlyLinksUpdate(ViewOnlyLinkTestCase):
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
         super(TestViewOnlyLinksUpdate, self).setUp()
         self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
@@ -61,8 +62,8 @@ def setUp(self):
         self.public_project_component.save()
 
     def test_admin_can_update_vol_name(self):
-        assert_equal(self.view_only_link.name, 'testlink')
-        assert_equal(self.view_only_link.anonymous, False)
+        assert self.view_only_link.name == 'testlink'
+        assert self.view_only_link.anonymous == False
 
         payload = {
             'attributes': {
@@ -71,13 +72,13 @@ def test_admin_can_update_vol_name(self):
         }
         res = self.app.put_json_api(self.url, {'data': payload}, auth=self.user.auth)
 
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['name'], 'updated vol name')
-        assert_equal(res.json['data']['attributes']['anonymous'], False)
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['name'] == 'updated vol name'
+        assert res.json['data']['attributes']['anonymous'] == False
 
     def test_admin_can_update_vol_anonymous(self):
-        assert_equal(self.view_only_link.name, 'testlink')
-        assert_equal(self.view_only_link.anonymous, False)
+        assert self.view_only_link.name == 'testlink'
+        assert self.view_only_link.anonymous == False
 
         payload = {
             'attributes': {
@@ -86,9 +87,9 @@ def test_admin_can_update_vol_anonymous(self):
         }
         res = self.app.put_json_api(self.url, {'data': payload}, auth=self.user.auth)
 
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['name'], 'testlink')
-        assert_equal(res.json['data']['attributes']['anonymous'], True)
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['name'] == 'testlink'
+        assert res.json['data']['attributes']['anonymous'] == True
 
     def test_read_write_cannot_update_vol(self):
         payload = {
@@ -98,7 +99,7 @@ def test_read_write_cannot_update_vol(self):
             }
         }
         res = self.app.put_json_api(self.url, {'data': payload}, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_read_only_cannot_update_vol(self):
         payload = {
@@ -108,7 +109,7 @@ def test_read_only_cannot_update_vol(self):
             }
         }
         res = self.app.put_json_api(self.url, {'data': payload}, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_logged_in_user_cannot_update_vol(self):
         payload = {
@@ -118,7 +119,7 @@ def test_logged_in_user_cannot_update_vol(self):
             }
         }
         res = self.app.put_json_api(self.url, {'data': payload}, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_unauthenticated_user_cannot_update_vol(self):
         payload = {
@@ -128,11 +129,12 @@ def test_unauthenticated_user_cannot_update_vol(self):
             }
         }
         res = self.app.put_json_api(self.url, {'data': payload}, expect_errors=True)
-        assert_equal(res.status_code, 401)
-
+        assert res.status_code == 401
 
+@pytest.mark.django_db
 class TestViewOnlyLinksDelete(ViewOnlyLinkTestCase):
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
         super(TestViewOnlyLinksDelete, self).setUp()
         self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
@@ -140,21 +142,21 @@ def setUp(self):
     def test_admin_can_delete_vol(self):
         res = self.app.delete(self.url, auth=self.user.auth)
         self.view_only_link.reload()
-        assert_equal(res.status_code, 204)
-        assert_equal(self.view_only_link.is_deleted, True)
+        assert res.status_code == 204
+        assert self.view_only_link.is_deleted == True
 
     def test_read_write_cannot_delete_vol(self):
         res = self.app.delete(self.url, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_read_only_cannot_delete_vol(self):
         res = self.app.delete(self.url, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_logged_in_user_cannot_delete_vol(self):
         res = self.app.delete(self.url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_unauthenticated_user_cannot_delete_vol(self):
         res = self.app.delete(self.url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
diff --git a/api_tests/nodes/views/test_node_view_only_links_list.py b/api_tests/nodes/views/test_node_view_only_links_list.py
index 72ee9b59fce..ea4642509e1 100644
--- a/api_tests/nodes/views/test_node_view_only_links_list.py
+++ b/api_tests/nodes/views/test_node_view_only_links_list.py
@@ -1,9 +1,8 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from website.util import permissions
-
 from api.base.settings.defaults import API_BASE
-
+from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
@@ -12,10 +11,10 @@
 )
 
 
-class ViewOnlyLinkTestCase(ApiTestCase):
+class ViewOnlyLinkTestCase(object):
 
     def setUp(self):
-        super(ViewOnlyLinkTestCase, self).setUp()
+        self.app = JSONAPITestApp()
         self.user = AuthUserFactory()
         self.read_only_user = AuthUserFactory()
         self.read_write_user = AuthUserFactory()
@@ -30,35 +29,38 @@ def setUp(self):
         self.view_only_link.nodes.add(self.public_project)
         self.view_only_link.save()
 
-
+@pytest.mark.django_db
 class TestViewOnlyLinksList(ViewOnlyLinkTestCase):
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
         super(TestViewOnlyLinksList, self).setUp()
         self.url = '/{}nodes/{}/view_only_links/'.format(API_BASE, self.public_project._id)
 
-    def test_admin_can_view_vols_list(self):
+    def test_non_mutating_view_only_links_list_tests(self):
+
+    #   test_admin_can_view_vols_list
         res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         data = res.json['data']
-        assert_equal(len(data), 1)
-        assert_equal(data[0]['attributes']['name'], 'testlink')
+        assert len(data) == 1
+        assert data[0]['attributes']['name'] == 'testlink'
 
-    def test_read_write_cannot_view_vols_list(self):
+    #   test_read_write_cannot_view_vols_list
         res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_read_only_cannot_view_vols_list(self):
+    #   test_read_only_cannot_view_vols_list
         res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_logged_in_user_cannot_view_vols_list(self):
+    #   test_logged_in_user_cannot_view_vols_list
         res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_view_vols_list(self):
+    #   test_unauthenticated_user_cannot_view_vols_list
         res = self.app.get(self.url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
 
     def test_deleted_vols_not_returned(self):
         view_only_link = PrivateLinkFactory(name='testlink2')
@@ -67,20 +69,21 @@ def test_deleted_vols_not_returned(self):
 
         res = self.app.get(self.url, auth=self.user.auth)
         data = res.json['data']
-        assert_equal(res.status_code, 200)
-        assert_equal(len(data), 2)
+        assert res.status_code == 200
+        assert len(data) == 2
 
         view_only_link.nodes.remove(self.public_project)
         view_only_link.save()
 
         res = self.app.get(self.url, auth=self.user.auth)
         data = res.json['data']
-        assert_equal(res.status_code, 200)
-        assert_equal(len(data), 1)
-
+        assert res.status_code == 200
+        assert len(data) == 1
 
+@pytest.mark.django_db
 class TestViewOnlyLinksCreate(ViewOnlyLinkTestCase):
 
+    @pytest.fixture(autouse=True)
     def setUp(self):
         super(TestViewOnlyLinksCreate, self).setUp()
         self.url = '/{}nodes/{}/view_only_links/'.format(API_BASE, self.public_project._id)
@@ -93,8 +96,8 @@ def test_invalid_vol_name(self):
             }
         }
         res = self.app.post_json_api(self.url, {'data': payload}, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Invalid link name.')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Invalid link name.'
 
     def test_default_anonymous_not_in_payload(self):
         url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
@@ -104,11 +107,11 @@ def test_default_anonymous_not_in_payload(self):
             }
         }
         res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
         data = res.json['data']
-        assert_equal(data['attributes']['name'], 'testlink')
-        assert_equal(data['attributes']['anonymous'], False)
-        assert_equal(data['embeds']['creator']['data']['id'], self.user._id)
+        assert data['attributes']['name'] == 'testlink'
+        assert data['attributes']['anonymous'] == False
+        assert data['embeds']['creator']['data']['id'] == self.user._id
 
     def test_default_name_not_in_payload(self):
         url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
@@ -118,11 +121,11 @@ def test_default_name_not_in_payload(self):
             }
         }
         res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
         data = res.json['data']
-        assert_equal(data['attributes']['name'], 'Shared project link')
-        assert_equal(data['attributes']['anonymous'], False)
-        assert_equal(data['embeds']['creator']['data']['id'], self.user._id)
+        assert data['attributes']['name'] == 'Shared project link'
+        assert data['attributes']['anonymous'] == False
+        assert data['embeds']['creator']['data']['id'] == self.user._id
 
     def test_admin_can_create_vol(self):
         url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
@@ -133,12 +136,12 @@ def test_admin_can_create_vol(self):
             }
         }
         res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(self.public_project.private_links.count(), 2)
+        assert res.status_code == 201
+        assert self.public_project.private_links.count() == 2
         data = res.json['data']
-        assert_equal(data['attributes']['name'], 'testlink')
-        assert_equal(data['attributes']['anonymous'], True)
-        assert_equal(data['embeds']['creator']['data']['id'], self.user._id)
+        assert data['attributes']['name'] == 'testlink'
+        assert data['attributes']['anonymous'] == True
+        assert data['embeds']['creator']['data']['id'] == self.user._id
 
     def test_read_write_cannot_create_vol(self):
         payload = {
@@ -148,7 +151,7 @@ def test_read_write_cannot_create_vol(self):
             }
         }
         res = self.app.post_json_api(self.url, {'data': payload}, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_read_only_cannot_create_vol(self):
         payload = {
@@ -158,7 +161,7 @@ def test_read_only_cannot_create_vol(self):
             }
         }
         res = self.app.post_json_api(self.url, {'data': payload}, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_logged_in_user_cannot_create_vol(self):
         payload = {
@@ -168,7 +171,7 @@ def test_logged_in_user_cannot_create_vol(self):
             }
         }
         res = self.app.post_json_api(self.url, {'data': payload}, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
     def test_unauthenticated_user_cannot_create_vol(self):
         payload = {
@@ -178,4 +181,4 @@ def test_unauthenticated_user_cannot_create_vol(self):
             }
         }
         res = self.app.post_json_api(self.url, {'data': payload}, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
diff --git a/api_tests/nodes/views/test_view_only_query_parameter.py b/api_tests/nodes/views/test_view_only_query_parameter.py
index 7b057e375cb..11186c3f4c6 100644
--- a/api_tests/nodes/views/test_view_only_query_parameter.py
+++ b/api_tests/nodes/views/test_view_only_query_parameter.py
@@ -1,20 +1,21 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from website.util import permissions
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
-
+from tests.json_api_test_app import JSONAPITestApp
+from website.models import Node
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
     PrivateLinkFactory,
 )
-from website.models import Node
 
+class ViewOnlyTestCase(object):
 
-class ViewOnlyTestCase(ApiTestCase):
+    @pytest.fixture(autouse=True)
     def setUp(self):
-        super(ViewOnlyTestCase, self).setUp()
+        self.app = JSONAPITestApp()
         self.creation_user = AuthUserFactory()
         self.viewing_user = AuthUserFactory()
         self.contributing_read_user = AuthUserFactory()
@@ -57,14 +58,14 @@ def setUp(self):
         self.public_node_two.add_contributor(self.contributing_write_user, permissions=[permissions.WRITE], save=True)
         self.public_node_two_url = '/{}nodes/{}/'.format(API_BASE, self.public_node_two._id)
 
-
+@pytest.mark.django_db
 class TestNodeDetailViewOnlyLinks(ViewOnlyTestCase):
 
     def test_private_node_with_link_works_when_using_link(self):
         res_normal = self.app.get(self.private_node_one_url, auth=self.contributing_read_user.auth)
-        assert_equal(res_normal.status_code, 200)
+        assert res_normal.status_code == 200
         res_linked = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
-        assert_equal(res_linked.status_code, 200)
+        assert res_linked.status_code == 200
         assert_items_equal(res_linked.json['data']['attributes']['current_user_permissions'], ['read'])
 
         # Remove any keys that will be different for view-only responses
@@ -73,71 +74,71 @@ def test_private_node_with_link_works_when_using_link(self):
         user_can_comment = res_normal_json['data']['attributes'].pop('current_user_can_comment')
         view_only_can_comment = res_linked_json['data']['attributes'].pop('current_user_can_comment')
 
-        assert_true(user_can_comment)
-        assert_false(view_only_can_comment)
+        assert user_can_comment
+        assert not view_only_can_comment
 
     def test_private_node_with_link_unauthorized_when_not_using_link(self):
         res = self.app.get(self.private_node_one_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
 
     def test_private_node_with_link_anonymous_does_not_expose_contributor_id(self):
         res = self.app.get(self.private_node_one_url, {
             'view_only': self.private_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_equal(contributor['id'], '')
+            assert contributor['id'] == ''
 
     def test_private_node_with_link_non_anonymous_does_expose_contributor_id(self):
         res = self.app.get(self.private_node_one_url, {
             'view_only': self.private_node_one_private_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_in(contributor['id'].split('-')[1], self.valid_contributors)
+            assert contributor['id'].split('-')[1] in self.valid_contributors
 
     def test_private_node_logged_in_with_anonymous_link_does_not_expose_contributor_id(self):
         res = self.app.get(self.private_node_one_url, {
             'view_only': self.private_node_one_private_link.key,
             'embed': 'contributors',
         }, auth=self.creation_user.auth)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_in(contributor['id'].split('-')[1], self.valid_contributors)
+            assert contributor['id'].split('-')[1] in self.valid_contributors
 
     def test_public_node_with_link_anonymous_does_not_expose_user_id(self):
         res = self.app.get(self.public_node_one_url, {
             'view_only': self.public_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_equal(contributor['id'], '')
+            assert contributor['id'] == ''
 
     def test_public_node_with_link_non_anonymous_does_expose_contributor_id(self):
         res = self.app.get(self.public_node_one_url, {
             'view_only': self.public_node_one_private_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_in(contributor['id'].split('-')[1], self.valid_contributors)
+            assert contributor['id'].split('-')[1] in self.valid_contributors
 
     def test_public_node_with_link_unused_does_expose_contributor_id(self):
         res = self.app.get(self.public_node_one_url, {
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert_in(contributor['id'].split('-')[1], self.valid_contributors)
+            assert contributor['id'].split('-')[1] in self.valid_contributors
 
     def test_view_only_link_does_not_grant_write_permission(self):
         payload = {
@@ -151,106 +152,106 @@ def test_view_only_link_does_not_grant_write_permission(self):
         res = self.app.patch_json_api(self.private_node_one_url, payload, {
             'view_only': self.private_node_one_private_link.key,
         }, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
 
     def test_view_only_link_from_anther_project_does_not_grant_view_permission(self):
         res = self.app.get(self.private_node_one_url, {
             'view_only': self.public_node_one_private_link.key,
         }, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
 
     def test_private_project_logs_with_anonymous_link_does_not_expose_user_id(self):
         res = self.app.get(self.private_node_one_url+'logs/', {
             'view_only': str(self.private_node_one_anonymous_link.key),
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         body = res.body
-        assert_not_in(self.contributing_write_user._id, body)
-        assert_not_in(self.contributing_read_user._id, body)
-        assert_not_in(self.creation_user._id, body)
+        assert self.contributing_write_user._id not in body
+        assert self.contributing_read_user._id not in body
+        assert self.creation_user._id not in body
 
     def test_private_project_with_anonymous_link_does_not_expose_registrations_or_forks(self):
         res = self.app.get(self.private_node_one_url, {
             'view_only': self.private_node_one_anonymous_link.key,
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         relationships = res.json['data']['relationships']
         if 'embeds' in res.json['data']:
             embeds = res.json['data']['embeds']
         else:
             embeds = {}
-        assert_not_in('registrations', relationships)
-        assert_not_in('forks', relationships, 'Add forks view to blacklist in hide_view_when_anonymous().')
-        assert_not_in('registrations', embeds)
-        assert_not_in('forks', embeds, 'Add forks view to blacklist in hide_view_when_anonymous().')
+        assert 'registrations' not in relationships
+        assert 'forks' not in relationships, 'Add forks view to blacklist in hide_view_when_anonymous().'
+        assert 'registrations' not in embeds
+        assert 'forks' not in embeds, 'Add forks view to blacklist in hide_view_when_anonymous().'
 
     def test_bad_view_only_link_does_not_modify_permissions(self):
         res = self.app.get(self.private_node_one_url+'logs/', {
             'view_only': 'thisisnotarealprivatekey',
         }, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        assert res.status_code == 401
         res = self.app.get(self.private_node_one_url+'logs/', {
             'view_only': 'thisisnotarealprivatekey',
         }, auth=self.creation_user.auth)
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
 
     def test_view_only_key_in_relationships_links(self):
         res = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         res_relationships = res.json['data']['relationships']
         for key, value in res_relationships.iteritems():
             if value['links'].get('related'):
-                assert_in(self.private_node_one_private_link.key, value['links']['related']['href'])
+                assert self.private_node_one_private_link.key in value['links']['related']['href']
             if value['links'].get('self'):
-                assert_in(self.private_node_one_private_link.key, value['links']['self']['href'])
+                assert self.private_node_one_private_link.key in value['links']['self']['href']
 
     def test_view_only_key_in_self_and_html_links(self):
         res = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         links = res.json['data']['links']
-        assert_in(self.private_node_one_private_link.key, links['self'])
-        assert_in(self.private_node_one_private_link.key, links['html'])
-
+        assert self.private_node_one_private_link.key in links['self']
+        assert self.private_node_one_private_link.key in links['html']
 
+@pytest.mark.django_db
 class TestNodeListViewOnlyLinks(ViewOnlyTestCase):
 
     def test_private_link_does_not_show_node_in_list(self):
         res = self.app.get('/{}nodes/'.format(API_BASE), {
             'view_only': self.private_node_one_private_link.key,
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         nodes = res.json['data']
         node_ids = []
         for node in nodes:
             node_ids.append(node['id'])
-        assert_not_in(self.private_node_one._id, node_ids)
+        assert self.private_node_one._id not in node_ids
 
     def test_anonymous_link_does_not_show_contributor_id_in_node_list(self):
         res = self.app.get('/{}nodes/'.format(API_BASE), {
             'view_only': self.private_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         nodes = res.json['data']
         assertions = 0
         for node in nodes:
             contributors = node['embeds']['contributors']['data']
             for contributor in contributors:
                 assertions += 1
-                assert_equal(contributor['id'], '')
-        assert_not_equal(assertions, 0)
+                assert contributor['id'] == ''
+        assert assertions != 0
 
     def test_non_anonymous_link_does_show_contributor_id_in_node_list(self):
         res = self.app.get('/{}nodes/'.format(API_BASE), {
             'view_only': self.private_node_one_private_link.key,
             'embed': 'contributors',
         })
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         nodes = res.json['data']
         assertions = 0
         for node in nodes:
             contributors = node['embeds']['contributors']['data']
             for contributor in contributors:
                 assertions += 1
-                assert_in(contributor['id'].split('-')[1], self.valid_contributors)
-        assert_not_equal(assertions, 0)
+                assert contributor['id'].split('-')[1] in self.valid_contributors
+        assert assertions != 0

From e2f95ca8f3eb98e3a1b453e3ab70fcceb3dbe203 Mon Sep 17 00:00:00 2001
From: Nesiehr <rheisen@cataclysm.io>
Date: Wed, 24 May 2017 14:50:26 -0400
Subject: [PATCH 028/163] readied (object) to mixing class

---
 api_tests/preprints/filters/test_filters.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api_tests/preprints/filters/test_filters.py b/api_tests/preprints/filters/test_filters.py
index fd55762aaff..20a699f1ee7 100644
--- a/api_tests/preprints/filters/test_filters.py
+++ b/api_tests/preprints/filters/test_filters.py
@@ -10,7 +10,7 @@
 )
 
 @pytest.mark.django_db
-class PreprintsListFilteringMixin:
+class PreprintsListFilteringMixin(object):
     def setUp(self):
         assert self.user, 'Subclasses of PreprintsListFilteringMixin must define self.user'
         assert self.provider_one, 'Subclasses of PreprintsListFilteringMixin must define self.provider_one'

From 1ed1e2693fae35668bfa293c4e920f22b1e79388 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Thu, 25 May 2017 09:17:32 -0400
Subject: [PATCH 029/163] Remove anonymous contributors if no user

---
 website/static/js/filepage/revisions.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/static/js/filepage/revisions.js b/website/static/js/filepage/revisions.js
index d789f1668a3..d5ab8f15109 100644
--- a/website/static/js/filepage/revisions.js
+++ b/website/static/js/filepage/revisions.js
@@ -129,11 +129,11 @@ var FileRevisionsTable = {
                   m('a', {href: parseInt(revision.displayVersion) === model.revisions.length ? self.baseUrl : revision.osfViewUrl}, revision.displayVersion)
                 ),
                 model.hasDate ? m('td', revision.displayDate) : false,
-                model.hasUser && !window.contextVars.node.anonymous ?
+                model.hasUser ? window.contextVars.node.anonymous ? m('td', 'Anonymous Contributor') :
                     m('td', revision.extra.user.url ?
                             m('a', {href: revision.extra.user.url}, revision.extra.user.name) :
                             revision.extra.user.name
-                    ) : m('td', 'Anonymous Contributor'),
+                    ) : false,
                 m('td', revision.extra.downloads > -1 ? m('.badge', revision.extra.downloads) : ''),
                 m('td',
                     m('a.btn.btn-primary.btn-sm.file-download', {

From ad6025c809c4cb0e2bf86a30b62c00e9efdd8452 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 31 May 2017 10:53:25 -0400
Subject: [PATCH 030/163] Add newComponent button to same mithril redraw loop
 as treebeard filebrowser

---
 website/static/js/pages/project-dashboard-page.js | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/website/static/js/pages/project-dashboard-page.js b/website/static/js/pages/project-dashboard-page.js
index a63cd019f11..3dae288a37b 100644
--- a/website/static/js/pages/project-dashboard-page.js
+++ b/website/static/js/pages/project-dashboard-page.js
@@ -122,9 +122,8 @@ $(document).ready(function () {
         currentUserCanEdit: window.contextVars.currentUser.canEdit
     });
     var newComponentElem = document.getElementById('newComponent');
-    if (newComponentElem) {
-        m.mount(newComponentElem, AddComponentButton);
-    }
+
+    m.startComputation();
 
     if (ctx.node.institutions.length && !ctx.node.anonymous && !ctx.node.isRetracted) {
         m.mount(document.getElementById('instLogo'), m.component(institutionLogos, {institutions: window.contextVars.node.institutions}));
@@ -201,7 +200,16 @@ $(document).ready(function () {
                 }
             };
             var filebrowser = new Fangorn(fangornOpts);
+            if (newComponentElem) {
+                m.mount(newComponentElem, AddComponentButton);
+            };
+            m.endComputation();
         });
+    } else {
+        if (newComponentElem) {
+            m.mount(newComponentElem, AddComponentButton);
+        };
+        m.endComputation();
     }
 
     // Tooltips

From b560a792065bb58a6063ed09677a1d59e720542e Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerrysun@Admins-MacBook-Air.local>
Date: Wed, 31 May 2017 15:52:42 -0400
Subject: [PATCH 031/163] pytest update finished for files

---
 .../files/serializers/test_file_serializer.py |  72 +-
 api_tests/files/views/test_file_detail.py     | 852 +++++++++---------
 api_tests/files/views/test_file_list.py       | 215 +++--
 3 files changed, 605 insertions(+), 534 deletions(-)

diff --git a/api_tests/files/serializers/test_file_serializer.py b/api_tests/files/serializers/test_file_serializer.py
index 426ca93a044..7ce7537a467 100644
--- a/api_tests/files/serializers/test_file_serializer.py
+++ b/api_tests/files/serializers/test_file_serializer.py
@@ -1,48 +1,66 @@
 # -*- coding: utf-8 -*-
+import pytest
 from datetime import datetime
-from nose.tools import *  # flake8: noqa
 from pytz import utc
 
-from osf_tests import factories
+from osf_tests.factories import UserFactory, NodeFactory
 from tests.base import DbTestCase
 from tests.utils import make_drf_request_with_version
-
 from api.files.serializers import FileSerializer
-
 from api_tests import utils
 
+@pytest.fixture()
+def user():
+    return UserFactory()
+
+@pytest.mark.django_db
+class TestFileSerializer:
+
+    @pytest.fixture()
+    def node(self, user):
+        return NodeFactory(creator=user)
+
+    @pytest.fixture()
+    def file(self, node, user):
+        return utils.create_test_file(node, user)
+
+    @pytest.fixture()
+    def date_created(self, file):
+        return file.versions.first().date_created
 
-class TestFileSerializer(DbTestCase):
+    @pytest.fixture()
+    def date_modified(self, file):
+        return file.versions.last().date_created
 
-    def setUp(self):
-        super(TestFileSerializer, self).setUp()
-        self.user = factories.UserFactory()
-        self.node = factories.NodeFactory(creator=self.user)
-        self.file = utils.create_test_file(self.node, self.user)
+    @pytest.fixture()
+    def date_created_tz_aware(self, date_created):
+        return date_created.replace(tzinfo=utc)
 
-        self.date_created = self.file.versions.first().date_created
-        self.date_modified = self.file.versions.last().date_created
-        self.date_created_tz_aware = self.date_created.replace(tzinfo=utc)
-        self.date_modified_tz_aware = self.date_modified.replace(tzinfo=utc)
+    @pytest.fixture()
+    def date_modified_tz_aware(self, date_modified):
+        return  date_modified.replace(tzinfo=utc)
 
-        self.new_format = '%Y-%m-%dT%H:%M:%S.%fZ'
+    @pytest.fixture()
+    def new_format(self):
+        return '%Y-%m-%dT%H:%M:%S.%fZ'
 
-    def test_date_modified_formats_to_old_format(self):
+    def test_file_serializer(self, file, date_modified_tz_aware, date_modified, date_created, date_created_tz_aware, new_format):
+        # test_date_modified_formats_to_old_format
         req = make_drf_request_with_version(version='2.0')
-        data = FileSerializer(self.file, context={'request': req}).data['data']
-        assert_equal(self.date_modified_tz_aware, data['attributes']['date_modified'])
+        data = FileSerializer(file, context={'request': req}).data['data']
+        assert date_modified_tz_aware == data['attributes']['date_modified']
 
-    def test_date_modified_formats_to_new_format(self):
+        # test_date_modified_formats_to_new_format
         req = make_drf_request_with_version(version='2.2')
-        data = FileSerializer(self.file, context={'request': req}).data['data']
-        assert_equal(datetime.strftime(self.date_modified, self.new_format), data['attributes']['date_modified'])
+        data = FileSerializer(file, context={'request': req}).data['data']
+        assert datetime.strftime(date_modified, new_format) == data['attributes']['date_modified']
 
-    def test_date_created_formats_to_old_format(self):
+        # test_date_created_formats_to_old_format
         req = make_drf_request_with_version(version='2.0')
-        data = FileSerializer(self.file, context={'request': req}).data['data']
-        assert_equal(self.date_created_tz_aware, data['attributes']['date_created'])
+        data = FileSerializer(file, context={'request': req}).data['data']
+        assert date_created_tz_aware == data['attributes']['date_created']
 
-    def test_date_created_formats_to_new_format(self):
+        # test_date_created_formats_to_new_format
         req = make_drf_request_with_version(version='2.2')
-        data = FileSerializer(self.file, context={'request': req}).data['data']
-        assert_equal(datetime.strftime(self.date_created, self.new_format), data['attributes']['date_created'])
+        data = FileSerializer(file, context={'request': req}).data['data']
+        assert datetime.strftime(date_created, new_format) == data['attributes']['date_created']
diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index 334812d4e28..ed5cb642945 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -1,9 +1,9 @@
 from __future__ import unicode_literals
 
+import pytest
 import itsdangerous
 import mock
 import pytz
-from nose.tools import *  # flake8: noqa
 
 from addons.github.models import GithubFileNode
 from addons.osfstorage import settings as osfstorage_settings
@@ -27,439 +27,456 @@ def _dt_to_iso8601(value):
 
     return iso8601
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
 
-class TestFileView(ApiTestCase):
-    def setUp(self):
-        super(TestFileView, self).setUp()
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(creator=self.user, comment_level='public')
-        self.file = api_utils.create_test_file(self.node, self.user, create_guid=False)
-        self.file_url = '/{}files/{}/'.format(API_BASE, self.file._id)
+@pytest.mark.django_db
+class TestFileView:
+    @pytest.fixture()
+    def node(self, user):
+        return ProjectFactory(creator=user, comment_level='public')
 
-    def test_must_have_auth(self):
-        res = self.app.get(self.file_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+    @pytest.fixture()
+    def file(self, user, node):
+        return api_utils.create_test_file(node, user, create_guid=False)
 
-    def test_must_be_contributor(self):
-        user = AuthUserFactory()
-        res = self.app.get(self.file_url, auth=user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    @pytest.fixture()
+    def file_url(self, file):
+        return '/{}files/{}/'.format(API_BASE, file._id)
 
-    def test_unvisited_file_has_no_guid(self):
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['guid'], None)
+    def test_must_have_auth_and_be_contributor(self, app, file_url):
+        # test_must_have_auth(self, app, file_url):
+        res = app.get(file_url, expect_errors=True)
+        assert res.status_code == 401
 
-    def test_visited_file_has_guid(self):
-        guid = self.file.get_guid(create=True)
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_is_not_none(guid)
-        assert_equal(res.json['data']['attributes']['guid'], guid._id)
+        # test_must_be_contributor(self, app, file_url):
+        user = AuthUserFactory()
+        res = app.get(file_url, auth=user.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    def test_file_guid_guid_status(self, app, user, file, file_url):
+        # test_unvisited_file_has_no_guid
+        res = app.get(file_url, auth=user.auth)
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['guid'] == None
+
+        # test_visited_file_has_guid
+        guid = file.get_guid(create=True)
+        res = app.get(file_url, auth=user.auth)
+        assert res.status_code == 200
+        assert guid is not None
+        assert res.json['data']['attributes']['guid'] == guid._id
 
     @mock.patch('api.base.throttling.CreateGuidThrottle.allow_request')
-    def test_file_guid_not_created_with_basic_auth(self, mock_allow):
-        res = self.app.get(self.file_url + '?create_guid=1', auth=self.user.auth)
+    def test_file_guid_not_created_with_basic_auth(self, mock_allow, app, user, file_url):
+        res = app.get(file_url + '?create_guid=1', auth=user.auth)
         guid = res.json['data']['attributes'].get('guid', None)
-        assert_equal(res.status_code, 200)
-        assert_equal(mock_allow.call_count, 1)
+        assert res.status_code == 200
+        assert mock_allow.call_count == 1
         assert guid is None
 
     @mock.patch('api.base.throttling.CreateGuidThrottle.allow_request')
-    def test_file_guid_created_with_cookie(self, mock_allow):
-        session = Session(data={'auth_user_id': self.user._id})
+    def test_file_guid_created_with_cookie(self, mock_allow, app, user, file_url, file):
+        session = Session(data={'auth_user_id': user._id})
         session.save()
         cookie = itsdangerous.Signer(website_settings.SECRET_KEY).sign(session._id)
-        self.app.set_cookie(website_settings.COOKIE_NAME, str(cookie))
+        app.set_cookie(website_settings.COOKIE_NAME, str(cookie))
 
-        res = self.app.get(self.file_url + '?create_guid=1', auth=self.user.auth)
+        res = app.get(file_url + '?create_guid=1', auth=user.auth)
 
-        self.app.reset()  # clear cookie
+        app.reset()  # clear cookie
 
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
 
         guid = res.json['data']['attributes'].get('guid', None)
-        assert_is_not_none(guid)
+        assert guid is not None
 
-        assert_equal(guid, self.file.get_guid()._id)
-        assert_equal(mock_allow.call_count, 1)
+        assert guid == file.get_guid()._id
+        assert mock_allow.call_count == 1
 
-    def test_get_file(self):
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        self.file.versions.last().reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json.keys(), ['data'])
+    def test_get_file(self, app, user, file_url, file):
+        res = app.get(file_url, auth=user.auth)
+        file.versions.last().reload()
+        assert res.status_code == 200
+        assert res.json.keys() == ['data']
         attributes = res.json['data']['attributes']
-        assert_equal(attributes['path'], self.file.path)
-        assert_equal(attributes['kind'], self.file.kind)
-        assert_equal(attributes['name'], self.file.name)
-        assert_equal(attributes['materialized_path'], self.file.materialized_path)
-        assert_equal(attributes['last_touched'], None)
-        assert_equal(attributes['provider'], self.file.provider)
-        assert_equal(attributes['size'], self.file.versions.last().size)
-        assert_equal(attributes['current_version'], len(self.file.history))
-        assert_equal(attributes['date_modified'], _dt_to_iso8601(self.file.versions.last().date_created.replace(tzinfo=pytz.utc)))
-        assert_equal(attributes['date_created'], _dt_to_iso8601(self.file.versions.first().date_created.replace(tzinfo=pytz.utc)))
-        assert_equal(attributes['extra']['hashes']['md5'], None)
-        assert_equal(attributes['extra']['hashes']['sha256'], None)
-        assert_equal(attributes['tags'], [])
-
-    def test_file_has_rel_link_to_owning_project(self):
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_in('node', res.json['data']['relationships'].keys())
-        expected_url = self.node.api_v2_url
+        assert attributes['path'] == file.path
+        assert attributes['kind'] == file.kind
+        assert attributes['name'] == file.name
+        assert attributes['materialized_path'] == file.materialized_path
+        assert attributes['last_touched'] == None
+        assert attributes['provider'] == file.provider
+        assert attributes['size'] == file.versions.last().size
+        assert attributes['current_version'] == len(file.history)
+        assert attributes['date_modified'] == _dt_to_iso8601(file.versions.last().date_created.replace(tzinfo=pytz.utc))
+        assert attributes['date_created'] == _dt_to_iso8601(file.versions.first().date_created.replace(tzinfo=pytz.utc))
+        assert attributes['extra']['hashes']['md5'] == None
+        assert attributes['extra']['hashes']['sha256'] == None
+        assert attributes['tags'] == []
+
+    def test_file_has_rel_link_to_owning_project(self, app, user, file_url, node):
+        res = app.get(file_url, auth=user.auth)
+        assert res.status_code == 200
+        assert 'node' in res.json['data']['relationships'].keys()
+        expected_url = node.api_v2_url
         actual_url = res.json['data']['relationships']['node']['links']['related']['href']
-        assert_in(expected_url, actual_url)
+        assert expected_url in actual_url
 
-    def test_file_has_comments_link(self):
-        self.file.get_guid(create=True)
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_in('comments', res.json['data']['relationships'].keys())
+    def test_file_has_comments_link(self, app, user, file, file_url):
+        file.get_guid(create=True)
+        res = app.get(file_url, auth=user.auth)
+        assert res.status_code == 200
+        assert 'comments' in res.json['data']['relationships'].keys()
         url = res.json['data']['relationships']['comments']['links']['related']['href']
-        assert_equal(self.app.get(url, auth=self.user.auth).status_code, 200)
-        assert_equal(res.json['data']['type'], 'files')
+        assert app.get(url, auth=user.auth).status_code == 200
+        assert res.json['data']['type'] == 'files'
 
-    def test_file_has_correct_unread_comments_count(self):
+    def test_file_has_correct_unread_comments_count(self, app, user, file, node):
         contributor = AuthUserFactory()
-        self.node.add_contributor(contributor, auth=Auth(self.user), save=True)
-        comment = CommentFactory(node=self.node, target=self.file.get_guid(create=True), user=contributor, page='files')
-        res = self.app.get('/{}files/{}/?related_counts=True'.format(API_BASE, self.file._id), auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        node.add_contributor(contributor, auth=Auth(user), save=True)
+        comment = CommentFactory(node=node, target=file.get_guid(create=True), user=contributor, page='files')
+        res = app.get('/{}files/{}/?related_counts=True'.format(API_BASE, file._id), auth=user.auth)
+        assert res.status_code == 200
         unread_comments = res.json['data']['relationships']['comments']['links']['related']['meta']['unread']
-        assert_equal(unread_comments, 1)
+        assert unread_comments == 1
 
-    def test_only_project_contrib_can_comment_on_closed_project(self):
-        self.node.comment_level = 'private'
-        self.node.is_public = True
-        self.node.save()
+    def test_only_project_contrib_can_comment_on_closed_project(self, app, user, node, file_url):
+        node.comment_level = 'private'
+        node.is_public = True
+        node.save()
 
-        res = self.app.get(self.file_url, auth=self.user.auth)
+        res = app.get(file_url, auth=user.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
-        assert_equal(res.status_code, 200)
-        assert_equal(can_comment, True)
+        assert res.status_code == 200
+        assert can_comment == True
 
         non_contributor = AuthUserFactory()
-        res = self.app.get(self.file_url, auth=non_contributor.auth)
+        res = app.get(file_url, auth=non_contributor.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
-        assert_equal(res.status_code, 200)
-        assert_equal(can_comment, False)
+        assert res.status_code == 200
+        assert can_comment == False
+
+    def test_logged_or_not_user_comment_status_on_open_project(self, app, node, file_url):
+        node.is_public = True
+        node.save()
 
-    def test_any_loggedin_user_can_comment_on_open_project(self):
-        self.node.is_public = True
-        self.node.save()
+        # test_any_loggedin_user_can_comment_on_open_project(self, app, node, file_url):
         non_contributor = AuthUserFactory()
-        res = self.app.get(self.file_url, auth=non_contributor.auth)
+        res = app.get(file_url, auth=non_contributor.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
-        assert_equal(res.status_code, 200)
-        assert_equal(can_comment, True)
+        assert res.status_code == 200
+        assert can_comment == True
 
-    def test_non_logged_in_user_cant_comment(self):
-        self.node.is_public = True
-        self.node.save()
-        res = self.app.get(self.file_url)
+        # test_non_logged_in_user_cant_comment(self, app, file_url, node):
+        res = app.get(file_url)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
-        assert_equal(res.status_code, 200)
-        assert_equal(can_comment, False)
-
-    def test_checkout(self):
-        assert_equal(self.file.checkout, None)
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth
+        assert res.status_code == 200
+        assert can_comment == False
+
+    def test_checkout(self, app, user, file, file_url, node):
+        assert file.checkout == None
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth
         )
-        self.file.reload()
-        self.file.save()
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.file.checkout, self.user)
-
-        res = self.app.get(
-            self.file_url,
-            auth=self.user.auth
-        )
-        assert_equal(self.node.logs.count(),2)
-        assert_equal(self.node.logs.latest().action, NodeLog.CHECKED_OUT)
-        assert_equal(self.node.logs.latest().user, self.user)
-        assert_equal(
-            self.user._id,
-            res.json['data']['relationships']['checkout']['links']['related']['meta']['id']
-        )
-        assert_in(
-            '/{}users/{}/'.format(API_BASE, self.user._id),
-            res.json['data']['relationships']['checkout']['links']['related']['href']
+        file.reload()
+        file.save()
+        node.reload()
+        assert res.status_code == 200
+        assert file.checkout == user
+
+        res = app.get(
+            file_url,
+            auth=user.auth
         )
+        assert node.logs.count(),2
+        assert node.logs.latest().action, NodeLog.CHECKED_OUT
+        assert node.logs.latest().user, user
+        assert user._id == res.json['data']['relationships']['checkout']['links']['related']['meta']['id']
+
+        assert '/{}users/{}/'.format(API_BASE, user._id) in res.json['data']['relationships']['checkout']['links']['related']['href']
 
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': None}}},
-            auth=self.user.auth
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
+            auth=user.auth
         )
-        self.file.reload()
-        assert_equal(self.file.checkout, None)
-        assert_equal(res.status_code, 200)
-
-    def test_checkout_file_no_type(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth, expect_errors=True
+
+        file.reload()
+        assert file.checkout == None
+        assert res.status_code == 200
+
+    def test_checkout_file_error(self, app, user, file_url, file):
+        # test_checkout_file_no_type
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'attributes': {'checkout': user._id}}},
+            auth=user.auth, expect_errors=True
         )
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
 
-    def test_checkout_file_no_id(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth, expect_errors=True
+        # test_checkout_file_no_id
+        res = app.put_json_api(
+            file_url,
+            {'data': {'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth, expect_errors=True
         )
-        assert_equal(res.status_code, 400)
+        assert res.status_code == 400
 
-    def test_checkout_file_incorrect_type(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'Wrong type.', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth, expect_errors=True
+        # test_checkout_file_incorrect_type
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'Wrong type.', 'attributes': {'checkout': user._id}}},
+            auth=user.auth, expect_errors=True
         )
-        assert_equal(res.status_code, 409)
+        assert res.status_code == 409
 
-    def test_checkout_file_incorrect_id(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': '12345', 'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth, expect_errors=True
+        # test_checkout_file_incorrect_id
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': '12345', 'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth, expect_errors=True
         )
-        assert_equal(res.status_code, 409)
+        assert res.status_code == 409
 
-    def test_checkout_file_no_attributes(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files'}},
-            auth=self.user.auth, expect_errors=True
+        # test_checkout_file_no_attributes
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files'}},
+            auth=user.auth, expect_errors=True
         )
-        assert_equal(res.status_code, 400)
-
-    def test_must_set_self(self):
-        user = UserFactory()
-        assert_equal(self.file.checkout, None)
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
-            auth=self.user.auth,
+        assert res.status_code == 400
+
+    def test_must_set_self(self, app, user, file, file_url):
+        user_unauthorized = UserFactory()
+        assert file.checkout == None
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user_unauthorized._id}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        assert_equal(res.status_code, 400)
-        assert_equal(self.file.checkout, None)
+        file.reload()
+        assert res.status_code == 400
+        assert file.checkout == None
 
-    def test_must_be_self(self):
+    def test_must_be_self(self, app, file, file_url):
         user = AuthUserFactory()
-        self.file.checkout = self.user
-        self.file.save()
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
+        file.checkout = user
+        file.save()
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
             auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        assert_equal(res.status_code, 403)
-        assert_equal(self.file.checkout, self.user)
-
-    def test_admin_can_checkin(self):
-        user = UserFactory()
-        self.node.add_contributor(user)
-        self.file.checkout = user
-        self.file.save()
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': None}}},
-            auth=self.user.auth,
+        file.reload()
+        assert res.status_code == 403
+        assert file.checkout == user
+
+    def test_admin_can_checkin(self, app, user, node, file, file_url):
+        user_unauthorized = UserFactory()
+        node.add_contributor(user_unauthorized)
+        file.checkout = user_unauthorized
+        file.save()
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.file.checkout, None)
-        assert_equal(self.node.logs.latest().action, NodeLog.CHECKED_IN)
-        assert_equal(self.node.logs.latest().user, self.user)
-
-    def test_admin_can_checkout(self):
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth,
+        file.reload()
+        node.reload()
+        assert res.status_code == 200
+        assert file.checkout == None
+        assert node.logs.latest().action == NodeLog.CHECKED_IN
+        assert node.logs.latest().user == user
+
+    def test_admin_can_checkout(self, app, user, file_url, file, node):
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.file.checkout, self.user)
-        assert_equal(self.node.logs.latest().action, NodeLog.CHECKED_OUT)
-        assert_equal(self.node.logs.latest().user, self.user)
-
-    def test_cannot_checkin_when_already_checked_in(self):
-        count = self.node.logs.count()
-        assert_false(self.file.is_checked_out)
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': None}}},
-            auth=self.user.auth,
+        file.reload()
+        node.reload()
+        assert res.status_code == 200
+        assert file.checkout == user
+        assert node.logs.latest().action == NodeLog.CHECKED_OUT
+        assert node.logs.latest().user == user
+
+    def test_cannot_checkin_when_already_checked_in(self, app, user, node, file, file_url):
+        count = node.logs.count()
+        assert not file.is_checked_out
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.node.logs.count(), count)
-        assert_equal(self.file.checkout, None)
-
-    def test_cannot_checkout_when_checked_out(self):
-        user = UserFactory()
-        self.node.add_contributor(user)
-        self.file.checkout = user
-        self.file.save()
-        count = self.node.logs.count()
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth,
+        file.reload()
+        node.reload()
+        assert res.status_code == 200
+        assert node.logs.count() == count
+        assert file.checkout == None
+
+    def test_cannot_checkout_when_checked_out(self, app, user, node, file, file_url):
+        user_unauthorized = UserFactory()
+        node.add_contributor(user_unauthorized)
+        file.checkout = user_unauthorized
+        file.save()
+        count = node.logs.count()
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.file.checkout, user)
-        assert_equal(self.node.logs.count(), count)
-
-    def test_noncontrib_cannot_checkout(self):
+        file.reload()
+        node.reload()
+        assert res.status_code == 200
+        assert file.checkout == user_unauthorized
+        assert node.logs.count() == count
+
+    def test_noncontrib_and_read_contrib_cannot_checkout(self, app, file, node, file_url):
+        # test_noncontrib_cannot_checkout
         user = AuthUserFactory()
-        assert_equal(self.file.checkout, None)
-        assert_false(self.node.has_permission(user, 'read'))
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': self.user._id}}},
+        assert file.checkout == None
+        assert not node.has_permission(user, 'read')
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
             auth=user.auth,
             expect_errors=True,
         )
-        self.file.reload()
-        self.node.reload()
-        assert_equal(res.status_code, 403)
-        assert_equal(self.file.checkout, None)
-        assert self.node.logs.latest().action != NodeLog.CHECKED_OUT
+        file.reload()
+        node.reload()
+        assert res.status_code == 403
+        assert file.checkout == None
+        assert node.logs.latest().action != NodeLog.CHECKED_OUT
 
-    def test_read_contrib_cannot_checkout(self):
+        # test_read_contrib_cannot_checkout
         user = AuthUserFactory()
-        self.node.add_contributor(user, permissions=['read'])
-        self.node.save()
-        assert_false(self.node.can_edit(user=user))
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': None}}},
+        node.add_contributor(user, permissions=['read'])
+        node.save()
+        assert not node.can_edit(user=user)
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
             auth=user.auth,
             expect_errors=True
         )
-        self.file.reload()
-        assert_equal(res.status_code, 403)
-        assert_equal(self.file.checkout, None)
-        assert self.node.logs.latest().action != NodeLog.CHECKED_OUT
+        file.reload()
+        assert res.status_code == 403
+        assert file.checkout == None
+        assert node.logs.latest().action != NodeLog.CHECKED_OUT
 
-    def test_user_can_checkin(self):
+    def test_user_can_checkin(self, app, node, file, file_url):
         user = AuthUserFactory()
-        self.node.add_contributor(user, permissions=['read', 'write'])
-        self.node.save()
-        assert_true(self.node.can_edit(user=user))
-        self.file.checkout = user
-        self.file.save()
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': None}}},
+        node.add_contributor(user, permissions=['read', 'write'])
+        node.save()
+        assert node.can_edit(user=user)
+        file.checkout = user
+        file.save()
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
             auth=user.auth,
         )
-        self.file.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(self.file.checkout, None)
+        file.reload()
+        assert res.status_code == 200
+        assert file.checkout == None
 
-    def test_removed_contrib_files_checked_in(self):
+    def test_removed_contrib_files_checked_in(self, app, node, file):
         user = AuthUserFactory()
-        self.node.add_contributor(user, permissions=['read', 'write'])
-        self.node.save()
-        assert_true(self.node.can_edit(user=user))
-        self.file.checkout = user
-        self.file.save()
-        assert_true(self.file.is_checked_out)
+        node.add_contributor(user, permissions=['read', 'write'])
+        node.save()
+        assert node.can_edit(user=user)
+        file.checkout = user
+        file.save()
+        assert file.is_checked_out
         with capture_signals() as mock_signals:
-            self.node.remove_contributor(user, auth=Auth(user))
-        assert_equal(mock_signals.signals_sent(), set([contributor_removed]))
-        self.file.reload()
-        assert_false(self.file.is_checked_out)
-
-    def test_must_be_osfstorage(self):
-        self.file.recast(GithubFileNode._typedmodels_type)
-        self.file.save()
-        res = self.app.put_json_api(
-            self.file_url,
-            {'data': {'id': self.file._id, 'type': 'files', 'attributes': {'checkout': self.user._id}}},
-            auth=self.user.auth,
+            node.remove_contributor(user, auth=Auth(user))
+        assert mock_signals.signals_sent() == set([contributor_removed])
+        file.reload()
+        assert not file.is_checked_out
+
+    def test_must_be_osfstorage(self, app, user, file, file_url):
+        file.recast(GithubFileNode._typedmodels_type)
+        file.save()
+        res = app.put_json_api(
+            file_url,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
+            auth=user.auth,
             expect_errors=True,
         )
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_get_file_resolves_guids(self):
-        guid = self.file.get_guid(create=True)
+    def test_get_file_guids_misc(self, app, user, file, node):
+        # test_get_file_resolves_guids
+        guid = file.get_guid(create=True)
         url = '/{}files/{}/'.format(API_BASE, guid._id)
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json.keys(), ['data'])
-        assert_equal(res.json['data']['attributes']['path'], self.file.path)
+        res = app.get(url, auth=user.auth)
+        assert res.status_code == 200
+        assert res.json.keys() == ['data']
+        assert res.json['data']['attributes']['path'] == file.path
 
-    def test_get_file_invalid_guid_gives_404(self):
+        # test_get_file_invalid_guid_gives_404
         url = '/{}files/{}/'.format(API_BASE, 'asdasasd')
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        res = app.get(url, auth=user.auth, expect_errors=True)
+        assert res.status_code == 404
 
-    def test_get_file_non_file_guid_gives_404(self):
-        url = '/{}files/{}/'.format(API_BASE, self.node._id)
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        # test_get_file_non_file_guid_gives_404
+        url = '/{}files/{}/'.format(API_BASE, node._id)
+        res = app.get(url, auth=user.auth, expect_errors=True)
+        assert res.status_code == 404
 
-    def test_current_version_is_equal_to_length_of_history(self):
-        res = self.app.get(self.file_url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['current_version'], 1)
+    def test_current_version_is_equal_to_length_of_history(self, app, user, file_url, file):
+        res = app.get(file_url, auth=user.auth)
+        assert res.json['data']['attributes']['current_version'] == 1
         for version in range(2, 4):
-            self.file.create_version(self.user, {
+            file.create_version(user, {
                 'object': '06d80e' + str(version),
                 'service': 'cloud',
                 osfstorage_settings.WATERBUTLER_RESOURCE: 'osf',
             }, {'size': 1337,
                 'contentType': 'img/png'
             }).save()
-            res = self.app.get(self.file_url, auth=self.user.auth)
-            assert_equal(res.json['data']['attributes']['current_version'], version)
+            res = app.get(file_url, auth=user.auth)
+            assert res.json['data']['attributes']['current_version'] == version
 
     # Regression test for OSF-7758
-    def test_folder_files_relationships_contains_guid_not_id(self):
-        self.folder = self.node.get_addon('osfstorage').get_root().append_folder('I\'d be a teacher!!')
-        self.folder.save()
-        self.folder_url = '/{}files/{}/'.format(API_BASE, self.folder._id)
-        res = self.app.get(self.folder_url, auth=self.user.auth)
+    def test_folder_files_relationships_contains_guid_not_id(self, app, user, node):
+        folder = node.get_addon('osfstorage').get_root().append_folder('I\'d be a teacher!!')
+        folder.save()
+        folder_url = '/{}files/{}/'.format(API_BASE, folder._id)
+        res = app.get(folder_url, auth=user.auth)
         split_href = res.json['data']['relationships']['files']['links']['related']['href'].split('/')
-        assert_in(self.node._id, split_href)
-        assert_not_in(self.node.id, split_href)
+        assert node._id in split_href
+        assert node.id not in split_href
+
+@pytest.mark.django_db
+class TestFileVersionView:
 
-class TestFileVersionView(ApiTestCase):
-    def setUp(self):
-        super(TestFileVersionView, self).setUp()
+    @pytest.fixture()
+    def node(self, user):
+        return ProjectFactory(creator=user)
 
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(creator=self.user)
+    @pytest.fixture()
+    def osfstorage(self, node):
+        return node.get_addon('osfstorage')
 
-        self.osfstorage = self.node.get_addon('osfstorage')
+    @pytest.fixture()
+    def root_node(self, osfstorage):
+        return osfstorage.get_root()
 
-        self.root_node = self.osfstorage.get_root()
-        self.file = self.root_node.append_file('test_file')
-        self.file.create_version(self.user, {
+    @pytest.fixture()
+    def file(self, root_node, user):
+        file = root_node.append_file('test_file')
+        file.create_version(user, {
             'object': '06d80e',
             'service': 'cloud',
             osfstorage_settings.WATERBUTLER_RESOURCE: 'osf',
@@ -467,9 +484,10 @@ def setUp(self):
             'size': 1337,
             'contentType': 'img/png'
         }).save()
+        return file
 
-    def test_listing(self):
-        self.file.create_version(self.user, {
+    def test_listing(self, app, user, file):
+        file.create_version(user, {
             'object': '0683m38e',
             'service': 'cloud',
             osfstorage_settings.WATERBUTLER_RESOURCE: 'osf',
@@ -478,104 +496,114 @@ def test_listing(self):
             'contentType': 'img/png'
         }).save()
 
-        res = self.app.get(
-            '/{}files/{}/versions/'.format(API_BASE, self.file._id),
-            auth=self.user.auth,
+        res = app.get(
+            '/{}files/{}/versions/'.format(API_BASE, file._id),
+            auth=user.auth,
         )
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 2)
-        assert_equal(res.json['data'][0]['id'], '1')
-        assert_equal(res.json['data'][1]['id'], '2')
-
-    def test_by_id(self):
-        res = self.app.get(
-            '/{}files/{}/versions/1/'.format(API_BASE, self.file._id),
-            auth=self.user.auth,
+        assert res.status_code == 200
+        assert len(res.json['data']) == 2
+        assert res.json['data'][0]['id'] == '1'
+        assert res.json['data'][1]['id'] == '2'
+
+    def test_load_and_property(self, app, user, file):
+        # test_by_id
+        res = app.get(
+            '/{}files/{}/versions/1/'.format(API_BASE, file._id),
+            auth=user.auth,
         )
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['id'], '1')
+        assert res.status_code == 200
+        assert res.json['data']['id'] == '1'
 
-    def test_read_only(self):
-        assert_equal(self.app.put(
-            '/{}files/{}/versions/1/'.format(API_BASE, self.file._id),
+        # test_read_only
+        assert app.put(
+            '/{}files/{}/versions/1/'.format(API_BASE, file._id),
             expect_errors=True,
-            auth=self.user.auth,
-        ).status_code, 405)
+            auth=user.auth,
+        ).status_code == 405
 
-        assert_equal(self.app.post(
-            '/{}files/{}/versions/1/'.format(API_BASE, self.file._id),
+        assert app.post(
+            '/{}files/{}/versions/1/'.format(API_BASE, file._id),
             expect_errors=True,
-            auth=self.user.auth,
-        ).status_code, 405)
+            auth=user.auth,
+        ).status_code == 405
 
-        assert_equal(self.app.delete(
-            '/{}files/{}/versions/1/'.format(API_BASE, self.file._id),
+        assert app.delete(
+            '/{}files/{}/versions/1/'.format(API_BASE, file._id),
             expect_errors=True,
-            auth=self.user.auth,
-        ).status_code, 405)
-
-
-class TestFileTagging(ApiTestCase):
-    def setUp(self):
-        super(TestFileTagging, self).setUp()
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(creator=self.user)
-        self.file1 = api_utils.create_test_file(
-            self.node, self.user, filename='file1')
-        self.payload = {
+            auth=user.auth,
+        ).status_code == 405
+
+@pytest.mark.django_db
+class TestFileTagging:
+    @pytest.fixture()
+    def node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def file1(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file1')
+
+    @pytest.fixture()
+    def payload(self, file1):
+        payload = {
             "data": {
                 "type": "files",
-                "id": self.file1._id,
+                "id": file1._id,
                 "attributes": {
                     "checkout": None,
                     "tags": ["goofy"]
                 }
             }
         }
-        self.url = '/{}files/{}/'.format(API_BASE, self.file1._id)
+        return payload
+
+    @pytest.fixture()
+    def url(self, file1):
+        return '/{}files/{}/'.format(API_BASE, file1._id)
 
-    def test_tags_add_properly(self):
-        res = self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+    def test_tags_add_and_update_properly(self, app, user, url, payload):
+        # test_tags_add_properly
+        res = app.put_json_api(url, payload, auth=user.auth)
+        assert res.status_code == 200
         # Ensure adding tag data is correct from the PUT response
-        assert_equal(len(res.json['data']['attributes']['tags']), 1)
-        assert_equal(res.json['data']['attributes']['tags'][0], 'goofy')
+        assert len(res.json['data']['attributes']['tags']) == 1
+        assert res.json['data']['attributes']['tags'][0] == 'goofy'
 
-    def test_tags_update_properly(self):
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
+        # test_tags_update_properly
         # Ensure removing and adding tag data is correct from the PUT response
-        self.payload['data']['attributes']['tags'] = ['goofier']
-        res = self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']['attributes']['tags']), 1)
-        assert_equal(res.json['data']['attributes']['tags'][0], 'goofier')
-
-    def test_tags_add_and_remove_properly(self):
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        self.payload['data']['attributes']['tags'] = []
-        res = self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']['attributes']['tags']), 0)
-
-    def test_put_wo_tags_doesnt_remove_tags(self):
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        self.payload['data']['attributes'] = {'checkout': None}
-        res = self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        payload['data']['attributes']['tags'] = ['goofier']
+        res = app.put_json_api(url, payload, auth=user.auth)
+        assert res.status_code == 200
+        assert len(res.json['data']['attributes']['tags']) == 1
+        assert res.json['data']['attributes']['tags'][0] == 'goofier'
+
+    def test_tags_add_and_remove_properly(self, app, user, url, payload):
+        app.put_json_api(url, payload, auth=user.auth)
+        payload['data']['attributes']['tags'] = []
+        res = app.put_json_api(url, payload, auth=user.auth)
+        assert res.status_code == 200
+        assert len(res.json['data']['attributes']['tags']) == 0
+
+    def test_put_wo_tags_doesnt_remove_tags(self, app, user, url, payload):
+        app.put_json_api(url, payload, auth=user.auth)
+        payload['data']['attributes'] = {'checkout': None}
+        res = app.put_json_api(url, payload, auth=user.auth)
+        assert res.status_code == 200
         # Ensure adding tag data is correct from the PUT response
-        assert_equal(len(res.json['data']['attributes']['tags']), 1)
-        assert_equal(res.json['data']['attributes']['tags'][0], 'goofy')
-
-    def test_add_tag_adds_log(self):
-        count = self.node.logs.count()
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(self.node.logs.count(), count + 1)
-        assert_equal(NodeLog.FILE_TAG_ADDED, self.node.logs.latest().action)
-
-    def test_remove_tag_adds_log(self):
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        self.payload['data']['attributes']['tags'] = []
-        count = self.node.logs.count()
-        self.app.put_json_api(self.url, self.payload, auth=self.user.auth)
-        assert_equal(self.node.logs.count(), count + 1)
-        assert_equal(NodeLog.FILE_TAG_REMOVED, self.node.logs.latest().action)
+        assert len(res.json['data']['attributes']['tags']) == 1
+        assert res.json['data']['attributes']['tags'][0] == 'goofy'
+
+    def test_add_and_remove_tag_adds_log(self, app, user, url, payload, node):
+        # test_add_tag_adds_log
+        count = node.logs.count()
+        app.put_json_api(url, payload, auth=user.auth)
+        assert node.logs.count() == count + 1
+        assert NodeLog.FILE_TAG_ADDED == node.logs.latest().action
+
+        # test_remove_tag_adds_log
+        payload['data']['attributes']['tags'] = []
+        count = node.logs.count()
+        app.put_json_api(url, payload, auth=user.auth)
+        assert node.logs.count() == count + 1
+        assert NodeLog.FILE_TAG_REMOVED == node.logs.latest().action
diff --git a/api_tests/files/views/test_file_list.py b/api_tests/files/views/test_file_list.py
index 3f8bc845b8f..cfcc4c8fb0b 100644
--- a/api_tests/files/views/test_file_list.py
+++ b/api_tests/files/views/test_file_list.py
@@ -1,11 +1,9 @@
-# -*- coding: utf-8 -*-
-from nose import tools as nt
-
 from framework.auth.core import Auth
 
+import pytest
+
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as api_utils
-
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
@@ -13,126 +11,153 @@
     AuthUserFactory,
 )
 
-class TestNodeFileList(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeFileList, self).setUp()
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(creator=self.user)
-        self.file = api_utils.create_test_file(
-            self.node, self.user, filename='file1')
-        self.deleted_file = api_utils.create_test_file(
-            self.node, self.user, filename='file2')
-        self.deleted_file.delete(user=self.user, save=True)
-
-    def test_does_not_return_trashed_files(self):
-        res = self.app.get(
-            '/{}nodes/{}/files/osfstorage/'.format(API_BASE, self.node._id),
-            auth=self.user.auth
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
+@pytest.mark.django_db
+class TestNodeFileList:
+
+    @pytest.fixture()
+    def node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def file(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file1')
+
+    @pytest.fixture()
+    def deleted_file(self, user, node):
+        deleted_file = api_utils.create_test_file(
+            node, user, filename='file2')
+        deleted_file.delete(user=user, save=True)
+        return deleted_file
+
+    # file & deleted_file necessary in param for trash set up
+    def test_does_not_return_trashed_files(self, app, user, node, file, deleted_file):
+        res = app.get(
+            '/{}nodes/{}/files/osfstorage/'.format(API_BASE, node._id),
+            auth=user.auth
         )
         data = res.json.get('data')
-        nt.assert_equal(len(data), 1)
-
-class TestFileFiltering(ApiTestCase):
-    def setUp(self):
-        super(TestFileFiltering, self).setUp()
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(creator=self.user)
-        self.file1 = api_utils.create_test_file(
-            self.node, self.user, filename='file1')
-        self.file2 = api_utils.create_test_file(
-            self.node, self.user, filename='file2')
-        self.file3 = api_utils.create_test_file(
-            self.node, self.user, filename='file3')
-        self.file4 = api_utils.create_test_file(
-            self.node, self.user, filename='file4')
-
-    def test_get_all_files(self):
-        res = self.app.get(
-            '/{}nodes/{}/files/osfstorage/'.format(API_BASE, self.node._id),
-            auth=self.user.auth
+        assert len(data) == 1
+
+@pytest.mark.django_db
+class TestFileFiltering:
+
+    @pytest.fixture()
+    def node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def file1(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file1')
+
+    @pytest.fixture()
+    def file2(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file2')
+
+    @pytest.fixture()
+    def file3(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file3')
+
+    @pytest.fixture()
+    def file4(self, user, node):
+        return api_utils.create_test_file(
+            node, user, filename='file4')
+
+    def test_get_all_files(self, app, user, node, file1, file2, file3, file4):
+        res = app.get(
+            '/{}nodes/{}/files/osfstorage/'.format(API_BASE, node._id),
+            auth=user.auth
         )
         data = res.json.get('data')
-        nt.assert_equal(len(data), 4)
+        assert len(data) == 4
+
+    def test_filter_on_general_tags_and_exact(self, app, user, node, file1, file2, file3, file4):
+        file1.add_tag('new', Auth(user))
+        file2.add_tag('new', Auth(user))
+        file3.add_tag('news', Auth(user))
 
-    def test_filter_on_tag(self):
-        self.file1.add_tag('new', Auth(self.user))
-        self.file2.add_tag('new', Auth(self.user))
-        res = self.app.get(
+        # test_filter_on_tag
+        res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=new'.format(
-                API_BASE, self.node._id
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
         data = res.json.get('data')
-        nt.assert_equal(len(data), 2)
+        assert len(data) == 2
         names = [f['attributes']['name'] for f in data]
-        nt.assert_in('file1', names)
-        nt.assert_in('file2', names)
-
-    def test_filtering_tags_exact(self):
-        self.file1.add_tag('cats', Auth(self.user))
-        self.file2.add_tag('cats', Auth(self.user))
-        self.file1.add_tag('cat', Auth(self.user))
-        res = self.app.get(
-            '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
-                API_BASE, self.node._id
+        assert 'file1' in names
+        assert 'file2' in names
+
+        # test_filtering_tags_exact
+        res = app.get(
+            '/{}nodes/{}/files/osfstorage/?filter[tags]=news'.format(
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_tags_capitalized_query(self):
-        self.file1.add_tag('cat', Auth(self.user))
-        res = self.app.get(
+    def test_filtering_tags_capitalized_query_and_tag(self, app, user, node, file1, file2, file3, file4):
+        # test_filtering_tags_capitalized_query
+        file1.add_tag('cat', Auth(user))
+        res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=CAT'.format(
-                API_BASE, self.node._id
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_tags_capitalized_tag(self):
-        self.file1.add_tag('CAT', Auth(self.user))
-        res = self.app.get(
-            '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
-                API_BASE, self.node._id
+        # test_filtering_tags_capitalized_tag
+        file2.add_tag('NEW', Auth(user))
+        res = app.get(
+            '/{}nodes/{}/files/osfstorage/?filter[tags]=new'.format(
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
+
+    def test_filtering_on_multiple_tags(self, app, user, node, file1, file2, file3, file4):
+        # test_filtering_on_multiple_tags_one_match
+        file1.add_tag('cat', Auth(user))
 
-    def test_filtering_on_multiple_tags(self):
-        self.file1.add_tag('cat', Auth(self.user))
-        self.file1.add_tag('sand', Auth(self.user))
-        res = self.app.get(
+        res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat&filter[tags]=sand'.format(
-                API_BASE, self.node._id
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 0
 
-    def test_filtering_on_multiple_tags_must_match_both(self):
-        self.file1.add_tag('cat', Auth(self.user))
-        res = self.app.get(
+        # test_filtering_on_multiple_tags_both_match
+        file1.add_tag('sand', Auth(user))
+        res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat&filter[tags]=sand'.format(
-                API_BASE, self.node._id
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 0)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_by_tags_returns_distinct(self):
+    def test_filtering_by_tags_returns_distinct(self, app, user, node, file1, file2, file3, file4):
         # regression test for returning multiple of the same file
-        self.file1.add_tag('cat', Auth(self.user))
-        self.file1.add_tag('cAt', Auth(self.user))
-        self.file1.add_tag('caT', Auth(self.user))
-        self.file1.add_tag('CAT', Auth(self.user))
-        res = self.app.get(
+        file1.add_tag('cat', Auth(user))
+        file1.add_tag('cAt', Auth(user))
+        file1.add_tag('caT', Auth(user))
+        file1.add_tag('CAT', Auth(user))
+        res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
-                API_BASE, self.node._id
+                API_BASE, node._id
             ),
-            auth=self.user.auth
+            auth=user.auth
         )
-        nt.assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1

From af87f37530a3d0c336655d3ce001bae7a3ac4f56 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Tue, 30 May 2017 14:39:22 -0400
Subject: [PATCH 032/163] Email added contributors (not creator) on forks and
 templates.

- Send contributor_added signal in template_node.
---
 osf/models/node.py                   |  7 +++++--
 website/project/views/contributor.py | 13 +++++++------
 2 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/osf/models/node.py b/osf/models/node.py
index 67d71c08a3a..1be856ef666 100644
--- a/osf/models/node.py
+++ b/osf/models/node.py
@@ -1144,7 +1144,7 @@ def add_contributor(self, contributor, permissions=None, visible=True,
             if save:
                 self.save()
 
-            if self._id and send_email != 'false':
+            if self._id:
                 project_signals.contributor_added.send(self,
                                                        contributor=contributor,
                                                        auth=auth, email_template=send_email)
@@ -1948,7 +1948,7 @@ def fork_node(self, auth, title=None):
         forked.save()
 
         # Need to call this after save for the notifications to be created with the _primary_key
-        project_signals.contributor_added.send(forked, contributor=user, auth=auth)
+        project_signals.contributor_added.send(forked, contributor=user, auth=auth, email_template='false')
 
         forked.add_log(
             action=NodeLog.NODE_FORKED,
@@ -2031,6 +2031,9 @@ def use_as_template(self, auth, changes=None, top_level=True):
 
         new.save(suppress_log=True)
 
+        # Need to call this after save for the notifications to be created with the _primary_key
+        project_signals.contributor_added.send(new, contributor=auth.user, auth=auth, email_template='false')
+
         # Log the creation
         new.add_log(
             NodeLog.CREATED_FROM,
diff --git a/website/project/views/contributor.py b/website/project/views/contributor.py
index d4285cc1568..780f76591b3 100644
--- a/website/project/views/contributor.py
+++ b/website/project/views/contributor.py
@@ -517,14 +517,15 @@ def send_claim_email(email, unclaimed_user, node, notify=True, throttle=24 * 360
 
 @contributor_added.connect
 def notify_added_contributor(node, contributor, auth=None, throttle=None, email_template='default'):
+    if email_template == 'false':
+        return
+
     throttle = throttle or settings.CONTRIBUTOR_ADDED_EMAIL_THROTTLE
 
-    # Exclude forks and templates because the user forking/templating the project gets added
-    # via 'add_contributor' but does not need to get notified.
-    # Only email users for projects, or for components where they are not contributors on the parent node.
-    if (contributor.is_registered and not node.template_node and not node.is_fork and
-            (not node.parent_node or
-                (node.parent_node and not node.parent_node.is_contributor(contributor)))):
+    # Email users for projects, or for components where they are not contributors on the parent node.
+    if (contributor.is_registered
+            and not node.parent_node
+            or node.parent_node and not node.parent_node.is_contributor(contributor)):
 
         preprint_provider = None
         if email_template == 'preprint':

From 32a23ed7be44576b9d260b0805da97b79f9600b1 Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerrysun@Admins-MacBook-Air.local>
Date: Thu, 1 Jun 2017 09:27:26 -0400
Subject: [PATCH 033/163] file pytest conversion

---
 api_tests/files/views/test_file_list.py | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/api_tests/files/views/test_file_list.py b/api_tests/files/views/test_file_list.py
index cfcc4c8fb0b..5275546f87e 100644
--- a/api_tests/files/views/test_file_list.py
+++ b/api_tests/files/views/test_file_list.py
@@ -34,7 +34,6 @@ def deleted_file(self, user, node):
         deleted_file.delete(user=user, save=True)
         return deleted_file
 
-    # file & deleted_file necessary in param for trash set up
     def test_does_not_return_trashed_files(self, app, user, node, file, deleted_file):
         res = app.get(
             '/{}nodes/{}/files/osfstorage/'.format(API_BASE, node._id),
@@ -78,7 +77,7 @@ def test_get_all_files(self, app, user, node, file1, file2, file3, file4):
         data = res.json.get('data')
         assert len(data) == 4
 
-    def test_filter_on_general_tags_and_exact(self, app, user, node, file1, file2, file3, file4):
+    def test_filter_on_single_tag(self, app, user, node, file1, file2, file3, file4):
         file1.add_tag('new', Auth(user))
         file2.add_tag('new', Auth(user))
         file3.add_tag('news', Auth(user))
@@ -105,11 +104,9 @@ def test_filter_on_general_tags_and_exact(self, app, user, node, file1, file2, f
         )
         assert len(res.json.get('data')) == 1
 
-    def test_filtering_tags_capitalized_query_and_tag(self, app, user, node, file1, file2, file3, file4):
         # test_filtering_tags_capitalized_query
-        file1.add_tag('cat', Auth(user))
         res = app.get(
-            '/{}nodes/{}/files/osfstorage/?filter[tags]=CAT'.format(
+            '/{}nodes/{}/files/osfstorage/?filter[tags]=NEWS'.format(
                 API_BASE, node._id
             ),
             auth=user.auth
@@ -117,9 +114,9 @@ def test_filtering_tags_capitalized_query_and_tag(self, app, user, node, file1,
         assert len(res.json.get('data')) == 1
 
         # test_filtering_tags_capitalized_tag
-        file2.add_tag('NEW', Auth(user))
+        file4.add_tag('CAT', Auth(user))
         res = app.get(
-            '/{}nodes/{}/files/osfstorage/?filter[tags]=new'.format(
+            '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
                 API_BASE, node._id
             ),
             auth=user.auth

From dcea820a527824be3810e9bdde229a821a9929d6 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 1 Jun 2017 09:33:24 -0400
Subject: [PATCH 034/163] Add smaller SSRN logo for display in search

---
 website/static/img/SSRN.png   | Bin 0 -> 639 bytes
 website/templates/search.mako |   2 +-
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 website/static/img/SSRN.png

diff --git a/website/static/img/SSRN.png b/website/static/img/SSRN.png
new file mode 100644
index 0000000000000000000000000000000000000000..1817bc7ed5eb197098024e53ae53dbbb6cccc5a8
GIT binary patch
literal 639
zcmV-_0)YLAP)<h;3K|Lk000e1NJLTq000mG000mO1^@s6AM^iV00004b3#c}2nYxW
zd<bNS0006uNkl<ZIE|%}Pe_vi9EP8L`@U~mZfsyS(`u=MB%?IaFhqw1mDH&+jIb!{
zQYaldDn=0`9m)<-hBLF92Pq?|bVWodVM~T+nrLKh7NTx*+qXYo2WixGy{Gr^d!OIs
z(QG~T_)~asrjQh(x7gf5s$+og;!L5C>iAER05w%WLRASy;s}C(H=q!V#882s!6;Kp
zVFHmDv;GKkeuad(`bJe%d;x`MEP-e;$kZM#ARLZRy3>wpZ~_u>%8Kn|W|--9d2p22
z35FCJZahQOsK~NN=aoaWcMl?*IJgbZ_zzl~LtMY#k8Qn~*3OSqU+zYdw6t^&(|Eg&
z-8(k(+Ify|3t<+65r#*mnVwrhXzTgRt)`<4w4Y)n6lHsUHtwevIbNAZ&>y5UCmly|
z4!!*&+<Y*=hmN!S@~#kzC(vj#XmuMZny+@eLry5PHXfm*&dKEXESFA~laXO&a>~nv
zljZch9O1>#G-ka(eQhb82`}G$euSz$c^G7Yw!Sg$cD=!|Wi4;Vd{ovwLKG#OufA~S
zp^JtydkH9Unw;-h4um;hQ^s;AhBhmIU-R|)18hoPLnsoZx~hm=tBHzTHu7_=BtjwX
zJ@Mcu%Eq2$Vf3qyuIHoF>@T3lHHv0q<u!F76vHHI(ExrWPMWMmRaNFgF|yMnbdr|&
zfPzUUVvttV@dlz;jS`}y6|frRq!<QSo9srNnC$ERx&g>EO8=UeYW^Rfx7ggNj`bFs
Z`#0*%-|CE|8B_oO002ovPDHLkV1mFlBB%fW

literal 0
HcmV?d00001

diff --git a/website/templates/search.mako b/website/templates/search.mako
index 7679a0373ce..cc2b0712299 100644
--- a/website/templates/search.mako
+++ b/website/templates/search.mako
@@ -198,7 +198,7 @@
                     </li>
                     <li data-bind="visible: social.ssrn">
                         <a data-bind="attr: {href: social.ssrn}">
-                            <img class="social-icons" src="/static/img/SSRN.jpg"data-toggle="tooltip" style="PADDING-BOTTOM: 5px" title="SSRN">
+                            <img class="social-icons" src="/static/img/SSRN.png"data-toggle="tooltip" style="PADDING-BOTTOM: 5px" title="SSRN">
                         </a>
                     </li>
                 </ul>

From 83c9e366d7252a01bbbb8f148b8dde642cdff59f Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 1 Jun 2017 09:45:38 -0400
Subject: [PATCH 035/163] Rename newPublicProjects menu item

---
 website/templates/public/pages/active_nodes.mako | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/templates/public/pages/active_nodes.mako b/website/templates/public/pages/active_nodes.mako
index dde62654044..48a6c720978 100644
--- a/website/templates/public/pages/active_nodes.mako
+++ b/website/templates/public/pages/active_nodes.mako
@@ -17,7 +17,7 @@
         <div class="col-sm-4 col-md-3 affix-parent scrollspy">
             <div data-spy="affix" data-offset-bottom="250"  data-offset-top="60" class="panel panel-default m-t-lg hidden-print hidden-xs affix osf-affix" role="complementary">
                 <ul class="nav nav-stacked nav-pills">
-                    <li><a href='#newPublicProjects'>Newest public projects</a></li>
+                    <li><a href='#newNoteworthyProjects'>New and noteworthy projects</a></li>
                     <li><a href='#newPublicRegistrations'>Newest public registrations</a></li>
                     <li><a href='#popularPublicProjects'>Popular public projects</a></li>
                     <li><a href='#popularPublicRegistrations'>Popular public registrations</a></li>
@@ -26,7 +26,7 @@
         </div>
         <div class="col-sm-8 col-md-9" role="main" class="m-t-lg">
             <h1 class="page-header">Public Activity</h1>
-            <section id='newPublicProjects'>
+            <section id='newNoteworthyProjects'>
                 <h3 class='anchor'>New and noteworthy projects</h3>
                 <div class='project-list'>
                     ${node_list(new_and_noteworthy_projects, prefix='newest_public', metric='date_created')}

From 93e33d6ddb9c7716ba8323292001d82aac9a49fe Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Tue, 30 May 2017 15:24:49 -0400
Subject: [PATCH 036/163] Add test for adding unconfirmed users as
 contributors.

---
 .../views/test_node_contributors_list.py      | 26 ++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/api_tests/nodes/views/test_node_contributors_list.py b/api_tests/nodes/views/test_node_contributors_list.py
index a6368ba3fa7..8fa5dcc9d53 100644
--- a/api_tests/nodes/views/test_node_contributors_list.py
+++ b/api_tests/nodes/views/test_node_contributors_list.py
@@ -19,7 +19,8 @@
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
-    UserFactory
+    UserFactory,
+    UnconfirmedUserFactory
 )
 from tests.utils import assert_logs
 
@@ -1089,6 +1090,29 @@ def test_add_inactive_merged_user_as_contributor(self):
         contributor_added = res.json['data']['embeds']['users']['data']['id']
         assert_equal(contributor_added, primary_user._id)
 
+    def test_add_unconfirmed_user_by_guid(self):
+        unconfirmed_user = UnconfirmedUserFactory()
+        payload = {
+            'data': {
+                'type':'contributors',
+                'attributes': {},
+                'relationships': {
+                     'users': {
+                          'data': {
+                               'type': 'users',
+                               'id': unconfirmed_user._id
+                            }
+                       }
+                  }
+            }
+        }
+        res = self.app.post_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True)
+        assert_equal(res.status_code, 404)
+        assert_equal(
+            res.json['errors'][0]['detail'],
+            'Cannot add unconfirmed user {} to node {}'.format(unconfirmed_user._id, self.public_project._id)
+        )
+
 
 class TestNodeContributorCreateValidation(NodeCRUDTestCase):
 

From 372621ce78a017dd0738da8a4ddbfa5e0f7c1306 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Thu, 1 Jun 2017 10:43:10 -0400
Subject: [PATCH 037/163] Fix merge conflict; flake

---
 admin/preprints/serializers.py      |  1 -
 admin_tests/nodes/test_views.py     | 49 +++++++++++++----------------
 admin_tests/preprints/test_views.py |  2 +-
 admin_tests/users/test_views.py     |  1 -
 4 files changed, 23 insertions(+), 30 deletions(-)

diff --git a/admin/preprints/serializers.py b/admin/preprints/serializers.py
index 4004dfc1bde..bfde3db9835 100644
--- a/admin/preprints/serializers.py
+++ b/admin/preprints/serializers.py
@@ -1,4 +1,3 @@
-from website.project.taxonomies import Subject
 from admin.nodes.serializers import serialize_node
 
 
diff --git a/admin_tests/nodes/test_views.py b/admin_tests/nodes/test_views.py
index 47e34b2b0aa..9118d7211d2 100644
--- a/admin_tests/nodes/test_views.py
+++ b/admin_tests/nodes/test_views.py
@@ -10,8 +10,6 @@
 )
 from admin_tests.utilities import setup_log_view, setup_view
 
-from framework.auth import User
-
 from nose import tools as nt
 from django.test import RequestFactory
 from django.core.urlresolvers import reverse
@@ -22,8 +20,6 @@
 from osf_tests.factories import AuthUserFactory, ProjectFactory, RegistrationFactory
 
 
-
-
 class TestNodeView(AdminTestCase):
 
     def test_no_guid(self):
@@ -202,7 +198,28 @@ def test_no_log(self):
         view.delete(self.request)
         nt.assert_not_equal(self.node.logs.latest().action, NodeLog.CONTRIB_REMOVED)
 
-<<<<<<< HEAD
+    def test_no_user_permissions_raises_error(self):
+        guid = self.node._id
+        request = RequestFactory().get(self.url)
+        request.user = self.user
+
+        with nt.assert_raises(PermissionDenied):
+            self.view.as_view()(request, node_id=guid, user_id=self.user)
+
+    def test_correct_view_permissions(self):
+        change_permission = Permission.objects.get(codename='change_node')
+        view_permission = Permission.objects.get(codename='view_node')
+        self.user.user_permissions.add(change_permission)
+        self.user.user_permissions.add(view_permission)
+        self.user.save()
+
+        request = RequestFactory().get(self.url)
+        request.user = self.user
+
+        response = self.view.as_view()(request, node_id=self.node._id, user_id=self.user._id)
+        nt.assert_equal(response.status_code, 200)
+
+
 class TestNodeReindex(AdminTestCase):
     def setUp(self):
         super(TestNodeReindex, self).setUp()
@@ -268,25 +285,3 @@ def test_reindex_registration_elastic(self):
 
         nt.assert_true(self.mock_reindex_elastic.called)
         nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
-=======
-    def test_no_user_permissions_raises_error(self):
-        guid = self.node._id
-        request = RequestFactory().get(self.url)
-        request.user = self.user
-
-        with nt.assert_raises(PermissionDenied):
-            self.view.as_view()(request, node_id=guid, user_id=self.user)
-
-    def test_correct_view_permissions(self):
-        change_permission = Permission.objects.get(codename='change_node')
-        view_permission = Permission.objects.get(codename='view_node')
-        self.user.user_permissions.add(change_permission)
-        self.user.user_permissions.add(view_permission)
-        self.user.save()
-
-        request = RequestFactory().get(self.url)
-        request.user = self.user
-
-        response = self.view.as_view()(request, node_id=self.node._id, user_id=self.user._id)
-        nt.assert_equal(response.status_code, 200)
->>>>>>> b7b2315b6887f23b5d94ce9814fd4965cd66cfb0
diff --git a/admin_tests/preprints/test_views.py b/admin_tests/preprints/test_views.py
index 81008c106e6..7c985cb5ec0 100644
--- a/admin_tests/preprints/test_views.py
+++ b/admin_tests/preprints/test_views.py
@@ -10,7 +10,7 @@
 from osf_tests.factories import AuthUserFactory, PreprintFactory, PreprintProviderFactory
 from osf.models.admin_log_entry import AdminLogEntry
 
-from admin_tests.utilities import setup_view
+from admin_tests.utilities import setup_view, setup_log_view
 
 from admin.preprints import views
 from admin.preprints.forms import ChangeProviderForm
diff --git a/admin_tests/users/test_views.py b/admin_tests/users/test_views.py
index 58fca694b4e..f6e1c2b8f48 100644
--- a/admin_tests/users/test_views.py
+++ b/admin_tests/users/test_views.py
@@ -719,4 +719,3 @@ def test_reindex_user_elastic(self, mock_reindex_elastic):
 
         nt.assert_true(mock_reindex_elastic.called)
         nt.assert_equal(AdminLogEntry.objects.count(), count + 1)
-

From 90a4a4d5ea027b0c66c73362b322f45e5551c5f7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 1 Jun 2017 12:20:10 -0400
Subject: [PATCH 038/163] Add error message on submit untouched recaptcha

---
 website/static/js/passwordForms.js | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/website/static/js/passwordForms.js b/website/static/js/passwordForms.js
index b260c174089..934d5db27db 100644
--- a/website/static/js/passwordForms.js
+++ b/website/static/js/passwordForms.js
@@ -295,6 +295,11 @@ var SignUpViewModel = oop.extend(BaseViewModel, {
         if ($('.g-recaptcha').length !== 0) {
             var captchaResponse = $('#g-recaptcha-response').val();
             if (captchaResponse.length === 0) {
+                $osf.growl('Error','Please complete reCAPTCHA.');
+                // self.changeMessage(
+                //     'Please complete reCAPTCHA',
+                //     'text-danger p-xs'
+                // );
                 return false;
             }
             $.extend(payload, {'g-recaptcha-response': captchaResponse});

From 56ece003530bbee0f35d8b6de9dc75fe2db72eda Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Thu, 1 Jun 2017 12:14:59 -0400
Subject: [PATCH 039/163] Find user by username or email in emails list.

- Allows unregistered contributors to be found by email.
- Display username in user view template.
---
 admin/templates/users/user.html | 6 +++++-
 admin/users/views.py            | 3 ++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/admin/templates/users/user.html b/admin/templates/users/user.html
index 53a392f0500..40528e494e6 100644
--- a/admin/templates/users/user.html
+++ b/admin/templates/users/user.html
@@ -137,7 +137,11 @@ <h3>User details</h3>
                     </td>
                 </tr>
                 <tr>
-                    <td>Email</td>
+                    <td>Username</td>
+                    <td>{{ user.username }}</td>
+                </tr>
+                <tr>
+                    <td>Emails</td>
                     <td>
                         {% for email in user.emails %}
                             <li>
diff --git a/admin/users/views.py b/admin/users/views.py
index 0d2dde44752..0cee964692e 100644
--- a/admin/users/views.py
+++ b/admin/users/views.py
@@ -4,6 +4,7 @@
 import pytz
 from furl import furl
 from datetime import datetime, timedelta
+from django.db.models import Q
 from django.views.defaults import page_not_found
 from django.views.generic import FormView, DeleteView, ListView, TemplateView
 from django.contrib.auth.mixins import PermissionRequiredMixin
@@ -278,7 +279,7 @@ def form_valid(self, form):
         if guid or email:
             if email:
                 try:
-                    user = OSFUser.objects.get(emails__contains=[email])
+                    user = OSFUser.objects.filter(Q(username=email) | Q(emails__contains=[email])).get()
                     guid = user.guids.first()._id
                 except OSFUser.DoesNotExist:
                     return page_not_found(self.request, AttributeError('User with email address {} not found.'.format(email)))

From f00b5ee85a89a8c333dd3ba94bad597e960654ce Mon Sep 17 00:00:00 2001
From: Jerry Sun <jerrysun@Admins-MacBook-Air.local>
Date: Thu, 1 Jun 2017 16:33:44 -0400
Subject: [PATCH 040/163] Fix some styling issue

---
 .../files/serializers/test_file_serializer.py | 26 ++-------
 api_tests/files/views/test_file_detail.py     | 32 +++++------
 api_tests/files/views/test_file_list.py       | 55 +++++++++----------
 3 files changed, 49 insertions(+), 64 deletions(-)

diff --git a/api_tests/files/serializers/test_file_serializer.py b/api_tests/files/serializers/test_file_serializer.py
index 7ce7537a467..a30aaeb7700 100644
--- a/api_tests/files/serializers/test_file_serializer.py
+++ b/api_tests/files/serializers/test_file_serializer.py
@@ -24,27 +24,13 @@ def node(self, user):
     def file(self, node, user):
         return utils.create_test_file(node, user)
 
-    @pytest.fixture()
-    def date_created(self, file):
-        return file.versions.first().date_created
-
-    @pytest.fixture()
-    def date_modified(self, file):
-        return file.versions.last().date_created
-
-    @pytest.fixture()
-    def date_created_tz_aware(self, date_created):
-        return date_created.replace(tzinfo=utc)
-
-    @pytest.fixture()
-    def date_modified_tz_aware(self, date_modified):
-        return  date_modified.replace(tzinfo=utc)
-
-    @pytest.fixture()
-    def new_format(self):
-        return '%Y-%m-%dT%H:%M:%S.%fZ'
+    def test_file_serializer(self, file):
+        date_created = file.versions.first().date_created
+        date_modified = file.versions.last().date_created
+        date_created_tz_aware = date_created.replace(tzinfo=utc)
+        date_modified_tz_aware = date_modified.replace(tzinfo=utc)
+        new_format = '%Y-%m-%dT%H:%M:%S.%fZ'
 
-    def test_file_serializer(self, file, date_modified_tz_aware, date_modified, date_created, date_created_tz_aware, new_format):
         # test_date_modified_formats_to_old_format
         req = make_drf_request_with_version(version='2.0')
         data = FileSerializer(file, context={'request': req}).data['data']
diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index ed5cb642945..17d5e58f39e 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -51,8 +51,8 @@ def test_must_have_auth_and_be_contributor(self, app, file_url):
         assert res.status_code == 401
 
         # test_must_be_contributor(self, app, file_url):
-        user = AuthUserFactory()
-        res = app.get(file_url, auth=user.auth, expect_errors=True)
+        non_contributor = AuthUserFactory()
+        res = app.get(file_url, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
     def test_file_guid_guid_status(self, app, user, file, file_url):
@@ -191,9 +191,9 @@ def test_checkout(self, app, user, file, file_url, node):
             file_url,
             auth=user.auth
         )
-        assert node.logs.count(),2
-        assert node.logs.latest().action, NodeLog.CHECKED_OUT
-        assert node.logs.latest().user, user
+        assert node.logs.count() == 2
+        assert node.logs.latest().action == NodeLog.CHECKED_OUT
+        assert node.logs.latest().user == user
         assert user._id == res.json['data']['relationships']['checkout']['links']['related']['meta']['id']
 
         assert '/{}users/{}/'.format(API_BASE, user._id) in res.json['data']['relationships']['checkout']['links']['related']['href']
@@ -540,27 +540,27 @@ def node(self, user):
         return ProjectFactory(creator=user)
 
     @pytest.fixture()
-    def file1(self, user, node):
+    def file_one(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file1')
+            node, user, filename='file_one')
 
     @pytest.fixture()
-    def payload(self, file1):
+    def payload(self, file_one):
         payload = {
-            "data": {
-                "type": "files",
-                "id": file1._id,
-                "attributes": {
-                    "checkout": None,
-                    "tags": ["goofy"]
+            'data': {
+                'type': 'files',
+                'id': file_one._id,
+                'attributes': {
+                    'checkout': None,
+                    'tags': ['goofy']
                 }
             }
         }
         return payload
 
     @pytest.fixture()
-    def url(self, file1):
-        return '/{}files/{}/'.format(API_BASE, file1._id)
+    def url(self, file_one):
+        return '/{}files/{}/'.format(API_BASE, file_one._id)
 
     def test_tags_add_and_update_properly(self, app, user, url, payload):
         # test_tags_add_properly
diff --git a/api_tests/files/views/test_file_list.py b/api_tests/files/views/test_file_list.py
index 5275546f87e..4e15558d2c0 100644
--- a/api_tests/files/views/test_file_list.py
+++ b/api_tests/files/views/test_file_list.py
@@ -1,7 +1,6 @@
-from framework.auth.core import Auth
-
 import pytest
 
+from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as api_utils
 from tests.base import ApiTestCase
@@ -25,12 +24,12 @@ def node(self, user):
     @pytest.fixture()
     def file(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file1')
+            node, user, filename='file_one')
 
     @pytest.fixture()
     def deleted_file(self, user, node):
         deleted_file = api_utils.create_test_file(
-            node, user, filename='file2')
+            node, user, filename='file_two')
         deleted_file.delete(user=user, save=True)
         return deleted_file
 
@@ -50,26 +49,26 @@ def node(self, user):
         return ProjectFactory(creator=user)
 
     @pytest.fixture()
-    def file1(self, user, node):
+    def file_one(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file1')
+            node, user, filename='file_one')
 
     @pytest.fixture()
-    def file2(self, user, node):
+    def file_two(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file2')
+            node, user, filename='file_two')
 
     @pytest.fixture()
-    def file3(self, user, node):
+    def file_three(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file3')
+            node, user, filename='file_three')
 
     @pytest.fixture()
-    def file4(self, user, node):
+    def file_four(self, user, node):
         return api_utils.create_test_file(
-            node, user, filename='file4')
+            node, user, filename='file_four')
 
-    def test_get_all_files(self, app, user, node, file1, file2, file3, file4):
+    def test_get_all_files(self, app, user, node, file_one, file_two, file_three, file_four):
         res = app.get(
             '/{}nodes/{}/files/osfstorage/'.format(API_BASE, node._id),
             auth=user.auth
@@ -77,10 +76,10 @@ def test_get_all_files(self, app, user, node, file1, file2, file3, file4):
         data = res.json.get('data')
         assert len(data) == 4
 
-    def test_filter_on_single_tag(self, app, user, node, file1, file2, file3, file4):
-        file1.add_tag('new', Auth(user))
-        file2.add_tag('new', Auth(user))
-        file3.add_tag('news', Auth(user))
+    def test_filter_on_single_tag(self, app, user, node, file_one, file_two, file_three, file_four):
+        file_one.add_tag('new', Auth(user))
+        file_two.add_tag('new', Auth(user))
+        file_three.add_tag('news', Auth(user))
 
         # test_filter_on_tag
         res = app.get(
@@ -92,8 +91,8 @@ def test_filter_on_single_tag(self, app, user, node, file1, file2, file3, file4)
         data = res.json.get('data')
         assert len(data) == 2
         names = [f['attributes']['name'] for f in data]
-        assert 'file1' in names
-        assert 'file2' in names
+        assert 'file_one' in names
+        assert 'file_two' in names
 
         # test_filtering_tags_exact
         res = app.get(
@@ -114,7 +113,7 @@ def test_filter_on_single_tag(self, app, user, node, file1, file2, file3, file4)
         assert len(res.json.get('data')) == 1
 
         # test_filtering_tags_capitalized_tag
-        file4.add_tag('CAT', Auth(user))
+        file_four.add_tag('CAT', Auth(user))
         res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
                 API_BASE, node._id
@@ -123,9 +122,9 @@ def test_filter_on_single_tag(self, app, user, node, file1, file2, file3, file4)
         )
         assert len(res.json.get('data')) == 1
 
-    def test_filtering_on_multiple_tags(self, app, user, node, file1, file2, file3, file4):
+    def test_filtering_on_multiple_tags(self, app, user, node, file_one, file_two, file_three, file_four):
         # test_filtering_on_multiple_tags_one_match
-        file1.add_tag('cat', Auth(user))
+        file_one.add_tag('cat', Auth(user))
 
         res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat&filter[tags]=sand'.format(
@@ -136,7 +135,7 @@ def test_filtering_on_multiple_tags(self, app, user, node, file1, file2, file3,
         assert len(res.json.get('data')) == 0
 
         # test_filtering_on_multiple_tags_both_match
-        file1.add_tag('sand', Auth(user))
+        file_one.add_tag('sand', Auth(user))
         res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat&filter[tags]=sand'.format(
                 API_BASE, node._id
@@ -145,12 +144,12 @@ def test_filtering_on_multiple_tags(self, app, user, node, file1, file2, file3,
         )
         assert len(res.json.get('data')) == 1
 
-    def test_filtering_by_tags_returns_distinct(self, app, user, node, file1, file2, file3, file4):
+    def test_filtering_by_tags_returns_distinct(self, app, user, node, file_one, file_two, file_three, file_four):
         # regression test for returning multiple of the same file
-        file1.add_tag('cat', Auth(user))
-        file1.add_tag('cAt', Auth(user))
-        file1.add_tag('caT', Auth(user))
-        file1.add_tag('CAT', Auth(user))
+        file_one.add_tag('cat', Auth(user))
+        file_one.add_tag('cAt', Auth(user))
+        file_one.add_tag('caT', Auth(user))
+        file_one.add_tag('CAT', Auth(user))
         res = app.get(
             '/{}nodes/{}/files/osfstorage/?filter[tags]=cat'.format(
                 API_BASE, node._id

From 636a11b683aacc1b400718c855d4f585c0f3ab8d Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 5 Jun 2017 07:06:46 -0400
Subject: [PATCH 041/163] Group mithril mounts in same block, remove obsolete
 isretract checks

---
 .../static/js/pages/project-dashboard-page.js | 31 ++++++++-----------
 1 file changed, 13 insertions(+), 18 deletions(-)

diff --git a/website/static/js/pages/project-dashboard-page.js b/website/static/js/pages/project-dashboard-page.js
index 3dae288a37b..b429205ba20 100644
--- a/website/static/js/pages/project-dashboard-page.js
+++ b/website/static/js/pages/project-dashboard-page.js
@@ -121,16 +121,15 @@ $(document).ready(function () {
         contributors: window.contextVars.node.contributors,
         currentUserCanEdit: window.contextVars.currentUser.canEdit
     });
-    var newComponentElem = document.getElementById('newComponent');
 
-    m.startComputation();
+    if (!ctx.node.isRetracted) {
+        m.startComputation();
 
-    if (ctx.node.institutions.length && !ctx.node.anonymous && !ctx.node.isRetracted) {
-        m.mount(document.getElementById('instLogo'), m.component(institutionLogos, {institutions: window.contextVars.node.institutions}));
-    }
-    $('#contributorsList').osfToggleHeight();
+        if (ctx.node.institutions.length && !ctx.node.anonymous) {
+            m.mount(document.getElementById('instLogo'), m.component(institutionLogos, {institutions: window.contextVars.node.institutions}));
+        }
+        $('#contributorsList').osfToggleHeight();
 
-    if (!ctx.node.isRetracted) {
         // Recent Activity widget
         m.mount(document.getElementById('logFeed'), m.component(LogFeed.LogFeed, {node: node}));
 
@@ -200,16 +199,18 @@ $(document).ready(function () {
                 }
             };
             var filebrowser = new Fangorn(fangornOpts);
+            var newComponentElem = document.getElementById('newComponent');
+            if (window.contextVars.node.isPublic) {
+                m.mount(document.getElementById('shareButtonsPopover'),
+                        m.component(SocialShare.ShareButtonsPopover,
+                            {title: window.contextVars.node.title, url: window.location.href}));
+            }
             if (newComponentElem) {
                 m.mount(newComponentElem, AddComponentButton);
             };
             m.endComputation();
         });
-    } else {
-        if (newComponentElem) {
-            m.mount(newComponentElem, AddComponentButton);
-        };
-        m.endComputation();
+
     }
 
     // Tooltips
@@ -296,10 +297,4 @@ $(document).ready(function () {
             $(elm).text($(elm).text().replace(/\s*$/, ''));
         });
     }
-
-    if (window.contextVars.node.isPublic && !window.contextVars.node.isRetracted) {
-        m.mount(document.getElementById('shareButtonsPopover'),
-                m.component(SocialShare.ShareButtonsPopover,
-                    {title: window.contextVars.node.title, url: window.location.href}));
-    }
 });

From fbb0b36df64cbcccefc89af4cfecd3e69708cce2 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 5 Jun 2017 09:50:13 -0400
Subject: [PATCH 042/163] pytest conversion of ~12 api_tests/nodes files -
 assert_latest_log added to tests/utils.py

---
 .../nodes/serializers/test_serializers.py     |   26 +-
 api_tests/nodes/views/test_node_citations.py  |   90 +-
 api_tests/nodes/views/test_node_embeds.py     |  110 +-
 api_tests/nodes/views/test_node_exceptions.py |   73 +-
 .../views/test_node_institutions_list.py      |   44 +-
 .../nodes/views/test_node_links_detail.py     |  247 ++--
 api_tests/nodes/views/test_node_links_list.py | 1088 +++++++++--------
 api_tests/nodes/views/test_node_logs.py       |  196 +--
 .../views/test_node_registrations_list.py     |   54 +-
 .../nodes/views/test_node_sparse_fieldsets.py |  258 ++--
 .../views/test_node_view_only_links_detail.py |  166 ++-
 .../views/test_node_view_only_links_list.py   |  141 ++-
 .../views/test_view_only_query_parameter.py   |  291 +++--
 tests/utils.py                                |   15 +-
 14 files changed, 1559 insertions(+), 1240 deletions(-)

diff --git a/api_tests/nodes/serializers/test_serializers.py b/api_tests/nodes/serializers/test_serializers.py
index 7e7f5089171..5e558feccb2 100644
--- a/api_tests/nodes/serializers/test_serializers.py
+++ b/api_tests/nodes/serializers/test_serializers.py
@@ -1,5 +1,4 @@
 import pytest
-
 from urlparse import urlparse
 from dateutil.parser import parse as parse_date
 
@@ -11,16 +10,18 @@
 from api.registrations.serializers import RegistrationSerializer
 from api.base.settings.defaults import API_BASE
 
+@pytest.fixture()
+def user():
+    return UserFactory()
+
 @pytest.mark.django_db
 class TestNodeSerializer:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.user = UserFactory()
+    def test_node_serializer(self, user):
 
-    def test_node_serialization(self):
-        parent = ProjectFactory(creator=self.user)
-        node = NodeFactory(creator=self.user, parent=parent)
+    #   test_node_serialization
+        parent = ProjectFactory(creator=user)
+        node = NodeFactory(creator=user, parent=parent)
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(node, context={'request': req}).data
         data = result['data']
@@ -54,8 +55,8 @@ def test_node_serialization(self):
         # Not a fork, so forked_from is removed entirely
         assert 'forked_from' not in relationships
 
-    def test_fork_serialization(self):
-        node = NodeFactory(creator=self.user)
+    #   test_fork_serialization
+        node = NodeFactory(creator=user)
         fork = node.fork_node(auth=Auth(user=node.creator))
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(fork, context={'request': req}).data
@@ -68,8 +69,8 @@ def test_fork_serialization(self):
             urlparse(forked_from).path ==
             '/{}nodes/{}/'.format(API_BASE, node._id))
 
-    def test_template_serialization(self):
-        node = NodeFactory(creator=self.user)
+    #   test_template_serialization
+        node = NodeFactory(creator=user)
         fork = node.use_as_template(auth=Auth(user=node.creator))
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(fork, context={'request': req}).data
@@ -82,7 +83,8 @@ def test_template_serialization(self):
             urlparse(templated_from).path ==
             '/{}nodes/{}/'.format(API_BASE, node._id))
 
-class TestNodeRegistrationSerializer(DbTestCase):
+@pytest.mark.django_db
+class TestNodeRegistrationSerializer:
 
     def test_serialization(self):
         user = UserFactory()
diff --git a/api_tests/nodes/views/test_node_citations.py b/api_tests/nodes/views/test_node_citations.py
index 38635ac8ecd..8c120f4950d 100644
--- a/api_tests/nodes/views/test_node_citations.py
+++ b/api_tests/nodes/views/test_node_citations.py
@@ -2,80 +2,94 @@
 
 from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from tests.factories import (
     ProjectFactory,
     AuthUserFactory,
 )
 
-@pytest.mark.django_db
-class NodeCitationsMixin:
+@pytest.fixture()
+def admin_contributor():
+	return AuthUserFactory()
+
+@pytest.fixture()
+def rw_contributor():
+	return AuthUserFactory()
+
+@pytest.fixture()
+def read_contributor():
+	return AuthUserFactory()
 
-	def setUp(self):
-		self.app = JSONAPITestApp()
-		self.admin_contributor = AuthUserFactory()
-		self.rw_contributor = AuthUserFactory()
-		self.read_contributor = AuthUserFactory()
-		self.non_contributor = AuthUserFactory()
+@pytest.fixture()
+def non_contributor():
+	return AuthUserFactory()
 
-		self.public_project = ProjectFactory(creator=self.admin_contributor, is_public=True)
+@pytest.fixture()
+def public_project(admin_contributor):
+	return ProjectFactory(creator=admin_contributor, is_public=True)
 
-		self.private_project = ProjectFactory(creator=self.admin_contributor)
-		self.private_project.add_contributor(self.rw_contributor, auth=Auth(self.admin_contributor))
-		self.private_project.add_contributor(self.read_contributor, permissions=['read'], auth=Auth(self.admin_contributor))
-		self.private_project.save()
+@pytest.fixture()
+def private_project(admin_contributor, rw_contributor, read_contributor):
+	private_project = ProjectFactory(creator=admin_contributor)
+	private_project.add_contributor(rw_contributor, auth=Auth(admin_contributor))
+	private_project.add_contributor(read_contributor, permissions=['read'], auth=Auth(admin_contributor))
+	private_project.save()
+	return private_project
 
-	def test_node_citations(self):
+@pytest.mark.django_db
+class NodeCitationsMixin:
 
-	#   test_admin_can_view_private_project_citations
-		res = self.app.get(self.private_url, auth=self.admin_contributor.auth)
+	def test_node_citations(self, app, admin_contributor, rw_contributor, read_contributor, non_contributor, private_url, public_url):
+
+	# 	test_admin_can_view_private_project_citations
+		res = app.get(private_url, auth=admin_contributor.auth)
 		assert res.status_code == 200
 
-	#   test_rw_contributor_can_view_private_project_citations
-		res = self.app.get(self.private_url, auth=self.rw_contributor.auth)
+	# 	test_rw_contributor_can_view_private_project_citations
+		res = app.get(private_url, auth=rw_contributor.auth)
 		assert res.status_code == 200
 
-	#   test_read_contributor_can_view_private_project_citations
-		res = self.app.get(self.private_url, auth=self.read_contributor.auth)
+	# 	test_read_contributor_can_view_private_project_citations
+		res = app.get(private_url, auth=read_contributor.auth)
 		assert res.status_code == 200
 
 	#   test_non_contributor_cannot_view_private_project_citations
-		res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
+		res = app.get(private_url, auth=non_contributor.auth, expect_errors=True)
 		assert res.status_code == 403
 		assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
 	#   test_unauthenticated_cannot_view_private_project_citations
-		res = self.app.get(self.private_url, expect_errors=True)
+		res = app.get(private_url, expect_errors=True)
 		assert res.status_code == 401
 		assert res.json['errors'][0]['detail'] == 'Authentication credentials were not provided.'
 
 	#   test_unauthenticated_can_view_public_project_citations
-		res = self.app.get(self.public_url)
+		res = app.get(public_url)
 		assert res.status_code == 200
 
 	#   test_citations_are_read_only
-		post_res = self.app.post_json_api(self.public_url, {}, auth=self.admin_contributor.auth, expect_errors=True)
+		post_res = app.post_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
 		assert post_res.status_code == 405
-		put_res = self.app.put_json_api(self.public_url, {}, auth=self.admin_contributor.auth, expect_errors=True)
+		put_res = app.put_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
 		assert put_res.status_code == 405
-		delete_res = self.app.delete_json_api(self.public_url, auth=self.admin_contributor.auth, expect_errors=True)
+		delete_res = app.delete_json_api(public_url, auth=admin_contributor.auth, expect_errors=True)
 		assert delete_res.status_code == 405
 
-
 class TestNodeCitations(NodeCitationsMixin):
+	@pytest.fixture()
+	def public_url(self, public_project):
+		return '/{}nodes/{}/citation/'.format(API_BASE, public_project._id)
 
-	@pytest.fixture(autouse=True)
-	def setUp(self):
-		super(TestNodeCitations, self).setUp()
-		self.public_url = '/{}nodes/{}/citation/'.format(API_BASE, self.public_project._id)
-		self.private_url = '/{}nodes/{}/citation/'.format(API_BASE, self.private_project._id)
+	@pytest.fixture()
+	def private_url(self, private_project):
+		return '/{}nodes/{}/citation/'.format(API_BASE, private_project._id)
 
 
 class TestNodeCitationsStyle(NodeCitationsMixin):
+	@pytest.fixture()
+	def public_url(self, public_project):
+		return '/{}nodes/{}/citation/apa/'.format(API_BASE, public_project._id)
 
-	@pytest.fixture(autouse=True)
-	def setUp(self):
-		super(TestNodeCitationsStyle, self).setUp()
-		self.public_url = '/{}nodes/{}/citation/apa/'.format(API_BASE, self.public_project._id)
-		self.private_url = '/{}nodes/{}/citation/apa/'.format(API_BASE, self.private_project._id)
+	@pytest.fixture()
+	def private_url(self, private_project):
+		return '/{}nodes/{}/citation/apa/'.format(API_BASE, private_project._id)
diff --git a/api_tests/nodes/views/test_node_embeds.py b/api_tests/nodes/views/test_node_embeds.py
index eb4784c2afb..265cda57d70 100644
--- a/api_tests/nodes/views/test_node_embeds.py
+++ b/api_tests/nodes/views/test_node_embeds.py
@@ -2,7 +2,6 @@
 import functools
 
 from framework.auth.core import Auth
-from tests.json_api_test_app import JSONAPITestApp
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
 from osf_tests.factories import (
@@ -10,94 +9,121 @@
     AuthUserFactory
 )
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeEmbeds:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.auth = Auth(self.user)
-        make_public_node = functools.partial(ProjectFactory, is_public=False, creator=self.user)
-        self.root_node = make_public_node()
-        self.child1 = make_public_node(parent=self.root_node)
-        self.child2 = make_public_node(parent=self.root_node)
+    @pytest.fixture()
+    def contrib_one(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def contrib_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def contribs(self, contrib_one, contrib_two):
+        return [contrib_one, contrib_two]
+
+    @pytest.fixture()
+    def auth(self, user):
+        return Auth(user)
+
+    @pytest.fixture()
+    def make_public_node(self, user):
+        return functools.partial(ProjectFactory, is_public=False, creator=user)
+
+    @pytest.fixture()
+    def root_node(self, auth, contrib_one, contrib_two, make_public_node):
+        root_node = make_public_node()
+        root_node.add_contributor(contrib_one, ['read', 'write'], auth=auth, save=True)
+        root_node.add_contributor(contrib_two, ['read', 'write'], auth=auth, save=True)
+        return root_node
+
+    @pytest.fixture()
+    def child_one(self, auth, contrib_one, contrib_two, make_public_node, root_node):
+        child_one = make_public_node(parent=root_node)
+        child_one.add_contributor(contrib_one, ['read', 'write'], auth=auth, save=True)
+        child_one.add_contributor(contrib_two, ['read', 'write'], auth=auth, save=True)
+        return child_one
 
-        self.contribs = [AuthUserFactory() for i in range(2)]
-        for contrib in self.contribs:
-            self.root_node.add_contributor(contrib, ['read', 'write'], auth=self.auth, save=True)
-            self.child1.add_contributor(contrib, ['read', 'write'], auth=self.auth, save=True)
+    @pytest.fixture()
+    def child_two(self, make_public_node, root_node):
+        return make_public_node(parent=root_node)
 
-        self.contrib1 = self.contribs[0]
-        self.contrib2 = self.contribs[1]
-        self.subchild = ProjectFactory(parent=self.child2, creator=self.contrib1)
+    @pytest.fixture()
+    def subchild(self, child_two, contrib_one):
+        return ProjectFactory(parent=child_two, creator=contrib_one)
 
-    def test_node_embeds(self):
+    def test_node_embeds(self, app, user, contrib_one, contribs, subchild, root_node, child_one, child_two):
 
     #   test_embed_children
-        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, self.root_node._id)
+        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, root_node._id)
 
-        res = self.app.get(url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
-        ids = [self.child1._id, self.child2._id]
+        ids = [child_one._id, child_two._id]
         for child in embeds['children']['data']:
             assert child['id'] in ids
 
     #   test_embed_parent
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.child1._id)
+        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, child_one._id)
 
-        res = self.app.get(url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
-        assert embeds['parent']['data']['id'] == self.root_node._id
+        assert embeds['parent']['data']['id'] == root_node._id
 
     #   test_embed_no_parent
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.root_node._id)
+        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, root_node._id)
 
-        res = self.app.get(url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         data = res.json['data']
         assert 'embeds' not in data
 
     #   test_embed_contributors
-        url = '/{0}nodes/{1}/?embed=contributors'.format(API_BASE, self.child1._id)
+        url = '/{0}nodes/{1}/?embed=contributors'.format(API_BASE, child_one._id)
 
-        res = self.app.get(url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
-        ids = [c._id for c in self.contribs] + [self.user._id]
-        ids = ['{}-{}'.format(self.child1._id, id_) for id_ in ids]
+        ids = [c._id for c in contribs] + [user._id]
+        ids = ['{}-{}'.format(child_one._id, id_) for id_ in ids]
         for contrib in embeds['contributors']['data']:
             assert contrib['id'] in ids
 
     #   test_embed_children_filters_unauthorized
-        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, self.root_node._id)
+        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, root_node._id)
 
-        res = self.app.get(url, auth=self.contrib1.auth)
+        res = app.get(url, auth=contrib_one.auth)
         embeds = res.json['data']['embeds']
         ids = [c['id'] for c in embeds['children']['data']]
-        assert self.child2._id not in ids
-        assert self.child1._id in ids
+        assert child_two._id not in ids
+        assert child_one._id in ids
 
     #   test_embed_parent_unauthorized
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, self.subchild._id)
+        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, subchild._id)
 
-        res = self.app.get(url, auth=self.contrib1.auth)
+        res = app.get(url, auth=contrib_one.auth)
         assert 'errors' in res.json['data']['embeds']['parent']
         assert res.json['data']['embeds']['parent']['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
     #   test_embed_attributes_not_relationships
-        url = '/{}nodes/{}/?embed=title'.format(API_BASE, self.root_node._id)
+        url = '/{}nodes/{}/?embed=title'.format(API_BASE, root_node._id)
 
-        res = self.app.get(url, auth=self.contrib1.auth, expect_errors=True)
+        res = app.get(url, auth=contrib_one.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'The following fields are not embeddable: title'
 
     #   test_embed_contributors_pagination
-        url = '/{}nodes/{}/?embed=contributors'.format(API_BASE, self.root_node._id)
-        res = self.app.get(url, auth=self.contrib1.auth)
+        url = '/{}nodes/{}/?embed=contributors'.format(API_BASE, root_node._id)
+        res = app.get(url, auth=contrib_one.auth)
         assert res.status_code == 200
         assert res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic'] == 3
 
     #   test_embed_contributors_updated_pagination
-        url = '/{}nodes/{}/?version=2.1&embed=contributors'.format(API_BASE, self.root_node._id)
-        res = self.app.get(url, auth=self.contrib1.auth)
+        url = '/{}nodes/{}/?version=2.1&embed=contributors'.format(API_BASE, root_node._id)
+        res = app.get(url, auth=contrib_one.auth)
         assert res.status_code == 200
         assert res.json['data']['embeds']['contributors']['meta']['total_bibliographic'] == 3
diff --git a/api_tests/nodes/views/test_node_exceptions.py b/api_tests/nodes/views/test_node_exceptions.py
index 80710971486..6010892db19 100644
--- a/api_tests/nodes/views/test_node_exceptions.py
+++ b/api_tests/nodes/views/test_node_exceptions.py
@@ -1,45 +1,52 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory
 )
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestExceptionFormatting:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.non_contrib = AuthUserFactory()
-
-        self.title = 'Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.category = 'data'
+    @pytest.fixture()
+    def non_contrib(self):
+        return AuthUserFactory()
 
-        self.project_no_title = {
+    @pytest.fixture()
+    def project_no_title(self):
+        return {
             'data': {
                 'attributes': {
-                    'description': self.description,
-                    'category': self.category,
+                    'description': 'A Monument to Reason',
+                    'category': 'data',
                     'type': 'nodes',
                 }
             }
         }
 
-        self.private_project = ProjectFactory(is_public=False, creator=self.user)
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.private_url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/'.format(API_BASE, private_project._id)
 
-    def test_exception_formatting(self):
+    def test_exception_formatting(self, app, user, non_contrib, public_project, private_project, private_url, project_no_title):
 
     #   test_creates_project_with_no_title_formatting
         url = '/{}nodes/'.format(API_BASE)
-        res = self.app.post_json_api(url, self.project_no_title, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(url, project_no_title, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert res.json['errors'][0]['source'] == {'pointer': '/data/attributes/title'}
@@ -47,25 +54,25 @@ def test_exception_formatting(self):
 
     #   test_node_does_not_exist_formatting
         url = '/{}nodes/{}/'.format(API_BASE, '12345')
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
+        res = app.get(url, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert errors[0] == {'detail': 'Not found.'}
 
     #   test_forbidden_formatting
-        res = self.app.get(self.private_url, auth=self.non_contrib.auth, expect_errors=True)
+        res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert errors[0] == {'detail': 'You do not have permission to perform this action.'}
 
     #   test_not_authorized_formatting
-        res = self.app.get(self.private_url, expect_errors=True)
+        res = app.get(private_url, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert errors[0] == {'detail': 'Authentication credentials were not provided.'}
 
     #   test_update_project_with_no_title_or_category_formatting
-        res = self.app.put_json_api(self.private_url, {'data': {'type': 'nodes', 'id': self.private_project._id, 'attributes': {'description': 'New description'}}}, auth=self.user.auth, expect_errors=True)
+        res = app.put_json_api(private_url, {'data': {'type': 'nodes', 'id': private_project._id, 'attributes': {'description': 'New description'}}}, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert len(errors) == 2
@@ -77,8 +84,8 @@ def test_exception_formatting(self):
         assert errors[1]['detail'] == 'This field is required.'
 
     #   test_create_node_link_no_target_formatting
-        url = self.private_url + 'node_links/'
-        res = self.app.post_json_api(url, {
+        url = private_url + 'node_links/'
+        res = app.post_json_api(url, {
             'data': {
                 'type': 'node_links',
                 'relationships': {
@@ -90,7 +97,7 @@ def test_exception_formatting(self):
                     }
                 }
             }
-        }, auth=self.user.auth, expect_errors=True)
+        }, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert res.status_code == 400
@@ -98,34 +105,34 @@ def test_exception_formatting(self):
         assert res.json['errors'][0]['detail'] == 'This field may not be blank.'
 
     #   test_node_link_already_exists
-        url = self.private_url + 'node_links/'
-        res = self.app.post_json_api(url, {
+        url = private_url + 'node_links/'
+        res = app.post_json_api(url, {
             'data': {
                 'type': 'node_links',
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.public_project._id,
+                            'id': public_project._id,
                             'type': 'nodes',
                         }
                     }
                 }
             }
-        }, auth=self.user.auth)
+        }, auth=user.auth)
         assert res.status_code == 201
 
-        res = self.app.post_json_api(url, {'data': {
+        res = app.post_json_api(url, {'data': {
             'type': 'node_links',
             'relationships': {
                 'nodes': {
                     'data': {
-                        'id': self.public_project._id,
+                        'id': public_project._id,
                         'type': 'nodes'
                     }
                 }
             }
-        }}, auth=self.user.auth, expect_errors=True)
+        }}, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
         assert(isinstance(errors, list))
         assert res.status_code == 400
-        assert(self.public_project._id in res.json['errors'][0]['detail'])
+        assert(public_project._id in res.json['errors'][0]['detail'])
diff --git a/api_tests/nodes/views/test_node_institutions_list.py b/api_tests/nodes/views/test_node_institutions_list.py
index aff0fcd71ce..d7a62e4dd90 100644
--- a/api_tests/nodes/views/test_node_institutions_list.py
+++ b/api_tests/nodes/views/test_node_institutions_list.py
@@ -1,37 +1,45 @@
 import pytest
 
 from tests.base import ApiTestCase
-from tests.json_api_test_app import JSONAPITestApp
 from osf_tests.factories import InstitutionFactory, NodeFactory, AuthUserFactory
 from api.base.settings.defaults import API_BASE
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeInstitutionDetail:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.institution = InstitutionFactory()
-        self.node = NodeFactory(is_public=True)
-        self.node.affiliated_institutions.add(self.institution)
-        self.node.save()
-        self.user = AuthUserFactory()
-        self.node2 = NodeFactory(creator=self.user)
+    @pytest.fixture()
+    def institution(self):
+        return InstitutionFactory()
+
+    @pytest.fixture()
+    def node_one(self, institution):
+        node_one = NodeFactory(is_public=True)
+        node_one.affiliated_institutions.add(institution)
+        node_one.save()
+        return node_one
+
+    @pytest.fixture()
+    def node_two(self, user):
+        return NodeFactory(creator=user)
 
-    def test_node_institution_detail(self):
+    def test_node_institution_detail(self, app, user, institution, node_one, node_two,):
 
     #   test_return_institution
-        url = '/{0}nodes/{1}/institutions/'.format(API_BASE, self.node._id)
-        res = self.app.get(url)
+        url = '/{0}nodes/{1}/institutions/'.format(API_BASE, node_one._id)
+        res = app.get(url)
 
         assert res.status_code == 200
-        assert res.json['data'][0]['attributes']['name'] == self.institution.name
-        assert res.json['data'][0]['id'] == self.institution._id
+        assert res.json['data'][0]['attributes']['name'] == institution.name
+        assert res.json['data'][0]['id'] == institution._id
 
     #   test_return_no_institution
-        url = '/{0}nodes/{1}/institution/'.format(API_BASE, self.node2._id)
-        res = self.app.get(
-                url, auth=self.user.auth,
+        url = '/{0}nodes/{1}/institution/'.format(API_BASE, node_two._id)
+        res = app.get(
+                url, auth=user.auth,
                 expect_errors=True
         )
 
diff --git a/api_tests/nodes/views/test_node_links_detail.py b/api_tests/nodes/views/test_node_links_detail.py
index f02dc2aebef..72192caeeb5 100644
--- a/api_tests/nodes/views/test_node_links_detail.py
+++ b/api_tests/nodes/views/test_node_links_detail.py
@@ -1,13 +1,11 @@
 import pytest
-
 from urlparse import urlparse
 
 from framework.auth.core import Auth
 from website.models import NodeLog
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
-from tests.utils import assert_logs
+from tests.utils import assert_latest_log
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
@@ -16,119 +14,159 @@
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeLinkDetail:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.private_project = ProjectFactory(creator=self.user, is_public=False)
-        self.pointer_project = ProjectFactory(creator=self.user, is_public=False)
-        self.pointer = self.private_project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True)
-        self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.private_project._id, self.pointer._id)
+    @pytest.fixture()
+    def non_contributor(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(creator=user, is_public=False)
+
+    @pytest.fixture()
+    def private_pointer_project(self, user):
+        return ProjectFactory(creator=user, is_public=False)
+
+    @pytest.fixture()
+    def private_pointer(self, user, private_project, private_pointer_project):
+        return private_project.add_pointer(private_pointer_project, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def private_url(self, private_project, private_pointer):
+        return '/{}nodes/{}/node_links/{}/'.format(API_BASE, private_project._id, private_pointer._id)
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(creator=user, is_public=True)
 
-        self.public_project = ProjectFactory(creator=self.user, is_public=True)
-        self.public_pointer_project = ProjectFactory(is_public=True)
-        self.public_pointer = self.public_project.add_pointer(self.public_pointer_project,
-                                                              auth=Auth(self.user),
-                                                              save=True)
-        self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id)
+    @pytest.fixture()
+    def public_pointer_project(self):
+        return ProjectFactory(is_public=True)
 
-    def test_node_link_detail(self):
+    @pytest.fixture()
+    def public_pointer(self, user, public_project, public_pointer_project):
+        return public_project.add_pointer(public_pointer_project, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def public_url(self, public_project, public_pointer):
+        return '/{}nodes/{}/node_links/{}/'.format(API_BASE, public_project._id, public_pointer._id)
+
+    def test_node_link_detail(self, app, user, non_contributor, private_pointer_project, public_pointer_project, public_url, private_url):
 
     #   test_returns_embedded_public_node_pointer_detail_logged_out
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
+        assert embedded == public_pointer_project._id
 
     #   test_returns_public_node_pointer_detail_logged_in
-        res = self.app.get(self.public_url, auth=self.user.auth)
+        res = app.get(public_url, auth=user.auth)
         res_json = res.json['data']
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
+        assert embedded == public_pointer_project._id
 
     #   test_returns_private_node_pointer_detail_logged_out
-        res = self.app.get(self.private_url, expect_errors=True)
+        res = app.get(private_url, expect_errors=True)
         assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
         assert 'errors' in target_node
         assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
     #   test_returns_private_node_pointer_detail_logged_in_contributor
-        res = self.app.get(self.private_url, auth=self.user.auth)
+        res = app.get(private_url, auth=user.auth)
         res_json = res.json['data']
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.pointer_project._id
+        assert embedded == private_pointer_project._id
 
     #   test_returns_private_node_pointer_detail_logged_in_non_contributor
-        res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
+        res = app.get(private_url, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
         assert 'errors' in target_node
         assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
     #   test_self_link_points_to_node_link_detail_url
-        res = self.app.get(self.public_url, auth=self.user.auth)
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
         url = res.json['data']['links']['self']
-        assert self.public_url in url
+        assert public_url in url
 
     #   test_node_links_bad_version
-        url = '{}?version=2.1'.format(self.public_url)
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
+        url = '{}?version=2.1'.format(public_url)
+        res = app.get(url, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
         assert res.json['errors'][0]['detail'] == 'This feature is deprecated as of version 2.1'
 
 @pytest.mark.django_db
 class TestDeleteNodeLink:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.project = ProjectFactory(creator=self.user, is_public=False)
-        self.pointer_project = ProjectFactory(creator=self.user, is_public=True)
-        self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True)
-        self.private_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id)
-
-        self.user_two = AuthUserFactory()
-
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer = self.public_project.add_pointer(self.public_pointer_project,
-                                                              auth=Auth(self.user),
-                                                              save=True)
-        self.public_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id)
-
-    def test_delete_node_link_no_permissions_for_target_node(self):
-        pointer_project = ProjectFactory(creator=self.user_two, is_public=False)
-        pointer = self.public_project.add_pointer(pointer_project, auth=Auth(self.user), save=True)
-        assert pointer.child in self.public_project.nodes
-        url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, pointer._id)
-        res = self.app.delete_json_api(url, auth=self.user.auth, expect_errors=True)
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(creator=user, is_public=False)
+
+    @pytest.fixture()
+    def private_pointer_project(self, user):
+        return ProjectFactory(creator=user, is_public=True)
+
+    @pytest.fixture()
+    def private_pointer(self, user, private_project, private_pointer_project):
+        return private_project.add_pointer(private_pointer_project, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def private_url(self, private_project, private_pointer):
+        return '/{}nodes/{}/node_links/{}/'.format(API_BASE, private_project._id, private_pointer._id)
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_pointer_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_pointer(self, user, public_project, public_pointer_project):
+        return public_project.add_pointer(public_pointer_project, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def public_url(self, public_project, public_pointer):
+        return '/{}nodes/{}/node_links/{}/'.format(API_BASE, public_project._id, public_pointer._id)
+
+    def test_delete_node_link_no_permissions_for_target_node(self, app, user, user_two, public_project):
+        pointer_project = ProjectFactory(creator=user_two, is_public=False)
+        pointer = public_project.add_pointer(pointer_project, auth=Auth(user), save=True)
+        assert pointer.child in public_project.nodes
+        url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, public_project._id, pointer._id)
+        res = app.delete_json_api(url, auth=user.auth, expect_errors=True)
         assert res.status_code == 204
 
-        self.public_project.reload()
-        assert pointer not in self.public_project.nodes
+        public_project.reload()
+        assert pointer not in public_project.nodes
 
-    def test_cannot_delete_if_registration(self):
-        registration = RegistrationFactory(project=self.public_project)
+    def test_cannot_delete_if_registration(self, app, user, public_project, public_pointer):
+        registration = RegistrationFactory(project=public_project)
 
         url = '/{}registrations/{}/node_links/'.format(
             API_BASE,
             registration._id,
         )
-        res = self.app.get(url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         pointer_id = res.json['data'][0]['id']
 
@@ -137,79 +175,78 @@ def test_cannot_delete_if_registration(self):
             registration._id,
             pointer_id,
         )
-        res = self.app.delete(url, auth=self.user.auth, expect_errors=True)
+        res = app.delete(url, auth=user.auth, expect_errors=True)
         assert res.status_code == 405
 
-    def test_deletes_public_node_pointer_logged_out(self):
-        res = self.app.delete(self.public_url, expect_errors=True)
+    def test_deletes_public_node_pointer_logged_out(self, app, public_url):
+        res = app.delete(public_url, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0].keys()
 
-    def test_deletes_public_node_pointer_fails_if_bad_auth(self):
-        node_count_before = len(self.public_project.nodes_pointer)
-        res = self.app.delete(self.public_url, auth=self.user_two.auth, expect_errors=True)
+    def test_deletes_public_node_pointer_fails_if_bad_auth(self, app, user_two, public_project, public_url):
+        node_count_before = len(public_project.nodes_pointer)
+        res = app.delete(public_url, auth=user_two.auth, expect_errors=True)
         # This is could arguably be a 405, but we don't need to go crazy with status codes
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
-        self.public_project.reload()
-        assert node_count_before == len(self.public_project.nodes_pointer)
-
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
-    def test_deletes_public_node_pointer_succeeds_as_owner(self):
-        node_count_before = len(self.public_project.nodes_pointer)
-        res = self.app.delete(self.public_url, auth=self.user.auth)
-        self.public_project.reload()
-        assert res.status_code == 204
-        assert node_count_before - 1 == len(self.public_project.nodes_pointer)
-
-    def test_deletes_private_node_pointer_logged_out(self):
-        res = self.app.delete(self.private_url, expect_errors=True)
+        public_project.reload()
+        assert node_count_before == len(public_project.nodes_pointer)
+
+    def test_deletes_public_node_pointer_succeeds_as_owner(self, app, user, public_project, public_pointer, public_url):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, public_project):
+            node_count_before = len(public_project.nodes_pointer)
+            res = app.delete(public_url, auth=user.auth)
+            public_project.reload()
+            assert res.status_code == 204
+            assert node_count_before - 1 == len(public_project.nodes_pointer)
+
+    def test_deletes_private_node_pointer_logged_out(self, app, private_url):
+        res = app.delete(private_url, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project')
-    def test_deletes_private_node_pointer_logged_in_contributor(self):
-        res = self.app.delete(self.private_url, auth=self.user.auth)
-        self.project.reload()  # Update the model to reflect changes made by post request
-        assert res.status_code == 204
-        assert len(self.project.nodes_pointer) == 0
+    def test_deletes_private_node_pointer_logged_in_contributor(self, app, user, private_project, private_url):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, private_project):
+            res = app.delete(private_url, auth=user.auth)
+            private_project.reload()  # Update the model to reflect changes made by post request
+            assert res.status_code == 204
+            assert len(private_project.nodes_pointer) == 0
 
-    def test_deletes_private_node_pointer_logged_in_non_contributor(self):
-        res = self.app.delete(self.private_url, auth=self.user_two.auth, expect_errors=True)
+    def test_deletes_private_node_pointer_logged_in_non_contributor(self, app, user_two, private_url):
+        res = app.delete(private_url, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
-    def test_return_deleted_public_node_pointer(self):
-        res = self.app.delete(self.public_url, auth=self.user.auth)
-        self.public_project.reload() # Update the model to reflect changes made by post request
-        assert res.status_code == 204
+    def test_return_deleted_public_node_pointer(self, app, user, public_project, public_url):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, public_project):
+            res = app.delete(public_url, auth=user.auth)
+            public_project.reload() # Update the model to reflect changes made by post request
+            assert res.status_code == 204
 
         #check that deleted pointer can not be returned
-        res = self.app.get(self.public_url, auth=self.user.auth, expect_errors=True)
+        res = app.get(public_url, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project')
-    def test_return_deleted_private_node_pointer(self):
-        res = self.app.delete(self.private_url, auth=self.user.auth)
-        self.project.reload()  # Update the model to reflect changes made by post request
-        assert res.status_code == 204
+    def test_return_deleted_private_node_pointer(self, app, user, private_project, private_url):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, private_project):
+            res = app.delete(private_url, auth=user.auth)
+            private_project.reload()  # Update the model to reflect changes made by post request
+            assert res.status_code == 204
 
         #check that deleted pointer can not be returned
-        res = self.app.get(self.private_url, auth=self.user.auth, expect_errors=True)
+        res = app.get(private_url, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
 
     # Regression test for https://openscience.atlassian.net/browse/OSF-4322
-    def test_delete_link_that_is_not_linked_to_correct_node(self):
-        project = ProjectFactory(creator=self.user)
+    def test_delete_link_that_is_not_linked_to_correct_node(self, app, user, public_pointer):
+        project = ProjectFactory(creator=user)
         # The node link belongs to a different project
-        res = self.app.delete(
-            '/{}nodes/{}/node_links/{}/'.format(API_BASE, project._id, self.public_pointer._id),
-            auth=self.user.auth,
+        res = app.delete(
+            '/{}nodes/{}/node_links/{}/'.format(API_BASE, project._id, public_pointer._id),
+            auth=user.auth,
             expect_errors=True
         )
         assert res.status_code == 404
         errors = res.json['errors']
         assert len(errors) == 1
         assert errors[0]['detail'] == 'Not found.'
-
diff --git a/api_tests/nodes/views/test_node_links_list.py b/api_tests/nodes/views/test_node_links_list.py
index 83ef447eca1..3ec265f9406 100644
--- a/api_tests/nodes/views/test_node_links_list.py
+++ b/api_tests/nodes/views/test_node_links_list.py
@@ -1,5 +1,4 @@
 import pytest
-
 from urlparse import urlparse
 
 from framework.auth.core import Auth
@@ -7,7 +6,7 @@
 from api.base.settings.defaults import API_BASE
 from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
-from tests.utils import assert_logs
+from tests.utils import assert_latest_log
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
@@ -16,260 +15,254 @@
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeLinksList:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.project = ProjectFactory(is_public=False, creator=self.user)
-        self.pointer_project = ProjectFactory(is_public=False, creator=self.user)
-        self.project.add_pointer(self.pointer_project, auth=Auth(self.user))
-        self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id)
+    @pytest.fixture()
+    def public_non_contrib(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def private_pointer_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_project(self, user, private_pointer_project):
+        private_project = ProjectFactory(is_public=False, creator=user)
+        private_project.add_pointer(private_pointer_project, auth=Auth(user))
+        return private_project
 
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_project.add_pointer(self.public_pointer_project, auth=Auth(self.user))
-        self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, private_project._id)
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def public_pointer_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-    def test_non_mutational_node_links_list_tests(self):
+    @pytest.fixture()
+    def public_project(self, user, public_pointer_project):
+        public_project = ProjectFactory(is_public=True, creator=user)
+        public_project.add_pointer(public_pointer_project, auth=Auth(user))
+        return public_project
+
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, public_project._id)
+
+    def test_non_mutational_node_links_list_tests(self, app, user, public_non_contrib, public_pointer_project, private_pointer_project, public_url, private_url):
 
     #   test_return_embedded_public_node_pointers_logged_out
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         res_json = res.json['data']
         assert len(res_json) == 1
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
 
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
+        assert embedded == public_pointer_project._id
 
     #   test_return_embedded_public_node_pointers_logged_in
-        res = self.app.get(self.public_url, auth=self.user_two.auth)
+        res = app.get(public_url, auth=public_non_contrib.auth)
         res_json = res.json['data']
         assert len(res_json) == 1
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
+        assert embedded == public_pointer_project._id
 
     #   test_return_private_node_pointers_logged_out
-        res = self.app.get(self.private_url, expect_errors=True)
+        res = app.get(private_url, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
     #   test_return_private_node_pointers_logged_in_contributor
-        res = self.app.get(self.private_url, auth=self.user.auth)
+        res = app.get(private_url, auth=user.auth)
         res_json = res.json['data']
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         assert len(res_json) == 1
         embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.pointer_project._id
+        assert embedded == private_pointer_project._id
 
     #   test_return_private_node_pointers_logged_in_non_contributor
-        res = self.app.get(self.private_url, auth=self.user_two.auth, expect_errors=True)
+        res = app.get(private_url, auth=public_non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
     #   test_node_links_bad_version
-        url = '{}?version=2.1'.format(self.public_url)
-        res = self.app.get(url, auth=self.user.auth, expect_errors=True)
+        url = '{}?version=2.1'.format(public_url)
+        res = app.get(url, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
         assert res.json['errors'][0]['detail'] == 'This feature is deprecated as of version 2.1'
 
-    def test_deleted_links_not_returned(self):
-        res = self.app.get(self.public_url, expect_errors=True)
+    def test_deleted_links_not_returned(self, app, public_url, public_pointer_project):
+        res = app.get(public_url, expect_errors=True)
         res_json = res.json['data']
         original_length = len(res_json)
 
-        self.public_pointer_project.is_deleted = True
-        self.public_pointer_project.save()
+        public_pointer_project.is_deleted = True
+        public_pointer_project.save()
 
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         res_json = res.json['data']
         assert len(res_json) == original_length - 1
 
 @pytest.mark.django_db
 class TestNodeLinkCreate:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.project = ProjectFactory(is_public=False, creator=self.user)
-        self.pointer_project = ProjectFactory(is_public=False, creator=self.user)
-        self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id)
-
-        self.private_payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': self.pointer_project._id,
-                            'type': 'nodes'
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_pointer_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_url(self, user, private_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, private_project._id)
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_pointer_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, public_project._id)
+
+    @pytest.fixture()
+    def fake_url(self):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, 'rheis')
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_two_project(self, user_two):
+        return ProjectFactory(is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def user_two_url(self, user_two_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, user_two_project._id)
+
+    @pytest.fixture()
+    def make_payload(self):
+
+        # creates a fake payload by default
+
+        def payload(id='rheis'):
+            return {
+                'data': {
+                    'type': 'node_links',
+                    'relationships': {
+                        'nodes': {
+                            'data': {
+                                'id': id,
+                                'type': 'nodes'
+                            }
                         }
                     }
                 }
             }
-        }
 
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
-        self.public_payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': self.public_pointer_project._id,
-                            'type': 'nodes'
-                        }
-                    }
-                }
-            }
-        }
-        self.fake_url = '/{}nodes/{}/node_links/'.format(API_BASE, 'fdxlq')
-        self.fake_payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': 'fdxlq',
-                            'type': 'nodes'
-                        }
-                    }
-                }
-            }
-        }
-        self.point_to_itself_payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': self.public_project._id,
-                            'type': 'nodes'
-                        }
-                    }
-                }
-            }
-        }
+        return payload
 
-        self.user_two = AuthUserFactory()
-        self.user_two_project = ProjectFactory(is_public=True, creator=self.user_two)
-        self.user_two_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.user_two_project._id)
-        self.user_two_payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': self.user_two_project._id,
-                            'type': 'nodes'
-                        }
-                    }
-                }
-            }
-        }
+    def test_add_node_link(self, app, user, public_pointer_project, public_url):
 
-    def test_add_node_link_relationships_is_a_list(self):
+    #   test_add_node_link_relationships_is_a_list
         data = {
             'data': {
                 'type': 'node_links',
-                'relationships': [{'target_node_id': self.public_pointer_project._id}]
+                'relationships': [{'target_node_id': public_pointer_project._id}]
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Malformed request.'
 
-    def test_create_node_link_invalid_data(self):
-        res = self.app.post_json_api(self.public_url, 'Incorrect data', auth=self.user.auth, expect_errors=True)
-        assert res.status_code == 400
-        assert res.json['errors'][0]['detail'] == 'Malformed request.'
-
-
-    def test_add_node_link_no_relationships(self):
+    #   test_add_node_link_no_relationships
         data = {
             'data': {
                 'type': 'node_links',
                 'attributes': {
-                    'id': self.public_pointer_project._id
+                    'id': public_pointer_project._id
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
 
-    def test_add_node_links_empty_relationships(self):
+    #   test_add_node_links_empty_relationships
         data = {
             'data': {
                 'type': 'node_links',
                 'relationships': {}
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
 
-    def test_add_node_links_no_nodes_key_in_relationships(self):
+    #   test_add_node_links_no_nodes_key_in_relationships
         data = {
             'data': {
                 'type': 'node_links',
                 'relationships': {
                     'data': {
-                        'id': self.public_pointer_project._id,
+                        'id': public_pointer_project._id,
                         'type': 'nodes'
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Malformed request.'
 
-    def test_add_node_links_no_data_in_relationships(self):
+    #   test_add_node_links_no_data_in_relationships
         data = {
             'data': {
                 'type': 'node_links',
                 'relationships': {
                     'nodes': {
-                        'id': self.public_pointer_project._id,
+                        'id': public_pointer_project._id,
                         'type': 'nodes'
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Request must include /data.'
 
-    def test_add_node_links_no_target_type_in_relationships(self):
+    #   test_add_node_links_no_target_type_in_relationships
         data = {
             'data': {
                 'type': 'node_links',
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.public_pointer_project._id
+                            'id': public_pointer_project._id
                         }
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Request must include /type.'
 
-
-    def test_add_node_links_no_target_id_in_relationships(self):
+    #   test_add_node_links_no_target_id_in_relationships
         data = {
             'data': {
                 'type': 'node_links',
@@ -282,11 +275,11 @@ def test_add_node_links_no_target_id_in_relationships(self):
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/id'
 
-    def test_add_node_links_incorrect_target_id_in_relationships(self):
+    #   test_add_node_links_incorrect_target_id_in_relationships
         data = {
             'data': {
                 'type': 'node_links',
@@ -300,10 +293,10 @@ def test_add_node_links_incorrect_target_id_in_relationships(self):
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
 
-    def test_add_node_links_incorrect_target_type_in_relationships(self):
+    #   test_add_node_links_incorrect_target_type_in_relationships
         data = {
             'data': {
                 'type': 'nodes',
@@ -311,204 +304,246 @@ def test_add_node_links_incorrect_target_type_in_relationships(self):
                     'nodes': {
                         'data': {
                             'type': 'Incorrect!',
-                            'id': self.public_pointer_project._id
+                            'id': public_pointer_project._id
                         }
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.public_url, data, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 409
 
-    def test_creates_node_link_target_not_nested(self):
+    def test_create_node_link_invalid_data(self, app, user, public_url):
+        res = app.post_json_api(public_url, 'Incorrect data', auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Malformed request.'
+
+    def test_creates_node_link_target_not_nested(self, app, user_two, private_pointer_project, public_url):
         payload = {
             'data': {
                 'type': 'node_links',
-                'id': self.pointer_project._id
+                'id': private_pointer_project._id
             }
         }
-        res = self.app.post_json_api(self.public_url, payload, auth=self.user_two.auth, expect_errors=True)
+        res = app.post_json_api(public_url, payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
         assert res.json['errors'][0]['detail'] == 'Request must include /data/relationships.'
 
-    def test_creates_public_node_pointer_logged_out(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, expect_errors=True)
+    def test_creates_public_node_pointer_logged_out(self, app, public_url, public_pointer_project, make_payload):
+        public_payload = make_payload(id=public_pointer_project._id)
+        res = app.post_json_api(public_url, public_payload, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    def test_creates_public_node_pointer_logged_in(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user_two.auth, expect_errors=True)
-        assert res.status_code == 403
-        assert 'detail' in res.json['errors'][0]
-
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
-
-    def test_creates_private_node_pointer_logged_out(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload, expect_errors=True)
+    def test_creates_public_node_pointer_logged_in(self, app, user, user_two, public_project, public_pointer_project, public_url, make_payload):
+        public_payload = make_payload(id=public_pointer_project._id)
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            res = app.post_json_api(public_url, public_payload, auth=user_two.auth, expect_errors=True)
+            assert res.status_code == 403
+            assert 'detail' in res.json['errors'][0]
+
+            res = app.post_json_api(public_url, public_payload, auth=user.auth)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json['embeds']['target_node']['data']['id']
+            assert embedded == public_pointer_project._id
+
+    def test_creates_private_node_pointer_logged_out(self, app, private_pointer_project, private_url, make_payload):
+        private_payload = make_payload(id=private_pointer_project._id)
+        res = app.post_json_api(private_url, private_payload, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-    def test_creates_private_node_pointer_logged_in_contributor(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user.auth)
+    def test_creates_private_node_pointer_logged_in_contributor(self, app, user, private_pointer_project, private_url, make_payload):
+        private_payload = make_payload(id=private_pointer_project._id)
+        res = app.post_json_api(private_url, private_payload, auth=user.auth)
         assert res.status_code == 201
         res_json = res.json['data']
         embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.pointer_project._id
+        assert embedded == private_pointer_project._id
         assert res.content_type == 'application/vnd.api+json'
 
-    def test_creates_private_node_pointer_logged_in_non_contributor(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user_two.auth, expect_errors=True)
+    def test_creates_private_node_pointer_logged_in_non_contributor(self, app, user_two, private_pointer_project, private_url, make_payload):
+        private_payload = make_payload(id=private_pointer_project._id)
+        res = app.post_json_api(private_url, private_payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    def test_create_node_pointer_non_contributing_node_to_contributing_node(self):
-        res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user_two.auth, expect_errors=True)
+    def test_create_node_pointer_non_contributing_node_to_contributing_node(self, app, user_two, user_two_project, private_url, make_payload):
+        user_two_payload = make_payload(id=user_two_project._id)
+        res = app.post_json_api(private_url, user_two_payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'project')
-    def test_create_node_pointer_contributing_node_to_non_contributing_node(self):
-        res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user.auth)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.user_two_project._id
-
-    def test_create_pointer_non_contributing_node_to_fake_node(self):
-        res = self.app.post_json_api(self.private_url, self.fake_payload, auth=self.user_two.auth, expect_errors=True)
+    def test_create_node_pointer_contributing_node_to_non_contributing_node(self, app, user, user_two, user_two_project, private_project, private_url, make_payload):
+        with assert_latest_log(NodeLog.POINTER_CREATED, private_project):
+            user_two_payload = make_payload(id=user_two_project._id)
+            res = app.post_json_api(private_url, user_two_payload, auth=user.auth)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json['embeds']['target_node']['data']['id']
+            assert embedded == user_two_project._id
+
+    def test_create_pointer_non_contributing_node_to_fake_node(self, app, user_two, private_url, make_payload):
+        fake_payload = make_payload()
+        res = app.post_json_api(private_url, fake_payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    def test_create_pointer_contributing_node_to_fake_node(self):
-        res = self.app.post_json_api(self.private_url, self.fake_payload, auth=self.user.auth, expect_errors=True)
+    def test_create_pointer_contributing_node_to_fake_node(self, app, user, private_url, make_payload):
+        fake_payload = make_payload()
+        res = app.post_json_api(private_url, fake_payload, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert 'detail' in res.json['errors'][0]
 
-    def test_create_fake_node_pointing_to_contributing_node(self):
-        res = self.app.post_json_api(self.fake_url, self.private_payload, auth=self.user.auth, expect_errors=True)
+    def test_create_fake_node_pointing_to_contributing_node(self, app, user, user_two, private_pointer_project, fake_url, make_payload):
+        private_payload = make_payload(id=private_pointer_project._id)
+        res = app.post_json_api(fake_url, private_payload, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
         assert 'detail' in res.json['errors'][0]
 
-        res = self.app.post_json_api(self.fake_url, self.private_payload, auth=self.user_two.auth, expect_errors=True)
+        res = app.post_json_api(fake_url, private_payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 404
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    def test_create_node_pointer_to_itself(self):
-        res = self.app.post_json_api(self.public_url, self.point_to_itself_payload, auth=self.user.auth)
-        res_json = res.json['data']
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.public_project._id
-
-    def test_create_node_pointer_to_itself_unauthorized(self):
-        res = self.app.post_json_api(self.public_url, self.point_to_itself_payload, auth=self.user_two.auth, expect_errors=True)
+    def test_create_node_pointer_to_itself(self, app, user, public_project, public_url, make_payload):
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            point_to_itself_payload = make_payload(id=public_project._id)
+            res = app.post_json_api(public_url, point_to_itself_payload, auth=user.auth)
+            res_json = res.json['data']
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            embedded = res_json['embeds']['target_node']['data']['id']
+            assert embedded == public_project._id
+
+    def test_create_node_pointer_errors(self, app, user, user_two, public_project, user_two_project, public_pointer_project, public_url, private_url, make_payload):
+
+    #   test_create_node_pointer_to_itself_unauthorized
+        point_to_itself_payload = make_payload(id=public_project._id)
+        res = app.post_json_api(public_url, point_to_itself_payload, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    def test_create_node_pointer_already_connected(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
-
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, expect_errors=True)
-        assert res.status_code == 400
-        assert 'detail' in res.json['errors'][0]
-
-    def test_cannot_add_link_to_registration(self):
-        registration = RegistrationFactory(creator=self.user)
-
-        url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id)
-        payload = {
-            'data': {
-                'type': 'node_links',
-                'relationships': {
-                    'nodes': {
-                        'data': {
-                            'id': self.public_pointer_project._id,
-                            'type': 'nodes'
-                        }
-                    }
-                }
-            }
-        }
-        res = self.app.post_json_api(url, payload, auth=self.user.auth, expect_errors=True)
-        assert res.status_code == 404
-
-    def test_create_node_pointer_no_type(self):
+    #   test_create_node_pointer_already_connected
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            public_payload = make_payload(id=public_pointer_project._id)
+            res = app.post_json_api(public_url, public_payload, auth=user.auth)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json['embeds']['target_node']['data']['id']
+            assert embedded == public_pointer_project._id
+
+            res = app.post_json_api(public_url, public_payload, auth=user.auth, expect_errors=True)
+            assert res.status_code == 400
+            assert 'detail' in res.json['errors'][0]
+
+    #   test_create_node_pointer_no_type
         payload = {
             'data': {
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.user_two_project._id,
+                            'id': user_two_project._id,
                             'type': 'nodes'
                         }
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(private_url, payload, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'This field may not be null.'
         assert res.json['errors'][0]['source']['pointer'] == '/data/type'
 
-    def test_create_node_pointer_incorrect_type(self):
+    #   test_create_node_pointer_incorrect_type
         payload = {
             'data': {
                 'type': 'Wrong type.',
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.user_two_project._id,
+                            'id': user_two_project._id,
                             'type': 'nodes'
                         }
                     }
                 }
             }
         }
-        res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(private_url, payload, auth=user.auth, expect_errors=True)
         assert res.status_code == 409
         assert res.json['errors'][0]['detail'] == 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
 
+    def test_cannot_add_link_to_registration(self, app, user, public_pointer_project, make_payload):
+        registration = RegistrationFactory(creator=user)
+        url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id)
+        payload = make_payload(id=public_pointer_project._id)
+
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 404
+
 @pytest.mark.django_db
 class TestNodeLinksBulkCreate:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_pointer_project_one(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_pointer_project_two(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, private_project._id)
 
-        self.private_project = ProjectFactory(is_public=False, creator=self.user)
-        self.private_pointer_project = ProjectFactory(is_public=False, creator=self.user)
-        self.private_pointer_project_two = ProjectFactory(is_public=False, creator=self.user)
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-        self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.private_project._id)
+    @pytest.fixture()
+    def public_pointer_project_one(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-        self.private_payload = {
+    @pytest.fixture()
+    def public_pointer_project_two(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, public_project._id)
+
+    @pytest.fixture()
+    def user_two_project(self, user_two):
+        return ProjectFactory(is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def user_two_url(self, user_two_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, user_two_project._id)
+
+    @pytest.fixture()
+    def private_payload(self, private_pointer_project_one, private_pointer_project_two):
+        return {
             'data': [{
                 'type': 'node_links',
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.private_pointer_project._id,
+                            'id': private_pointer_project_one._id,
                             'type': 'nodes'
                         }
                     }
-
                 }
             },
             {
@@ -516,31 +551,26 @@ def setUp(self):
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.private_pointer_project_two._id,
+                            'id': private_pointer_project_two._id,
                             'type': 'nodes'
                         }
                     }
-
                 }
             }]
         }
 
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project_two = ProjectFactory(is_public=True, creator=self.user)
-
-        self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
-        self.public_payload = {
+    @pytest.fixture()
+    def public_payload(self, public_pointer_project_one, public_pointer_project_two):
+        return {
             'data': [{
                 'type': 'node_links',
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.public_pointer_project._id,
+                            'id': public_pointer_project_one._id,
                             'type': 'nodes'
                         }
                     }
-
                 }
             },
             {
@@ -548,396 +578,420 @@ def setUp(self):
                 'relationships': {
                     'nodes': {
                         'data': {
-                            'id': self.public_pointer_project_two._id,
+                            'id': public_pointer_project_two._id,
                             'type': 'nodes'
                         }
                     }
-
                 }
             }]
         }
 
-        self.user_two = AuthUserFactory()
-        self.user_two_project = ProjectFactory(is_public=True, creator=self.user_two)
-        self.user_two_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.user_two_project._id)
-        self.user_two_payload = {'data': [{
-            'type': 'node_links',
-            'relationships': {
-                'nodes': {
-                     'data': {
-                         'id': self.user_two_project._id,
-                         'type': 'nodes'
-                     }
+    @pytest.fixture()
+    def user_two_payload(self, user_two_project):
+        return {
+            'data': [{
+                'type': 'node_links',
+                'relationships': {
+                    'nodes': {
+                        'data': {
+                            'id': user_two_project._id,
+                            'type': 'nodes'
+                        }
+                    }
                 }
-            }
+            }]
         }
-    ]}
 
-    def test_bulk_create_node_links_blank_request(self):
-        res = self.app.post_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
+    def test_bulk_create_errors(self, app, user, user_two, public_project, user_two_project, public_pointer_project_one, public_pointer_project_two, private_pointer_project_one, public_url, private_url, public_payload, private_payload, user_two_payload):
+
+    #   test_bulk_create_node_links_blank_request
+        res = app.post_json_api(public_url, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
 
-    def test_bulk_creates_pointers_limits(self):
-        payload = {'data': [self.public_payload['data'][0]] * 101}
-        res = self.app.post_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_pointers_limits
+        payload = {'data': [public_payload['data'][0]] * 101}
+        res = app.post_json_api(public_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
         assert res.json['errors'][0]['source']['pointer'] == '/data'
 
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         assert res.json['data'] == []
 
-    def test_bulk_creates_project_target_not_nested(self):
-        payload = {'data': [{'type': 'node_links', 'target_node_id': self.private_pointer_project._id}]}
-        res = self.app.post_json_api(self.public_url, payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_project_target_not_nested
+        payload = {'data': [{'type': 'node_links', 'target_node_id': private_pointer_project_one._id}]}
+        res = app.post_json_api(public_url, payload, auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/relationships'
         assert res.json['errors'][0]['detail'] == 'Request must include /data/relationships.'
 
-    def test_bulk_creates_public_node_pointers_logged_out(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True)
+    #   test_bulk_creates_public_node_pointers_logged_out
+        res = app.post_json_api(public_url, public_payload, expect_errors=True, bulk=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         assert res.json['data'] == []
 
-    def test_bulk_creates_public_node_pointer_logged_in_non_contrib(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload,
-                                     auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_public_node_pointer_logged_in_non_contrib
+        res = app.post_json_api(public_url, public_payload,
+                                     auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    def test_bulk_creates_public_node_pointer_logged_in_contrib(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
-
-        embedded = res_json[1]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project_two._id
-
-
-    def test_bulk_creates_private_node_pointers_logged_out(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True)
+    #   test_bulk_creates_private_node_pointers_logged_out
+        res = app.post_json_api(private_url, private_payload, expect_errors=True, bulk=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-        res = self.app.get(self.private_url, auth=self.user.auth)
+        res = app.get(private_url, auth=user.auth)
         assert res.json['data'] == []
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'private_project', index=-1)
-    @assert_logs(NodeLog.POINTER_CREATED, 'private_project')
-    def test_bulk_creates_private_node_pointer_logged_in_contributor(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
-        assert res.status_code == 201
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.private_pointer_project._id
-
-        embedded = res_json[1]['embeds']['target_node']['data']['id']
-        assert embedded == self.private_pointer_project_two._id
-        assert res.content_type == 'application/vnd.api+json'
-
-    def test_bulk_creates_private_node_pointers_logged_in_non_contributor(self):
-        res = self.app.post_json_api(self.private_url, self.private_payload,
-                                     auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_private_node_pointers_logged_in_non_contributor
+        res = app.post_json_api(private_url, private_payload,
+                                     auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-        res = self.app.get(self.private_url, auth=self.user.auth)
+        res = app.get(private_url, auth=user.auth)
         assert res.json['data'] == []
 
-    def test_bulk_creates_node_pointers_non_contributing_node_to_contributing_node(self):
-        res = self.app.post_json_api(self.private_url, self.user_two_payload,
-                                     auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_node_pointers_non_contributing_node_to_contributing_node
+        res = app.post_json_api(private_url, user_two_payload,
+                                     auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'private_project')
-    def test_bulk_creates_node_pointers_contributing_node_to_non_contributing_node(self):
-        res = self.app.post_json_api(self.private_url, self.user_two_payload, auth=self.user.auth, bulk=True)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.user_two_project._id
+    #   test_bulk_creates_pointers_non_contributing_node_to_fake_node
+        fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'rheis', 'type': 'nodes'}}}}]}
 
-        res = self.app.get(self.private_url, auth=self.user.auth)
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.user_two_project._id
-
-    def test_bulk_creates_pointers_non_contributing_node_to_fake_node(self):
-        fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'fdxlq', 'type': 'nodes'}}}}]}
-
-        res = self.app.post_json_api(self.private_url, fake_payload,
-                                     auth=self.user_two.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(private_url, fake_payload,
+                                     auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    def test_bulk_creates_pointers_contributing_node_to_fake_node(self):
-        fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'fdxlq', 'type': 'nodes'}}}}]}
+    #   test_bulk_creates_pointers_contributing_node_to_fake_node
+        fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'rheis', 'type': 'nodes'}}}}]}
 
-        res = self.app.post_json_api(self.private_url, fake_payload,
-                                     auth=self.user.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(private_url, fake_payload,
+                                     auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert 'detail' in res.json['errors'][0]
 
-    def test_bulk_creates_fake_nodes_pointing_to_contributing_node(self):
-        fake_url = '/{}nodes/{}/node_links/'.format(API_BASE, 'fdxlq')
+    #   test_bulk_creates_fake_nodes_pointing_to_contributing_node
+        fake_url = '/{}nodes/{}/node_links/'.format(API_BASE, 'rheis')
 
-        res = self.app.post_json_api(fake_url, self.private_payload, auth=self.user.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(fake_url, private_payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 404
         assert 'detail' in res.json['errors'][0]
 
-        res = self.app.post_json_api(fake_url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(fake_url, private_payload, auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 404
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    def test_bulk_creates_node_pointer_to_itself(self):
-        point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_project._id}}}}]}
-
-        res = self.app.post_json_api(self.public_url, point_to_itself_payload, auth=self.user.auth, bulk=True)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_project._id
+    #   test_bulk_creates_node_pointer_to_itself_unauthorized
+        point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': public_project._id}}}}]}
 
-    def test_bulk_creates_node_pointer_to_itself_unauthorized(self):
-        point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_project._id}}}}]}
-
-        res = self.app.post_json_api(self.public_url, point_to_itself_payload, bulk=True, auth=self.user_two.auth,
+        res = app.post_json_api(public_url, point_to_itself_payload, bulk=True, auth=user_two.auth,
                                      expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project')
-    @assert_logs(NodeLog.POINTER_CREATED, 'public_project', index=-1)
-    def test_bulk_creates_node_pointer_already_connected(self):
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        assert res.status_code == 201
-        assert res.content_type == 'application/vnd.api+json'
-        res_json = res.json['data']
-        embedded = res_json[0]['embeds']['target_node']['data']['id']
-        assert embedded == self.public_pointer_project._id
-
-        embedded_two = res_json[1]['embeds']['target_node']['data']['id']
-        assert embedded_two == self.public_pointer_project_two._id
-
-        res = self.app.post_json_api(self.public_url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert res.status_code == 400
-        assert 'Target Node \'{}\' already pointed to by \'{}\'.'.format(self.public_pointer_project._id, self.public_project._id) in res.json['errors'][0]['detail']
-
-    def test_bulk_cannot_add_link_to_registration(self):
-        registration = RegistrationFactory(creator=self.user)
-
-        url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id)
-        payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.public_pointer_project._id}}}}]}
-        res = self.app.post_json_api(url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert res.status_code == 404
-
-    def test_bulk_creates_node_pointer_no_type(self):
-        payload = {'data': [{'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.user_two_project._id}}}}]}
-        res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_node_pointer_no_type
+        payload = {'data': [{'relationships': {'nodes': {'data': {'type': 'nodes', 'id': user_two_project._id}}}}]}
+        res = app.post_json_api(private_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'This field may not be null.'
         assert res.json['errors'][0]['source']['pointer'] == '/data/0/type'
 
-    def test_bulk_creates_node_pointer_incorrect_type(self):
-        payload = {'data': [{'type': 'Wrong type.', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': self.user_two_project._id}}}}]}
-        res = self.app.post_json_api(self.private_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_creates_node_pointer_incorrect_type
+        payload = {'data': [{'type': 'Wrong type.', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': user_two_project._id}}}}]}
+        res = app.post_json_api(private_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 409
         assert res.json['errors'][0]['detail'] == 'This resource has a type of "node_links", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
 
-@pytest.mark.django_db
-class TestBulkDeleteNodeLinks:
-
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.project = ProjectFactory(creator=self.user, is_public=False)
-        self.pointer_project = ProjectFactory(creator=self.user, is_public=True)
-        self.pointer_project_two = ProjectFactory(creator=self.user, is_public=True)
-
-        self.pointer = self.project.add_pointer(self.pointer_project, auth=Auth(self.user), save=True)
-        self.pointer_two = self.project.add_pointer(self.pointer_project_two, auth=Auth(self.user), save=True)
-
-        self.private_payload = {
-              'data': [
-                {'type': 'node_links', 'id': self.pointer._id},
-                {'type': 'node_links', 'id': self.pointer_two._id}
-              ]
-            }
+    def test_bulk_creates_public_node_pointer_logged_in_contrib(self, app, user, public_project, public_pointer_project_one, public_pointer_project_two, public_url, public_payload):
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            res = app.post_json_api(public_url, public_payload, auth=user.auth, bulk=True)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == public_pointer_project_one._id
+
+            embedded = res_json[1]['embeds']['target_node']['data']['id']
+            assert embedded == public_pointer_project_two._id
+
+    def test_bulk_creates_private_node_pointer_logged_in_contributor(self, app, user, private_project, private_payload, private_pointer_project_one, private_pointer_project_two, private_url):
+        with assert_latest_log(NodeLog.POINTER_CREATED, private_project):
+            res = app.post_json_api(private_url, private_payload, auth=user.auth, bulk=True)
+            assert res.status_code == 201
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == private_pointer_project_one._id
+
+            embedded = res_json[1]['embeds']['target_node']['data']['id']
+            assert embedded == private_pointer_project_two._id
+            assert res.content_type == 'application/vnd.api+json'
+
+    def test_bulk_creates_node_pointers_contributing_node_to_non_contributing_node(self, app, user, user_two, private_project, user_two_project, user_two_payload, private_url):
+        with assert_latest_log(NodeLog.POINTER_CREATED, private_project):
+            res = app.post_json_api(private_url, user_two_payload, auth=user.auth, bulk=True)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == user_two_project._id
+
+            res = app.get(private_url, auth=user.auth)
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == user_two_project._id
+
+    def test_bulk_creates_node_pointer_to_itself(self, app, user, public_project, public_url):
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': public_project._id}}}}]}
+
+            res = app.post_json_api(public_url, point_to_itself_payload, auth=user.auth, bulk=True)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == public_project._id
+
+    def test_bulk_creates_node_pointer_already_connected(self, app, user, public_project, public_pointer_project_one, public_pointer_project_two, public_url, public_payload):
+        with assert_latest_log(NodeLog.POINTER_CREATED, public_project):
+            res = app.post_json_api(public_url, public_payload, auth=user.auth, bulk=True)
+            assert res.status_code == 201
+            assert res.content_type == 'application/vnd.api+json'
+            res_json = res.json['data']
+            embedded = res_json[0]['embeds']['target_node']['data']['id']
+            assert embedded == public_pointer_project_one._id
+
+            embedded_two = res_json[1]['embeds']['target_node']['data']['id']
+            assert embedded_two == public_pointer_project_two._id
+
+            res = app.post_json_api(public_url, public_payload, auth=user.auth, expect_errors=True, bulk=True)
+            assert res.status_code == 400
+            assert 'Target Node \'{}\' already pointed to by \'{}\'.'.format(public_pointer_project_one._id, public_project._id) in res.json['errors'][0]['detail']
+
+    def test_bulk_cannot_add_link_to_registration(self, app, user, public_pointer_project_one):
+        registration = RegistrationFactory(creator=user)
 
-        self.private_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.project._id)
+        url = '/{}nodes/{}/node_links/'.format(API_BASE, registration._id)
+        payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': public_pointer_project_one._id}}}}]}
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 404
 
-        self.user_two = AuthUserFactory()
+@pytest.mark.django_db
+class TestBulkDeleteNodeLinks:
 
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_pointer_project_two = ProjectFactory(is_public=True, creator=self.user)
+    @pytest.fixture()
+    def non_contrib(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(creator=user, is_public=False)
+
+    @pytest.fixture()
+    def private_project_pointer_project_one(self, user):
+        return ProjectFactory(creator=user, is_public=True)
+
+    @pytest.fixture()
+    def private_project_pointer_project_two(self, user):
+        return ProjectFactory(creator=user, is_public=True)
+
+    @pytest.fixture()
+    def private_pointer_one(self, user, private_project, private_project_pointer_project_one):
+        return private_project.add_pointer(private_project_pointer_project_one, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def private_pointer_two(self, user, private_project, private_project_pointer_project_two):
+        return private_project.add_pointer(private_project_pointer_project_two, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def private_payload(self, private_pointer_one, private_pointer_two):
+        return {
+            'data': [
+                {'type': 'node_links', 'id': private_pointer_one._id},
+                {'type': 'node_links', 'id': private_pointer_two._id}
+            ]
+        }
 
-        self.public_pointer = self.public_project.add_pointer(self.public_pointer_project,
-                                                              auth=Auth(self.user),
-                                                              save=True)
-        self.public_pointer_two = self.public_project.add_pointer(self.public_pointer_project_two,
-                                                              auth=Auth(self.user),
-                                                              save=True)
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, private_project._id)
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_project_pointer_project_one(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_project_pointer_project_two(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_pointer_one(self, user, public_project, public_project_pointer_project_one):
+        return public_project.add_pointer(public_project_pointer_project_one, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def public_pointer_two(self, user, public_project, public_project_pointer_project_two):
+        return public_project.add_pointer(public_project_pointer_project_two, auth=Auth(user), save=True)
+
+    @pytest.fixture()
+    def public_payload(self, public_pointer_one, public_pointer_two):
+        return {
+            'data': [
+                {'type': 'node_links', 'id': public_pointer_one._id},
+                {'type': 'node_links', 'id': public_pointer_two._id}
+            ]
+        }
 
-        self.public_payload = {
-              'data': [
-                {'type': 'node_links', 'id': self.public_pointer._id},
-                {'type': 'node_links', 'id': self.public_pointer_two._id}
-              ]
-            }
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/node_links/'.format(API_BASE, public_project._id)
 
-        self.public_url = '/{}nodes/{}/node_links/'.format(API_BASE, self.public_project._id)
+    def test_bulk_delete_errors(self, app, user, non_contrib, public_project, public_pointer_one, public_pointer_two, public_project_pointer_project_one, public_project_pointer_project_two, public_url, private_url, public_payload, private_payload):
 
-    def test_bulk_delete_node_links_blank_request(self):
-        res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_delete_node_links_blank_request
+        res = app.delete_json_api(public_url, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
 
-    def test_bulk_delete_pointer_limits(self):
-        res = self.app.delete_json_api(self.public_url, {'data': [self.public_payload['data'][0]] * 101},
-                                       auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_delete_pointer_limits
+        res = app.delete_json_api(public_url, {'data': [public_payload['data'][0]] * 101},
+                                       auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
         assert res.json['errors'][0]['source']['pointer'] == '/data'
 
-    def test_bulk_delete_dict_inside_data(self):
-        res = self.app.delete_json_api(self.public_url, {'data': {'id': self.public_project._id, 'type': 'node_links'}},
-                                       auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_delete_dict_inside_data
+        res = app.delete_json_api(public_url, {'data': {'id': public_project._id, 'type': 'node_links'}},
+                                       auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
 
-    def test_bulk_delete_pointers_no_type(self):
+    #   test_bulk_delete_pointers_no_type
         payload = {'data': [
-            {'id': self.public_pointer._id},
-            {'id': self.public_pointer_two._id}
+            {'id': public_project_pointer_project_one._id},
+            {'id': public_project_pointer_project_two._id}
         ]}
-        res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/type'
 
-    def test_bulk_delete_pointers_incorrect_type(self):
+    #   test_bulk_delete_pointers_incorrect_type
         payload = {'data': [
-            {'id': self.public_pointer._id, 'type': 'Incorrect type.'},
-            {'id': self.public_pointer_two._id, 'type': 'Incorrect type.'}
+            {'id': public_pointer_one._id, 'type': 'Incorrect type.'},
+            {'id': public_pointer_two._id, 'type': 'Incorrect type.'}
         ]}
-        res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 409
 
-    def test_bulk_delete_pointers_no_id(self):
+    #   test_bulk_delete_pointers_no_id
         payload = {'data': [
             {'type': 'node_links'},
             {'type': 'node_links'}
         ]}
-        res = self.app.delete_json_api(self.public_url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['pointer'] == '/data/id'
 
-    def test_bulk_delete_pointers_no_data(self):
-        res = self.app.delete_json_api(self.public_url, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_delete_pointers_no_data
+        res = app.delete_json_api(public_url, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Request must contain array of resource identifier objects.'
 
-    def test_bulk_delete_pointers_payload_is_empty_dict(self):
-        res = self.app.delete_json_api(self.public_url, {}, auth=self.user.auth, expect_errors=True, bulk=True)
+    #   test_bulk_delete_pointers_payload_is_empty_dict
+        res = app.delete_json_api(public_url, {}, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Request must include /data.'
 
-    def test_cannot_delete_if_registration(self):
-        registration = RegistrationFactory(project=self.public_project)
-
-        url = '/{}registrations/{}/node_links/'.format(API_BASE, registration._id)
-
-        res = self.app.delete_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert res.status_code == 405
-
-    def test_bulk_deletes_public_node_pointers_logged_out(self):
-        res = self.app.delete_json_api(self.public_url, self.public_payload, expect_errors=True, bulk=True)
+    #   test_bulk_deletes_public_node_pointers_logged_out
+        res = app.delete_json_api(public_url, public_payload, expect_errors=True, bulk=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
-    def test_bulk_deletes_public_node_pointers_fails_if_bad_auth(self):
-        node_count_before = len(self.public_project.nodes_pointer)
-        res = self.app.delete_json_api(self.public_url, self.public_payload,
-                                       auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_deletes_public_node_pointers_fails_if_bad_auth
+        node_count_before = len(public_project.nodes_pointer)
+        res = app.delete_json_api(public_url, public_payload,
+                                       auth=non_contrib.auth, expect_errors=True, bulk=True)
         # This is could arguably be a 405, but we don't need to go crazy with status codes
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
-        self.public_project.reload()
-        assert node_count_before == len(self.public_project.nodes_pointer)
-
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1)
-    def test_bulk_deletes_public_node_pointers_succeeds_as_owner(self):
-        node_count_before = len(self.public_project.nodes_pointer)
-        res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        self.public_project.reload()
-        assert res.status_code == 204
-        assert node_count_before - 2 == len(self.public_project.nodes_pointer)
-
-        self.public_project.reload()
-
-    def test_bulk_deletes_private_node_pointers_logged_out(self):
-        res = self.app.delete_json_api(self.private_url, self.private_payload, expect_errors=True, bulk=True)
-        assert res.status_code == 401
-        assert 'detail' in res.json['errors'][0]
+        public_project.reload()
+        assert node_count_before == len(public_project.nodes_pointer)
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1)
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project')
-    def test_bulk_deletes_private_node_pointers_logged_in_contributor(self):
-        res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
-        self.project.reload()  # Update the model to reflect changes made by post request
-        assert res.status_code == 204
-        assert len(self.project.nodes_pointer) == 0
-
-    def test_bulk_deletes_private_node_pointers_logged_in_non_contributor(self):
-        res = self.app.delete_json_api(self.private_url, self.private_payload,
-                                       auth=self.user_two.auth, expect_errors=True, bulk=True)
+    #   test_bulk_deletes_private_node_pointers_logged_in_non_contributor
+        res = app.delete_json_api(private_url, private_payload,
+                                       auth=non_contrib.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project', index=-1)
-    @assert_logs(NodeLog.POINTER_REMOVED, 'public_project')
-    def test_return_bulk_deleted_public_node_pointer(self):
-        res = self.app.delete_json_api(self.public_url, self.public_payload, auth=self.user.auth, bulk=True)
-        self.public_project.reload()  # Update the model to reflect changes made by post request
-        assert res.status_code == 204
+    #   test_bulk_deletes_private_node_pointers_logged_out
+        res = app.delete_json_api(private_url, private_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
 
-        pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.public_project._id, self.public_pointer._id)
+    def test_cannot_delete_if_registration(self, app, user, public_project, public_payload):
+        registration = RegistrationFactory(project=public_project)
 
-        #check that deleted pointer can not be returned
-        res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True)
-        assert res.status_code == 404
+        url = '/{}registrations/{}/node_links/'.format(API_BASE, registration._id)
 
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project', index=-1)
-    @assert_logs(NodeLog.POINTER_REMOVED, 'project')
-    def test_return_bulk_deleted_private_node_pointer(self):
-        res = self.app.delete_json_api(self.private_url, self.private_payload, auth=self.user.auth, bulk=True)
-        self.project.reload()  # Update the model to reflect changes made by post request
-        assert res.status_code == 204
+        res = app.delete_json_api(url, public_payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 405
 
-        pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, self.project._id, self.pointer._id)
+    def test_bulk_deletes_public_node_pointers_succeeds_as_owner(self, app, user, public_project, public_url, public_payload):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, public_project):
+            node_count_before = len(public_project.nodes_pointer)
+            res = app.delete_json_api(public_url, public_payload, auth=user.auth, bulk=True)
+            public_project.reload()
+            assert res.status_code == 204
+            assert node_count_before - 2 == len(public_project.nodes_pointer)
 
-        #check that deleted pointer can not be returned
-        res = self.app.get(pointer_url, auth=self.user.auth, expect_errors=True)
-        assert res.status_code == 404
+            public_project.reload()
+
+    def test_bulk_deletes_private_node_pointers_logged_in_contributor(self, app, user, private_project, private_url, private_payload):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, private_project):
+            res = app.delete_json_api(private_url, private_payload, auth=user.auth, bulk=True)
+            private_project.reload()  # Update the model to reflect changes made by post request
+            assert res.status_code == 204
+            assert len(private_project.nodes_pointer) == 0
+
+    def test_return_bulk_deleted_public_node_pointer(self, app, user, public_project, public_pointer_one, public_url, public_payload):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, public_project):
+            res = app.delete_json_api(public_url, public_payload, auth=user.auth, bulk=True)
+            public_project.reload()  # Update the model to reflect changes made by post request
+            assert res.status_code == 204
+
+            pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, public_project._id, public_pointer_one._id)
+
+            #check that deleted pointer can not be returned
+            res = app.get(pointer_url, auth=user.auth, expect_errors=True)
+            assert res.status_code == 404
+
+    def test_return_bulk_deleted_private_node_pointer(self, app, user, private_project, private_pointer_one, private_url, private_payload):
+        with assert_latest_log(NodeLog.POINTER_REMOVED, private_project):
+            res = app.delete_json_api(private_url, private_payload, auth=user.auth, bulk=True)
+            private_project.reload()  # Update the model to reflect changes made by post request
+            assert res.status_code == 204
+
+            pointer_url = '/{}nodes/{}/node_links/{}/'.format(API_BASE, private_project._id, private_pointer_one._id)
+
+            #check that deleted pointer can not be returned
+            res = app.get(pointer_url, auth=user.auth, expect_errors=True)
+            assert res.status_code == 404
 
     # Regression test for https://openscience.atlassian.net/browse/OSF-4322
-    def test_bulk_delete_link_that_is_not_linked_to_correct_node(self):
-        project = ProjectFactory(creator=self.user)
+    def test_bulk_delete_link_that_is_not_linked_to_correct_node(self, app, user, private_url, public_payload):
+        project = ProjectFactory(creator=user)
         # The node link belongs to a different project
-        res = self.app.delete_json_api(
-            self.private_url, self.public_payload,
-            auth=self.user.auth,
+        res = app.delete_json_api(
+            private_url, public_payload,
+            auth=user.auth,
             expect_errors=True,
             bulk=True
         )
diff --git a/api_tests/nodes/views/test_node_logs.py b/api_tests/nodes/views/test_node_logs.py
index 2fb28c70e9a..48a667cade2 100644
--- a/api_tests/nodes/views/test_node_logs.py
+++ b/api_tests/nodes/views/test_node_logs.py
@@ -20,133 +20,157 @@
 API_LATEST = 0
 API_FIRST = -1
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeLogList:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.contrib = AuthUserFactory()
-        self.creator = AuthUserFactory()
-        self.user_auth = Auth(self.user)
-        self.NodeLogFactory = ProjectFactory()
-        self.pointer = ProjectFactory()
-
-        self.private_project = ProjectFactory(is_public=False, creator=self.user)
-        self.private_url = '/{}nodes/{}/logs/?version=2.2'.format(API_BASE, self.private_project._id)
-
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_url = '/{}nodes/{}/logs/?version=2.2'.format(API_BASE, self.public_project._id)
-
-    def test_add_tag(self):
-        user_auth = Auth(self.user)
-        self.public_project.add_tag('Jeff Spies', auth=user_auth)
-        assert 'tag_added' == self.public_project.logs.latest().action
-        res = self.app.get(self.public_url, auth=self.user.auth)
+    @pytest.fixture()
+    def contrib(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def creator(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_auth(self, user):
+        return Auth(user)
+
+    @pytest.fixture()
+    def NodeLogFactory(self):
+        return ProjectFactory()
+
+    @pytest.fixture()
+    def pointer(self):
+        return ProjectFactory()
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/logs/?version=2.2'.format(API_BASE, private_project._id)
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/logs/?version=2.2'.format(API_BASE, public_project._id)
+
+    def test_add_tag(self, app, user, user_auth, public_project, public_url):
+        public_project.add_tag('Rheisen', auth=user_auth)
+        assert 'tag_added' == public_project.logs.latest().action
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'tag_added'
-        assert 'Jeff Spies' == self.public_project.logs.latest().params['tag']
-
-    def test_remove_tag(self):
-        user_auth = Auth(self.user)
-        self.public_project.add_tag('Jeff Spies', auth=user_auth)
-        assert 'tag_added' == self.public_project.logs.latest().action
-        self.public_project.remove_tag('Jeff Spies', auth=self.user_auth)
-        assert 'tag_removed' == self.public_project.logs.latest().action
-        res = self.app.get(self.public_url, auth=self.user)
+        assert 'Rheisen' == public_project.logs.latest().params['tag']
+
+    def test_remove_tag(self, app, user, user_auth, public_project, public_url):
+        public_project.add_tag('Rheisen', auth=user_auth)
+        assert 'tag_added' == public_project.logs.latest().action
+        public_project.remove_tag('Rheisen', auth=user_auth)
+        assert 'tag_removed' == public_project.logs.latest().action
+        res = app.get(public_url, auth=user)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'tag_removed'
-        assert 'Jeff Spies' == self.public_project.logs.latest().params['tag']
+        assert 'Rheisen' == public_project.logs.latest().params['tag']
+
+    def test_project_creation(self, app, user, public_project, private_project, public_url, private_url):
 
-    def test_project_created(self):
-        res = self.app.get(self.public_url)
+    #   test_project_created
+        res = app.get(public_url)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
-        assert self.public_project.logs.first().action == 'project_created'
-        assert self.public_project.logs.first().action == res.json['data'][API_LATEST]['attributes']['action']
+        assert len(res.json['data']) == public_project.logs.count()
+        assert public_project.logs.first().action == 'project_created'
+        assert public_project.logs.first().action == res.json['data'][API_LATEST]['attributes']['action']
 
-    def test_log_create_on_public_project(self):
-        res = self.app.get(self.public_url)
+    #   test_log_create_on_public_project
+        res = app.get(public_url)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert_datetime_equal(parse_date(res.json['data'][API_FIRST]['attributes']['date']),
-                              self.public_project.logs.first().date)
-        assert res.json['data'][API_FIRST]['attributes']['action'] == self.public_project.logs.first().action
+                              public_project.logs.first().date)
+        assert res.json['data'][API_FIRST]['attributes']['action'] == public_project.logs.first().action
 
-    def test_log_create_on_private_project(self):
-        res = self.app.get(self.private_url, auth=self.user.auth)
+    #   test_log_create_on_private_project
+        res = app.get(private_url, auth=user.auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert_datetime_equal(parse_date(res.json['data'][API_FIRST]['attributes']['date']),
-                              self.private_project.logs.first().date)
-        assert res.json['data'][API_FIRST]['attributes']['action'] == self.private_project.logs.first().action
+                              private_project.logs.first().date)
+        assert res.json['data'][API_FIRST]['attributes']['action'] == private_project.logs.first().action
 
-    def test_add_addon(self):
-        self.public_project.add_addon('github', auth=self.user_auth)
-        assert 'addon_added' == self.public_project.logs.latest().action
-        res = self.app.get(self.public_url, auth=self.user.auth)
+    def test_add_addon(self, app, user, user_auth, public_project, public_url):
+        public_project.add_addon('github', auth=user_auth)
+        assert 'addon_added' == public_project.logs.latest().action
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'addon_added'
 
-    def test_project_add_remove_contributor(self):
-        self.public_project.add_contributor(self.contrib, auth=self.user_auth)
-        assert 'contributor_added' == self.public_project.logs.latest().action
+    def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url):
+        public_project.add_contributor(contrib, auth=user_auth)
+        assert 'contributor_added' == public_project.logs.latest().action
         # Disconnect contributor_removed so that we don't check in files
         # We can remove this when StoredFileNode is implemented in osf-models
         with disconnected_from_listeners(contributor_removed):
-            self.public_project.remove_contributor(self.contrib, auth=self.user_auth)
-        assert 'contributor_removed' == self.public_project.logs.latest().action
-        res = self.app.get(self.public_url, auth=self.user.auth)
+            public_project.remove_contributor(contrib, auth=user_auth)
+        assert 'contributor_removed' == public_project.logs.latest().action
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'contributor_removed'
         assert res.json['data'][1]['attributes']['action'] == 'contributor_added'
 
-    def test_remove_addon(self):
-        self.public_project.add_addon('github', auth=self.user_auth)
-        assert 'addon_added' == self.public_project.logs.latest().action
-        old_log_length = len(list(self.public_project.logs.all()))
-        self.public_project.delete_addon('github', auth=self.user_auth)
-        assert 'addon_removed' == self.public_project.logs.latest().action
-        assert (self.public_project.logs.count() - 1) == old_log_length
-        res = self.app.get(self.public_url, auth=self.user.auth)
+    def test_remove_addon(self, app, user, user_auth, public_project, public_url):
+        public_project.add_addon('github', auth=user_auth)
+        assert 'addon_added' == public_project.logs.latest().action
+        old_log_length = len(list(public_project.logs.all()))
+        public_project.delete_addon('github', auth=user_auth)
+        assert 'addon_removed' == public_project.logs.latest().action
+        assert (public_project.logs.count() - 1) == old_log_length
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'addon_removed'
 
-    def test_add_pointer(self):
-        self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True)
-        assert 'pointer_created' == self.public_project.logs.latest().action
-        res = self.app.get(self.public_url, auth=self.user.auth)
+    def test_add_pointer(self, app, user_auth, public_project, pointer, public_url):
+        public_project.add_pointer(pointer, auth=user_auth, save=True)
+        assert 'pointer_created' == public_project.logs.latest().action
+        res = app.get(public_url, auth=user_auth)
         assert res.status_code == 200
-        assert len(res.json['data']) == self.public_project.logs.count()
+        assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'pointer_created'
 
 @pytest.mark.django_db
 class TestNodeLogFiltering(TestNodeLogList):
 
-    def test_filter_action_not_equal(self):
-        self.public_project.add_tag('Jeff Spies', auth=self.user_auth)
-        assert 'tag_added' == self.public_project.logs.latest().action
-        url = '/{}nodes/{}/logs/?filter[action][ne]=tag_added'.format(API_BASE, self.public_project._id)
-        res = self.app.get(url, auth=self.user.auth)
+    def test_filter_action_not_equal(self, app, user, user_auth, public_project):
+        public_project.add_tag('Rheisen', auth=user_auth)
+        assert 'tag_added' == public_project.logs.latest().action
+        url = '/{}nodes/{}/logs/?filter[action][ne]=tag_added'.format(API_BASE, public_project._id)
+        res = app.get(url, auth=user.auth)
         assert len(res.json['data']) == 1
         assert res.json['data'][0]['attributes']['action'] == 'project_created'
 
-    def test_filter_date_not_equal(self):
-        self.public_project.add_pointer(self.pointer, auth=Auth(self.user), save=True)
-        assert 'pointer_created' == self.public_project.logs.latest().action
-        assert self.public_project.logs.count() == 2
+    def test_filter_date_not_equal(self, app, user, public_project, pointer):
+        public_project.add_pointer(pointer, auth=Auth(user), save=True)
+        assert 'pointer_created' == public_project.logs.latest().action
+        assert public_project.logs.count() == 2
 
-        pointer_added_log = self.public_project.logs.get(action='pointer_created')
+        pointer_added_log = public_project.logs.get(action='pointer_created')
         date_pointer_added = str(pointer_added_log.date).split('+')[0].replace(' ', 'T')
 
-        url = '/{}nodes/{}/logs/?filter[date][ne]={}'.format(API_BASE, self.public_project._id, date_pointer_added)
-        res = self.app.get(url, auth=self.user.auth)
+        url = '/{}nodes/{}/logs/?filter[date][ne]={}'.format(API_BASE, public_project._id, date_pointer_added)
+        res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         assert len(res.json['data']) == 1
         assert res.json['data'][0]['attributes']['action'] == 'project_created'
diff --git a/api_tests/nodes/views/test_node_registrations_list.py b/api_tests/nodes/views/test_node_registrations_list.py
index 8c8c251e850..69d25d7842b 100644
--- a/api_tests/nodes/views/test_node_registrations_list.py
+++ b/api_tests/nodes/views/test_node_registrations_list.py
@@ -2,7 +2,6 @@
 from urlparse import urlparse
 
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
@@ -12,56 +11,67 @@
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
 @pytest.mark.django_db
 class TestNodeRegistrationList:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
+
+    @pytest.fixture()
+    def private_registration(self, user, private_project):
+        return RegistrationFactory(creator=user, project=private_project, is_public=True)
+
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/registrations/'.format(API_BASE, private_project._id)
 
-        self.project = ProjectFactory(is_public=False, creator=self.user)
-        self.registration_project = RegistrationFactory(creator=self.user, project=self.project, is_public=True)
-        self.project.save()
-        self.private_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.project._id)
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_registration_project = RegistrationFactory(creator=self.user, project=self.public_project, is_public=True)
-        self.public_project.save()
-        self.public_url = '/{}nodes/{}/registrations/'.format(API_BASE, self.public_project._id)
+    @pytest.fixture()
+    def public_registration(self, user, public_project):
+        return RegistrationFactory(creator=user, project=public_project, is_public=True)
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/registrations/'.format(API_BASE, public_project._id)
 
-    def test_node_registration_list(self):
+    def test_node_registration_list(self, app, user, public_project, private_project, public_registration, private_registration, public_url, private_url):
 
     #   test_return_public_registrations_logged_out
-        res = self.app.get(self.public_url)
+        res = app.get(public_url)
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
         assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, public_project._id)
         assert res.json['data'][0]['type'] == 'registrations'
 
     #   test_return_public_registrations_logged_in
-        res = self.app.get(self.public_url, auth=self.user.auth)
+        res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
         assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, public_project._id)
         assert res.content_type == 'application/vnd.api+json'
         assert res.json['data'][0]['type'] == 'registrations'
 
     #   test_return_private_registrations_logged_out
-        res = self.app.get(self.private_url, expect_errors=True)
+        res = app.get(private_url, expect_errors=True)
         assert res.status_code == 401
         assert 'detail' in res.json['errors'][0]
 
     #   test_return_private_registrations_logged_in_contributor
-        res = self.app.get(self.private_url, auth=self.user.auth)
+        res = app.get(private_url, auth=user.auth)
         assert res.status_code == 200
         assert res.json['data'][0]['attributes']['registration'] == True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
-        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, self.project._id)
+        assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, private_project._id)
         assert res.content_type == 'application/vnd.api+json'
         assert res.json['data'][0]['type'] == 'registrations'
diff --git a/api_tests/nodes/views/test_node_sparse_fieldsets.py b/api_tests/nodes/views/test_node_sparse_fieldsets.py
index 430a95188af..532121dc557 100644
--- a/api_tests/nodes/views/test_node_sparse_fieldsets.py
+++ b/api_tests/nodes/views/test_node_sparse_fieldsets.py
@@ -1,4 +1,4 @@
-# -*- coding: utf-8 -*-
+import pytest
 
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
@@ -6,71 +6,81 @@
     ProjectFactory,
     AuthUserFactory,
 )
-from api_tests.nodes.views.test_view_only_query_parameter import ViewOnlyTestCase
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
 
-class TestNodeSparseFieldsList(ApiTestCase):
-    def setUp(self):
-        super(TestNodeSparseFieldsList, self).setUp()
-        self.user = AuthUserFactory()
+@pytest.mark.django_db
+class TestNodeSparseFieldsList:
 
-        self.non_contrib = AuthUserFactory()
+    @pytest.fixture()
+    def deleted_project(self):
+        return ProjectFactory(is_deleted=True)
 
-        self.deleted = ProjectFactory(is_deleted=True)
-        self.private = ProjectFactory(is_public=False, creator=self.user)
-        self.public = ProjectFactory(is_public=True, creator=self.user)
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
 
-        self.url = '/{}nodes/?fields[nodes]='.format(API_BASE)
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-    def test_empty_fields_returns_no_attributes(self):
-        res = self.app.get(self.url)
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/?fields[nodes]='.format(API_BASE)
+
+    def test_node_sparse_fields_list(self, app, user, deleted_project, private_project, public_project, url):
+
+    # def test_empty_fields_returns_no_attributes(self):
+        res = app.get(url)
         node_json = res.json['data'][0]
 
         assert node_json['attributes'] == {}
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
 
-    def test_sparse_fields_includes_relationships(self):
-        res = self.app.get(self.url + 'children')
+    # def test_sparse_fields_includes_relationships(self):
+        res = app.get(url + 'children')
         node_json = res.json['data'][0]
 
         assert node_json['attributes'] == {}
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'relationships'])
-        assert node_json['relationships']['children']['links']['related']['href'].endswith('/{}nodes/{}/children/'.format(API_BASE, self.public._id))
+        assert node_json['relationships']['children']['links']['related']['href'].endswith('/{}nodes/{}/children/'.format(API_BASE, public_project._id))
 
-    def test_returns_expected_nodes(self):
-        res = self.app.get(self.url + 'title')
+    # def test_returns_expected_nodes(self):
+        res = app.get(url + 'title')
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert self.public._id in ids
-        assert self.deleted._id not in ids
-        assert self.private._id not in ids
+        assert public_project._id in ids
+        assert deleted_project._id not in ids
+        assert private_project._id not in ids
 
         assert len(node_json) == 1
         node_json = node_json[0]
-        assert node_json['attributes']['title'] == self.public.title
+        assert node_json['attributes']['title'] == public_project.title
         assert len(node_json['attributes']) == 1
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
 
-    def test_filtering_by_id(self):
-        url = '/{}nodes/?filter[id]={}&fields[nodes]='.format(API_BASE, self.public._id)
-        res = self.app.get(url)
-        assert [each['id'] for each in res.json['data']] == [self.public._id]
+    # def test_filtering_by_id(self):
+        url = '/{}nodes/?filter[id]={}&fields[nodes]='.format(API_BASE, public_project._id)
+        res = app.get(url)
+        assert [each['id'] for each in res.json['data']] == [public_project._id]
 
         node_json = res.json['data'][0]
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
         assert node_json['attributes'] == {}
 
-    def test_filtering_by_excluded_field(self):
-        url = '/{}nodes/?filter[title]={}&fields[nodes]='.format(API_BASE, self.public.title)
-        res = self.app.get(url)
-        assert [each['id'] for each in res.json['data']] == [self.public._id]
+    # def test_filtering_by_excluded_field(self):
+        url = '/{}nodes/?filter[title]={}&fields[nodes]='.format(API_BASE, public_project.title)
+        res = app.get(url)
+        assert [each['id'] for each in res.json['data']] == [public_project._id]
 
         node_json = res.json['data'][0]
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
         assert node_json['attributes'] == {}
 
-    def test_create_with_sparse_fields(self):
+    # def test_create_with_sparse_fields(self):
         payload = {
             'data': {
                 'type': 'nodes',
@@ -83,100 +93,100 @@ def test_create_with_sparse_fields(self):
                     }
             }
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth)
+        res = app.post_json_api(url, payload, auth=user.auth)
         assert res.status_code == 201
         assert set(res.json['data'].keys()) == set(['links', 'type', 'id', 'attributes'])
         assert res.json['data']['attributes'] == {}
 
-class TestNodeSparseFieldsDetail(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeSparseFieldsDetail, self).setUp()
-        self.user = AuthUserFactory()
-        self.node = ProjectFactory(is_public=True, creator=self.user)
-        self.url = '/{}nodes/{}/'.format(API_BASE, self.node._id)
-
-    def test_empty_fields_returns_no_attributes(self):
-        res = self.app.get(self.url + '?fields[nodes]=')
-        node_json = res.json['data']
-
-        assert node_json['attributes'] == {}
-        assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
-
-    def test_embed_sparse_same_type(self):
-        child = ProjectFactory(parent=self.node, is_public=True, creator=self.user)
-        url = '{}?embed=children&fields[nodes]=title,children'.format(self.url)
-        res = self.app.get(url)
-        node_json = res.json['data']
-
-        assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'relationships', 'embeds'])
-        assert node_json['attributes'].keys() == ['title']
-        assert set(node_json['embeds']['children']['data'][0].keys()) == set(['links', 'type', 'id', 'attributes', 'relationships'])
-        assert node_json['embeds']['children']['data'][0]['attributes'].keys() == ['title']
-        assert node_json['embeds']['children']['data'][0]['attributes']['title'] == child.title
-
-    def test_embed_sparse_different_types(self):
-        url = '{}?embed=contributors&fields[nodes]=title,contributors'.format(self.url)
-        res = self.app.get(url)
-        node_json = res.json['data']
-
-        assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
-        assert node_json['attributes'].keys() == ['title']
-        assert len(node_json['embeds']['contributors']['data']) == 1
-        assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
-        assert len(node_json['embeds']['contributors']['data'][0]['attributes']) > 1
-
-    def test_sparse_embedded_type(self):
-        url = '{}?embed=contributors&fields[contributors]='.format(self.url)
-        res = self.app.get(url)
-        node_json = res.json['data']
-
-        assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
-        assert len(node_json['attributes'].keys()) > 1
-        assert len(node_json['embeds']['contributors']['data']) == 1
-        assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
-        assert len(node_json['embeds']['contributors']['data'][0]['attributes']) == 0
-
-    def test_multiple_sparse_types(self):
-        url = '{}?fields[nodes]=contributors,title&embed=contributors&fields[contributors]=bibliographic'.format(self.url)
-        res = self.app.get(url)
-        node_json = res.json['data']
-
-        assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
-        assert node_json['attributes'].keys() == ['title']
-        assert len(node_json['embeds']['contributors']['data']) == 1
-        assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
-        assert node_json['embeds']['contributors']['data'][0]['attributes'].keys() == ['bibliographic']
-
-    def test_update_with_sparse_fields(self):
-        url = '{}?fields[nodes]='.format(self.url)
-        old_title = self.node.title
-        payload = {'data': {
-            'id': self.node._id,
-            'type': 'nodes',
-            'attributes': {
-                'title': 'new title'
-            }
-        }}
-        res = self.app.patch_json_api(url, payload, auth=self.user.auth)
-        assert res.status_code == 200
-        assert res.json['data']['attributes'] == {}
-        self.node.reload()
-        assert self.node.title != old_title
-
-
-class TestSparseViewOnlyLinks(ViewOnlyTestCase):
-
-    def test_sparse_fields_with_anonymous_link(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.private_node_one_anonymous_link.key,
-            'fields[nodes]': 'title,current_user_can_comment,contributors',
-            'fields[contributors]': 'id',
-            'embed': 'contributors'
-        })  # current_user_can_comment is an anonymized field, should be removed
-        assert res.status_code == 200
-        assert res.json['data']['attributes'].keys() == ['title']
-
-        for contrib in res.json['data']['embeds']['contributors']['data']:
-            assert contrib['id'] == ''
-            assert contrib['attributes'] == {}
+# class TestNodeSparseFieldsDetail(ApiTestCase):
+
+#     def setUp(self):
+#         super(TestNodeSparseFieldsDetail, self).setUp()
+#         self.user = AuthUserFactory()
+#         self.node = ProjectFactory(is_public=True, creator=self.user)
+#         self.url = '/{}nodes/{}/'.format(API_BASE, self.node._id)
+
+#     def test_empty_fields_returns_no_attributes(self):
+#         res = self.app.get(self.url + '?fields[nodes]=')
+#         node_json = res.json['data']
+
+#         assert node_json['attributes'] == {}
+#         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
+
+#     def test_embed_sparse_same_type(self):
+#         child = ProjectFactory(parent=self.node, is_public=True, creator=self.user)
+#         url = '{}?embed=children&fields[nodes]=title,children'.format(self.url)
+#         res = self.app.get(url)
+#         node_json = res.json['data']
+
+#         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'relationships', 'embeds'])
+#         assert node_json['attributes'].keys() == ['title']
+#         assert set(node_json['embeds']['children']['data'][0].keys()) == set(['links', 'type', 'id', 'attributes', 'relationships'])
+#         assert node_json['embeds']['children']['data'][0]['attributes'].keys() == ['title']
+#         assert node_json['embeds']['children']['data'][0]['attributes']['title'] == child.title
+
+#     def test_embed_sparse_different_types(self):
+#         url = '{}?embed=contributors&fields[nodes]=title,contributors'.format(self.url)
+#         res = self.app.get(url)
+#         node_json = res.json['data']
+
+#         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
+#         assert node_json['attributes'].keys() == ['title']
+#         assert len(node_json['embeds']['contributors']['data']) == 1
+#         assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
+#         assert len(node_json['embeds']['contributors']['data'][0]['attributes']) > 1
+
+#     def test_sparse_embedded_type(self):
+#         url = '{}?embed=contributors&fields[contributors]='.format(self.url)
+#         res = self.app.get(url)
+#         node_json = res.json['data']
+
+#         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
+#         assert len(node_json['attributes'].keys()) > 1
+#         assert len(node_json['embeds']['contributors']['data']) == 1
+#         assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
+#         assert len(node_json['embeds']['contributors']['data'][0]['attributes']) == 0
+
+#     def test_multiple_sparse_types(self):
+#         url = '{}?fields[nodes]=contributors,title&embed=contributors&fields[contributors]=bibliographic'.format(self.url)
+#         res = self.app.get(url)
+#         node_json = res.json['data']
+
+#         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'embeds', 'relationships'])
+#         assert node_json['attributes'].keys() == ['title']
+#         assert len(node_json['embeds']['contributors']['data']) == 1
+#         assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(self.node._id, self.user._id)
+#         assert node_json['embeds']['contributors']['data'][0]['attributes'].keys() == ['bibliographic']
+
+#     def test_update_with_sparse_fields(self):
+#         url = '{}?fields[nodes]='.format(self.url)
+#         old_title = self.node.title
+#         payload = {'data': {
+#             'id': self.node._id,
+#             'type': 'nodes',
+#             'attributes': {
+#                 'title': 'new title'
+#             }
+#         }}
+#         res = self.app.patch_json_api(url, payload, auth=self.user.auth)
+#         assert res.status_code == 200
+#         assert res.json['data']['attributes'] == {}
+#         self.node.reload()
+#         assert self.node.title != old_title
+
+
+# class TestSparseViewOnlyLinks(ViewOnlyTestCase):
+
+#     def test_sparse_fields_with_anonymous_link(self):
+#         res = self.app.get(self.private_node_one_url, {
+#             'view_only': self.private_node_one_anonymous_link.key,
+#             'fields[nodes]': 'title,current_user_can_comment,contributors',
+#             'fields[contributors]': 'id',
+#             'embed': 'contributors'
+#         })  # current_user_can_comment is an anonymized field, should be removed
+#         assert res.status_code == 200
+#         assert res.json['data']['attributes'].keys() == ['title']
+
+#         for contrib in res.json['data']['embeds']['contributors']['data']:
+#             assert contrib['id'] == ''
+#             assert contrib['attributes'] == {}
diff --git a/api_tests/nodes/views/test_node_view_only_links_detail.py b/api_tests/nodes/views/test_node_view_only_links_detail.py
index e40b08b8fc3..e583bb8ccf5 100644
--- a/api_tests/nodes/views/test_node_view_only_links_detail.py
+++ b/api_tests/nodes/views/test_node_view_only_links_detail.py
@@ -1,162 +1,208 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
+from tests.base import ApiTestCase
 from website.util import permissions
-from test_node_view_only_links_list import ViewOnlyLinkTestCase
-from osf_tests.factories import NodeFactory, AuthUserFactory
+from osf_tests.factories import (
+    ProjectFactory,
+    AuthUserFactory,
+    PrivateLinkFactory
+)
+
+@pytest.fixture(scope='function')
+def user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_only_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_write_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def non_contributor():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def public_project(user, read_only_user, read_write_user):
+    public_project = ProjectFactory(is_public=True, creator=user)
+    public_project.add_contributor(read_only_user, permissions=[permissions.READ])
+    public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+    public_project.save()
+    return public_project
+
+@pytest.fixture(scope='function')
+def view_only_link(public_project):
+    view_only_link = PrivateLinkFactory(name='testlink')
+    view_only_link.nodes.add(public_project)
+    view_only_link.save()
+    return view_only_link
 
 @pytest.mark.django_db
-class TestViewOnlyLinksDetail(ViewOnlyLinkTestCase):
+@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
+class TestViewOnlyLinksDetail:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        super(TestViewOnlyLinksDetail, self).setUp()
-        self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
+    @pytest.fixture()
+    def url(self, public_project, view_only_link):
+        return '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, public_project._id, view_only_link._id)
 
-    def test_non_mutating_view_only_links_detail_tests(self):
+    def test_non_mutating_view_only_links_detail_tests(self, app, user, read_write_user, read_only_user, non_contributor, url, public_project, view_only_link):
 
     #   test_admin_can_view_vol_detail
-        res = self.app.get(self.url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         assert res.json['data']['attributes']['name'] == 'testlink'
 
     #   test_read_write_cannot_view_vol_detail
-        res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_view_vol_detail
-        res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_view_vol_detail
-        res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
+        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_view_vol_detail
-        res = self.app.get(self.url, expect_errors=True)
+        res = app.get(url, expect_errors=True)
         assert res.status_code == 401
 
-    def test_deleted_vol_not_returned(self):
-        res = self.app.get(self.url, auth=self.user.auth)
+    def test_deleted_vol_not_returned(self, app, user, public_project, view_only_link, url):
+        res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         assert res.json['data']['attributes']['name'] == 'testlink'
 
-        self.view_only_link.nodes.remove(self.public_project)
-        self.view_only_link.save()
+        view_only_link.nodes.remove(public_project)
+        view_only_link.save()
 
-        res = self.app.get(self.url, auth=self.user.auth, expect_errors=True)
+        res = app.get(url, auth=user.auth, expect_errors=True)
         assert res.status_code == 404
 
 @pytest.mark.django_db
-class TestViewOnlyLinksUpdate(ViewOnlyLinkTestCase):
+@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
+class TestViewOnlyLinksUpdate:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        super(TestViewOnlyLinksUpdate, self).setUp()
-        self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
+    @pytest.fixture()
+    def url(self, public_project, view_only_link):
+        return '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, public_project._id, view_only_link._id)
 
-        self.user_two = AuthUserFactory()
-        self.public_project.add_contributor(self.user_two, permissions=[permissions.ADMIN])
+    @pytest.fixture()
+    def public_project_admin(self, public_project):
+        return AuthUserFactory()
 
-        self.public_project_component = NodeFactory(is_public=True, creator=self.user, parent=self.public_project)
-        self.public_project_component.save()
+    @pytest.fixture()
+    def public_project(self, public_project_admin, public_project):
+        public_project.add_contributor(public_project_admin, permissions=[permissions.ADMIN])
+        return public_project
 
-    def test_admin_can_update_vol_name(self):
-        assert self.view_only_link.name == 'testlink'
-        assert self.view_only_link.anonymous == False
+    @pytest.fixture()
+    def public_project_component(self, user, public_project):
+        return NodeFactory(is_public=True, creator=user, parent=public_project)
+
+    def test_admin_can_update_vol_name(self, app, user, view_only_link, url):
+        assert view_only_link.name == 'testlink'
+        assert view_only_link.anonymous == False
 
         payload = {
             'attributes': {
                 'name': 'updated vol name'
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, auth=self.user.auth)
+        res = app.put_json_api(url, {'data': payload}, auth=user.auth)
 
         assert res.status_code == 200
         assert res.json['data']['attributes']['name'] == 'updated vol name'
         assert res.json['data']['attributes']['anonymous'] == False
 
-    def test_admin_can_update_vol_anonymous(self):
-        assert self.view_only_link.name == 'testlink'
-        assert self.view_only_link.anonymous == False
+    def test_admin_can_update_vol_anonymous(self, app, user, view_only_link, url):
+        assert view_only_link.name == 'testlink'
+        assert view_only_link.anonymous == False
 
         payload = {
             'attributes': {
                 'anonymous': True
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, auth=self.user.auth)
+        res = app.put_json_api(url, {'data': payload}, auth=user.auth)
 
         assert res.status_code == 200
         assert res.json['data']['attributes']['name'] == 'testlink'
         assert res.json['data']['attributes']['anonymous'] == True
 
-    def test_read_write_cannot_update_vol(self):
+    def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contributor, url):
+
+    #   test_read_write_cannot_update_vol
         payload = {
             'attributes': {
                 'name': 'updated vol name',
                 'anonymous': True,
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, auth=self.read_write_user.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=read_write_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_read_only_cannot_update_vol(self):
+    #   test_read_only_cannot_update_vol
         payload = {
             'attributes': {
                 'name': 'updated vol name',
                 'anonymous': True,
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, auth=self.read_only_user.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=read_only_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_logged_in_user_cannot_update_vol(self):
+    #   test_logged_in_user_cannot_update_vol
         payload = {
             'attributes': {
                 'name': 'updated vol name',
                 'anonymous': True,
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, auth=self.non_contributor.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_update_vol(self):
+    #   test_unauthenticated_user_cannot_update_vol
         payload = {
             'attributes': {
                 'name': 'updated vol name',
                 'anonymous': True,
             }
         }
-        res = self.app.put_json_api(self.url, {'data': payload}, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, expect_errors=True)
         assert res.status_code == 401
 
 @pytest.mark.django_db
-class TestViewOnlyLinksDelete(ViewOnlyLinkTestCase):
+@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
+class TestViewOnlyLinksDelete:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        super(TestViewOnlyLinksDelete, self).setUp()
-        self.url = '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, self.public_project._id, self.view_only_link._id)
+    @pytest.fixture()
+    def url(self, public_project, view_only_link):
+        return '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, public_project._id, view_only_link._id)
 
-    def test_admin_can_delete_vol(self):
-        res = self.app.delete(self.url, auth=self.user.auth)
-        self.view_only_link.reload()
+    def test_admin_can_delete_vol(self, app, user, url, view_only_link):
+        res = app.delete(url, auth=user.auth)
+        view_only_link.reload()
         assert res.status_code == 204
-        assert self.view_only_link.is_deleted == True
+        assert view_only_link.is_deleted == True
+
+    def test_vol_delete(self, app, read_write_user, read_only_user, non_contributor, url):
 
-    def test_read_write_cannot_delete_vol(self):
-        res = self.app.delete(self.url, auth=self.read_write_user.auth, expect_errors=True)
+    #   test_read_write_cannot_delete_vol
+        res = app.delete(url, auth=read_write_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_read_only_cannot_delete_vol(self):
-        res = self.app.delete(self.url, auth=self.read_only_user.auth, expect_errors=True)
+    #   test_read_only_cannot_delete_vol
+        res = app.delete(url, auth=read_only_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_logged_in_user_cannot_delete_vol(self):
-        res = self.app.delete(self.url, auth=self.non_contributor.auth, expect_errors=True)
+    #   test_logged_in_user_cannot_delete_vol
+        res = app.delete(url, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_delete_vol(self):
-        res = self.app.delete(self.url, expect_errors=True)
+    #   test_unauthenticated_user_cannot_delete_vol
+        res = app.delete(url, expect_errors=True)
         assert res.status_code == 401
diff --git a/api_tests/nodes/views/test_node_view_only_links_list.py b/api_tests/nodes/views/test_node_view_only_links_list.py
index ea4642509e1..1166ec7a587 100644
--- a/api_tests/nodes/views/test_node_view_only_links_list.py
+++ b/api_tests/nodes/views/test_node_view_only_links_list.py
@@ -2,7 +2,6 @@
 
 from website.util import permissions
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
@@ -10,175 +9,191 @@
     PrivateLinkFactory
 )
 
-
-class ViewOnlyLinkTestCase(object):
-
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.user = AuthUserFactory()
-        self.read_only_user = AuthUserFactory()
-        self.read_write_user = AuthUserFactory()
-        self.non_contributor = AuthUserFactory()
-
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_project.add_contributor(self.read_only_user, permissions=[permissions.READ])
-        self.public_project.add_contributor(self.read_write_user, permissions=[permissions.WRITE])
-        self.public_project.save()
-
-        self.view_only_link = PrivateLinkFactory(name='testlink')
-        self.view_only_link.nodes.add(self.public_project)
-        self.view_only_link.save()
+@pytest.fixture(scope='function')
+def user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_only_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_write_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def non_contributor():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def public_project(user, read_only_user, read_write_user):
+    public_project = ProjectFactory(is_public=True, creator=user)
+    public_project.add_contributor(read_only_user, permissions=[permissions.READ])
+    public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+    public_project.save()
+    return public_project
+
+@pytest.fixture(scope='function')
+def view_only_link(public_project):
+    view_only_link = PrivateLinkFactory(name='testlink')
+    view_only_link.nodes.add(public_project)
+    view_only_link.save()
+    return view_only_link
 
 @pytest.mark.django_db
-class TestViewOnlyLinksList(ViewOnlyLinkTestCase):
+@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
+class TestViewOnlyLinksList:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        super(TestViewOnlyLinksList, self).setUp()
-        self.url = '/{}nodes/{}/view_only_links/'.format(API_BASE, self.public_project._id)
+    @pytest.fixture()
+    def url(self, public_project):
+        return '/{}nodes/{}/view_only_links/'.format(API_BASE, public_project._id)
 
-    def test_non_mutating_view_only_links_list_tests(self):
+    def test_non_mutating_view_only_links_list_tests(self, app, user, read_write_user, read_only_user, non_contributor, public_project, url):
 
     #   test_admin_can_view_vols_list
-        res = self.app.get(self.url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         data = res.json['data']
+        print data
+        print url
         assert len(data) == 1
         assert data[0]['attributes']['name'] == 'testlink'
 
     #   test_read_write_cannot_view_vols_list
-        res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_view_vols_list
-        res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_view_vols_list
-        res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
+        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_view_vols_list
-        res = self.app.get(self.url, expect_errors=True)
+        res = app.get(url, expect_errors=True)
         assert res.status_code == 401
 
-    def test_deleted_vols_not_returned(self):
+    def test_deleted_vols_not_returned(self, app, user, url, public_project):
         view_only_link = PrivateLinkFactory(name='testlink2')
-        view_only_link.nodes.add(self.public_project)
+        view_only_link.nodes.add(public_project)
         view_only_link.save()
 
-        res = self.app.get(self.url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         data = res.json['data']
         assert res.status_code == 200
         assert len(data) == 2
 
-        view_only_link.nodes.remove(self.public_project)
+        view_only_link.nodes.remove(public_project)
         view_only_link.save()
 
-        res = self.app.get(self.url, auth=self.user.auth)
+        res = app.get(url, auth=user.auth)
         data = res.json['data']
         assert res.status_code == 200
         assert len(data) == 1
 
 @pytest.mark.django_db
-class TestViewOnlyLinksCreate(ViewOnlyLinkTestCase):
+@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
+class TestViewOnlyLinksCreate:
 
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        super(TestViewOnlyLinksCreate, self).setUp()
-        self.url = '/{}nodes/{}/view_only_links/'.format(API_BASE, self.public_project._id)
+    @pytest.fixture()
+    def url(self, public_project):
+        return '/{}nodes/{}/view_only_links/'.format(API_BASE, public_project._id)
 
-    def test_invalid_vol_name(self):
+    def test_invalid_vol_name(self, app, user, url):
         payload = {
             'attributes': {
                 'name': '<div>  </div>',
                 'anonymous': False,
             }
         }
-        res = self.app.post_json_api(self.url, {'data': payload}, auth=self.user.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Invalid link name.'
 
-    def test_default_anonymous_not_in_payload(self):
-        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
+    def test_default_anonymous_not_in_payload(self, app, user, public_project):
+        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, public_project._id)
         payload = {
             'attributes': {
                 'name': 'testlink',
             }
         }
-        res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
+        res = app.post_json_api(url, {'data': payload}, auth=user.auth)
         assert res.status_code == 201
         data = res.json['data']
         assert data['attributes']['name'] == 'testlink'
         assert data['attributes']['anonymous'] == False
-        assert data['embeds']['creator']['data']['id'] == self.user._id
+        assert data['embeds']['creator']['data']['id'] == user._id
 
-    def test_default_name_not_in_payload(self):
-        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
+    def test_default_name_not_in_payload(self, app, user, public_project):
+        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, public_project._id)
         payload = {
             'attributes': {
                 'anonymous': False,
             }
         }
-        res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
+        res = app.post_json_api(url, {'data': payload}, auth=user.auth)
         assert res.status_code == 201
         data = res.json['data']
         assert data['attributes']['name'] == 'Shared project link'
         assert data['attributes']['anonymous'] == False
-        assert data['embeds']['creator']['data']['id'] == self.user._id
+        assert data['embeds']['creator']['data']['id'] == user._id
 
-    def test_admin_can_create_vol(self):
-        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, self.public_project._id)
+    def test_admin_can_create_vol(self, app, user, public_project):
+        url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, public_project._id)
         payload = {
             'attributes': {
                 'name': 'testlink',
                 'anonymous': True,
             }
         }
-        res = self.app.post_json_api(url, {'data': payload}, auth=self.user.auth)
+        res = app.post_json_api(url, {'data': payload}, auth=user.auth)
         assert res.status_code == 201
-        assert self.public_project.private_links.count() == 2
+        assert public_project.private_links.count() == 2
         data = res.json['data']
         assert data['attributes']['name'] == 'testlink'
         assert data['attributes']['anonymous'] == True
-        assert data['embeds']['creator']['data']['id'] == self.user._id
+        assert data['embeds']['creator']['data']['id'] == user._id
+
+    def test_cannot_create_vol(self, app, read_write_user, read_only_user, non_contributor, url):
 
-    def test_read_write_cannot_create_vol(self):
+    #   test_read_write_cannot_create_vol
         payload = {
             'attributes': {
                 'name': 'testlink',
                 'anonymous': True,
             }
         }
-        res = self.app.post_json_api(self.url, {'data': payload}, auth=self.read_write_user.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=read_write_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_read_only_cannot_create_vol(self):
+    #   test_read_only_cannot_create_vol
         payload = {
             'attributes': {
                 'name': 'testlink',
                 'anonymous': True,
             }
         }
-        res = self.app.post_json_api(self.url, {'data': payload}, auth=self.read_only_user.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=read_only_user.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_logged_in_user_cannot_create_vol(self):
+    #   test_logged_in_user_cannot_create_vol
         payload = {
             'attributes': {
                 'name': 'testlink',
                 'anonymous': True,
             }
         }
-        res = self.app.post_json_api(self.url, {'data': payload}, auth=self.non_contributor.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_create_vol(self):
+    #   test_unauthenticated_user_cannot_create_vol
         payload = {
             'attributes': {
                 'name': 'testlink',
                 'anonymous': True,
             }
         }
-        res = self.app.post_json_api(self.url, {'data': payload}, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, expect_errors=True)
         assert res.status_code == 401
diff --git a/api_tests/nodes/views/test_view_only_query_parameter.py b/api_tests/nodes/views/test_view_only_query_parameter.py
index 11186c3f4c6..3871ecd64f8 100644
--- a/api_tests/nodes/views/test_view_only_query_parameter.py
+++ b/api_tests/nodes/views/test_view_only_query_parameter.py
@@ -3,7 +3,6 @@
 from website.util import permissions
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
-from tests.json_api_test_app import JSONAPITestApp
 from website.models import Node
 from osf_tests.factories import (
     ProjectFactory,
@@ -11,62 +10,117 @@
     PrivateLinkFactory,
 )
 
-class ViewOnlyTestCase(object):
-
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.app = JSONAPITestApp()
-        self.creation_user = AuthUserFactory()
-        self.viewing_user = AuthUserFactory()
-        self.contributing_read_user = AuthUserFactory()
-        self.contributing_write_user = AuthUserFactory()
-        self.valid_contributors = [
-            self.creation_user._id,
-            self.contributing_read_user._id,
-            self.contributing_write_user._id,
-        ]
-
-        self.private_node_one = ProjectFactory(is_public=False, creator=self.creation_user, title="Private One")
-        self.private_node_one.add_contributor(self.contributing_read_user, permissions=[permissions.READ], save=True)
-        self.private_node_one.add_contributor(self.contributing_write_user, permissions=[permissions.WRITE], save=True)
-        self.private_node_one_anonymous_link = PrivateLinkFactory(anonymous=True)
-        self.private_node_one_anonymous_link.nodes.add(self.private_node_one)
-        self.private_node_one_anonymous_link.save()
-        self.private_node_one_private_link = PrivateLinkFactory(anonymous=False)
-        self.private_node_one_private_link.nodes.add(self.private_node_one)
-        self.private_node_one_private_link.save()
-        self.private_node_one_url = '/{}nodes/{}/'.format(API_BASE, self.private_node_one._id)
-
-        self.private_node_two = ProjectFactory(is_public=False, creator=self.creation_user, title="Private Two")
-        self.private_node_two.add_contributor(self.contributing_read_user, permissions=[permissions.READ], save=True)
-        self.private_node_two.add_contributor(self.contributing_write_user, permissions=[permissions.WRITE], save=True)
-        self.private_node_two_url = '/{}nodes/{}/'.format(API_BASE, self.private_node_two._id)
-
-        self.public_node_one = ProjectFactory(is_public=True, creator=self.creation_user, title="Public One")
-        self.public_node_one.add_contributor(self.contributing_read_user, permissions=[permissions.READ], save=True)
-        self.public_node_one.add_contributor(self.contributing_write_user, permissions=[permissions.WRITE], save=True)
-        self.public_node_one_anonymous_link = PrivateLinkFactory(anonymous=True)
-        self.public_node_one_anonymous_link.nodes.add(self.public_node_one)
-        self.public_node_one_anonymous_link.save()
-        self.public_node_one_private_link = PrivateLinkFactory(anonymous=False)
-        self.public_node_one_private_link.nodes.add(self.public_node_one)
-        self.public_node_one_private_link.save()
-        self.public_node_one_url = '/{}nodes/{}/'.format(API_BASE, self.public_node_one._id)
-
-        self.public_node_two = ProjectFactory(is_public=True, creator=self.creation_user, title="Public Two")
-        self.public_node_two.add_contributor(self.contributing_read_user, permissions=[permissions.READ], save=True)
-        self.public_node_two.add_contributor(self.contributing_write_user, permissions=[permissions.WRITE], save=True)
-        self.public_node_two_url = '/{}nodes/{}/'.format(API_BASE, self.public_node_two._id)
+@pytest.fixture()
+def creation_user():
+    return AuthUserFactory()
+
+@pytest.fixture()
+def viewing_user():
+    return AuthUserFactory()
+
+@pytest.fixture()
+def contributing_read_user():
+    return AuthUserFactory()
+
+@pytest.fixture()
+def contributing_write_user():
+    return AuthUserFactory()
+
+@pytest.fixture()
+def valid_contributors(creation_user, contributing_read_user, contributing_write_user):
+    return [
+        creation_user._id,
+        contributing_read_user._id,
+        contributing_write_user._id,
+    ]
+
+@pytest.fixture()
+def private_node_one(creation_user, contributing_read_user, contributing_write_user):
+    private_node_one = ProjectFactory(is_public=False, creator=creation_user, title='Private One')
+    private_node_one.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
+    private_node_one.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+    return private_node_one
+
+@pytest.fixture()
+def private_node_one_anonymous_link(private_node_one):
+    private_node_one_anonymous_link = PrivateLinkFactory(anonymous=True)
+    private_node_one_anonymous_link.nodes.add(private_node_one)
+    private_node_one_anonymous_link.save()
+    return private_node_one_anonymous_link
+
+@pytest.fixture()
+def private_node_one_private_link(private_node_one):
+    private_node_one_private_link = PrivateLinkFactory(anonymous=False)
+    private_node_one_private_link.nodes.add(private_node_one)
+    private_node_one_private_link.save()
+    return private_node_one_private_link
+
+@pytest.fixture()
+def private_node_one_url(private_node_one):
+    return '/{}nodes/{}/'.format(API_BASE, private_node_one._id)
+
+@pytest.fixture()
+def private_node_two(creation_user, contributing_read_user, contributing_write_user):
+    private_node_two = ProjectFactory(is_public=False, creator=creation_user, title='Private Two')
+    private_node_two.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
+    private_node_two.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+    return private_node_two
+
+@pytest.fixture()
+def private_node_two_url(private_node_two):
+    return '/{}nodes/{}/'.format(API_BASE, private_node_two._id)
+
+@pytest.fixture()
+def public_node_one(creation_user, contributing_read_user, contributing_write_user):
+    public_node_one = ProjectFactory(is_public=True, creator=creation_user, title='Public One')
+    public_node_one.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
+    public_node_one.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+    return public_node_one
+
+@pytest.fixture()
+def public_node_one_anonymous_link(public_node_one):
+    public_node_one_anonymous_link = PrivateLinkFactory(anonymous=True)
+    public_node_one_anonymous_link.nodes.add(public_node_one)
+    public_node_one_anonymous_link.save()
+    return public_node_one_anonymous_link
+
+@pytest.fixture()
+def public_node_one_private_link(public_node_one):
+    public_node_one_private_link = PrivateLinkFactory(anonymous=False)
+    public_node_one_private_link.nodes.add(public_node_one)
+    public_node_one_private_link.save()
+    return public_node_one_private_link
+
+@pytest.fixture()
+def public_node_one_url(public_node_one):
+    return '/{}nodes/{}/'.format(API_BASE, public_node_one._id)
+
+@pytest.fixture()
+def public_node_two(creation_user, contributing_read_user, contributing_write_user):
+    public_node_two = ProjectFactory(is_public=True, creator=creation_user, title='Public Two')
+    public_node_two.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
+    public_node_two.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+    return public_node_two
+
+@pytest.fixture()
+def public_node_two_url(public_node_two):
+    return '/{}nodes/{}/'.format(API_BASE, public_node_two._id)
 
 @pytest.mark.django_db
-class TestNodeDetailViewOnlyLinks(ViewOnlyTestCase):
+@pytest.mark.usefixtures('creation_user', 'viewing_user', 'contributing_read_user', 'contributing_write_user', 'valid_contributors', 
+    'private_node_one', 'private_node_one_anonymous_link', 'private_node_one_private_link', 'private_node_one_url',
+    'private_node_two', 'private_node_two_url', 'public_node_one', 'public_node_one_anonymous_link',
+    'public_node_one_private_link', 'public_node_one_url', 'public_node_two', 'public_node_two_url')
+class TestNodeDetailViewOnlyLinks:
 
-    def test_private_node_with_link_works_when_using_link(self):
-        res_normal = self.app.get(self.private_node_one_url, auth=self.contributing_read_user.auth)
+    def test_private_node(self, app, creation_user, contributing_read_user, valid_contributors, private_node_one, private_node_one_url, private_node_one_private_link, private_node_one_anonymous_link, public_node_one_url, public_node_one_private_link, public_node_one_anonymous_link):
+
+    #   test_private_node_with_link_works_when_using_link
+        res_normal = app.get(private_node_one_url, auth=contributing_read_user.auth)
         assert res_normal.status_code == 200
-        res_linked = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
+        res_linked = app.get(private_node_one_url, {'view_only': private_node_one_private_link.key})
         assert res_linked.status_code == 200
-        assert_items_equal(res_linked.json['data']['attributes']['current_user_permissions'], ['read'])
+        assert res_linked.json['data']['attributes']['current_user_permissions'] == ['read']
 
         # Remove any keys that will be different for view-only responses
         res_normal_json = res_normal.json
@@ -77,13 +131,13 @@ def test_private_node_with_link_works_when_using_link(self):
         assert user_can_comment
         assert not view_only_can_comment
 
-    def test_private_node_with_link_unauthorized_when_not_using_link(self):
-        res = self.app.get(self.private_node_one_url, expect_errors=True)
+    #   test_private_node_with_link_unauthorized_when_not_using_link
+        res = app.get(private_node_one_url, expect_errors=True)
         assert res.status_code == 401
 
-    def test_private_node_with_link_anonymous_does_not_expose_contributor_id(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.private_node_one_anonymous_link.key,
+    #   test_private_node_with_link_anonymous_does_not_expose_contributor_id
+        res = app.get(private_node_one_url, {
+            'view_only': private_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
@@ -91,29 +145,29 @@ def test_private_node_with_link_anonymous_does_not_expose_contributor_id(self):
         for contributor in contributors:
             assert contributor['id'] == ''
 
-    def test_private_node_with_link_non_anonymous_does_expose_contributor_id(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.private_node_one_private_link.key,
+    #   test_private_node_with_link_non_anonymous_does_expose_contributor_id
+        res = app.get(private_node_one_url, {
+            'view_only': private_node_one_private_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert contributor['id'].split('-')[1] in self.valid_contributors
+            assert contributor['id'].split('-')[1] in valid_contributors
 
-    def test_private_node_logged_in_with_anonymous_link_does_not_expose_contributor_id(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.private_node_one_private_link.key,
+    #   test_private_node_logged_in_with_anonymous_link_does_not_expose_contributor_id
+        res = app.get(private_node_one_url, {
+            'view_only': private_node_one_private_link.key,
             'embed': 'contributors',
-        }, auth=self.creation_user.auth)
+        }, auth=creation_user.auth)
         assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert contributor['id'].split('-')[1] in self.valid_contributors
+            assert contributor['id'].split('-')[1] in valid_contributors
 
-    def test_public_node_with_link_anonymous_does_not_expose_user_id(self):
-        res = self.app.get(self.public_node_one_url, {
-            'view_only': self.public_node_one_anonymous_link.key,
+    #   test_public_node_with_link_anonymous_does_not_expose_user_id
+        res = app.get(public_node_one_url, {
+            'view_only': public_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
@@ -121,58 +175,57 @@ def test_public_node_with_link_anonymous_does_not_expose_user_id(self):
         for contributor in contributors:
             assert contributor['id'] == ''
 
-    def test_public_node_with_link_non_anonymous_does_expose_contributor_id(self):
-        res = self.app.get(self.public_node_one_url, {
-            'view_only': self.public_node_one_private_link.key,
+    #   test_public_node_with_link_non_anonymous_does_expose_contributor_id
+        res = app.get(public_node_one_url, {
+            'view_only': public_node_one_private_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert contributor['id'].split('-')[1] in self.valid_contributors
+            assert contributor['id'].split('-')[1] in valid_contributors
 
-    def test_public_node_with_link_unused_does_expose_contributor_id(self):
-        res = self.app.get(self.public_node_one_url, {
+    #   test_public_node_with_link_unused_does_expose_contributor_id
+        res = app.get(public_node_one_url, {
             'embed': 'contributors',
         })
         assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
-            assert contributor['id'].split('-')[1] in self.valid_contributors
+            assert contributor['id'].split('-')[1] in valid_contributors
 
-    def test_view_only_link_does_not_grant_write_permission(self):
+    #   test_view_only_link_does_not_grant_write_permission
         payload = {
             'data': {
                 'attributes': {
                     'title': 'Cannot touch this' },
-                'id': self.private_node_one._id,
+                'id': private_node_one._id,
                 'type': 'nodes',
             }
         }
-        res = self.app.patch_json_api(self.private_node_one_url, payload, {
-            'view_only': self.private_node_one_private_link.key,
+        res = app.patch_json_api(private_node_one_url, payload, {
+            'view_only': private_node_one_private_link.key,
         }, expect_errors=True)
         assert res.status_code == 401
 
-    def test_view_only_link_from_anther_project_does_not_grant_view_permission(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.public_node_one_private_link.key,
+    #   test_view_only_link_from_anther_project_does_not_grant_view_permission
+        res = app.get(private_node_one_url, {
+            'view_only': public_node_one_private_link.key,
         }, expect_errors=True)
         assert res.status_code == 401
 
-    def test_private_project_logs_with_anonymous_link_does_not_expose_user_id(self):
-        res = self.app.get(self.private_node_one_url+'logs/', {
-            'view_only': str(self.private_node_one_anonymous_link.key),
+    #   test_private_project_logs_with_anonymous_link_does_not_expose_user_id
+        res = app.get(private_node_one_url+'logs/', {
+            'view_only': str(private_node_one_anonymous_link.key),
         })
         assert res.status_code == 200
         body = res.body
-        assert self.contributing_write_user._id not in body
-        assert self.contributing_read_user._id not in body
-        assert self.creation_user._id not in body
+        for id in valid_contributors:
+            assert id not in body
 
-    def test_private_project_with_anonymous_link_does_not_expose_registrations_or_forks(self):
-        res = self.app.get(self.private_node_one_url, {
-            'view_only': self.private_node_one_anonymous_link.key,
+    #   test_private_project_with_anonymous_link_does_not_expose_registrations_or_forks
+        res = app.get(private_node_one_url, {
+            'view_only': private_node_one_anonymous_link.key,
         })
         assert res.status_code == 200
         relationships = res.json['data']['relationships']
@@ -185,50 +238,56 @@ def test_private_project_with_anonymous_link_does_not_expose_registrations_or_fo
         assert 'registrations' not in embeds
         assert 'forks' not in embeds, 'Add forks view to blacklist in hide_view_when_anonymous().'
 
-    def test_bad_view_only_link_does_not_modify_permissions(self):
-        res = self.app.get(self.private_node_one_url+'logs/', {
+    #   test_bad_view_only_link_does_not_modify_permissions
+        res = app.get(private_node_one_url+'logs/', {
             'view_only': 'thisisnotarealprivatekey',
         }, expect_errors=True)
         assert res.status_code == 401
-        res = self.app.get(self.private_node_one_url+'logs/', {
+        res = app.get(private_node_one_url+'logs/', {
             'view_only': 'thisisnotarealprivatekey',
-        }, auth=self.creation_user.auth)
+        }, auth=creation_user.auth)
         assert res.status_code == 200
 
-    def test_view_only_key_in_relationships_links(self):
-        res = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
+    #   test_view_only_key_in_relationships_links
+        res = app.get(private_node_one_url, {'view_only': private_node_one_private_link.key})
         assert res.status_code == 200
         res_relationships = res.json['data']['relationships']
         for key, value in res_relationships.iteritems():
             if value['links'].get('related'):
-                assert self.private_node_one_private_link.key in value['links']['related']['href']
+                assert private_node_one_private_link.key in value['links']['related']['href']
             if value['links'].get('self'):
-                assert self.private_node_one_private_link.key in value['links']['self']['href']
+                assert private_node_one_private_link.key in value['links']['self']['href']
 
-    def test_view_only_key_in_self_and_html_links(self):
-        res = self.app.get(self.private_node_one_url, {'view_only': self.private_node_one_private_link.key})
+    #   test_view_only_key_in_self_and_html_links
+        res = app.get(private_node_one_url, {'view_only': private_node_one_private_link.key})
         assert res.status_code == 200
         links = res.json['data']['links']
-        assert self.private_node_one_private_link.key in links['self']
-        assert self.private_node_one_private_link.key in links['html']
+        assert private_node_one_private_link.key in links['self']
+        assert private_node_one_private_link.key in links['html']
 
 @pytest.mark.django_db
-class TestNodeListViewOnlyLinks(ViewOnlyTestCase):
+@pytest.mark.usefixtures('creation_user', 'viewing_user', 'contributing_read_user', 'contributing_write_user', 'valid_contributors', 
+    'private_node_one', 'private_node_one_anonymous_link', 'private_node_one_private_link', 'private_node_one_url',
+    'private_node_two', 'private_node_two_url', 'public_node_one', 'public_node_one_anonymous_link',
+    'public_node_one_private_link', 'public_node_one_url', 'public_node_two', 'public_node_two_url')
+class TestNodeListViewOnlyLinks:
+
+    def test_node_list_view_only_links(self, app, valid_contributors, private_node_one, private_node_one_private_link, private_node_one_anonymous_link):
 
-    def test_private_link_does_not_show_node_in_list(self):
-        res = self.app.get('/{}nodes/'.format(API_BASE), {
-            'view_only': self.private_node_one_private_link.key,
+    #   test_private_link_does_not_show_node_in_list
+        res = app.get('/{}nodes/'.format(API_BASE), {
+            'view_only': private_node_one_private_link.key,
         })
         assert res.status_code == 200
         nodes = res.json['data']
         node_ids = []
         for node in nodes:
             node_ids.append(node['id'])
-        assert self.private_node_one._id not in node_ids
+        assert private_node_one._id not in node_ids
 
-    def test_anonymous_link_does_not_show_contributor_id_in_node_list(self):
-        res = self.app.get('/{}nodes/'.format(API_BASE), {
-            'view_only': self.private_node_one_anonymous_link.key,
+    #   test_anonymous_link_does_not_show_contributor_id_in_node_list
+        res = app.get('/{}nodes/'.format(API_BASE), {
+            'view_only': private_node_one_anonymous_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
@@ -241,9 +300,9 @@ def test_anonymous_link_does_not_show_contributor_id_in_node_list(self):
                 assert contributor['id'] == ''
         assert assertions != 0
 
-    def test_non_anonymous_link_does_show_contributor_id_in_node_list(self):
-        res = self.app.get('/{}nodes/'.format(API_BASE), {
-            'view_only': self.private_node_one_private_link.key,
+    #   test_non_anonymous_link_does_show_contributor_id_in_node_list
+        res = app.get('/{}nodes/'.format(API_BASE), {
+            'view_only': private_node_one_private_link.key,
             'embed': 'contributors',
         })
         assert res.status_code == 200
@@ -253,5 +312,5 @@ def test_non_anonymous_link_does_show_contributor_id_in_node_list(self):
             contributors = node['embeds']['contributors']['data']
             for contributor in contributors:
                 assertions += 1
-                assert contributor['id'].split('-')[1] in self.valid_contributors
+                assert contributor['id'].split('-')[1] in valid_contributors
         assert assertions != 0
diff --git a/tests/utils.py b/tests/utils.py
index e1a9c76c34e..7cbb34976b3 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -7,14 +7,11 @@
 from django.utils import timezone
 from nose import SkipTest
 from nose.tools import assert_equal, assert_not_equal
-
 from framework.auth import Auth
 from framework.celery_tasks.handlers import celery_teardown_request
-
 from website.archiver import ARCHIVER_SUCCESS
 from website.archiver import listeners as archiver_listeners
 from website.project.sanctions import Sanction
-
 from tests.base import get_default_metaschema
 
 def requires_module(module):
@@ -46,7 +43,7 @@ def test_update_node(self):
     def outer_wrapper(func):
         @functools.wraps(func)
         def wrapper(self, *args, **kwargs):
-            node = getattr(self, node_key)
+            node =  getattr(self, node_key)
             last_log = node.logs.latest()
             func(self, *args, **kwargs)
             node.reload()
@@ -72,6 +69,16 @@ def wrapper(self, *args, **kwargs):
         return wrapper
     return outer_wrapper
 
+@contextlib.contextmanager
+def assert_latest_log(log_action, node_key, index=-1):
+    node =  node_key
+    last_log = node.logs.latest()
+    node.reload()
+    yield
+    new_log = node.logs.order_by('-date')[-index - 1]
+    assert last_log._id != new_log._id
+    assert new_log.action == log_action
+
 @contextlib.contextmanager
 def mock_archive(project, schema=None, auth=None, data=None, parent=None,
                  embargo=False, embargo_end_date=None,

From b1af41498b261c6efd55116bc70f1245fdb812d0 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 5 Jun 2017 11:14:55 -0400
Subject: [PATCH 043/163] Clean unused imports & remove print statements

---
 api_tests/nodes/views/test_node_links_detail.py         | 2 +-
 api_tests/nodes/views/test_node_links_list.py           | 3 +--
 api_tests/nodes/views/test_node_logs.py                 | 1 -
 api_tests/nodes/views/test_node_view_only_links_list.py | 2 --
 4 files changed, 2 insertions(+), 6 deletions(-)

diff --git a/api_tests/nodes/views/test_node_links_detail.py b/api_tests/nodes/views/test_node_links_detail.py
index b6d4f74ad3c..dc10d41dbbf 100644
--- a/api_tests/nodes/views/test_node_links_detail.py
+++ b/api_tests/nodes/views/test_node_links_detail.py
@@ -1,7 +1,7 @@
 import pytest
 from urlparse import urlparse
 
-from framework.auth.core import Auth # possibly deleted?
+from framework.auth.core import Auth 
 from osf.models import NodeLog
 from api.base.settings.defaults import API_BASE
 from tests.base import ApiTestCase
diff --git a/api_tests/nodes/views/test_node_links_list.py b/api_tests/nodes/views/test_node_links_list.py
index 3567204b4d2..5f014962050 100644
--- a/api_tests/nodes/views/test_node_links_list.py
+++ b/api_tests/nodes/views/test_node_links_list.py
@@ -1,10 +1,9 @@
 import pytest
 from urlparse import urlparse
 
-from framework.auth.core import Auth # possibly deleted?
+from framework.auth.core import Auth
 from osf.models import NodeLog
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase
 from tests.utils import assert_latest_log
 from osf_tests.factories import (
diff --git a/api_tests/nodes/views/test_node_logs.py b/api_tests/nodes/views/test_node_logs.py
index e5fdeef1475..1ab4904085f 100644
--- a/api_tests/nodes/views/test_node_logs.py
+++ b/api_tests/nodes/views/test_node_logs.py
@@ -10,7 +10,6 @@
 from website.util import disconnected_from_listeners
 from website.project.signals import contributor_removed
 from api.base.settings.defaults import API_BASE
-from tests.json_api_test_app import JSONAPITestApp
 from tests.base import ApiTestCase, assert_datetime_equal
 from osf_tests.factories import (
     ProjectFactory,
diff --git a/api_tests/nodes/views/test_node_view_only_links_list.py b/api_tests/nodes/views/test_node_view_only_links_list.py
index 1166ec7a587..f9c991a3051 100644
--- a/api_tests/nodes/views/test_node_view_only_links_list.py
+++ b/api_tests/nodes/views/test_node_view_only_links_list.py
@@ -54,8 +54,6 @@ def test_non_mutating_view_only_links_list_tests(self, app, user, read_write_use
         res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         data = res.json['data']
-        print data
-        print url
         assert len(data) == 1
         assert data[0]['attributes']['name'] == 'testlink'
 

From cc14df02c78d061762b17404e53ceed6d3ed2fd8 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 5 Jun 2017 14:23:24 -0400
Subject: [PATCH 044/163] fix mixin conversion, clean grouping comments

---
 .../nodes/views/test_node_sparse_fieldsets.py |  22 +-
 .../views/test_view_only_link_detail.py       |  82 +++--
 .../views/test_view_only_link_nodes.py        | 294 +++++++++++-------
 3 files changed, 245 insertions(+), 153 deletions(-)

diff --git a/api_tests/nodes/views/test_node_sparse_fieldsets.py b/api_tests/nodes/views/test_node_sparse_fieldsets.py
index e2b1556b456..ae56e34f189 100644
--- a/api_tests/nodes/views/test_node_sparse_fieldsets.py
+++ b/api_tests/nodes/views/test_node_sparse_fieldsets.py
@@ -34,14 +34,14 @@ def url(self):
 
     def test_node_sparse_fields_list(self, app, user, deleted_project, private_project, public_project, url):
 
-    # def test_empty_fields_returns_no_attributes(self):
+    #   test_empty_fields_returns_no_attributes
         res = app.get(url)
         node_json = res.json['data'][0]
 
         assert node_json['attributes'] == {}
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
 
-    # def test_sparse_fields_includes_relationships(self):
+    #   test_sparse_fields_includes_relationships
         res = app.get(url + 'children')
         node_json = res.json['data'][0]
 
@@ -49,7 +49,7 @@ def test_node_sparse_fields_list(self, app, user, deleted_project, private_proje
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes', 'relationships'])
         assert node_json['relationships']['children']['links']['related']['href'].endswith('/{}nodes/{}/children/'.format(API_BASE, public_project._id))
 
-    # def test_returns_expected_nodes(self):
+    #   test_returns_expected_nodes
         res = app.get(url + 'title')
         node_json = res.json['data']
 
@@ -64,7 +64,7 @@ def test_node_sparse_fields_list(self, app, user, deleted_project, private_proje
         assert len(node_json['attributes']) == 1
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
 
-    # def test_filtering_by_id(self):
+    #   test_filtering_by_id
         url = '/{}nodes/?filter[id]={}&fields[nodes]='.format(API_BASE, public_project._id)
         res = app.get(url)
         assert [each['id'] for each in res.json['data']] == [public_project._id]
@@ -73,7 +73,7 @@ def test_node_sparse_fields_list(self, app, user, deleted_project, private_proje
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
         assert node_json['attributes'] == {}
 
-    # def test_filtering_by_excluded_field(self):
+    #   test_filtering_by_excluded_field
         url = '/{}nodes/?filter[title]={}&fields[nodes]='.format(API_BASE, public_project.title)
         res = app.get(url)
         assert [each['id'] for each in res.json['data']] == [public_project._id]
@@ -82,7 +82,7 @@ def test_node_sparse_fields_list(self, app, user, deleted_project, private_proje
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
         assert node_json['attributes'] == {}
 
-    # def test_create_with_sparse_fields(self):
+    #   test_create_with_sparse_fields
         payload = {
             'data': {
                 'type': 'nodes',
@@ -113,14 +113,14 @@ def url(self, node):
 
     def test_node_sparse_fields_detail_non_mutating_tests(self, app, user, node, url):
 
-    # def test_empty_fields_returns_no_attributes(self, app, url):
+    #   test_empty_fields_returns_no_attributes
         res = app.get(url + '?fields[nodes]=')
         node_json = res.json['data']
 
         assert node_json['attributes'] == {}
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
 
-    # def test_embed_sparse_same_type(self, app, user, node, url):
+    #   test_embed_sparse_same_type
         child = ProjectFactory(parent=node, is_public=True, creator=user)
         res_url = '{}?embed=children&fields[nodes]=title,children'.format(url)
         res = app.get(res_url)
@@ -132,7 +132,7 @@ def test_node_sparse_fields_detail_non_mutating_tests(self, app, user, node, url
         assert node_json['embeds']['children']['data'][0]['attributes'].keys() == ['title']
         assert node_json['embeds']['children']['data'][0]['attributes']['title'] == child.title
 
-    # def test_embed_sparse_different_types(self, app, user, node, url):
+    #   test_embed_sparse_different_types
         res_url = '{}?embed=contributors&fields[nodes]=title,contributors'.format(url)
         res = app.get(res_url)
         node_json = res.json['data']
@@ -143,7 +143,7 @@ def test_node_sparse_fields_detail_non_mutating_tests(self, app, user, node, url
         assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(node._id, user._id)
         assert len(node_json['embeds']['contributors']['data'][0]['attributes']) > 1
 
-    # def test_sparse_embedded_type(self):
+    #   test_sparse_embedded_type
         res_url = '{}?embed=contributors&fields[contributors]='.format(url)
         res = app.get(res_url)
         node_json = res.json['data']
@@ -154,7 +154,7 @@ def test_node_sparse_fields_detail_non_mutating_tests(self, app, user, node, url
         assert node_json['embeds']['contributors']['data'][0]['id'] == '{}-{}'.format(node._id, user._id)
         assert len(node_json['embeds']['contributors']['data'][0]['attributes']) == 0
 
-    # def test_multiple_sparse_types(self):
+    #   test_multiple_sparse_types
         res_url = '{}?fields[nodes]=contributors,title&embed=contributors&fields[contributors]=bibliographic'.format(url)
         res = app.get(res_url)
         node_json = res.json['data']
diff --git a/api_tests/view_only_links/views/test_view_only_link_detail.py b/api_tests/view_only_links/views/test_view_only_link_detail.py
index e5106749819..733f57c40ed 100644
--- a/api_tests/view_only_links/views/test_view_only_link_detail.py
+++ b/api_tests/view_only_links/views/test_view_only_link_detail.py
@@ -1,33 +1,71 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
+from website.util import permissions
 from api.base.settings.defaults import API_BASE
+from tests.base import ApiTestCase
+from osf_tests.factories import (
+    ProjectFactory,
+    AuthUserFactory,
+    PrivateLinkFactory
+)
 
-from api_tests.nodes.views.test_node_view_only_links_list import ViewOnlyLinkTestCase
+@pytest.mark.django_db
+class TestViewOnlyLinksDetail:
 
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-class TestViewOnlyLinksDetail(ViewOnlyLinkTestCase):
+    @pytest.fixture()
+    def read_only_user(self):
+        return AuthUserFactory()
 
-    def setUp(self):
-        super(TestViewOnlyLinksDetail, self).setUp()
-        self.url = '/{}view_only_links/{}/'.format(API_BASE, self.view_only_link._id)
+    @pytest.fixture()
+    def read_write_user(self):
+        return AuthUserFactory()
 
-    def test_admin_can_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data']['attributes']['name'], 'testlink')
+    @pytest.fixture()
+    def non_contributor(self):
+        return AuthUserFactory()
 
-    def test_read_write_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    @pytest.fixture()
+    def public_project(self, user, read_only_user, read_write_user):
+        public_project = ProjectFactory(is_public=True, creator=user)
+        public_project.add_contributor(read_only_user, permissions=[permissions.READ])
+        public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+        public_project.save()
+        return public_project
 
-    def test_read_only_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    @pytest.fixture()
+    def view_only_link(self, public_project):
+        view_only_link = PrivateLinkFactory(name='testlink')
+        view_only_link.nodes.add(public_project)
+        view_only_link.save()
+        return view_only_link
 
-    def test_logged_in_user_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    @pytest.fixture()
+    def url(self, view_only_link):
+        return '/{}view_only_links/{}/'.format(API_BASE, view_only_link._id)
 
-    def test_unauthenticated_user_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    def test_view_only_links_detail(self, app, user, read_only_user, read_write_user, non_contributor, url):
+
+    #   test_admin_can_view_vol_detail
+        res = app.get(url, auth=user.auth)
+        assert res.status_code == 200
+        assert res.json['data']['attributes']['name'] == 'testlink'
+
+    #   test_read_write_cannot_view_vol_detail
+        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_read_only_cannot_view_vol_detail
+        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_logged_in_user_cannot_view_vol_detail
+        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_unauthenticated_user_cannot_view_vol_detail
+        res = app.get(url, expect_errors=True)
+        assert res.status_code == 403
diff --git a/api_tests/view_only_links/views/test_view_only_link_nodes.py b/api_tests/view_only_links/views/test_view_only_link_nodes.py
index 5345a32de26..8ad031eb969 100644
--- a/api_tests/view_only_links/views/test_view_only_link_nodes.py
+++ b/api_tests/view_only_links/views/test_view_only_link_nodes.py
@@ -1,111 +1,164 @@
+import pytest
 from nose.tools import *  # flake8: noqa
 
+from website.util import permissions
 from api.base.settings.defaults import API_BASE
-
-from api_tests.nodes.views.test_node_view_only_links_list import ViewOnlyLinkTestCase
-
-from osf_tests.factories import NodeFactory
-
-
-class TestViewOnlyLinksNodes(ViewOnlyLinkTestCase):
-
-    def setUp(self):
-        super(TestViewOnlyLinksNodes, self).setUp()
-        self.url = '/{}view_only_links/{}/nodes/'.format(API_BASE, self.view_only_link._id)
-
-    def test_admin_can_view_vol_nodes_detail(self):
-        res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-
-    def test_read_write_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-
-    def test_read_only_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-
-    def test_logged_in_user_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-
-    def test_unauthenticated_user_cannot_view_vol_detail(self):
-        res = self.app.get(self.url, expect_errors=True)
-        assert_equal(res.status_code, 403)
-
-
-class TestViewOnlyLinkNodesSet(ViewOnlyLinkTestCase):
-
-    def setUp(self):
-        super(TestViewOnlyLinkNodesSet, self).setUp()
-        self.component_one = NodeFactory(creator=self.user, parent=self.public_project, is_public=True)
-        self.component_two = NodeFactory(creator=self.user, parent=self.public_project, is_public=False)
-
-        self.project_two = NodeFactory(creator=self.user)
-
-        self.first_level_component = NodeFactory(creator=self.user, parent=self.public_project)
-        self.second_level_component = NodeFactory(creator=self.user, parent=self.first_level_component)
-
-        self.component_one_payload = {
+from tests.base import ApiTestCase
+from osf_tests.factories import (
+    ProjectFactory,
+    AuthUserFactory,
+    PrivateLinkFactory,
+    NodeFactory
+)
+
+
+@pytest.fixture(scope='function')
+def user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_only_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def read_write_user():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def non_contributor():
+    return AuthUserFactory()
+
+@pytest.fixture(scope='function')
+def public_project(user, read_only_user, read_write_user):
+    public_project = ProjectFactory(is_public=True, creator=user)
+    public_project.add_contributor(read_only_user, permissions=[permissions.READ])
+    public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+    public_project.save()
+    return public_project
+
+@pytest.fixture(scope='function')
+def view_only_link(public_project):
+    view_only_link = PrivateLinkFactory(name='testlink')
+    view_only_link.nodes.add(public_project)
+    view_only_link.save()
+    return view_only_link
+
+@pytest.mark.django_db
+class TestViewOnlyLinksNodes:
+
+    @pytest.fixture()
+    def url(self, view_only_link):
+        return '/{}view_only_links/{}/nodes/'.format(API_BASE, view_only_link._id)
+
+    def test_view_only_links_nodes(self, app, user, read_only_user, read_write_user, non_contributor, url):
+
+    #   test_admin_can_view_vol_nodes_detail
+        res = app.get(url, auth=user.auth)
+        assert res.status_code == 200
+
+    #   test_read_write_cannot_view_vol_detail
+        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_read_only_cannot_view_vol_detail
+        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_logged_in_user_cannot_view_vol_detail
+        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    #   test_unauthenticated_user_cannot_view_vol_detail
+        res = app.get(url, expect_errors=True)
+        assert res.status_code == 403
+
+@pytest.mark.django_db
+class TestViewOnlyLinkNodesSet:
+
+    @pytest.fixture()
+    def component_one(self, user, public_project):
+        return NodeFactory(creator=user, parent=public_project, is_public=True)
+
+    @pytest.fixture()
+    def component_two(self, user, public_project):
+        return NodeFactory(creator=user, parent=public_project, is_public=False)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return NodeFactory(creator=user)
+
+    @pytest.fixture()
+    def first_level_component(self, user, public_project):
+        return NodeFactory(creator=user, parent=public_project)
+
+    @pytest.fixture()
+    def second_level_component(self, user, first_level_component):
+        return NodeFactory(creator=user, parent=first_level_component)
+
+    @pytest.fixture()
+    def component_one_payload(self, component_one):
+        return {
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.component_one._id
+                    'id': component_one._id
                 }
             ]
         }
 
-        self.url = '/{}view_only_links/{}/relationships/nodes/'.format(API_BASE, self.view_only_link._id)
+    @pytest.fixture()
+    def url(self, view_only_link):
+        return '/{}view_only_links/{}/relationships/nodes/'.format(API_BASE, view_only_link._id)
 
-    def test_admin_can_set_single_node(self):
-        res = self.app.post_json_api(self.url, self.component_one_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 201)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
+    def test_admin_can_set_single_node(self, app, user, public_project, component_one, component_one_payload, view_only_link, url):
+        res = app.post_json_api(url, component_one_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 201
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
 
-    def test_admin_can_set_multiple_nodes(self):
+    def test_admin_can_set_multiple_nodes(self, app, user, public_project, component_one, component_two, view_only_link, url):
         payload = {
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.component_one._id
+                    'id': component_one._id
                 }, {
                     'type': 'nodes',
-                    'id': self.component_two._id
+                    'id': component_two._id
                 }
             ]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 201)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
-        assert_in(self.component_two, self.view_only_link.nodes.all())
-
-    def test_set_nodes_does_not_duplicate_nodes(self):
+        res = app.post_json_api(url, payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 201
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
+        assert component_two in view_only_link.nodes.all()
+
+    def test_set_nodes_does_not_duplicate_nodes(self, app, user, public_project, component_one, view_only_link, url):
         payload = {
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.public_project._id
+                    'id': public_project._id
                 }, {
                     'type': 'nodes',
-                    'id': self.component_one._id
+                    'id': component_one._id
                 }, {
                     'type': 'nodes',
-                    'id': self.component_one._id
+                    'id': component_one._id
                 }
             ]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 201)
-        assert_equal(self.view_only_link.nodes.count(), 2)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
-
-    def test_set_node_not_component(self):
+        res = app.post_json_api(url, payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 201
+        assert view_only_link.nodes.count() == 2
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
+
+    def test_set_node_not_component(self, app, user, project_two, url):
         """
         Project One (already associated with VOL)
             -> Level One Component (can be associated with VOL)
@@ -116,15 +169,15 @@ def test_set_node_not_component(self):
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.project_two._id
+                    'id': project_two._id
                 },
             ]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(self.project_two._id))
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(project_two._id)
 
-    def test_set_node_second_level_component_without_first_level_parent(self):
+    def test_set_node_second_level_component_without_first_level_parent(self, app, user, public_project, second_level_component, view_only_link, url):
         """
         Parent Project (already associated with VOL)
             ->  First Level Component (NOT included)
@@ -134,18 +187,18 @@ def test_set_node_second_level_component_without_first_level_parent(self):
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.second_level_component._id
+                    'id': second_level_component._id
                 },
             ]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 201)
-        assert_equal(len(res.json['data']), 2)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.second_level_component, self.view_only_link.nodes.all())
-
-    def test_set_node_second_level_component_with_first_level_parent(self):
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        view_only_link.reload()
+        assert res.status_code == 201
+        assert len(res.json['data']) == 2
+        assert public_project in view_only_link.nodes.all()
+        assert second_level_component in view_only_link.nodes.all()
+
+    def test_set_node_second_level_component_with_first_level_parent(self, app, user, first_level_component, second_level_component, view_only_link, url):
         """
         Parent Project (already associated with VOL)
             ->  First Level Component (included)
@@ -155,64 +208,65 @@ def test_set_node_second_level_component_with_first_level_parent(self):
             'data': [
                 {
                     'type': 'nodes',
-                    'id': self.first_level_component._id
+                    'id': first_level_component._id
                 },
                 {
                     'type': 'nodes',
-                    'id': self.second_level_component._id
+                    'id': second_level_component._id
                 }
             ]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 201)
-        assert_in(self.first_level_component, self.view_only_link.nodes.all())
-        assert_in(self.second_level_component, self.view_only_link.nodes.all())
+        res = app.post_json_api(url, payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 201
+        assert first_level_component in view_only_link.nodes.all()
+        assert second_level_component in view_only_link.nodes.all()
 
-    def test_invalid_nodes_in_payload(self):
+    def test_view_only_link_nodes_set_errors(self, app, user, read_write_user, read_only_user, non_contributor, component_one_payload, component_one, url):
+
+    #   test_invalid_nodes_in_payload
         payload = {
             'data': [{
                 'type': 'nodes',
                 'id': 'abcde'
             }]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 404
 
-    def test_type_required_in_payload(self):
+    #   test_type_required_in_payload
         payload = {
             'data': [{
-                'id': self.component_one._id
+                'id': component_one._id
             }]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-    def test_id_required_in_payload(self):
+    #   test_id_required_in_payload
         payload = {
             'data': [{
                 'type': 'nodes',
             }]
         }
-        res = self.app.post_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.post_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-    def test_read_write_contributor_cannot_set_nodes(self):
-        res = self.app.post_json_api(self.url, self.component_one_payload, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    #   test_read_write_contributor_cannot_set_nodes
+        res = app.post_json_api(url, component_one_payload, auth=read_write_user.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_read_only_contributor_cannot_set_nodes(self):
-        res = self.app.post_json_api(self.url, self.component_one_payload, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    #   test_read_only_contributor_cannot_set_nodes
+        res = app.post_json_api(url, component_one_payload, auth=read_only_user.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_logged_in_user_cannot_set_nodes(self):
-        res = self.app.post_json_api(self.url, self.component_one_payload, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-
-    def test_unauthenticated_user_cannot_set_nodes(self):
-        res = self.app.post_json_api(self.url, self.component_one_payload, expect_errors=True)
-        assert_equal(res.status_code, 401)
+    #   test_logged_in_user_cannot_set_nodes
+        res = app.post_json_api(url, component_one_payload, auth=non_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
 
+    #   test_unauthenticated_user_cannot_set_nodes
+        res = app.post_json_api(url, component_one_payload, expect_errors=True)
+        assert res.status_code == 401
 
 class TestViewOnlyLinkNodesUpdate(TestViewOnlyLinkNodesSet):
 

From 8599671f3d6eb38675859ec49deadcef0ec3fe0e Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Mon, 5 Jun 2017 16:13:46 -0400
Subject: [PATCH 045/163] Fix imports

---
 admin/nodes/views.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/admin/nodes/views.py b/admin/nodes/views.py
index a3718166c2f..891939ec60d 100644
--- a/admin/nodes/views.py
+++ b/admin/nodes/views.py
@@ -16,7 +16,7 @@
 from osf.models import SpamStatus
 from admin.base.views import GuidFormView, GuidView
 from osf.models.admin_log_entry import (
-    update_admin_log
+    update_admin_log,
     NODE_REMOVED,
     NODE_RESTORED,
     CONTRIBUTOR_REMOVED,
@@ -27,7 +27,6 @@
 )
 from admin.nodes.templatetags.node_extras import reverse_node
 from admin.nodes.serializers import serialize_node, serialize_simple_user_and_node_permissions
-from website.project.spam.model import SpamStatus
 from website.project.tasks import update_share
 from website.project.views.register import osf_admin_change_status_identifier
 

From a76dc2fbfa7a81dac258ae88b5e4c8350e29aae5 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 5 Jun 2017 16:32:01 -0400
Subject: [PATCH 046/163] abstract fixtures, prevent duplicate running of tests

---
 .../views/test_view_only_link_nodes.py        | 355 +++++++++---------
 1 file changed, 181 insertions(+), 174 deletions(-)

diff --git a/api_tests/view_only_links/views/test_view_only_link_nodes.py b/api_tests/view_only_links/views/test_view_only_link_nodes.py
index 8ad031eb969..abee5276c33 100644
--- a/api_tests/view_only_links/views/test_view_only_link_nodes.py
+++ b/api_tests/view_only_links/views/test_view_only_link_nodes.py
@@ -43,6 +43,37 @@ def view_only_link(public_project):
     view_only_link.save()
     return view_only_link
 
+@pytest.fixture()
+def component_one(user, public_project):
+    return NodeFactory(creator=user, parent=public_project, is_public=True)
+
+@pytest.fixture()
+def component_two(user, public_project):
+    return NodeFactory(creator=user, parent=public_project, is_public=False)
+
+@pytest.fixture()
+def project_two(user):
+    return NodeFactory(creator=user)
+
+@pytest.fixture()
+def first_level_component(user, public_project):
+    return NodeFactory(creator=user, parent=public_project)
+
+@pytest.fixture()
+def second_level_component(user, first_level_component):
+    return NodeFactory(creator=user, parent=first_level_component)
+
+@pytest.fixture()
+def component_one_payload(component_one):
+    return {
+        'data': [
+            {
+                'type': 'nodes',
+                'id': component_one._id
+            }
+        ]
+    }
+
 @pytest.mark.django_db
 class TestViewOnlyLinksNodes:
 
@@ -75,37 +106,6 @@ def test_view_only_links_nodes(self, app, user, read_only_user, read_write_user,
 @pytest.mark.django_db
 class TestViewOnlyLinkNodesSet:
 
-    @pytest.fixture()
-    def component_one(self, user, public_project):
-        return NodeFactory(creator=user, parent=public_project, is_public=True)
-
-    @pytest.fixture()
-    def component_two(self, user, public_project):
-        return NodeFactory(creator=user, parent=public_project, is_public=False)
-
-    @pytest.fixture()
-    def project_two(self, user):
-        return NodeFactory(creator=user)
-
-    @pytest.fixture()
-    def first_level_component(self, user, public_project):
-        return NodeFactory(creator=user, parent=public_project)
-
-    @pytest.fixture()
-    def second_level_component(self, user, first_level_component):
-        return NodeFactory(creator=user, parent=first_level_component)
-
-    @pytest.fixture()
-    def component_one_payload(self, component_one):
-        return {
-            'data': [
-                {
-                    'type': 'nodes',
-                    'id': component_one._id
-                }
-            ]
-        }
-
     @pytest.fixture()
     def url(self, view_only_link):
         return '/{}view_only_links/{}/relationships/nodes/'.format(API_BASE, view_only_link._id)
@@ -268,90 +268,95 @@ def test_view_only_link_nodes_set_errors(self, app, user, read_write_user, read_
         res = app.post_json_api(url, component_one_payload, expect_errors=True)
         assert res.status_code == 401
 
-class TestViewOnlyLinkNodesUpdate(TestViewOnlyLinkNodesSet):
+@pytest.mark.django_db
+class TestViewOnlyLinkNodesUpdate:
 
-    def setUp(self):
-        super(TestViewOnlyLinkNodesUpdate, self).setUp()
-        self.update_payload = {
+    @pytest.fixture()
+    def url(self, view_only_link):
+        return '/{}view_only_links/{}/relationships/nodes/'.format(API_BASE, view_only_link._id)
+
+    @pytest.fixture()
+    def update_payload(self, public_project, component_one):
+        return {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
                 'type': 'nodes',
-                'id': self.component_one._id
+                'id': component_one._id
             }]
         }
 
-    def test_admin_can_update_nodes_single_node_to_add(self):
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 2)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
+    def test_admin_can_update_nodes_single_node_to_add(self, app, user, url, public_project, component_one, view_only_link, update_payload):
+        res = app.put_json_api(url, update_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 2
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
 
-    def test_admin_can_update_nodes_multiple_nodes_to_add(self):
-        self.update_payload['data'].append({
+    def test_admin_can_update_nodes_multiple_nodes_to_add(self, app, user, public_project, component_one, component_two, view_only_link, url, update_payload):
+        update_payload['data'].append({
             'type': 'nodes',
-            'id': self.component_two._id
+            'id': component_two._id
         })
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 3)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
-        assert_in(self.component_two, self.view_only_link.nodes.all())
-
-    def test_admin_can_update_nodes_single_node_to_remove(self):
-        self.view_only_link.nodes.add(self.component_one)
-        self.view_only_link.save()
-        self.update_payload['data'].pop()
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 1)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_not_in(self.component_one, self.view_only_link.nodes.all())
-
-    def test_admin_can_update_nodes_multiple_nodes_to_remove(self):
-        self.view_only_link.nodes.add(self.component_one)
-        self.view_only_link.nodes.add(self.component_two)
-        self.view_only_link.save()
-        self.update_payload['data'].pop()
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 1)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_not_in(self.component_one, self.view_only_link.nodes.all())
-        assert_not_in(self.component_two, self.view_only_link.nodes.all())
-
-
-    def test_admin_can_update_nodes_single_add_single_remove(self):
-        self.view_only_link.nodes.add(self.component_two)
-        self.view_only_link.save()
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 2)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.component_one, self.view_only_link.nodes.all())
-        assert_not_in(self.component_two, self.view_only_link.nodes.all())
-
-
-    def test_admin_can_update_nodes_multiple_add_multiple_remove(self):
-        self.view_only_link.nodes.add(self.component_one)
-        self.view_only_link.nodes.add(self.component_two)
-        self.view_only_link.save()
-
-        component_three = NodeFactory(creator=self.user, parent=self.public_project)
-        component_four = NodeFactory(creator=self.user, parent=self.public_project)
+        res = app.put_json_api(url, update_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 3
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
+        assert component_two in view_only_link.nodes.all()
+
+    def test_admin_can_update_nodes_single_node_to_remove(self, app, user, public_project, component_one, view_only_link, update_payload, url):
+        view_only_link.nodes.add(component_one)
+        view_only_link.save()
+        update_payload['data'].pop()
+        res = app.put_json_api(url, update_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 1
+        assert public_project in view_only_link.nodes.all()
+        assert component_one not in view_only_link.nodes.all()
+
+    def test_admin_can_update_nodes_multiple_nodes_to_remove(self, app, user, public_project, component_one, component_two, view_only_link, update_payload, url,):
+        view_only_link.nodes.add(component_one)
+        view_only_link.nodes.add(component_two)
+        view_only_link.save()
+        update_payload['data'].pop()
+        res = app.put_json_api(url, update_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 1
+        assert public_project in view_only_link.nodes.all()
+        assert component_one not in view_only_link.nodes.all()
+        assert component_two not in view_only_link.nodes.all()
+
+
+    def test_admin_can_update_nodes_single_add_single_remove(self, app, user, public_project, component_one, component_two, view_only_link, update_payload, url):
+        view_only_link.nodes.add(component_two)
+        view_only_link.save()
+        res = app.put_json_api(url, update_payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 2
+        assert public_project in view_only_link.nodes.all()
+        assert component_one in view_only_link.nodes.all()
+        assert component_two not in view_only_link.nodes.all()
+
+
+    def test_admin_can_update_nodes_multiple_add_multiple_remove(self, app, user, public_project, component_one, component_two, view_only_link, url):
+        view_only_link.nodes.add(component_one)
+        view_only_link.nodes.add(component_two)
+        view_only_link.save()
+
+        component_three = NodeFactory(creator=user, parent=public_project)
+        component_four = NodeFactory(creator=user, parent=public_project)
 
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id,
+                'id': public_project._id,
             }, {
                 'type': 'nodes',
                 'id': component_three._id
@@ -361,30 +366,30 @@ def test_admin_can_update_nodes_multiple_add_multiple_remove(self):
             }]
         }
 
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 3)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_not_in(self.component_one, self.view_only_link.nodes.all())
-        assert_not_in(self.component_two, self.view_only_link.nodes.all())
-        assert_in(component_three, self.view_only_link.nodes.all())
-        assert_in(component_four, self.view_only_link.nodes.all())
-
-    def test_update_nodes_no_changes(self):
+        res = app.put_json_api(url, payload, auth=user.auth)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 3
+        assert public_project in view_only_link.nodes.all()
+        assert component_one not in view_only_link.nodes.all()
+        assert component_two not in view_only_link.nodes.all()
+        assert component_three in view_only_link.nodes.all()
+        assert component_four in view_only_link.nodes.all()
+
+    def test_update_nodes_no_changes(self, app, user, public_project, view_only_link, url):
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id,
+                'id': public_project._id,
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 1)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 1
+        assert public_project in view_only_link.nodes.all()
 
-    def test_update_nodes_top_level_node_not_included(self):
+    def test_update_nodes_top_level_node_not_included(self, app, user, component_one, url):
         """
         Parent Project (NOT included)
             ->  First Level Component (included) -- NOT ALLOWED
@@ -392,25 +397,25 @@ def test_update_nodes_top_level_node_not_included(self):
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.component_one._id
+                'id': component_one._id
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(self.component_one._id))
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(component_one._id)
 
-    def test_update_node_not_component(self):
+    def test_update_node_not_component(self, app, user, project_two, component_two, url):
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.project_two._id
+                'id': project_two._id
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(self.project_two._id))
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'The node {0} cannot be affiliated with this View Only Link because the node you\'re trying to affiliate is not descended from the node that the View Only Link is attached to.'.format(project_two._id)
 
-    def test_update_node_second_level_component_without_first_level_parent(self):
+    def test_update_node_second_level_component_without_first_level_parent(self, app, user, public_project, second_level_component, view_only_link, url):
         """
         Parent Project (included)
             ->  First Level Component (NOT included)
@@ -419,20 +424,20 @@ def test_update_node_second_level_component_without_first_level_parent(self):
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
                 'type': 'nodes',
-                'id': self.second_level_component._id
+                'id': second_level_component._id
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 2)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.second_level_component, self.view_only_link.nodes.all())
-
-    def test_update_node_second_level_component_with_first_level_parent(self):
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 2
+        assert public_project in view_only_link.nodes.all()
+        assert second_level_component in view_only_link.nodes.all()
+
+    def test_update_node_second_level_component_with_first_level_parent(self, app, user, public_project, first_level_component, second_level_component, view_only_link, url):
         """
         Parent Project (included)
             ->  First Level Component (included)
@@ -441,72 +446,74 @@ def test_update_node_second_level_component_with_first_level_parent(self):
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
                 'type': 'nodes',
-                'id': self.first_level_component._id
+                'id': first_level_component._id
             }, {
                 'type': 'nodes',
-                'id': self.second_level_component._id
+                'id': second_level_component._id
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        self.view_only_link.reload()
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 3)
-        assert_in(self.public_project, self.view_only_link.nodes.all())
-        assert_in(self.first_level_component, self.view_only_link.nodes.all())
-        assert_in(self.second_level_component, self.view_only_link.nodes.all())
-
-    def test_invalid_nodes_in_payload(self):
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        view_only_link.reload()
+        assert res.status_code == 200
+        assert len(res.json['data']) == 3
+        assert public_project in view_only_link.nodes.all()
+        assert first_level_component in view_only_link.nodes.all()
+        assert second_level_component in view_only_link.nodes.all()
+
+    def test_view_only_link_nodes_update_errors(self, app, user, read_write_user, read_only_user, non_contributor, public_project, component_one, update_payload, url):
+
+    #   test_invalid_nodes_in_payload
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
                 'type': 'nodes',
                 'id': 'abcde'
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 404
 
-    def test_type_required_in_payload(self):
+    #   test_type_required_in_payload
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
-                'id': self.component_one._id
+                'id': component_one._id
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-    def test_id_required_in_payload(self):
+    #   test_id_required_in_payload
         payload = {
             'data': [{
                 'type': 'nodes',
-                'id': self.public_project._id
+                'id': public_project._id
             }, {
                 'type': 'nodes'
             }]
         }
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-    def test_read_write_contributor_cannot_update_nodes(self):
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.read_write_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    #   test_read_write_contributor_cannot_update_nodes
+        res = app.put_json_api(url, update_payload, auth=read_write_user.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_read_only_contributor_cannot_update_nodes(self):
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.read_only_user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    #   test_read_only_contributor_cannot_update_nodes
+        res = app.put_json_api(url, update_payload, auth=read_only_user.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_logged_in_user_cannot_update_nodes(self):
-        res = self.app.put_json_api(self.url, self.update_payload, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+    #   test_logged_in_user_cannot_update_nodes
+        res = app.put_json_api(url, update_payload, auth=non_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_unauthenticated_user_cannot_update_nodes(self):
-        res = self.app.put_json_api(self.url, self.update_payload, expect_errors=True)
-        assert_equal(res.status_code, 401)
+    #   test_unauthenticated_user_cannot_update_nodes
+        res = app.put_json_api(url, update_payload, expect_errors=True)
+        assert res.status_code == 401

From caa27ce9f08f33ff3c6678093e564186fd15ed9c Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Tue, 6 Jun 2017 11:48:03 -0400
Subject: [PATCH 047/163] Add mock share urls for failing test

---
 admin_tests/preprints/test_views.py | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/admin_tests/preprints/test_views.py b/admin_tests/preprints/test_views.py
index 7c985cb5ec0..02d2faeb178 100644
--- a/admin_tests/preprints/test_views.py
+++ b/admin_tests/preprints/test_views.py
@@ -128,6 +128,8 @@ def setUp(self):
         self.preprint = PreprintFactory(creator=self.user)
 
     @mock.patch('admin.preprints.views.on_preprint_updated')
+    @mock.patch('website.settings.SHARE_URL', 'ima_real_website')
+    @mock.patch('website.settings.SHARE_API_TOKEN', 'ima_real_token')
     def test_reindex_preprint_share(self, mock_reindex_preprint):
         count = AdminLogEntry.objects.count()
         view = views.PreprintReindexShare()

From c41f191b6b157867c34b2fd6d1ef4d44161a9a2b Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Tue, 6 Jun 2017 23:05:19 -0400
Subject: [PATCH 048/163] fix the problem that use only have fullname but not
 family_name and given_name leaves no citation

---
 framework/auth/utils.py |  2 +-
 osf/models/user.py      | 20 ++++++++++++++++----
 2 files changed, 17 insertions(+), 5 deletions(-)

diff --git a/framework/auth/utils.py b/framework/auth/utils.py
index 31a208a821b..fb11e9f47f3 100644
--- a/framework/auth/utils.py
+++ b/framework/auth/utils.py
@@ -134,5 +134,5 @@ def generate_csl_given_name(given_name, middle_names, suffix):
         parts.extend(each[0] for each in re.split(r'\s+', middle_names))
     given = ' '.join(parts)
     if suffix:
-        given = '%s ,%s' % (given, suffix)
+        given = '%s, %s' % (given, suffix)
     return given
diff --git a/osf/models/user.py b/osf/models/user.py
index fab7ade9166..a3075fecd95 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -467,10 +467,22 @@ def csl_given_name(self):
 
     @property
     def csl_name(self):
-        return {
-            'family': self.family_name,
-            'given': self.csl_given_name,
-        }
+        if self.family_name and self.given_name:
+            return {
+                'family': self.family_name,
+                'given': self.csl_given_name,
+            }
+        else:
+            parsed = utils.impute_names(self.fullname)
+            given_name = parsed['given']
+            middle_names = parsed['middle']
+            family_name = parsed['family']
+            suffix = parsed['suffix']
+            csl_given_name = utils.generate_csl_given_name(given_name, middle_names, suffix)
+            return {
+                'family': family_name,
+                'given': csl_given_name,
+            }
 
     @property
     def contributor_to(self):

From 586e15838ecbb1c05103f347bc869b324964d4af Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Tue, 6 Jun 2017 23:26:51 -0400
Subject: [PATCH 049/163] finish tests

---
 tests/test_auth.py  | 21 ++++++++++++++-------
 tests/test_utils.py | 10 ++++++++++
 2 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/tests/test_auth.py b/tests/test_auth.py
index e9d7e5c4aa2..aa22c8b3fc8 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -13,7 +13,7 @@
 
 from framework import auth
 from framework.auth import cas
-from framework.auth.utils import validate_recaptcha, generate_csl_given_name
+from framework.auth.utils import validate_recaptcha
 from framework.sessions import Session
 from framework.exceptions import HTTPError
 from tests.base import OsfTestCase, assert_is_redirect, fake
@@ -42,12 +42,19 @@
 
 class TestAuthUtils(OsfTestCase):
 
-    def test_generate_csl_given_name(self):
-        given_name = 'Cause'
-        middle_names = 'Awesome'
-        suffix = 'Jr.'
-        csl_given_name = generate_csl_given_name(given_name, middle_names, suffix)
-        assert_equal(csl_given_name, 'Cause A ,Jr.')
+    def test_citation_with_only_fullname(self):
+        user = UserFactory()
+        user.fullname = 'Martin Luther King Jr.'
+        user.family_name = None
+        user.given_name = None
+        user.middle_names = None
+        user.suffix = None
+        user.save()
+        resp = user.csl_name
+        family_name = resp['family']
+        given_name = resp['given']
+        assert_equal(family_name, 'King')
+        assert_equal(given_name, 'Martin L, Jr.')
 
     def test_unreg_user_can_register(self):
         user = UnregUserFactory()
diff --git a/tests/test_utils.py b/tests/test_utils.py
index 424c4b44c8b..15f02a30ef8 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -13,6 +13,7 @@
 from tests.base import OsfTestCase
 from osf_tests.factories import RegistrationFactory
 
+from framework.auth.utils import generate_csl_given_name
 from framework.routing import Rule, json_renderer
 from framework.utils import secure_filename
 from website.routes import process_rules, OsfWebRenderer
@@ -447,3 +448,12 @@ def test_temporary_disconnect(self):
         with util.disconnected_from(self.signal_, self.listener):
             self.signal_.send()
         assert_false(self.mock_listener.called)
+
+class TestUserUtils(unittest.TestCase):
+
+    def test_generate_csl_given_name(self):
+        given_name = 'Cause'
+        middle_names = 'Awesome'
+        suffix = 'Jr.'
+        csl_given_name = generate_csl_given_name(given_name, middle_names, suffix)
+        assert_equal(csl_given_name, 'Cause A, Jr.')
\ No newline at end of file

From c9e9d2ab5ae7911e5c11849add1f26d0f8039154 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 00:47:09 -0400
Subject: [PATCH 050/163] solve merge conflict

---
 framework/auth/core.py | 1420 ----------------------------------------
 1 file changed, 1420 deletions(-)

diff --git a/framework/auth/core.py b/framework/auth/core.py
index 0feb029b6c4..b1d364bb318 100644
--- a/framework/auth/core.py
+++ b/framework/auth/core.py
@@ -203,1423 +203,3 @@ def from_kwargs(cls, request_args, kwargs):
             user=user,
             private_key=private_key,
         )
-<<<<<<< HEAD
-
-
-class User(GuidStoredObject, AddonModelMixin):
-
-    # Node fields that trigger an update to the search engine on save
-    SEARCH_UPDATE_FIELDS = {
-        'fullname',
-        'given_name',
-        'middle_names',
-        'family_name',
-        'suffix',
-        'merged_by',
-        'date_disabled',
-        'date_confirmed',
-        'jobs',
-        'schools',
-        'social',
-    }
-
-    # TODO: Add SEARCH_UPDATE_NODE_FIELDS, for fields that should trigger a
-    #   search update for all nodes to which the user is a contributor.
-
-    SOCIAL_FIELDS = {
-        'orcid': u'http://orcid.org/{}',
-        'github': u'http://github.com/{}',
-        'scholar': u'http://scholar.google.com/citations?user={}',
-        'twitter': u'http://twitter.com/{}',
-        'profileWebsites': [],
-        'linkedIn': u'https://www.linkedin.com/{}',
-        'impactStory': u'https://impactstory.org/{}',
-        'researcherId': u'http://researcherid.com/rid/{}',
-        'researchGate': u'https://researchgate.net/profile/{}',
-        'academiaInstitution': u'https://{}',
-        'academiaProfileID': u'.academia.edu/{}',
-        'baiduScholar': u'http://xueshu.baidu.com/scholarID/{}',
-        'ssrn': u'http://papers.ssrn.com/sol3/cf_dev/AbsByAuth.cfm?per_id={}',
-    }
-
-    # This is a GuidStoredObject, so this will be a GUID.
-    _id = fields.StringField(primary=True)
-
-    # The primary email address for the account.
-    # This value is unique, but multiple "None" records exist for:
-    #   * unregistered contributors where an email address was not provided.
-    # TODO: Update mailchimp subscription on username change in user.save()
-    username = fields.StringField(required=False, unique=True, index=True)
-
-    # Hashed. Use `User.set_password` and `User.check_password`
-    password = fields.StringField()
-
-    fullname = fields.StringField(required=True, validate=string_required)
-
-    # user has taken action to register the account
-    is_registered = fields.BooleanField(index=True)
-
-    # user has claimed the account
-    # TODO: This should be retired - it always reflects is_registered.
-    #   While a few entries exist where this is not the case, they appear to be
-    #   the result of a bug, as they were all created over a small time span.
-    is_claimed = fields.BooleanField(default=False, index=True)
-
-    # a list of strings - for internal use
-    system_tags = fields.StringField(list=True)
-
-    # security emails that have been sent
-    # TODO: This should be removed and/or merged with system_tags
-    security_messages = fields.DictionaryField()
-    # Format: {
-    #   <message label>: <datetime>
-    #   ...
-    # }
-
-    # user was invited (as opposed to registered unprompted)
-    is_invited = fields.BooleanField(default=False, index=True)
-
-    # Per-project unclaimed user data:
-    # TODO: add validation
-    unclaimed_records = fields.DictionaryField(required=False)
-    # Format: {
-    #   <project_id>: {
-    #       'name': <name that referrer provided>,
-    #       'referrer_id': <user ID of referrer>,
-    #       'token': <verification token>,
-    #       'expires': <verification expiration time>,
-    #       'email': <email the referrer provided or None>,
-    #       'claimer_email': <email the claimer entered or None>,
-    #       'last_sent': <timestamp of last email sent to referrer or None>
-    #   }
-    #   ...
-    # }
-
-    # Time of last sent notification email to newly added contributors
-    contributor_added_email_records = fields.DictionaryField(default=dict)
-    # Format : {
-    #   <project_id>: {
-    #       'last_sent': time.time()
-    #   }
-    #   ...
-    # }
-
-    # The user into which this account was merged
-    merged_by = fields.ForeignField('user', default=None, index=True)
-
-    # verification key v1: only the token string, no expiration time
-    # used for cas login with username and verification key
-    verification_key = fields.StringField()
-
-    # verification key v2: token, and expiration time
-    # used for password reset, confirm account/email, claim account/contributor-ship
-    verification_key_v2 = fields.DictionaryField(default=dict)
-    # Format: {
-    #   'token': <verification token>
-    #   'expires': <verification expiration time>
-    # }
-
-    email_last_sent = fields.DateTimeField()
-
-    # confirmed emails
-    #   emails should be stripped of whitespace and lower-cased before appending
-    # TODO: Add validator to ensure an email address only exists once across
-    # all User's email lists
-    emails = fields.StringField(list=True)
-
-    # email verification tokens
-    #   see also ``unconfirmed_emails``
-    email_verifications = fields.DictionaryField(default=dict)
-    # Format: {
-    #   <token> : {
-    #       'email': <email address>,
-    #       'expiration': <datetime>,
-    #       'confirmed': whether user is confirmed or not,
-    #       'external_identity': user's external identity,
-    #   }
-    # }
-
-    # TODO remove this field once migration (scripts/migration/migrate_mailing_lists_to_mailchimp_fields.py)
-    # has been run. This field is deprecated and replaced with mailchimp_mailing_lists
-    mailing_lists = fields.DictionaryField()
-
-    # email lists to which the user has chosen a subscription setting
-    mailchimp_mailing_lists = fields.DictionaryField()
-    # Format: {
-    #   'list1': True,
-    #   'list2: False,
-    #    ...
-    # }
-
-    # email lists to which the user has chosen a subscription setting, being sent from osf, rather than mailchimp
-    osf_mailing_lists = fields.DictionaryField(default=lambda: {settings.OSF_HELP_LIST: True})
-    # Format: {
-    #   'list1': True,
-    #   'list2: False,
-    #    ...
-    # }
-
-    # the date this user was registered
-    # TODO: consider removal - this can be derived from date_registered
-    date_registered = fields.DateTimeField(auto_now_add=dt.datetime.utcnow,
-                                           index=True)
-
-    # watched nodes are stored via a list of WatchConfigs
-    watched = fields.ForeignField('WatchConfig', list=True)
-
-    # list of collaborators that this user recently added to nodes as a contributor
-    recently_added = fields.ForeignField('user', list=True)
-
-    # Attached external accounts (OAuth)
-    external_accounts = fields.ForeignField('externalaccount', list=True)
-
-    # CSL names
-    given_name = fields.StringField()
-    middle_names = fields.StringField()
-    family_name = fields.StringField()
-    suffix = fields.StringField()
-
-    # identity for user logged in through external idp
-    external_identity = fields.DictionaryField()
-    # Format: {
-    #   <external_id_provider>: {
-    #       <external_id>: <status from ('VERIFIED, 'CREATE', 'LINK')>,
-    #       ...
-    #   },
-    #   ...
-    # }
-
-    # Employment history
-    jobs = fields.DictionaryField(list=True, validate=validate_history_item)
-    # Format: {
-    #     'title': <position or job title>,
-    #     'institution': <institution or organization>,
-    #     'department': <department>,
-    #     'location': <location>,
-    #     'startMonth': <start month>,
-    #     'startYear': <start year>,
-    #     'endMonth': <end month>,
-    #     'endYear': <end year>,
-    #     'ongoing: <boolean>
-    # }
-
-    # Educational history
-    schools = fields.DictionaryField(list=True, validate=validate_history_item)
-    # Format: {
-    #     'degree': <position or job title>,
-    #     'institution': <institution or organization>,
-    #     'department': <department>,
-    #     'location': <location>,
-    #     'startMonth': <start month>,
-    #     'startYear': <start year>,
-    #     'endMonth': <end month>,
-    #     'endYear': <end year>,
-    #     'ongoing: <boolean>
-    # }
-
-    # Social links
-    social = fields.DictionaryField(validate=validate_social)
-    # Format: {
-    #     'profileWebsites': <list of profile websites>
-    #     'twitter': <twitter id>,
-    # }
-
-    # date the user last sent a request
-    date_last_login = fields.DateTimeField()
-
-    # date the user first successfully confirmed an email address
-    date_confirmed = fields.DateTimeField(index=True)
-
-    # When the user was disabled.
-    date_disabled = fields.DateTimeField(index=True)
-
-    # when comments were last viewed
-    comments_viewed_timestamp = fields.DictionaryField()
-    # Format: {
-    #   'Comment.root_target._id': 'timestamp',
-    #   ...
-    # }
-
-    # timezone for user's locale (e.g. 'America/New_York')
-    timezone = fields.StringField(default='Etc/UTC')
-
-    # user language and locale data (e.g. 'en_US')
-    locale = fields.StringField(default='en_US')
-
-    # whether the user has requested to deactivate their account
-    requested_deactivation = fields.BooleanField(default=False)
-
-    # dictionary of projects a user has changed the setting on
-    notifications_configured = fields.DictionaryField()
-    # Format: {
-    #   <node.id>: True
-    #   ...
-    # }
-
-    # If this user was created through the API,
-    # keep track of who added them.
-    registered_by = fields.ForeignField('user', default=None, index=True)
-
-    _meta = {'optimistic': True}
-
-    def __repr__(self):
-        return '<User({0!r}) with id {1!r}>'.format(self.username, self._id)
-
-    def __str__(self):
-        return self.fullname.encode('ascii', 'replace')
-
-    __unicode__ = __str__
-
-    # For compatibility with Django auth
-    @property
-    def pk(self):
-        return self._id
-
-    @property
-    def email(self):
-        return self.username
-
-    @property
-    def is_authenticated(self):  # Needed for django compat
-        return True
-
-    @property
-    def is_anonymous(self):
-        return False
-
-    @property
-    def absolute_api_v2_url(self):
-        from website import util
-        return util.api_v2_url('users/{}/'.format(self.pk))
-
-    # used by django and DRF
-    def get_absolute_url(self):
-        if not self.is_registered:
-            return None
-        return self.absolute_api_v2_url
-
-    @classmethod
-    def create_unregistered(cls, fullname, email=None):
-        """Create a new unregistered user.
-        """
-        user = cls(
-            username=email,
-            fullname=fullname,
-            is_invited=True,
-            is_registered=False,
-        )
-        user.update_guessed_names()
-        return user
-
-    @classmethod
-    def create(cls, username, password, fullname):
-        utils.validate_email(username)  # Raises ValidationError if spam address
-
-        user = cls(
-            username=username,
-            fullname=fullname,
-        )
-        user.update_guessed_names()
-        user.set_password(password)
-        return user
-
-    @classmethod
-    def create_unconfirmed(cls, username, password, fullname, external_identity=None,
-                           do_confirm=True, campaign=None):
-        """Create a new user who has begun registration but needs to verify
-        their primary email address (username).
-        """
-        user = cls.create(username, password, fullname)
-        user.add_unconfirmed_email(username, external_identity=external_identity)
-        user.is_registered = False
-        if external_identity:
-            user.external_identity.update(external_identity)
-        if campaign:
-            # needed to prevent circular import
-            from framework.auth.campaigns import system_tag_for_campaign  # skipci
-            user.add_system_tag(system_tag_for_campaign(campaign))
-        return user
-
-    @classmethod
-    def create_confirmed(cls, username, password, fullname):
-        user = cls.create(username, password, fullname)
-        user.is_registered = True
-        user.is_claimed = True
-        user.date_confirmed = user.date_registered
-        user.emails.append(username)
-        return user
-
-    @classmethod
-    def from_cookie(cls, cookie, secret=None):
-        """Attempt to load a user from their signed cookie
-        :returns: None if a user cannot be loaded else User
-        """
-        if not cookie:
-            return None
-
-        secret = secret or settings.SECRET_KEY
-
-        try:
-            token = itsdangerous.Signer(secret).unsign(cookie)
-        except itsdangerous.BadSignature:
-            return None
-
-        user_session = Session.load(token)
-
-        if user_session is None:
-            return None
-
-        return cls.load(user_session.data.get('auth_user_id'))
-
-    def get_or_create_cookie(self, secret=None):
-        """Find the cookie for the given user
-        Create a new session if no cookie is found
-
-        :param str secret: The key to sign the cookie with
-        :returns: The signed cookie
-        """
-        secret = secret or settings.SECRET_KEY
-        sessions = Session.find(
-            Q('data.auth_user_id', 'eq', self._id)
-        ).sort(
-            '-date_modified'
-        ).limit(1)
-
-        if sessions.count() > 0:
-            user_session = sessions[0]
-        else:
-            user_session = Session(data={
-                'auth_user_id': self._id,
-                'auth_user_username': self.username,
-                'auth_user_fullname': self.fullname,
-            })
-            user_session.save()
-
-        signer = itsdangerous.Signer(secret)
-        return signer.sign(user_session._id)
-
-    def update_guessed_names(self):
-        """Updates the CSL name fields inferred from the the full name.
-        """
-        parsed = utils.impute_names(self.fullname)
-        self.given_name = parsed['given']
-        self.middle_names = parsed['middle']
-        self.family_name = parsed['family']
-        self.suffix = parsed['suffix']
-
-    def register(self, username, password=None):
-        """Registers the user.
-        """
-        self.username = username
-        if password:
-            self.set_password(password)
-        if username not in self.emails:
-            self.emails.append(username)
-        self.is_registered = True
-        self.is_claimed = True
-        self.date_confirmed = timezone.now()
-        self.update_search()
-        self.update_search_nodes()
-
-        # Emit signal that a user has confirmed
-        signals.user_confirmed.send(self)
-
-        return self
-
-    def add_unclaimed_record(self, node, referrer, given_name, email=None):
-        """Add a new project entry in the unclaimed records dictionary.
-
-        :param Node node: Node this unclaimed user was added to.
-        :param User referrer: User who referred this user.
-        :param str given_name: The full name that the referrer gave for this user.
-        :param str email: The given email address.
-        :returns: The added record
-        """
-        if not node.can_edit(user=referrer):
-            raise PermissionsError(
-                'Referrer does not have permission to add a contributor to project {0}'.format(node._primary_key)
-            )
-        project_id = node._primary_key
-        referrer_id = referrer._primary_key
-        if email:
-            clean_email = email.lower().strip()
-        else:
-            clean_email = None
-
-        verification_key = generate_verification_key(verification_type='claim')
-        record = {
-            'name': given_name,
-            'referrer_id': referrer_id,
-            'token': verification_key['token'],
-            'expires': verification_key['expires'],
-            'email': clean_email,
-        }
-        self.unclaimed_records[project_id] = record
-        return record
-
-    def display_full_name(self, node=None):
-        """Return the full name , as it would display in a contributor list for a
-        given node.
-
-        NOTE: Unclaimed users may have a different name for different nodes.
-        """
-        if node:
-            unclaimed_data = self.unclaimed_records.get(node._primary_key, None)
-            if unclaimed_data:
-                return unclaimed_data['name']
-        return self.fullname
-
-    @property
-    def is_active(self):
-        """Returns True if the user is active. The user must have activated
-        their account, must not be deleted, suspended, etc.
-
-        :return: bool
-        """
-        return (self.is_registered and
-                self.password is not None and
-                not self.is_merged and
-                not self.is_disabled and
-                self.is_confirmed)
-
-    def get_unclaimed_record(self, project_id):
-        """
-        Get an unclaimed record for a given project_id. Return the one record if found. Otherwise, raise ValueError.
-
-        :param project_id, the project node id
-        :raises: ValueError if there is no record for the given project.
-        """
-
-        try:
-            return self.unclaimed_records[project_id]
-        except KeyError:  # re-raise as ValueError
-            raise ValueError('No unclaimed record for user {self._id} on node {project_id}'.format(**locals()))
-
-    def verify_claim_token(self, token, project_id):
-        """
-        Verify the claim token for this user for a given node which she/he was added as a unregistered contributor for.
-        Return `True` if record found, token valid and not expired. Otherwise return False.
-
-        :param token: the claim token
-        :param project_id: the project node id
-        """
-
-        try:
-            record = self.get_unclaimed_record(project_id)
-        except ValueError:  # No unclaimed record for given pid
-            return False
-        valid = record['token'] == token
-        if 'expires' in record:
-            valid = valid and record['expires'] > timezone.now()
-        return valid
-
-    def get_claim_url(self, project_id, external=False):
-        """
-        Return the URL that an unclaimed user should use to claim their account.
-        Raise `ValueError` if there is no unclaimed_record for the given project ID.
-
-        :param project_id: the project id for the unclaimed record
-        :param external: absolute url or relative
-        :returns: the claim url
-        :raises: ValueError if there is no record for the given project.
-        """
-
-        unclaimed_record = self.get_unclaimed_record(project_id)
-        uid = self._primary_key
-        base_url = settings.DOMAIN if external else '/'
-        token = unclaimed_record['token']
-        return '{base_url}user/{uid}/{project_id}/claim/?token={token}'.format(**locals())
-
-    def verify_password_token(self, token):
-        """
-        Verify that the password reset token for this user is valid.
-
-        :param token: the token in verification key
-        :return `True` if valid, otherwise `False`
-        """
-
-        if token and self.verification_key_v2:
-            try:
-                return (self.verification_key_v2['token'] == token and
-                        self.verification_key_v2['expires'] > timezone.now())
-            except AttributeError:
-                return False
-        return False
-
-    def set_password(self, raw_password, notify=True):
-        """Set the password for this user to the hash of ``raw_password``.
-        If this is a new user, we're done. If this is a password change,
-        then email the user about the change and clear all the old sessions
-        so that users will have to log in again with the new password.
-
-        :param raw_password: the plaintext value of the new password
-        :param notify: Only meant for unit tests to keep extra notifications from being sent
-        :rtype: list
-        :returns: Changed fields from the user save
-        """
-        had_existing_password = bool(self.password and self.is_confirmed)
-        self.password = generate_password_hash(raw_password)
-        if self.username == raw_password:
-            raise ChangePasswordError(['Password cannot be the same as your email address'])
-        if had_existing_password and notify:
-            mails.send_mail(
-                to_addr=self.username,
-                mail=mails.PASSWORD_RESET,
-                mimetype='plain',
-                user=self
-            )
-            remove_sessions_for_user(self)
-
-    def check_password(self, raw_password):
-        """Return a boolean of whether ``raw_password`` was correct."""
-        if not self.password or not raw_password:
-            return False
-        return check_password_hash(self.password, raw_password)
-
-    @property
-    def csl_given_name(self):
-        return utils.generate_csl_given_name(self.given_name, self.middle_names, self.suffix)
-
-    @property
-    def csl_name(self):
-        return {
-            'family': self.family_name,
-            'given': self.csl_given_name,
-        }
-
-    @property
-    def created(self):
-        from website.project.model import Node
-        return Node.find(Q('creator', 'eq', self._id))
-
-    # TODO: This should not be on the User object.
-    def change_password(self, raw_old_password, raw_new_password, raw_confirm_password):
-        """Change the password for this user to the hash of ``raw_new_password``."""
-        raw_old_password = (raw_old_password or '').strip()
-        raw_new_password = (raw_new_password or '').strip()
-        raw_confirm_password = (raw_confirm_password or '').strip()
-
-        # TODO: Move validation to set_password
-        issues = []
-        if not self.check_password(raw_old_password):
-            issues.append('Old password is invalid')
-        elif raw_old_password == raw_new_password:
-            issues.append('Password cannot be the same')
-        elif raw_new_password == self.username:
-            issues.append('Password cannot be the same as your email address')
-        if not raw_old_password or not raw_new_password or not raw_confirm_password:
-            issues.append('Passwords cannot be blank')
-        elif len(raw_new_password) < 8:
-            issues.append('Password should be at least eight characters')
-        elif len(raw_new_password) > 255:
-            issues.append('Password should not be longer than 255 characters')
-
-        if raw_new_password != raw_confirm_password:
-            issues.append('Password does not match the confirmation')
-
-        if issues:
-            raise ChangePasswordError(issues)
-        self.set_password(raw_new_password)
-
-    def add_unconfirmed_email(self, email, expiration=None, external_identity=None):
-        """
-        Add an email verification token for a given email.
-
-        :param email: the email to confirm
-        :param email: overwrite default expiration time
-        :param external_identity: the user's external identity
-        :return: a token
-        :raises: ValueError if email already confirmed, except for login through external idp.
-        """
-
-        # TODO: This is technically not compliant with RFC 822, which requires
-        #       that case be preserved in the "local-part" of an address. From
-        #       a practical standpoint, the vast majority of email servers do
-        #       not preserve case.
-        #       ref: https://tools.ietf.org/html/rfc822#section-6
-
-        email = email.lower().strip()
-
-        if not external_identity and email in self.emails:
-            raise ValueError('Email already confirmed to this user.')
-
-        utils.validate_email(email)
-
-        # If the unconfirmed email is already present, remove it and generate a new one
-        if email in self.unconfirmed_emails:
-            self.remove_unconfirmed_email(email)
-        verification_key = generate_verification_key(verification_type='confirm')
-        # handle when email_verifications is None
-        if not self.email_verifications:
-            self.email_verifications = {}
-        self.email_verifications[verification_key['token']] = {
-            'email': email,
-            'confirmed': False,
-            'expiration': expiration if expiration else verification_key['expires'],
-            'external_identity': external_identity,
-        }
-
-        return verification_key['token']
-
-    def remove_unconfirmed_email(self, email):
-        """Remove an unconfirmed email addresses and their tokens."""
-        for token, value in self.email_verifications.iteritems():
-            if value.get('email') == email:
-                del self.email_verifications[token]
-                return True
-
-        return False
-
-    def remove_email(self, email):
-        """Remove a confirmed email"""
-        if email == self.username:
-            raise PermissionsError("Can't remove primary email")
-        if email in self.emails:
-            self.emails.remove(email)
-            signals.user_email_removed.send(self, email=email)
-
-    @signals.user_email_removed.connect
-    def _send_email_removal_confirmations(self, email):
-        mails.send_mail(to_addr=self.username,
-                        mail=mails.REMOVED_EMAIL,
-                        user=self,
-                        removed_email=email,
-                        security_addr='alternate email address ({})'.format(email))
-        mails.send_mail(to_addr=email,
-                        mail=mails.REMOVED_EMAIL,
-                        user=self,
-                        removed_email=email,
-                        security_addr='primary email address ({})'.format(self.username))
-
-    def get_confirmation_token(self, email, force=False, renew=False):
-        """
-        Return the confirmation token for a given email.
-
-        :param str email: The email to get the token for.
-        :param bool force: If an expired token exists for the given email, generate a new one and return it.
-        :param bool renew: Generate a new token and return it.
-        :return Return the confirmation token.
-        :raises: ExpiredTokenError if trying to access a token that is expired and force=False.
-        :raises: KeyError if there no token for the email.
-        """
-
-        # TODO: Refactor "force" flag into User.get_or_add_confirmation_token
-        for token, info in self.email_verifications.items():
-            if info['email'].lower() == email.lower():
-                # Old records will not have an expiration key. If it's missing, assume the token is expired.
-                expiration = info.get('expiration')
-                if renew:
-                    new_token = self.add_unconfirmed_email(email)
-                    self.save()
-                    return new_token
-                if not expiration or (expiration and expiration < timezone.now()):
-                    if not force:
-                        raise ExpiredTokenError('Token for email "{0}" is expired'.format(email))
-                    else:
-                        new_token = self.add_unconfirmed_email(email)
-                        self.save()
-                        return new_token
-                return token
-        raise KeyError('No confirmation token for email "{0}"'.format(email))
-
-    def get_confirmation_url(self, email, external=True, force=False, renew=False, external_id_provider=None, destination=None):
-        """
-        Return the confirmation url for a given email.
-
-        :param email: The email to confirm.
-        :param external: Use absolute or relative url.
-        :param force: If an expired token exists for the given email, generate a new one and return it.
-        :param renew: Generate a new token and return it.
-        :param external_id_provider: The external identity provider that authenticates the user.
-        :param destination: The destination page to redirect after confirmation
-        :return: Return the confirmation url.
-        :raises: ExpiredTokenError if trying to access a token that is expired.
-        :raises: KeyError if there is no token for the email.
-        """
-
-        base = settings.DOMAIN if external else '/'
-        token = self.get_confirmation_token(email, force=force, renew=renew)
-        external = 'external/' if external_id_provider else ''
-        destination = '?{}'.format(urllib.urlencode({'destination': destination})) if destination else ''
-        return '{0}confirm/{1}{2}/{3}/{4}'.format(base, external, self._primary_key, token, destination)
-
-    def get_unconfirmed_email_for_token(self, token):
-        """Return email if valid.
-        :rtype: bool
-        :raises: ExpiredTokenError if trying to access a token that is expired.
-        :raises: InvalidTokenError if trying to access a token that is invalid.
-
-        """
-        if token not in self.email_verifications:
-            raise InvalidTokenError
-
-        verification = self.email_verifications[token]
-        # Not all tokens are guaranteed to have expiration dates
-        if (
-            'expiration' in verification and
-            verification['expiration'] < timezone.now()
-        ):
-            raise ExpiredTokenError
-
-        return verification['email']
-
-    def clean_email_verifications(self, given_token=None):
-        email_verifications = deepcopy(self.email_verifications or {})
-        for token in self.email_verifications or {}:
-            try:
-                self.get_unconfirmed_email_for_token(token)
-            except (KeyError, ExpiredTokenError):
-                email_verifications.pop(token)
-                continue
-            if token == given_token:
-                email_verifications.pop(token)
-        self.email_verifications = email_verifications
-
-    def confirm_email(self, token, merge=False):
-        """Confirm the email address associated with the token"""
-        email = self.get_unconfirmed_email_for_token(token)
-
-        # If this email is confirmed on another account, abort
-        try:
-            user_to_merge = User.find_one(Q('emails', 'iexact', email))
-        except NoResultsFound:
-            user_to_merge = None
-
-        if user_to_merge and merge:
-            self.merge_user(user_to_merge)
-        elif user_to_merge:
-            raise MergeConfirmedRequiredError(
-                'Merge requires confirmation',
-                user=self,
-                user_to_merge=user_to_merge,
-            )
-
-        # If another user has this email as its username, get it
-        try:
-            unregistered_user = User.find_one(Q('username', 'eq', email) &
-                                              Q('_id', 'ne', self._id))
-        except NoResultsFound:
-            unregistered_user = None
-
-        if unregistered_user:
-            self.merge_user(unregistered_user)
-            self.save()
-
-        if email not in self.emails:
-            self.emails.append(email)
-
-        # Complete registration if primary email
-        if email.lower() == self.username.lower():
-            self.register(self.username)
-            self.date_confirmed = timezone.now()
-        # Revoke token
-        del self.email_verifications[token]
-
-        # TODO: We can't assume that all unclaimed records are now claimed.
-        # Clear unclaimed records, so user's name shows up correctly on
-        # all projects
-        self.unclaimed_records = {}
-        self.save()
-
-        self.update_search_nodes()
-
-        return True
-
-    @property
-    def unconfirmed_emails(self):
-        # Handle when email_verifications field is None
-        email_verifications = self.email_verifications or {}
-        return [
-            each['email']
-            for each
-            in email_verifications.values()
-        ]
-
-    def update_search_nodes(self):
-        """Call `update_search` on all nodes on which the user is a
-        contributor. Needed to add self to contributor lists in search upon
-        registration or claiming.
-
-        """
-        for node in self.contributed:
-            node.update_search()
-
-    def update_search_nodes_contributors(self):
-        """
-        Bulk update contributor name on all nodes on which the user is
-        a contributor.
-        :return:
-        """
-        from website.search import search
-        search.update_contributors_async(self.id)
-
-    def update_affiliated_institutions_by_email_domain(self):
-        """
-        Append affiliated_institutions by email domain.
-        :return:
-        """
-        # Avoid circular import
-        from website.project.model import Institution
-        try:
-            email_domains = [email.split('@')[1] for email in self.emails]
-            insts = Institution.find(Q('email_domains', 'in', email_domains))
-            for inst in insts:
-                if inst not in self.affiliated_institutions:
-                    self.affiliated_institutions.append(inst)
-        except (IndexError, NoResultsFound):
-            pass
-
-    @property
-    def is_confirmed(self):
-        return bool(self.date_confirmed)
-
-    @property
-    def social_links(self):
-        social_user_fields = {}
-        for key, val in self.social.items():
-            if val and key in self.SOCIAL_FIELDS:
-                if not isinstance(val, basestring):
-                    social_user_fields[key] = val
-                else:
-                    social_user_fields[key] = self.SOCIAL_FIELDS[key].format(val)
-        return social_user_fields
-
-    @property
-    def biblio_name(self):
-        given_names = self.given_name + ' ' + self.middle_names
-        surname = self.family_name
-        if surname != given_names:
-            initials = [
-                name[0].upper() + '.'
-                for name in given_names.split(' ')
-                if name and re.search(r'\w', name[0], re.I)
-            ]
-            return u'{0}, {1}'.format(surname, ' '.join(initials))
-        return surname
-
-    @property
-    def given_name_initial(self):
-        """
-        The user's preferred initialization of their given name.
-
-        Some users with common names may choose to distinguish themselves from
-        their colleagues in this way. For instance, there could be two
-        well-known researchers in a single field named "Robert Walker".
-        "Walker, R" could then refer to either of them. "Walker, R.H." could
-        provide easy disambiguation.
-
-        NOTE: The internal representation for this should never end with a
-              period. "R" and "R.H" would be correct in the prior case, but
-              "R.H." would not.
-        """
-        return self.given_name[0]
-
-    @property
-    def url(self):
-        return '/{}/'.format(self._primary_key)
-
-    @property
-    def api_url(self):
-        return '/api/v1/profile/{0}/'.format(self._primary_key)
-
-    @property
-    def absolute_url(self):
-        return urlparse.urljoin(settings.DOMAIN, self.url)
-
-    @property
-    def display_absolute_url(self):
-        url = self.absolute_url
-        if url is not None:
-            return re.sub(r'https?:', '', url).strip('/')
-
-    @property
-    def deep_url(self):
-        return '/profile/{}/'.format(self._primary_key)
-
-    @property
-    def unconfirmed_email_info(self):
-        """Return a list of dictionaries containing information about each of this
-        user's unconfirmed emails.
-        """
-        unconfirmed_emails = []
-        email_verifications = self.email_verifications or []
-        for token in email_verifications:
-            if self.email_verifications[token].get('confirmed', False):
-                try:
-                    user_merge = User.find_one(Q('emails', 'eq', self.email_verifications[token]['email'].lower()))
-                except NoResultsFound:
-                    user_merge = False
-
-                unconfirmed_emails.append({'address': self.email_verifications[token]['email'],
-                                        'token': token,
-                                        'confirmed': self.email_verifications[token]['confirmed'],
-                                        'user_merge': user_merge.email if user_merge else False})
-        return unconfirmed_emails
-
-    def profile_image_url(self, size=None):
-        """A generalized method for getting a user's profile picture urls.
-        We may choose to use some service other than gravatar in the future,
-        and should not commit ourselves to using a specific service (mostly
-        an API concern).
-
-        As long as we use gravatar, this is just a proxy to User.gravatar_url
-        """
-        return self._gravatar_url(size)
-
-    def _gravatar_url(self, size):
-        return filters.gravatar(
-            self,
-            use_ssl=True,
-            size=size
-        )
-
-    def get_activity_points(self, db=None):
-        db = db or framework.mongo.database
-        return analytics.get_total_activity_count(self._primary_key, db=db)
-
-    def disable_account(self):
-        """
-        Disables user account, making is_disabled true, while also unsubscribing user
-        from mailchimp emails, remove any existing sessions.
-        """
-        from website import mailchimp_utils
-        from framework.auth import logout
-
-        try:
-            mailchimp_utils.unsubscribe_mailchimp(
-                list_name=settings.MAILCHIMP_GENERAL_LIST,
-                user_id=self._id,
-                username=self.username
-            )
-        except mailchimp_utils.mailchimp.ListNotSubscribedError:
-            pass
-        except mailchimp_utils.mailchimp.InvalidApiKeyError:
-            if not settings.ENABLE_EMAIL_SUBSCRIPTIONS:
-                pass
-            else:
-                raise
-        except mailchimp_utils.mailchimp.EmailNotExistsError:
-            pass
-        self.is_disabled = True
-
-        # we must call both methods to ensure the current session is cleared and all existing
-        # sessions are revoked.
-        req = get_cache_key()
-        if isinstance(req, FlaskRequest):
-            logout()
-        remove_sessions_for_user(self)
-
-    @property
-    def is_disabled(self):
-        """Whether or not this account has been disabled.
-
-        Abstracts ``User.date_disabled``.
-
-        :return: bool
-        """
-        return self.date_disabled is not None
-
-    @is_disabled.setter
-    def is_disabled(self, val):
-        """Set whether or not this account has been disabled."""
-        if val and not self.date_disabled:
-            self.date_disabled = timezone.now()
-        elif val is False:
-            self.date_disabled = None
-
-    @property
-    def is_merged(self):
-        '''Whether or not this account has been merged into another account.
-        '''
-        return self.merged_by is not None
-
-    @property
-    def profile_url(self):
-        return '/{}/'.format(self._id)
-
-    @property
-    def contributed(self):
-        from website.project.model import Node
-        return Node.find(Q('contributors', 'eq', self._id))
-
-    @property
-    def contributor_to(self):
-        from website.project.model import Node
-        return Node.find(
-            Q('contributors', 'eq', self._id) &
-            Q('is_deleted', 'ne', True) &
-            Q('is_collection', 'ne', True)
-        )
-
-    @property
-    def visible_contributor_to(self):
-        from website.project.model import Node
-        return Node.find(
-            Q('contributors', 'eq', self._id) &
-            Q('is_deleted', 'ne', True) &
-            Q('is_collection', 'ne', True) &
-            Q('visible_contributor_ids', 'eq', self._id)
-        )
-
-    def get_summary(self, formatter='long'):
-        return {
-            'user_fullname': self.fullname,
-            'user_profile_url': self.profile_url,
-            'user_display_name': name_formatters[formatter](self),
-            'user_is_claimed': self.is_claimed
-        }
-
-    def save(self, *args, **kwargs):
-        # TODO: Update mailchimp subscription on username change
-        # Avoid circular import
-        first_save = not self._is_loaded
-        self.username = self.username.lower().strip() if self.username else None
-        ret = super(User, self).save(*args, **kwargs)
-        if self.SEARCH_UPDATE_FIELDS.intersection(ret) and self.is_confirmed:
-            self.update_search()
-            self.update_search_nodes_contributors()
-        if first_save:
-            from website.project import new_bookmark_collection  # Avoid circular import
-            new_bookmark_collection(self)
-        return ret
-
-    def update_search(self):
-        from website import search
-        try:
-            search.search.update_user(self)
-        except search.exceptions.SearchUnavailableError as e:
-            logger.exception(e)
-            log_exception()
-
-    @classmethod
-    def find_by_email(cls, email):
-        try:
-            user = cls.find_one(
-                Q('emails', 'eq', email)
-            )
-            return [user]
-        except:
-            return []
-
-    def serialize(self, anonymous=False):
-        return {
-            'id': utils.privacy_info_handle(self._primary_key, anonymous),
-            'fullname': utils.privacy_info_handle(self.fullname, anonymous, name=True),
-            'registered': self.is_registered,
-            'url': utils.privacy_info_handle(self.url, anonymous),
-            'api_url': utils.privacy_info_handle(self.api_url, anonymous),
-        }
-
-    ###### OSF-Specific methods ######
-
-    def watch(self, watch_config):
-        """Watch a node by adding its WatchConfig to this user's ``watched``
-        list. Raises ``ValueError`` if the node is already watched.
-
-        :param watch_config: The WatchConfig to add.
-        :param save: Whether to save the user.
-
-        """
-        watched_nodes = [each.node for each in self.watched]
-        if watch_config.node in watched_nodes:
-            raise ValueError('Node is already being watched.')
-        watch_config.save()
-        self.watched.append(watch_config)
-        return None
-
-    def unwatch(self, watch_config):
-        """Unwatch a node by removing its WatchConfig from this user's ``watched``
-        list. Raises ``ValueError`` if the node is not already being watched.
-
-        :param watch_config: The WatchConfig to remove.
-        :param save: Whether to save the user.
-
-        """
-        for each in self.watched:
-            if watch_config.node._id == each.node._id:
-                from framework.transactions.context import TokuTransaction  # Avoid circular import
-                with TokuTransaction():
-                    # Ensure that both sides of the relationship are removed
-                    each.__class__.remove_one(each)
-                    self.watched.remove(each)
-                    self.save()
-                return None
-        raise ValueError('Node not being watched.')
-
-    def is_watching(self, node):
-        '''Return whether a not a user is watching a Node.'''
-        watched_node_ids = set([config.node._id for config in self.watched])
-        return node._id in watched_node_ids
-
-    def get_recent_log_ids(self, since=None):
-        '''Return a generator of recent logs' ids.
-
-        :param since: A datetime specifying the oldest time to retrieve logs
-        from. If ``None``, defaults to 60 days before today. Must be a tz-aware
-        datetime because PyMongo's generation times are tz-aware.
-
-        :rtype: generator of log ids (strings)
-        '''
-        log_ids = []
-        # Default since to 60 days before today if since is None
-        # timezone aware utcnow
-        utcnow = timezone.now()
-        since_date = since or (utcnow - dt.timedelta(days=60))
-        for config in self.watched:
-            # Extract the timestamps for each log from the log_id (fast!)
-            # The first 4 bytes of Mongo's ObjectId encodes time
-            # This prevents having to load each Log Object and access their
-            # date fields
-            node_log_ids = [log.pk for log in config.node.logs
-                                   if bson.ObjectId(log.pk).generation_time > since_date and
-                                   log.pk not in log_ids]
-            # Log ids in reverse chronological order
-            log_ids = _merge_into_reversed(log_ids, node_log_ids)
-        return (l_id for l_id in log_ids)
-
-    def get_daily_digest_log_ids(self):
-        '''Return a generator of log ids generated in the past day
-        (starting at UTC 00:00).
-        '''
-        utcnow = timezone.now()
-        midnight = dt.datetime(
-            utcnow.year, utcnow.month, utcnow.day,
-            0, 0, 0, tzinfo=pytz.utc
-        )
-        return self.get_recent_log_ids(since=midnight)
-
-    @property
-    def can_be_merged(self):
-        """The ability of the `merge_user` method to fully merge the user"""
-        return all((addon.can_be_merged for addon in self.get_addons()))
-
-    def merge_user(self, user):
-        """Merge a registered user into this account. This user will be
-        a contributor on any project. if the registered user and this account
-        are both contributors of the same project. Then it will remove the
-        registered user and set this account to the highest permission of the two
-        and set this account to be visible if either of the two are visible on
-        the project.
-        :param user: A User object to be merged.
-        """
-        # Fail if the other user has conflicts.
-        if not user.can_be_merged:
-            raise MergeConflictError('Users cannot be merged')
-        # Move over the other user's attributes
-        # TODO: confirm
-        for system_tag in user.system_tags:
-            if system_tag not in self.system_tags:
-                self.system_tags.append(system_tag)
-
-        self.is_claimed = self.is_claimed or user.is_claimed
-        self.is_invited = self.is_invited or user.is_invited
-
-        # copy over profile only if this user has no profile info
-        if user.jobs and not self.jobs:
-            self.jobs = user.jobs
-
-        if user.schools and not self.schools:
-            self.schools = user.schools
-
-        if user.social and not self.social:
-            self.social = user.social
-
-        unclaimed = user.unclaimed_records.copy()
-        unclaimed.update(self.unclaimed_records)
-        self.unclaimed_records = unclaimed
-        # - unclaimed records should be connected to only one user
-        user.unclaimed_records = {}
-
-        security_messages = user.security_messages.copy()
-        security_messages.update(self.security_messages)
-        self.security_messages = security_messages
-
-        notifications_configured = user.notifications_configured.copy()
-        notifications_configured.update(self.notifications_configured)
-        self.notifications_configured = notifications_configured
-
-        if not settings.RUNNING_MIGRATION:
-            for key, value in user.mailchimp_mailing_lists.iteritems():
-                # subscribe to each list if either user was subscribed
-                subscription = value or self.mailchimp_mailing_lists.get(key)
-                signals.user_merged.send(self, list_name=key, subscription=subscription)
-
-                # clear subscriptions for merged user
-                signals.user_merged.send(user, list_name=key, subscription=False, send_goodbye=False)
-
-        for target_id, timestamp in user.comments_viewed_timestamp.iteritems():
-            if not self.comments_viewed_timestamp.get(target_id):
-                self.comments_viewed_timestamp[target_id] = timestamp
-            elif timestamp > self.comments_viewed_timestamp[target_id]:
-                self.comments_viewed_timestamp[target_id] = timestamp
-
-        for email in user.emails:
-            if email not in self.emails:
-                self.emails.append(email)
-        user.emails = []
-
-        for k, v in user.email_verifications.iteritems():
-            email_to_confirm = v['email']
-            if k not in self.email_verifications and email_to_confirm != user.username:
-                self.email_verifications[k] = v
-        user.email_verifications = {}
-
-        for institution in user.affiliated_institutions:
-            self.affiliated_institutions.append(institution)
-        user._affiliated_institutions = []
-
-        for service in user.external_identity:
-            for service_id in user.external_identity[service].iterkeys():
-                if not (service_id in self.external_identity.get(service, '') and self.external_identity[service][service_id] == 'VERIFIED'):
-                    # Prevent 'CREATE', merging user has already been created.
-                    status = 'VERIFIED' if user.external_identity[service][service_id] == 'VERIFIED' else 'LINK'
-                    if self.external_identity.get(service):
-                        self.external_identity[service].update(
-                            {service_id: status}
-                        )
-                    else:
-                        self.external_identity[service] = {
-                            service_id: status
-                        }
-        user.external_identity = {}
-
-        # FOREIGN FIELDS
-        for watched in user.watched:
-            if watched not in self.watched:
-                self.watched.append(watched)
-        user.watched = []
-
-        for account in user.external_accounts:
-            if account not in self.external_accounts:
-                self.external_accounts.append(account)
-        user.external_accounts = []
-
-        # - addons
-        # Note: This must occur before the merged user is removed as a
-        #       contributor on the nodes, as an event hook is otherwise fired
-        #       which removes the credentials.
-        for addon in user.get_addons():
-            user_settings = self.get_or_add_addon(addon.config.short_name)
-            user_settings.merge(addon)
-            user_settings.save()
-
-        # Disconnect signal to prevent emails being sent about being a new contributor when merging users
-        # be sure to reconnect it at the end of this code block. Import done here to prevent circular import error.
-        from addons.osfstorage.listeners import checkin_files_by_user
-        from website.project.signals import contributor_added, contributor_removed
-        from website.project.views.contributor import notify_added_contributor
-        from website.util import disconnected_from
-
-        # - projects where the user was a contributor
-        with disconnected_from(signal=contributor_added, listener=notify_added_contributor):
-            for node in user.contributed:
-                # Skip bookmark collection node
-                if node.is_bookmark_collection:
-                    continue
-                # if both accounts are contributor of the same project
-                if node.is_contributor(self) and node.is_contributor(user):
-                    if node.permissions[user._id] > node.permissions[self._id]:
-                        permissions = node.permissions[user._id]
-                    else:
-                        permissions = node.permissions[self._id]
-                    node.set_permissions(user=self, permissions=permissions)
-
-                    visible1 = self._id in node.visible_contributor_ids
-                    visible2 = user._id in node.visible_contributor_ids
-                    if visible1 != visible2:
-                        node.set_visible(user=self, visible=True, log=True, auth=Auth(user=self))
-
-                else:
-                    node.add_contributor(
-                        contributor=self,
-                        permissions=node.get_permissions(user),
-                        visible=node.get_visible(user),
-                        log=False,
-                        send_email='false'
-                    )
-
-                with disconnected_from(signal=contributor_removed, listener=checkin_files_by_user):
-                    try:
-                        node.remove_contributor(
-                            contributor=user,
-                            auth=Auth(user=self),
-                            log=False,
-                        )
-                    except ValueError:
-                        logger.error('Contributor {0} not in list on node {1}'.format(
-                            user._id, node._id
-                        ))
-
-                node.save()
-
-        # - projects where the user was the creator
-        for node in user.created:
-            node.creator = self
-            node.save()
-
-        # - file that the user has checked_out, import done here to prevent import error
-        from website.files.models.base import FileNode
-        for file_node in FileNode.files_checked_out(user=user):
-            file_node.checkout = self
-            file_node.save()
-
-        # finalize the merge
-
-        remove_sessions_for_user(user)
-
-        # - username is set to _id to ensure uniqueness
-        user.username = user._id
-        user.password = None
-        user.verification_key = None
-        user.osf_mailing_lists = {}
-        user.merged_by = self
-
-        user.save()
-
-    def get_projects_in_common(self, other_user, primary_keys=True):
-        """Returns either a collection of "shared projects" (projects that both users are contributors for)
-        or just their primary keys
-        """
-        if primary_keys:
-            projects_contributed_to = set(self.contributor_to.get_keys())
-            other_projects_primary_keys = set(other_user.contributor_to.get_keys())
-            return projects_contributed_to.intersection(other_projects_primary_keys)
-        else:
-            projects_contributed_to = set(self.contributor_to)
-            return projects_contributed_to.intersection(other_user.contributor_to)
-
-    def n_projects_in_common(self, other_user):
-        """Returns number of "shared projects" (projects that both users are contributors for)"""
-        return len(self.get_projects_in_common(other_user, primary_keys=True))
-
-    def is_affiliated_with_institution(self, inst):
-        return inst in self.affiliated_institutions
-
-    def remove_institution(self, inst_id):
-        removed = False
-        for inst in self.affiliated_institutions:
-            if inst._id == inst_id:
-                self.affiliated_institutions.remove(inst)
-                removed = True
-        return removed
-
-    _affiliated_institutions = fields.ForeignField('node', list=True)
-
-    @property
-    def affiliated_institutions(self):
-        from website.institutions.model import Institution, AffiliatedInstitutionsList
-        return AffiliatedInstitutionsList([Institution(inst) for inst in self._affiliated_institutions], obj=self, private_target='_affiliated_institutions')
-
-    def get_node_comment_timestamps(self, target_id):
-        """ Returns the timestamp for when comments were last viewed on a node, file or wiki.
-        """
-        default_timestamp = dt.datetime(1970, 1, 1, 12, 0, 0)
-        return self.comments_viewed_timestamp.get(target_id, default_timestamp)
-
-
-def _merge_into_reversed(*iterables):
-    '''Merge multiple sorted inputs into a single output in reverse order.
-    '''
-    return sorted(itertools.chain(*iterables), reverse=True)
-=======
->>>>>>> fbde375a06680a8364b48f032ec7ccb6e5c1db5d

From 1e8b12b6d06a1edd9ccd5a0ec3aa4f5d12959ce9 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 00:51:54 -0400
Subject: [PATCH 051/163] fix flake 8

---
 tests/test_utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test_utils.py b/tests/test_utils.py
index 8ca42b2b90f..fa4d6405466 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -471,4 +471,4 @@ def test_generate_csl_given_name(self):
         middle_names = 'Awesome'
         suffix = 'Jr.'
         csl_given_name = generate_csl_given_name(given_name, middle_names, suffix)
-        assert_equal(csl_given_name, 'Cause A, Jr.')
\ No newline at end of file
+        assert_equal(csl_given_name, 'Cause A, Jr.')

From e446e18301fc7c5c4ff63229e5fd224febed40ed Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 01:32:44 -0400
Subject: [PATCH 052/163] fix test

---
 tests/test_auth.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/tests/test_auth.py b/tests/test_auth.py
index 984b13493c4..201933f63d5 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -44,10 +44,10 @@ class TestAuthUtils(OsfTestCase):
     def test_citation_with_only_fullname(self):
         user = UserFactory()
         user.fullname = 'Martin Luther King Jr.'
-        user.family_name = None
-        user.given_name = None
-        user.middle_names = None
-        user.suffix = None
+        user.family_name = ''
+        user.given_name = ''
+        user.middle_names = ''
+        user.suffix = ''
         user.save()
         resp = user.csl_name
         family_name = resp['family']

From b1b751f33ea7991c1dc060f79ff7e4061c569cb9 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 09:30:51 -0400
Subject: [PATCH 053/163] fix test and prefect test case

---
 framework/auth/utils.py |  2 +-
 tests/test_auth.py      |  2 +-
 tests/test_utils.py     | 28 ++++++++++++++++++++++++++--
 3 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/framework/auth/utils.py b/framework/auth/utils.py
index 4925f7b9e3f..10dc7bb4de8 100644
--- a/framework/auth/utils.py
+++ b/framework/auth/utils.py
@@ -128,7 +128,7 @@ def validate_recaptcha(response, remote_ip=None):
     return resp.status_code == httplib.OK and resp.json().get('success')
 
 
-def generate_csl_given_name(given_name, middle_names, suffix):
+def generate_csl_given_name(given_name, middle_names='', suffix=''):
     parts = [given_name]
     if middle_names:
         parts.extend(each[0] for each in re.split(r'\s+', middle_names))
diff --git a/tests/test_auth.py b/tests/test_auth.py
index 201933f63d5..ad79d20843e 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -43,7 +43,7 @@ class TestAuthUtils(OsfTestCase):
 
     def test_citation_with_only_fullname(self):
         user = UserFactory()
-        user.fullname = 'Martin Luther King Jr.'
+        user.fullname = 'Martin Luther King, Jr.'
         user.family_name = ''
         user.given_name = ''
         user.middle_names = ''
diff --git a/tests/test_utils.py b/tests/test_utils.py
index fa4d6405466..2b0c70b81c7 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -464,11 +464,35 @@ def test_temporary_disconnect(self):
             self.signal_.send()
         assert_false(self.mock_listener.called)
 
+
 class TestUserUtils(unittest.TestCase):
 
-    def test_generate_csl_given_name(self):
+    def test_generate_csl_given_name_with_given_middle_suffix(self):
         given_name = 'Cause'
         middle_names = 'Awesome'
         suffix = 'Jr.'
-        csl_given_name = generate_csl_given_name(given_name, middle_names, suffix)
+        csl_given_name = generate_csl_given_name(
+            given_name=given_name, middle_name=middle_names, suffix=suffix
+        )
         assert_equal(csl_given_name, 'Cause A, Jr.')
+
+    def test_generate_csl_given_name_with_given_middle(self):
+        given_name = 'Cause'
+        middle_names = 'Awesome'
+        csl_given_name = generate_csl_given_name(
+            given_name=given_name, middle_name=middle_names
+        )
+        assert_equal(csl_given_name, 'Cause A')
+
+    def test_generate_csl_given_name_with_given_suffix(self):
+        given_name = 'Cause'
+        suffix = 'Jr.'
+        csl_given_name = generate_csl_given_name(
+            given_name=given_name, suffix=suffix
+        )
+        assert_equal(csl_given_name, 'Cause A')
+
+    def test_generate_csl_given_name_with_given(self):
+        given_name = 'Cause'
+        csl_given_name = generate_csl_given_name(given_name)
+        assert_equal(csl_given_name, 'Cause')
\ No newline at end of file

From 2dfe80f1c6d19858e368089f86d2d08a44cf3433 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 09:31:36 -0400
Subject: [PATCH 054/163] fix flake 8

---
 tests/test_utils.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test_utils.py b/tests/test_utils.py
index 2b0c70b81c7..c88f3bc8bb4 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -495,4 +495,4 @@ def test_generate_csl_given_name_with_given_suffix(self):
     def test_generate_csl_given_name_with_given(self):
         given_name = 'Cause'
         csl_given_name = generate_csl_given_name(given_name)
-        assert_equal(csl_given_name, 'Cause')
\ No newline at end of file
+        assert_equal(csl_given_name, 'Cause')

From 1e50e025460f03744e83083cfddb2a4559f4da86 Mon Sep 17 00:00:00 2001
From: Nan Chen <nanchen@Admins-MacBook-Pro.local>
Date: Wed, 7 Jun 2017 12:10:43 -0400
Subject: [PATCH 055/163] fix tests

---
 tests/test_utils.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/test_utils.py b/tests/test_utils.py
index c88f3bc8bb4..20cc24aa9fb 100644
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@@ -472,7 +472,7 @@ def test_generate_csl_given_name_with_given_middle_suffix(self):
         middle_names = 'Awesome'
         suffix = 'Jr.'
         csl_given_name = generate_csl_given_name(
-            given_name=given_name, middle_name=middle_names, suffix=suffix
+            given_name=given_name, middle_names=middle_names, suffix=suffix
         )
         assert_equal(csl_given_name, 'Cause A, Jr.')
 
@@ -480,7 +480,7 @@ def test_generate_csl_given_name_with_given_middle(self):
         given_name = 'Cause'
         middle_names = 'Awesome'
         csl_given_name = generate_csl_given_name(
-            given_name=given_name, middle_name=middle_names
+            given_name=given_name, middle_names=middle_names
         )
         assert_equal(csl_given_name, 'Cause A')
 
@@ -490,7 +490,7 @@ def test_generate_csl_given_name_with_given_suffix(self):
         csl_given_name = generate_csl_given_name(
             given_name=given_name, suffix=suffix
         )
-        assert_equal(csl_given_name, 'Cause A')
+        assert_equal(csl_given_name, 'Cause, Jr.')
 
     def test_generate_csl_given_name_with_given(self):
         given_name = 'Cause'

From c6dea48a188df5bf39f68abdbbe7226c8b1d147e Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 7 Jun 2017 12:50:41 -0400
Subject: [PATCH 056/163] initial pytest conversion of
 test_preprint_provider_detail & test_preprint_detail

---
 .../views/test_preprint_provider_detail.py    |  59 +-
 .../preprints/views/test_preprint_detail.py   | 918 ++++++++++--------
 2 files changed, 539 insertions(+), 438 deletions(-)

diff --git a/api_tests/preprint_providers/views/test_preprint_provider_detail.py b/api_tests/preprint_providers/views/test_preprint_provider_detail.py
index a56e15e5c10..7222d34dde5 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_detail.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_detail.py
@@ -1,43 +1,48 @@
-from nose.tools import *  # flake8: noqa
+import pytest
 
 from api.base.settings.defaults import API_BASE
-
 from tests.base import ApiTestCase
 from osf_tests.factories import PreprintProviderFactory
 
-
-class TestPreprintProviderExists(ApiTestCase):
+@pytest.mark.django_db
+class TestPreprintProviderExists:
 
     # Regression for https://openscience.atlassian.net/browse/OSF-7621
 
-    def setUp(self):
-        super(TestPreprintProviderExists, self).setUp()
-        self.preprint_provider = PreprintProviderFactory()
-        self.fake_url = '/{}preprint_providers/fake/'.format(API_BASE)
-        self.provider_url = '/{}preprint_providers/{}/'.format(API_BASE, self.preprint_provider._id)
+    @pytest.fixture()
+    def preprint_provider(self):
+        return PreprintProviderFactory()
+
+    @pytest.fixture()
+    def fake_url(self):
+        return '/{}preprint_providers/fake/'.format(API_BASE)
+
+    @pytest.fixture()
+    def provider_url(self, preprint_provider):
+        return '/{}preprint_providers/{}/'.format(API_BASE, preprint_provider._id)
 
-    def test_preprint_provider(self):
-        detail_res = self.app.get(self.provider_url)
-        assert_equals(detail_res.status_code, 200)
+    def test_preprint_provider_exists(self, app, provider_url, fake_url):
+        detail_res = app.get(provider_url)
+        assert detail_res.status_code == 200
 
-        licenses_res = self.app.get('{}licenses/'.format(self.provider_url))
-        assert_equals(licenses_res.status_code, 200)
+        licenses_res = app.get('{}licenses/'.format(provider_url))
+        assert licenses_res.status_code == 200
 
-        preprints_res = self.app.get('{}preprints/'.format(self.provider_url))
-        assert_equals(preprints_res.status_code, 200)
+        preprints_res = app.get('{}preprints/'.format(provider_url))
+        assert preprints_res.status_code == 200
 
-        taxonomies_res = self.app.get('{}taxonomies/'.format(self.provider_url))
-        assert_equals(taxonomies_res.status_code, 200)
+        taxonomies_res = app.get('{}taxonomies/'.format(provider_url))
+        assert taxonomies_res.status_code == 200
 
-    def test_preprint_provider_does_not_exist_returns_404(self):
-        detail_res = self.app.get(self.fake_url, expect_errors=True)
-        assert_equals(detail_res.status_code, 404)
+    #   test_preprint_provider_does_not_exist_returns_404
+        detail_res = app.get(fake_url, expect_errors=True)
+        assert detail_res.status_code == 404
 
-        licenses_res = self.app.get('{}licenses/'.format(self.fake_url), expect_errors=True)
-        assert_equals(licenses_res.status_code, 404)
+        licenses_res = app.get('{}licenses/'.format(fake_url), expect_errors=True)
+        assert licenses_res.status_code == 404
 
-        preprints_res = self.app.get('{}preprints/'.format(self.fake_url), expect_errors=True)
-        assert_equals(preprints_res.status_code, 404)
+        preprints_res = app.get('{}preprints/'.format(fake_url), expect_errors=True)
+        assert preprints_res.status_code == 404
 
-        taxonomies_res = self.app.get('{}taxonomies/'.format(self.fake_url), expect_errors=True)
-        assert_equals(taxonomies_res.status_code, 404)
+        taxonomies_res = app.get('{}taxonomies/'.format(fake_url), expect_errors=True)
+        assert taxonomies_res.status_code == 404
diff --git a/api_tests/preprints/views/test_preprint_detail.py b/api_tests/preprints/views/test_preprint_detail.py
index 4a899e98c50..f2c2120ba77 100644
--- a/api_tests/preprints/views/test_preprint_detail.py
+++ b/api_tests/preprints/views/test_preprint_detail.py
@@ -1,17 +1,23 @@
-import mock
 import functools
+import mock
+import pytest
 from modularodm import Q
-from nose.tools import *  # flake8: noqa
 
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as test_utils
 from framework.auth.core import Auth
-from osf_tests.factories import PreprintFactory, AuthUserFactory, ProjectFactory, SubjectFactory, PreprintProviderFactory
 from osf.models import PreprintService, NodeLicense
 from website.project.licenses import ensure_licenses
 from website.project.signals import contributor_added
 from website.identifiers.utils import build_ezid_metadata
 from tests.base import ApiTestCase, fake, capture_signals
+from osf_tests.factories import (
+    PreprintFactory, 
+    AuthUserFactory, 
+    ProjectFactory, 
+    SubjectFactory, 
+    PreprintProviderFactory
+)
 
 ensure_licenses = functools.partial(ensure_licenses, warn=False)
 
@@ -25,112 +31,137 @@ def build_preprint_update_payload(node_id, attributes=None, relationships=None):
     }
     return payload
 
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
+@pytest.mark.django_db
+class TestPreprintDetail:
+
+    @pytest.fixture()
+    def preprint(self, user):
+        return PreprintFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self, preprint):
+        return '/{}preprints/{}/'.format(API_BASE, preprint._id)
+
+    @pytest.fixture()
+    def res(self, app, url):
+        return app.get(url)
+
+    @pytest.fixture()
+    def data(self, res):
+        return res.json['data']
+
+    def test_preprint_detail(self, app, user, preprint, url, res, data):
 
-class TestPreprintDetail(ApiTestCase):
-    def setUp(self):
-        super(TestPreprintDetail, self).setUp()
+    #   test_preprint_detail_success
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
 
-        self.user = AuthUserFactory()
-        self.preprint = PreprintFactory(creator=self.user)
-        self.url = '/{}preprints/{}/'.format(API_BASE, self.preprint._id)
-        self.res = self.app.get(self.url)
-        self.data = self.res.json['data']
+    #   test_preprint_top_level
+        assert data['type'] == 'preprints'
+        assert data['id'] == preprint._id
 
-    def test_preprint_detail_success(self):
-        assert_equal(self.res.status_code, 200)
-        assert_equal(self.res.content_type, 'application/vnd.api+json')
+    #   test_preprint_node_deleted_detail_failure
+        deleted_node = ProjectFactory(creator=user, is_deleted=True)
+        deleted_preprint = PreprintFactory(project=deleted_node, creator=user)
 
-    def test_preprint_top_level(self):
-        assert_equal(self.data['type'], 'preprints')
-        assert_equal(self.data['id'], self.preprint._id)
+        deleted_preprint_url = '/{}preprints/{}/'.format(API_BASE, deleted_preprint._id)
+        deleted_preprint_res = app.get(deleted_preprint_url, expect_errors=True)
+        assert deleted_preprint_res.status_code == 404
+        assert res.content_type == 'application/vnd.api+json'
 
-    def test_preprint_node_deleted_detail_failure(self):
-        deleted_node = ProjectFactory(creator=self.user, is_deleted=True)
-        deleted_preprint = PreprintFactory(project=deleted_node, creator=self.user)
+@pytest.mark.django_db
+class TestPreprintDelete:
 
-        url = '/{}preprints/{}/'.format(API_BASE, deleted_preprint._id)
-        res = self.app.get(url, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_equal(self.res.content_type, 'application/vnd.api+json')
+    @pytest.fixture()
+    def unpublished_preprint(self, user):
+        return PreprintFactory(creator=user, is_published=False)
 
+    @pytest.fixture()
+    def published_preprint(self, user):
+        return PreprintFactory(creator=user)
 
-class TestPreprintDelete(ApiTestCase):
-    def setUp(self):
-        super(TestPreprintDelete, self).setUp()
-        self.user = AuthUserFactory()
-        self.unpublished_preprint = PreprintFactory(creator=self.user, is_published=False)
-        self.published_preprint = PreprintFactory(creator=self.user)
-        self.url = '/{}preprints/{{}}/'.format(API_BASE)
+    @pytest.fixture()
+    def url(self, user):
+        return '/{}preprints/{{}}/'.format(API_BASE)
 
-    def test_can_delete_unpublished(self):
+    def test_can_delete_unpublished(self, app, user, url, unpublished_preprint):
         previous_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
-        self.app.delete(self.url.format(self.unpublished_preprint._id), auth=self.user.auth)
+        app.delete(url.format(unpublished_preprint._id), auth=user.auth)
         remaining_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
-        assert_in(self.unpublished_preprint.pk, previous_ids)
-        assert_not_in(self.unpublished_preprint.pk, remaining_ids)
+        assert unpublished_preprint.pk in previous_ids
+        assert unpublished_preprint.pk not in remaining_ids
 
-    def test_cannot_delete_published(self):
+    def test_cannot_delete_published(self, app, user, published_preprint, url):
         previous_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
-        res = self.app.delete(self.url.format(self.published_preprint._id), auth=self.user.auth, expect_errors=True)
+        res = app.delete(url.format(published_preprint._id), auth=user.auth, expect_errors=True)
         remaining_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
-        assert_equal(res.status_code, 409)
-        assert_equal(previous_ids, remaining_ids)
-        assert_in(self.published_preprint.pk, remaining_ids)
+        assert res.status_code == 409
+        assert previous_ids == remaining_ids
+        assert published_preprint.pk in remaining_ids
 
-    def test_deletes_only_requested_document(self):
+    def test_deletes_only_requested_document(self, app, user, published_preprint, unpublished_preprint, url):
         previous_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
-        res = self.app.delete(self.url.format(self.unpublished_preprint._id), auth=self.user.auth)
+        res = app.delete(url.format(unpublished_preprint._id), auth=user.auth)
         remaining_ids = list(PreprintService.objects.all().values_list('pk', flat=True))
 
-        assert_in(self.unpublished_preprint.pk, previous_ids)
-        assert_in(self.published_preprint.pk, previous_ids)
+        assert unpublished_preprint.pk in previous_ids
+        assert published_preprint.pk in previous_ids
 
-        assert_not_in(self.unpublished_preprint.pk, remaining_ids)
-        assert_in(self.published_preprint.pk, remaining_ids)
+        assert unpublished_preprint.pk not in remaining_ids
+        assert published_preprint.pk in remaining_ids
 
-class TestPreprintUpdate(ApiTestCase):
-    def setUp(self):
-        super(TestPreprintUpdate, self).setUp()
-        self.user = AuthUserFactory()
+@pytest.mark.django_db
+class TestPreprintUpdate:
 
-        self.preprint = PreprintFactory(creator=self.user)
-        self.url = '/{}preprints/{}/'.format(API_BASE, self.preprint._id)
+    @pytest.fixture()
+    def preprint(self, user):
+        return PreprintFactory(creator=user)
 
-        self.subject = SubjectFactory()
+    @pytest.fixture()
+    def url(self, preprint):
+        return '/{}preprints/{}/'.format(API_BASE, preprint._id)
 
-    def test_update_preprint_permission_denied(self):
-        update_doi_payload = build_preprint_update_payload(self.preprint._id, attributes={'article_doi': '10.123/456/789'})
+    @pytest.fixture()
+    def subject(self):
+        return SubjectFactory()
+
+    def test_update_preprint_permission_denied(self, app, preprint, url):
+        update_doi_payload = build_preprint_update_payload(preprint._id, attributes={'article_doi': '10.123/456/789'})
 
         noncontrib = AuthUserFactory()
 
-        res = self.app.patch_json_api(self.url, update_doi_payload, auth=noncontrib.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        res = app.patch_json_api(url, update_doi_payload, auth=noncontrib.auth, expect_errors=True)
+        assert res.status_code == 403
 
-        res = self.app.patch_json_api(self.url, update_doi_payload, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        res = app.patch_json_api(url, update_doi_payload, expect_errors=True)
+        assert res.status_code == 401
 
-    def test_update_subjects(self):
-        assert_false(self.preprint.subjects.filter(_id=self.subject._id).exists())
-        update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [[self.subject._id]]})
+    def test_update_subjects(self, app, user, preprint, subject, url):
+        assert not preprint.subjects.filter(_id=subject._id).exists()
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
 
-        res = self.app.patch_json_api(self.url, update_subjects_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        res = app.patch_json_api(url, update_subjects_payload, auth=user.auth)
+        assert res.status_code == 200
 
-        self.preprint.reload()
-        assert_true(self.preprint.subjects.filter(_id=self.subject._id).exists())
+        preprint.reload()
+        assert preprint.subjects.filter(_id=subject._id).exists()
 
-    def test_update_invalid_subjects(self):
-        subjects = self.preprint.subjects
-        update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [['wwe']]})
+    def test_update_invalid_subjects(self, app, user, preprint, url):
+        subjects = preprint.subjects
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [['wwe']]})
 
-        res = self.app.patch_json_api(self.url, update_subjects_payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.patch_json_api(url, update_subjects_payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-        self.preprint.reload()
-        assert_equal(self.preprint.subjects, subjects)
+        preprint.reload()
+        assert preprint.subjects == subjects
 
-    def test_update_primary_file(self):
-        new_file = test_utils.create_test_file(self.preprint.node, self.user,  filename='openupthatwindow.pdf')
+    def test_update_primary_file(self, app, user, preprint, url):
+        new_file = test_utils.create_test_file(preprint.node, user,  filename='shook_that_mans_hand.pdf')
         relationships = {
             "primary_file": {
                 "data": {
@@ -139,23 +170,23 @@ def test_update_primary_file(self):
                 }
             }
         }
-        assert_not_equal(self.preprint.primary_file, new_file)
-        update_file_payload = build_preprint_update_payload(self.preprint._id, relationships=relationships)
+        assert preprint.primary_file != new_file
+        update_file_payload = build_preprint_update_payload(preprint._id, relationships=relationships)
 
-        res = self.app.patch_json_api(self.url, update_file_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        res = app.patch_json_api(url, update_file_payload, auth=user.auth)
+        assert res.status_code == 200
 
-        self.preprint.node.reload()
-        assert_equal(self.preprint.primary_file, new_file)
+        preprint.node.reload()
+        assert preprint.primary_file == new_file
 
         # check logs
-        log = self.preprint.node.logs.latest()
-        assert_equal(log.action, 'preprint_file_updated')
-        assert_equal(log.params.get('preprint'), self.preprint._id)
+        log = preprint.node.logs.latest()
+        assert log.action == 'preprint_file_updated'
+        assert log.params.get('preprint') == preprint._id
 
-    def test_new_primary_not_in_node(self):
+    def test_new_primary_not_in_node(self, app, user, preprint, url):
         project = ProjectFactory()
-        file_for_project = test_utils.create_test_file(project, self.user, filename='letoutthatantidote.pdf')
+        file_for_project = test_utils.create_test_file(project, user, filename='six_pack_novak.pdf')
 
         relationships = {
             "primary_file": {
@@ -166,37 +197,39 @@ def test_new_primary_not_in_node(self):
             }
         }
 
-        update_file_payload = build_preprint_update_payload(self.preprint._id, relationships=relationships)
+        update_file_payload = build_preprint_update_payload(preprint._id, relationships=relationships)
 
-        res = self.app.patch_json_api(self.url, update_file_payload, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.patch_json_api(url, update_file_payload, auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
 
-        self.preprint.reload()
-        assert_not_equal(self.preprint.primary_file, file_for_project)
+        preprint.reload()
+        assert preprint.primary_file != file_for_project
 
-    def test_update_article_doi(self):
+    def test_update_article_doi(self, app, user, preprint, url):
         new_doi = '10.1234/ASDFASDF'
-        assert_not_equal(self.preprint.article_doi, new_doi)
-        update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"doi": new_doi})
+        assert preprint.article_doi != new_doi
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"doi": new_doi})
+
+        res = app.patch_json_api(url, update_subjects_payload, auth=user.auth)
+        assert res.status_code == 200
 
-        res = self.app.patch_json_api(self.url, update_subjects_payload, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        preprint.node.reload()
+        assert preprint.article_doi == new_doi
 
-        self.preprint.node.reload()
-        assert_equal(self.preprint.article_doi, new_doi)
+        preprint_detail = app.get(url, auth=user.auth).json['data']
+        assert preprint_detail['links']['doi'] == 'https://dx.doi.org/{}'.format(new_doi)
 
-        preprint_detail = self.app.get(self.url, auth=self.user.auth).json['data']
-        assert_equal(preprint_detail['links']['doi'], 'https://dx.doi.org/{}'.format(new_doi))
+    def test_cannot_set_primary_file(self, app, user, preprint, url):
 
-    def test_write_contrib_cannot_set_primary_file(self):
-        user_two = AuthUserFactory()
-        self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True)
-        new_file = test_utils.create_test_file(self.preprint.node, self.user, filename='openupthatwindow.pdf')
+    #   test_write_contrib_cannot_set_primary_file
+        read_write_contrib = AuthUserFactory()
+        preprint.node.add_contributor(read_write_contrib, permissions=['read', 'write'], auth=Auth(user), save=True)
+        new_file = test_utils.create_test_file(preprint.node, user, filename='lovechild_reason.pdf')
 
         data = {
             'data':{
                 'type': 'primary_file',
-                'id': self.preprint._id,
+                'id': preprint._id,
                 'attributes': {},
                 'relationships': {
                     'primary_file': {
@@ -209,17 +242,17 @@ def test_write_contrib_cannot_set_primary_file(self):
             }
         }
 
-        res = self.app.patch_json_api(self.url, data, auth=user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        res = app.patch_json_api(url, data, auth=read_write_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_noncontrib_cannot_set_primary_file(self):
-        user_two = AuthUserFactory()
-        new_file = test_utils.create_test_file(self.preprint.node, self.user, filename='openupthatwindow.pdf')
+    #   test_noncontrib_cannot_set_primary_file
+        non_contrib = AuthUserFactory()
+        new_file = test_utils.create_test_file(preprint.node, user, filename='flowerchild_nik.pdf')
 
         data = {
             'data':{
                 'type': 'primary_file',
-                'id': self.preprint._id,
+                'id': preprint._id,
                 'attributes': {},
                 'relationships': {
                     'primary_file': {
@@ -232,451 +265,514 @@ def test_noncontrib_cannot_set_primary_file(self):
             }
         }
 
-        res = self.app.patch_json_api(self.url, data, auth=user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        res = app.patch_json_api(url, data, auth=non_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
+
+    def test_contribs_cannot_set_subjects(self, app, user, preprint, subject, url):
 
-    def test_write_contrib_cannot_set_subjects(self):
-        user_two = AuthUserFactory()
-        self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True)
+    # def test_write_contrib_cannot_set_subjects(self, app, user, preprint, subject, url):
+        write_contrib = AuthUserFactory()
+        preprint.node.add_contributor(write_contrib, permissions=['read', 'write'], auth=Auth(user), save=True)
 
-        assert_false(self.preprint.subjects.filter(_id=self.subject._id).exists())
-        update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [[self.subject._id]]})
+        assert not preprint.subjects.filter(_id=subject._id).exists()
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
 
-        res = self.app.patch_json_api(self.url, update_subjects_payload, auth=user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        res = app.patch_json_api(url, update_subjects_payload, auth=write_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
 
-        assert_false(self.preprint.subjects.filter(_id=self.subject._id).exists())
+        assert not preprint.subjects.filter(_id=subject._id).exists()
 
-    def test_noncontrib_cannot_set_subjects(self):
-        user_two = AuthUserFactory()
-        self.preprint.node.add_contributor(user_two, permissions=['read', 'write'], auth=Auth(self.user), save=True)
+    # def test_non_contrib_cannot_set_subjects(self, app, user, preprint, subject, url):
+        non_contrib = AuthUserFactory()
 
-        assert_false(self.preprint.subjects.filter(_id=self.subject._id).exists())
+        assert not preprint.subjects.filter(_id=subject._id).exists()
 
-        update_subjects_payload = build_preprint_update_payload(self.preprint._id, attributes={"subjects": [[self.subject._id]]})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
 
-        res = self.app.patch_json_api(self.url, update_subjects_payload, auth=user_two.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
+        res = app.patch_json_api(url, update_subjects_payload, auth=non_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
 
-        assert_false(self.preprint.subjects.filter(_id=self.subject._id).exists())
+        assert not preprint.subjects.filter(_id=subject._id).exists()
 
-    def test_update_published(self):
-        unpublished = PreprintFactory(creator=self.user, is_published=False)
+    def test_update_published(self, app, user):
+        unpublished = PreprintFactory(creator=user, is_published=False)
         url = '/{}preprints/{}/'.format(API_BASE, unpublished._id)
         payload = build_preprint_update_payload(unpublished._id, attributes={'is_published': True})
-        res = self.app.patch_json_api(url, payload, auth=self.user.auth)
+        res = app.patch_json_api(url, payload, auth=user.auth)
         unpublished.reload()
-        assert_true(unpublished.is_published)
+        assert unpublished.is_published
 
     @mock.patch('website.preprints.tasks.on_preprint_updated.s')
-    def test_update_preprint_task_called_on_api_update(self, mock_on_preprint_updated):
-        update_doi_payload = build_preprint_update_payload(self.preprint._id, attributes={'doi': '10.1234/ASDFASDF'})
+    def test_update_preprint_task_called_on_api_update(self, mock_on_preprint_updated, app, user, preprint, url):
+        update_doi_payload = build_preprint_update_payload(preprint._id, attributes={'doi': '10.1234/ASDFASDF'})
 
-        self.app.patch_json_api(self.url, update_doi_payload, auth=self.user.auth)
-        self.preprint.node.reload()
+        app.patch_json_api(url, update_doi_payload, auth=user.auth)
+        preprint.node.reload()
 
         assert mock_on_preprint_updated.called
 
-class TestPreprintUpdateLicense(ApiTestCase):
-
-    def setUp(self):
-        super(TestPreprintUpdateLicense, self).setUp()
-
-        ensure_licenses()
-
-        self.admin_contributor = AuthUserFactory()
-        self.rw_contributor = AuthUserFactory()
-        self.read_contributor = AuthUserFactory()
-        self.non_contributor = AuthUserFactory()
+@pytest.mark.django_db
+class TestPreprintUpdateLicense:
 
-        self.preprint_provider = PreprintProviderFactory()
-        self.preprint = PreprintFactory(creator=self.admin_contributor, provider=self.preprint_provider)
+    @pytest.fixture()
+    def admin_contributor(self):
+        return AuthUserFactory()
 
-        self.preprint.node.add_contributor(self.rw_contributor, auth=Auth(self.admin_contributor))
-        self.preprint.node.add_contributor(self.read_contributor, auth=Auth(self.admin_contributor), permissions=['read'])
-        self.preprint.node.save()
+    @pytest.fixture()
+    def rw_contributor(self):
+        return AuthUserFactory()
 
-        self.cc0_license = NodeLicense.find_one(Q('name', 'eq', 'CC0 1.0 Universal'))
-        self.mit_license = NodeLicense.find_one(Q('name', 'eq', 'MIT License'))
-        self.no_license = NodeLicense.find_one(Q('name', 'eq', 'No license'))
+    @pytest.fixture()
+    def read_contributor(self):
+        return AuthUserFactory()
 
-        self.preprint_provider.licenses_acceptable = [self.cc0_license, self.no_license]
-        self.preprint_provider.save()
+    @pytest.fixture()
+    def non_contributor(self):
+        return AuthUserFactory()
 
-        self.url = '/{}preprints/{}/'.format(API_BASE, self.preprint._id)
+    @pytest.fixture()
+    def cc0_license(self):
+        ensure_licenses()
+        return NodeLicense.find_one(Q('name', 'eq', 'CC0 1.0 Universal'))
 
-    def make_payload(self, node_id, license_id=None, license_year=None, copyright_holders=None):
-        attributes = {}
+    @pytest.fixture()
+    def mit_license(self):
+        ensure_licenses()
+        return NodeLicense.find_one(Q('name', 'eq', 'MIT License'))
 
-        if license_year and copyright_holders:
-            attributes = {
-                'license_record': {
-                    'year': license_year,
-                    'copyright_holders': copyright_holders
+    @pytest.fixture()
+    def no_license(self):
+        ensure_licenses()
+        return NodeLicense.find_one(Q('name', 'eq', 'No license'))
+
+    @pytest.fixture()
+    def preprint_provider(self, cc0_license, no_license):
+        preprint_provider = PreprintProviderFactory()
+        preprint_provider.licenses_acceptable = [cc0_license, no_license]
+        preprint_provider.save()
+        return preprint_provider
+
+    @pytest.fixture()
+    def preprint(self, admin_contributor, rw_contributor, read_contributor, preprint_provider):
+        preprint = PreprintFactory(creator=admin_contributor, provider=preprint_provider)
+        preprint.node.add_contributor(rw_contributor, auth=Auth(admin_contributor))
+        preprint.node.add_contributor(read_contributor, auth=Auth(admin_contributor), permissions=['read'])
+        preprint.node.save()
+        return preprint
+
+    @pytest.fixture()
+    def url(self, preprint):
+        return '/{}preprints/{}/'.format(API_BASE, preprint._id)
+
+    @pytest.fixture()
+    def make_payload(self):
+        def payload(node_id, license_id=None, license_year=None, copyright_holders=None):
+            attributes = {}
+
+            if license_year and copyright_holders:
+                attributes = {
+                    'license_record': {
+                        'year': license_year,
+                        'copyright_holders': copyright_holders
+                    }
                 }
-            }
-        elif license_year:
-            attributes = {
-                'license_record': {
-                    'year': license_year
+            elif license_year:
+                attributes = {
+                    'license_record': {
+                        'year': license_year
+                    }
                 }
-            }
-        elif copyright_holders:
-            attributes = {
-                'license_record': {
-                    'copyright_holders': copyright_holders
+            elif copyright_holders:
+                attributes = {
+                    'license_record': {
+                        'copyright_holders': copyright_holders
+                    }
                 }
-            }
 
-        return {
-            'data': {
-                'id': node_id,
-                'attributes': attributes,
-                'relationships': {
-                    'license': {
-                        'data': {
-                            'type': 'licenses',
-                            'id': license_id
+            return {
+                'data': {
+                    'id': node_id,
+                    'attributes': attributes,
+                    'relationships': {
+                        'license': {
+                            'data': {
+                                'type': 'licenses',
+                                'id': license_id
+                            }
                         }
                     }
                 }
+            } if license_id else {
+                'data': {
+                    'id': node_id,
+                    'attributes': attributes
+                }
             }
-        } if license_id else {
-            'data': {
-                'id': node_id,
-                'attributes': attributes
-            }
-        }
 
-    def make_request(self, url, data, auth=None, expect_errors=False):
-        return self.app.patch_json_api(url, data, auth=auth, expect_errors=expect_errors)
+        return payload
+
+    @pytest.fixture()
+    def make_request(self, app):
+        def request(url, data, auth=None, expect_errors=False):
+            return app.patch_json_api(url, data, auth=auth, expect_errors=expect_errors)
+        return request
 
-    def test_admin_update_license_with_invalid_id(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
+    def test_admin_update_license_with_invalid_id(self, admin_contributor, preprint, url, make_payload, make_request):
+        data = make_payload(
+            node_id=preprint._id,
             license_id='thisisafakelicenseid'
         )
 
-        assert_equal(self.preprint.license, None)
+        assert preprint.license == None
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
-        assert_equal(res.json['errors'][0]['detail'], 'Unable to find specified license.')
+        res = make_request(url, data, auth=admin_contributor.auth, expect_errors=True)
+        assert res.status_code == 404
+        assert res.json['errors'][0]['detail'] == 'Unable to find specified license.'
 
-        self.preprint.reload()
-        assert_equal(self.preprint.license, None)
+        preprint.reload()
+        assert preprint.license == None
 
-    def test_admin_can_update_license(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+    def test_admin_can_update_license(self, admin_contributor, preprint, cc0_license, url, make_payload, make_request):
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        assert_equal(self.preprint.license, None)
+        assert preprint.license == None
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.reload()
 
-        assert_equal(self.preprint.license.node_license, self.cc0_license)
-        assert_equal(self.preprint.license.year, None)
-        assert_equal(self.preprint.license.copyright_holders, [])
+        assert preprint.license.node_license == cc0_license
+        assert preprint.license.year == None
+        assert preprint.license.copyright_holders == []
 
         # check logs
-        log = self.preprint.node.logs.latest()
-        assert_equal(log.action, 'preprint_license_updated')
-        assert_equal(log.params.get('preprint'), self.preprint._id)
-
-    def test_admin_can_update_license_record(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.no_license._id,
+        log = preprint.node.logs.latest()
+        assert log.action == 'preprint_license_updated'
+        assert log.params.get('preprint') == preprint._id
+
+    def test_admin_can_update_license_record(self, admin_contributor, preprint, no_license, url, make_payload, make_request):
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=no_license._id,
             license_year='2015',
-            copyright_holders=['Bojack Horseman, Princess Carolyn']
+            copyright_holders=['Tonya Shepoly, Lucas Pucas']
         )
 
-        assert_equal(self.preprint.license, None)
+        assert preprint.license == None
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.reload()
+
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2015'
+        assert preprint.license.copyright_holders == ['Tonya Shepoly, Lucas Pucas']
+
+    def test_cannot_update_license(self, rw_contributor, read_contributor, non_contributor, preprint, cc0_license, url, make_payload, make_request):
+
+    #   test_rw_contributor_cannot_update_license
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
+        )
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2015')
-        assert_equal(self.preprint.license.copyright_holders, ['Bojack Horseman, Princess Carolyn'])
+        res = make_request(url, data, auth=rw_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == 'User must be an admin to update a preprint.'
 
-    def test_rw_contributor_cannot_update_license(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+    #   test_read_contributor_cannot_update_license
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        res = self.make_request(self.url, data, auth=self.rw_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'User must be an admin to update a preprint.')
+        res = make_request(url, data, auth=read_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-    def test_read_contributor_cannot_update_license(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+    #   test_non_contributor_cannot_update_license
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        res = self.make_request(self.url, data, auth=self.read_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
+        res = make_request(url, data, auth=non_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
 
-    def test_non_contributor_cannot_update_license(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+    #   test_unauthenticated_user_cannot_update_license
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        res = self.make_request(self.url, data, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
+        res = make_request(url, data, expect_errors=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == 'Authentication credentials were not provided.'
+
+    def test_update_error(self, admin_contributor, preprint, preprint_provider, mit_license, no_license, url, make_payload, make_request):
 
-    def test_unauthenticated_user_cannot_update_license(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+    #   test_update_preprint_with_invalid_license_for_provider
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=mit_license._id
         )
 
-        res = self.make_request(self.url, data, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
+        assert preprint.license == None
+
+        res = make_request(url, data, auth=admin_contributor.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == 'Invalid license chosen for {}'.format(preprint_provider.name)
 
-    def test_update_preprint_with_invalid_license_for_provider(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.mit_license._id
+    #   test_update_preprint_license_without_required_year_in_payload
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=no_license._id,
+            copyright_holders=['Rachel', 'Rheisen']
         )
 
-        assert_equal(self.preprint.license, None)
+        res = make_request(url, data, auth=admin_contributor.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'year must be specified for this license'
+
+    #   test_update_preprint_license_without_required_copyright_holders_in_payload
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=no_license._id,
+            license_year='1994'
+        )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'Invalid license chosen for {}'.format(self.preprint_provider.name))
+        res = make_request(url, data, auth=admin_contributor.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'copyrightHolders must be specified for this license'
 
-    def test_update_preprint_with_existing_license_year_attribute_only(self):
-        self.preprint.set_preprint_license(
+    def test_update_preprint_with_existing_license_year_attribute_only(self, admin_contributor, preprint, no_license, url, make_payload, make_request):
+        preprint.set_preprint_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2014',
-                'copyrightHolders': ['Diane', 'Mr. Peanut Butter']
+                'copyrightHolders': ['Daniel FromBrazil', 'Queen Jaedyn']
             },
-            Auth(self.admin_contributor),
+            Auth(admin_contributor),
         )
-        self.preprint.save()
+        preprint.save()
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Daniel FromBrazil', 'Queen Jaedyn']
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
+        data = make_payload(
+            node_id=preprint._id,
             license_year='2015'
         )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.license.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.license.reload()
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2015')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2015'
+        assert preprint.license.copyright_holders == ['Daniel FromBrazil', 'Queen Jaedyn']
 
-    def test_update_preprint_with_existing_license_copyright_holders_attribute_only(self):
-        self.preprint.set_preprint_license(
+    def test_update_preprint_with_existing_license_copyright_holders_attribute_only(self, admin_contributor, preprint, no_license, url, make_payload, make_request):
+        preprint.set_preprint_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2014',
-                'copyrightHolders': ['Diane', 'Mr. Peanut Butter']
+                'copyrightHolders': ['Captain Haley', 'Keegor Cannoli']
             },
-            Auth(self.admin_contributor),
+            Auth(admin_contributor),
         )
-        self.preprint.save()
+        preprint.save()
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Captain Haley', 'Keegor Cannoli']
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            copyright_holders=['Bojack Horseman', 'Princess Carolyn']
+        data = make_payload(
+            node_id=preprint._id,
+            copyright_holders=['Reason Danish', 'Ben the NJB']
         )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.license.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.license.reload()
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Bojack Horseman', 'Princess Carolyn'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Reason Danish', 'Ben the NJB']
 
-    def test_update_preprint_with_existing_license_relationship_only(self):
-        self.preprint.set_preprint_license(
+    def test_update_preprint_with_existing_license_relationship_only(self, admin_contributor, preprint, cc0_license, no_license, url, make_payload, make_request):
+        preprint.set_preprint_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2014',
-                'copyrightHolders': ['Diane', 'Mr. Peanut Butter']
+                'copyrightHolders': ['Reason', 'Mr. Lulu']
             },
-            Auth(self.admin_contributor),
+            Auth(admin_contributor),
         )
-        self.preprint.save()
+        preprint.save()
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Reason', 'Mr. Lulu']
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.license.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.license.reload()
 
-        assert_equal(self.preprint.license.node_license, self.cc0_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == cc0_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Reason', 'Mr. Lulu']
 
-    def test_update_preprint_with_existing_license_relationship_and_attributes(self):
-        self.preprint.set_preprint_license(
+    def test_update_preprint_with_existing_license_relationship_and_attributes(self, admin_contributor, preprint, cc0_license, no_license, url, make_payload, make_request):
+        preprint.set_preprint_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2014',
-                'copyrightHolders': ['Diane', 'Mr. Peanut Butter']
+                'copyrightHolders': ['Reason', 'Mr. Cosgrove']
             },
-            Auth(self.admin_contributor),
+            Auth(admin_contributor),
             save=True
         )
 
-        assert_equal(self.preprint.license.node_license, self.no_license)
-        assert_equal(self.preprint.license.year, '2014')
-        assert_equal(self.preprint.license.copyright_holders, ['Diane', 'Mr. Peanut Butter'])
+        assert preprint.license.node_license == no_license
+        assert preprint.license.year == '2014'
+        assert preprint.license.copyright_holders == ['Reason', 'Mr. Cosgrove']
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id,
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id,
             license_year='2015',
-            copyright_holders=['Bojack Horseman', 'Princess Carolyn']
-        )
-
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.license.reload()
-
-        assert_equal(self.preprint.license.node_license, self.cc0_license)
-        assert_equal(self.preprint.license.year, '2015')
-        assert_equal(self.preprint.license.copyright_holders, ['Bojack Horseman', 'Princess Carolyn'])
-
-    def test_update_preprint_license_without_required_year_in_payload(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.no_license._id,
-            copyright_holders=['Rick', 'Morty']
+            copyright_holders=['Rheisen', 'Princess Tyler']
         )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'year must be specified for this license')
-
-    def test_update_preprint_license_without_required_copyright_holders_in_payload_(self):
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.no_license._id,
-            license_year='1994'
-        )
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.license.reload()
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'copyrightHolders must be specified for this license')
+        assert preprint.license.node_license == cc0_license
+        assert preprint.license.year == '2015'
+        assert preprint.license.copyright_holders == ['Rheisen', 'Princess Tyler']
 
-    def test_update_preprint_license_does_not_change_project_license(self):
-        self.preprint.node.set_node_license(
+    def test_update_preprint_license_does_not_change_project_license(self, admin_contributor, preprint, cc0_license, no_license, url, make_payload, make_request):
+        preprint.node.set_node_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2015',
                 'copyrightHolders': ['Simba', 'Mufasa']
             },
-            auth=Auth(self.admin_contributor)
+            auth=Auth(admin_contributor)
         )
-        self.preprint.node.save()
-        assert_equal(self.preprint.node.node_license.node_license, self.no_license)
+        preprint.node.save()
+        assert preprint.node.node_license.node_license == no_license
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.cc0_license._id
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=cc0_license._id
         )
 
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        assert_equal(res.status_code, 200)
-        self.preprint.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        assert res.status_code == 200
+        preprint.reload()
 
-        assert_equal(self.preprint.license.node_license, self.cc0_license)
-        assert_equal(self.preprint.node.node_license.node_license, self.no_license)
+        assert preprint.license.node_license == cc0_license
+        assert preprint.node.node_license.node_license == no_license
 
-    def test_update_preprint_license_without_change_does_not_add_log(self):
-        self.preprint.set_preprint_license(
+    def test_update_preprint_license_without_change_does_not_add_log(self, admin_contributor, preprint, no_license, url, make_payload, make_request):
+        preprint.set_preprint_license(
             {
-                'id': self.no_license.license_id,
+                'id': no_license.license_id,
                 'year': '2015',
                 'copyrightHolders': ['Kim', 'Kanye']
             },
-            auth=Auth(self.admin_contributor),
+            auth=Auth(admin_contributor),
             save=True
         )
 
-        before_num_logs = self.preprint.node.logs.count()
-        before_update_log = self.preprint.node.logs.latest()
+        before_num_logs = preprint.node.logs.count()
+        before_update_log = preprint.node.logs.latest()
 
-        data = self.make_payload(
-            node_id=self.preprint._id,
-            license_id=self.no_license._id,
+        data = make_payload(
+            node_id=preprint._id,
+            license_id=no_license._id,
             license_year='2015',
             copyright_holders=['Kanye', 'Kim']
         )
-        res = self.make_request(self.url, data, auth=self.admin_contributor.auth)
-        self.preprint.node.reload()
+        res = make_request(url, data, auth=admin_contributor.auth)
+        preprint.node.reload()
+
+        after_num_logs = preprint.node.logs.count()
+        after_update_log = preprint.node.logs.latest()
+
+        assert res.status_code == 200
+        assert before_num_logs == after_num_logs
+        assert before_update_log._id == after_update_log._id
+
+
+@pytest.mark.django_db
+class TestPreprintIsPublishedDetail:
+
+    @pytest.fixture()
+    def admin(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def write_contrib(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def non_contrib(self):
+        return AuthUserFactory()
 
-        after_num_logs = self.preprint.node.logs.count()
-        after_update_log = self.preprint.node.logs.latest()
+    @pytest.fixture()
+    def public_project(self, admin, write_contrib):
+        public_project = ProjectFactory(creator=admin, is_public=True)
+        public_project.add_contributor(write_contrib, permissions=['read', 'write'], save=True)
+        return public_project
 
-        assert_equal(res.status_code, 200)
-        assert_equal(before_num_logs, after_num_logs)
-        assert_equal(before_update_log._id, after_update_log._id)
+    @pytest.fixture()
+    def subject(self):
+        return SubjectFactory()
 
+    @pytest.fixture()
+    def provider(self):
+        return PreprintProviderFactory()
 
-class TestPreprintIsPublishedDetail(ApiTestCase):
-    def setUp(self):
-        super(TestPreprintIsPublishedDetail, self).setUp()
-        self.admin= AuthUserFactory()
-        self.write_contrib = AuthUserFactory()
-        self.non_contrib = AuthUserFactory()
+    @pytest.fixture()
+    def file_one_public_project(self, admin, public_project):
+        return test_utils.create_test_file(public_project, admin, 'toe_socks_and_sunrises.pdf')
 
-        self.public_project = ProjectFactory(creator=self.admin, is_public=True)
-        self.public_project.add_contributor(self.write_contrib, permissions=['read', 'write'], save=True)
-        self.subject = SubjectFactory()
-        self.provider = PreprintProviderFactory()
-        self.file_one_public_project = test_utils.create_test_file(self.public_project, self.admin, 'mgla.pdf')
+    @pytest.fixture()
+    def unpublished_preprint(self, admin, provider, subject, public_project):
+        return PreprintFactory(creator=admin, filename='toe_socks_and_sunrises.pdf', provider=provider, subjects=[[subject._id]], project=public_project, is_published=False)
 
-        self.unpublished_preprint = PreprintFactory(creator=self.admin, filename='mgla.pdf', provider=self.provider, subjects=[[self.subject._id]], project=self.public_project, is_published=False)
+    @pytest.fixture()
+    def url(self, unpublished_preprint):
+        return '/{}preprints/{}/'.format(API_BASE, unpublished_preprint._id)
 
-        self.url = '/{}preprints/{}/'.format(API_BASE, self.unpublished_preprint._id)
+    def test_preprint_is_published_detail(self, app, admin, write_contrib, non_contrib, unpublished_preprint, url):
 
-    def test_unpublished_visible_to_admins(self):
-        res = self.app.get(self.url, auth=self.admin.auth)
-        assert res.json['data']['id'] == self.unpublished_preprint._id
+    #   test_unpublished_visible_to_admins
+        res = app.get(url, auth=admin.auth)
+        assert res.json['data']['id'] == unpublished_preprint._id
 
-    def test_unpublished_invisible_to_write_contribs(self):
-        res = self.app.get(self.url, auth=self.write_contrib.auth, expect_errors=True)
+    #   test_unpublished_invisible_to_write_contribs
+        res = app.get(url, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_unpublished_invisible_to_non_contribs(self):
-        res = self.app.get(self.url, auth=self.non_contrib.auth, expect_errors=True)
+    #   test_unpublished_invisible_to_non_contribs
+        res = app.get(url, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
-    def test_unpublished_invisible_to_public(self):
-        res = self.app.get(self.url, expect_errors=True)
+    #   test_unpublished_invisible_to_public
+        res = app.get(url, expect_errors=True)
         assert res.status_code == 401

From 5079ef52751288758596e1c9e0ffed119540a05e Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 13:23:19 -0400
Subject: [PATCH 057/163] Allow passing extra data to sentry

---
 framework/sentry/__init__.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/framework/sentry/__init__.py b/framework/sentry/__init__.py
index 677bd25cc07..5f74f6c618f 100644
--- a/framework/sentry/__init__.py
+++ b/framework/sentry/__init__.py
@@ -35,13 +35,11 @@ def log_exception():
     })
 
 
-def log_message(message):
+def log_message(message, extra={}):
     if not enabled:
         logger.warning(
             'Sentry called to log message, but is not active: %s' % message
         )
         return None
 
-    return sentry.captureMessage(message, extra={
-        'session': get_session_data(),
-    })
+    return sentry.captureMessage(message, extra=extra)

From c4bbf4181b3d32984a866c6a37d8bdc91fbb71d1 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 13:24:02 -0400
Subject: [PATCH 058/163] Pass guid as extra data

---
 website/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/views.py b/website/views.py
index 2abfbad0953..01e9969de59 100644
--- a/website/views.py
+++ b/website/views.py
@@ -246,7 +246,7 @@ def resolve_guid(guid, suffix=None):
         #   expected.
         if not hasattr(guid_object.referent, 'deep_url'):
             sentry.log_message(
-                'Guid `{}` resolved to an object with no deep_url'.format(guid)
+                'Guid resolved to an object with no deep_url', dict(guid = guid)
             )
             raise HTTPError(http.NOT_FOUND)
         referent = guid_object.referent

From 57f72a0f64ccc7713a38a03d016e05ec8c528b1d Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 13:35:40 -0400
Subject: [PATCH 059/163] Add session info to extra data

---
 framework/sentry/__init__.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/framework/sentry/__init__.py b/framework/sentry/__init__.py
index 5f74f6c618f..9abcce701e0 100644
--- a/framework/sentry/__init__.py
+++ b/framework/sentry/__init__.py
@@ -35,11 +35,16 @@ def log_exception():
     })
 
 
-def log_message(message, extra={}):
+def log_message(message, extra_data={}):
     if not enabled:
         logger.warning(
             'Sentry called to log message, but is not active: %s' % message
         )
         return None
+    extra = {
+        'session': get_session_data(),
+    }
+
+    if extra_data: extra.update(extra_data)
 
     return sentry.captureMessage(message, extra=extra)

From 81c4af80ba7327b99dda66fd87039aa24c6af2f8 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 14:07:33 -0400
Subject: [PATCH 060/163] Fix jshint errors

---
 website/static/js/pages/project-dashboard-page.js | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/website/static/js/pages/project-dashboard-page.js b/website/static/js/pages/project-dashboard-page.js
index b429205ba20..8eceb12abd4 100644
--- a/website/static/js/pages/project-dashboard-page.js
+++ b/website/static/js/pages/project-dashboard-page.js
@@ -201,13 +201,17 @@ $(document).ready(function () {
             var filebrowser = new Fangorn(fangornOpts);
             var newComponentElem = document.getElementById('newComponent');
             if (window.contextVars.node.isPublic) {
-                m.mount(document.getElementById('shareButtonsPopover'),
-                        m.component(SocialShare.ShareButtonsPopover,
-                            {title: window.contextVars.node.title, url: window.location.href}));
+                m.mount(
+                    document.getElementById('shareButtonsPopover'),
+                    m.component(
+                        SocialShare.ShareButtonsPopover,
+                        {title: window.contextVars.node.title, url: window.location.href}
+                    )
+                );
             }
             if (newComponentElem) {
                 m.mount(newComponentElem, AddComponentButton);
-            };
+            }
             m.endComputation();
         });
 

From 3e17c60999391d5e47c45872118b1e715a53c98f Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 14:34:41 -0400
Subject: [PATCH 061/163] Remove mutable default argument

---
 framework/sentry/__init__.py | 7 ++++---
 website/views.py             | 2 +-
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/framework/sentry/__init__.py b/framework/sentry/__init__.py
index 9abcce701e0..dba83c5fc0f 100644
--- a/framework/sentry/__init__.py
+++ b/framework/sentry/__init__.py
@@ -35,7 +35,7 @@ def log_exception():
     })
 
 
-def log_message(message, extra_data={}):
+def log_message(message, extra_data=None):
     if not enabled:
         logger.warning(
             'Sentry called to log message, but is not active: %s' % message
@@ -44,7 +44,8 @@ def log_message(message, extra_data={}):
     extra = {
         'session': get_session_data(),
     }
-
-    if extra_data: extra.update(extra_data)
+    if extra_data is None:
+        extra_data = {}
+    extra.update(extra_data)
 
     return sentry.captureMessage(message, extra=extra)
diff --git a/website/views.py b/website/views.py
index 01e9969de59..8e8c36ea02c 100644
--- a/website/views.py
+++ b/website/views.py
@@ -246,7 +246,7 @@ def resolve_guid(guid, suffix=None):
         #   expected.
         if not hasattr(guid_object.referent, 'deep_url'):
             sentry.log_message(
-                'Guid resolved to an object with no deep_url', dict(guid = guid)
+                'Guid resolved to an object with no deep_url', {'guid' : guid}
             )
             raise HTTPError(http.NOT_FOUND)
         referent = guid_object.referent

From ff938916572c595265a2888c501ba96e5ca310e5 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 7 Jun 2017 16:06:24 -0400
Subject: [PATCH 062/163] replace " with ', restructure imports, remove unused
 import

---
 .../views/test_preprint_provider_detail.py    |  1 -
 .../preprints/views/test_preprint_detail.py   | 52 +++++++++----------
 2 files changed, 26 insertions(+), 27 deletions(-)

diff --git a/api_tests/preprint_providers/views/test_preprint_provider_detail.py b/api_tests/preprint_providers/views/test_preprint_provider_detail.py
index 7222d34dde5..f978c5e87f3 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_detail.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_detail.py
@@ -1,7 +1,6 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf_tests.factories import PreprintProviderFactory
 
 @pytest.mark.django_db
diff --git a/api_tests/preprints/views/test_preprint_detail.py b/api_tests/preprints/views/test_preprint_detail.py
index f2c2120ba77..513d82ecb2b 100644
--- a/api_tests/preprints/views/test_preprint_detail.py
+++ b/api_tests/preprints/views/test_preprint_detail.py
@@ -1,16 +1,12 @@
 import functools
 import mock
-import pytest
 from modularodm import Q
+import pytest
 
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as test_utils
 from framework.auth.core import Auth
 from osf.models import PreprintService, NodeLicense
-from website.project.licenses import ensure_licenses
-from website.project.signals import contributor_added
-from website.identifiers.utils import build_ezid_metadata
-from tests.base import ApiTestCase, fake, capture_signals
 from osf_tests.factories import (
     PreprintFactory, 
     AuthUserFactory, 
@@ -18,15 +14,20 @@
     SubjectFactory, 
     PreprintProviderFactory
 )
+from rest_framework import exceptions
+from tests.base import fake, capture_signals
+from website.project.licenses import ensure_licenses
+from website.project.signals import contributor_added
+from website.identifiers.utils import build_ezid_metadata
 
 ensure_licenses = functools.partial(ensure_licenses, warn=False)
 
 def build_preprint_update_payload(node_id, attributes=None, relationships=None):
     payload = {
-        "data": {
-            "id": node_id,
-            "attributes": attributes,
-            "relationships": relationships
+        'data': {
+            'id': node_id,
+            'attributes': attributes,
+            'relationships': relationships
         }
     }
     return payload
@@ -142,7 +143,7 @@ def test_update_preprint_permission_denied(self, app, preprint, url):
 
     def test_update_subjects(self, app, user, preprint, subject, url):
         assert not preprint.subjects.filter(_id=subject._id).exists()
-        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={'subjects': [[subject._id]]})
 
         res = app.patch_json_api(url, update_subjects_payload, auth=user.auth)
         assert res.status_code == 200
@@ -152,7 +153,7 @@ def test_update_subjects(self, app, user, preprint, subject, url):
 
     def test_update_invalid_subjects(self, app, user, preprint, url):
         subjects = preprint.subjects
-        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [['wwe']]})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={'subjects': [['wwe']]})
 
         res = app.patch_json_api(url, update_subjects_payload, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
@@ -163,10 +164,10 @@ def test_update_invalid_subjects(self, app, user, preprint, url):
     def test_update_primary_file(self, app, user, preprint, url):
         new_file = test_utils.create_test_file(preprint.node, user,  filename='shook_that_mans_hand.pdf')
         relationships = {
-            "primary_file": {
-                "data": {
-                    "type": "file",
-                    "id": new_file._id
+            'primary_file': {
+                'data': {
+                    'type': 'file',
+                    'id': new_file._id
                 }
             }
         }
@@ -179,7 +180,6 @@ def test_update_primary_file(self, app, user, preprint, url):
         preprint.node.reload()
         assert preprint.primary_file == new_file
 
-        # check logs
         log = preprint.node.logs.latest()
         assert log.action == 'preprint_file_updated'
         assert log.params.get('preprint') == preprint._id
@@ -189,10 +189,10 @@ def test_new_primary_not_in_node(self, app, user, preprint, url):
         file_for_project = test_utils.create_test_file(project, user, filename='six_pack_novak.pdf')
 
         relationships = {
-            "primary_file": {
-                "data": {
-                    "type": "file",
-                    "id": file_for_project._id
+            'primary_file': {
+                'data': {
+                    'type': 'file',
+                    'id': file_for_project._id
                 }
             }
         }
@@ -208,7 +208,7 @@ def test_new_primary_not_in_node(self, app, user, preprint, url):
     def test_update_article_doi(self, app, user, preprint, url):
         new_doi = '10.1234/ASDFASDF'
         assert preprint.article_doi != new_doi
-        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"doi": new_doi})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={'doi': new_doi})
 
         res = app.patch_json_api(url, update_subjects_payload, auth=user.auth)
         assert res.status_code == 200
@@ -275,7 +275,7 @@ def test_contribs_cannot_set_subjects(self, app, user, preprint, subject, url):
         preprint.node.add_contributor(write_contrib, permissions=['read', 'write'], auth=Auth(user), save=True)
 
         assert not preprint.subjects.filter(_id=subject._id).exists()
-        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={'subjects': [[subject._id]]})
 
         res = app.patch_json_api(url, update_subjects_payload, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
@@ -287,7 +287,7 @@ def test_contribs_cannot_set_subjects(self, app, user, preprint, subject, url):
 
         assert not preprint.subjects.filter(_id=subject._id).exists()
 
-        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={"subjects": [[subject._id]]})
+        update_subjects_payload = build_preprint_update_payload(preprint._id, attributes={'subjects': [[subject._id]]})
 
         res = app.patch_json_api(url, update_subjects_payload, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
@@ -491,7 +491,7 @@ def test_cannot_update_license(self, rw_contributor, read_contributor, non_contr
 
         res = make_request(url, data, auth=read_contributor.auth, expect_errors=True)
         assert res.status_code == 403
-        assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
     #   test_non_contributor_cannot_update_license
         data = make_payload(
@@ -501,7 +501,7 @@ def test_cannot_update_license(self, rw_contributor, read_contributor, non_contr
 
         res = make_request(url, data, auth=non_contributor.auth, expect_errors=True)
         assert res.status_code == 403
-        assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
     #   test_unauthenticated_user_cannot_update_license
         data = make_payload(
@@ -511,7 +511,7 @@ def test_cannot_update_license(self, rw_contributor, read_contributor, non_contr
 
         res = make_request(url, data, expect_errors=True)
         assert res.status_code == 401
-        assert res.json['errors'][0]['detail'] == 'Authentication credentials were not provided.'
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
     def test_update_error(self, admin_contributor, preprint, preprint_provider, mit_license, no_license, url, make_payload, make_request):
 

From 79de60ba536b2baa0fb6cdf7c854d780d91ecb88 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 7 Jun 2017 16:21:36 -0400
Subject: [PATCH 063/163] Fix flake error

---
 website/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/views.py b/website/views.py
index 8e8c36ea02c..03bc13af7b5 100644
--- a/website/views.py
+++ b/website/views.py
@@ -246,7 +246,7 @@ def resolve_guid(guid, suffix=None):
         #   expected.
         if not hasattr(guid_object.referent, 'deep_url'):
             sentry.log_message(
-                'Guid resolved to an object with no deep_url', {'guid' : guid}
+                'Guid resolved to an object with no deep_url', dict(guid=guid)
             )
             raise HTTPError(http.NOT_FOUND)
         referent = guid_object.referent

From ee8175ebeca7ce2da683a5d4c80f2c08b5b8432c Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Wed, 7 Jun 2017 16:52:51 -0400
Subject: [PATCH 064/163] Fix Mock Stopper

---
 admin_tests/nodes/test_views.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/admin_tests/nodes/test_views.py b/admin_tests/nodes/test_views.py
index 9118d7211d2..6d50082db2e 100644
--- a/admin_tests/nodes/test_views.py
+++ b/admin_tests/nodes/test_views.py
@@ -247,6 +247,7 @@ def tearDown(self):
         self.patcher_share_token.stop()
         self.patcher_mock_reindex_node.stop()
         self.patcher_mock_reindex_registration.stop()
+        self.patcher_mock_reindex_elastic.stop()
 
     def test_reindex_node_share(self):
         count = AdminLogEntry.objects.count()

From d8803af5c71d1b3e2df7f71e89fb391a5a64adf6 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 8 Jun 2017 00:14:11 -0400
Subject: [PATCH 065/163] Show licences acceptable as formatted list

---
 admin/preprint_providers/views.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/admin/preprint_providers/views.py b/admin/preprint_providers/views.py
index b3f33ee04a3..3795c50acf1 100644
--- a/admin/preprint_providers/views.py
+++ b/admin/preprint_providers/views.py
@@ -86,7 +86,12 @@ def get_context_data(self, *args, **kwargs):
         preprint_provider_attributes = model_to_dict(preprint_provider)
         kwargs.setdefault('page_number', self.request.GET.get('page', '1'))
 
-        preprint_provider_attributes['licenses_acceptable'] = preprint_provider.licenses_acceptable.values_list('name', flat=True)
+        licenses_acceptable = list(preprint_provider.licenses_acceptable.values_list('name', flat=True))
+        licenses_html = '<ul>'
+        for license in licenses_acceptable:
+            licenses_html += '<li>{}</li>'.format(license)
+        licenses_html += '</ul>'
+        preprint_provider_attributes['licenses_acceptable'] = licenses_html
 
         subject_html = '<ul class="three-cols">'
         for parent in preprint_provider.top_level_subjects:

From 461284efb07bb2c2dd19e592c8ffccdd812f312d Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 8 Jun 2017 12:03:58 -0400
Subject: [PATCH 066/163] Enforce pre populating user emails

---
 admin/users/views.py | 21 +++++++++++++++------
 1 file changed, 15 insertions(+), 6 deletions(-)

diff --git a/admin/users/views.py b/admin/users/views.py
index 13449ac3b4b..7b841a367d4 100644
--- a/admin/users/views.py
+++ b/admin/users/views.py
@@ -514,17 +514,26 @@ class ResetPasswordView(PermissionRequiredMixin, FormView):
     permission_required = 'osf.change_osfuser'
     raise_exception = True
 
-    def get_context_data(self, **kwargs):
-        user = OSFUser.load(self.kwargs.get('guid'))
-        try:
-            self.initial.setdefault('emails', [(r, r) for r in user.emails.values_list('address', flat=True)])
-        except AttributeError:
+    def dispatch(self, request, *args, **kwargs):
+        self.user = OSFUser.load(self.kwargs.get('guid'))
+        if self.user is None:
             raise Http404(
                 '{} with id "{}" not found.'.format(
                     self.context_object_name.title(),
                     self.kwargs.get('guid')
                 ))
-        kwargs.setdefault('guid', user._id)
+        return super(ResetPasswordView, self).dispatch(request, *args, **kwargs)
+
+    def get_initial(self):
+        user = self.user
+        self.initial = {
+            'emails': [(r, r) for r in user.emails.values_list('address', flat=True)],
+        }
+        return super(ResetPasswordView, self).get_initial()
+
+    def get_context_data(self, **kwargs):
+        kwargs.setdefault('guid', self.user._id)
+        kwargs.setdefault('emails', self.user.emails)
         return super(ResetPasswordView, self).get_context_data(**kwargs)
 
     def form_valid(self, form):

From 4cf26890df375b21beff826fb415f9898f3378d6 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 8 Jun 2017 14:01:19 -0400
Subject: [PATCH 067/163] cleanup tests, improve imports, add
 rest_framework/exception errors

---
 .../nodes/serializers/test_serializers.py     | 67 +++++++++---------
 api_tests/nodes/views/test_node_citations.py  | 38 +++++-----
 api_tests/nodes/views/test_node_embeds.py     | 69 ++++++++++---------
 api_tests/nodes/views/test_node_exceptions.py | 39 ++++++-----
 .../nodes/views/test_node_links_detail.py     | 22 +++---
 api_tests/nodes/views/test_node_links_list.py | 39 ++++-------
 api_tests/nodes/views/test_node_logs.py       | 40 +++++------
 .../views/test_node_registrations_list.py     |  7 +-
 .../nodes/views/test_node_sparse_fieldsets.py | 15 ++--
 .../views/test_node_view_only_links_detail.py | 56 +++++++--------
 .../views/test_node_view_only_links_list.py   | 47 ++++++-------
 .../views/test_view_only_query_parameter.py   | 65 ++++++++---------
 .../views/test_view_only_link_nodes.py        | 18 +++--
 tests/utils.py                                | 15 ++--
 14 files changed, 257 insertions(+), 280 deletions(-)

diff --git a/api_tests/nodes/serializers/test_serializers.py b/api_tests/nodes/serializers/test_serializers.py
index 5e558feccb2..2fb820efed7 100644
--- a/api_tests/nodes/serializers/test_serializers.py
+++ b/api_tests/nodes/serializers/test_serializers.py
@@ -1,18 +1,24 @@
+from dateutil.parser import parse as parse_date
 import pytest
 from urlparse import urlparse
-from dateutil.parser import parse as parse_date
 
-from tests.base import DbTestCase, assert_datetime_equal
-from tests.utils import make_drf_request_with_version
-from osf_tests.factories import UserFactory, NodeFactory, RegistrationFactory, ProjectFactory
-from framework.auth import Auth
+from api.base.settings.defaults import API_BASE
 from api.nodes.serializers import NodeSerializer
 from api.registrations.serializers import RegistrationSerializer
-from api.base.settings.defaults import API_BASE
+from framework.auth import Auth
+from osf_tests.factories import (
+    AuthUserFactory, 
+    UserFactory, 
+    NodeFactory, 
+    RegistrationFactory, 
+    ProjectFactory
+)
+from tests.base import DbTestCase, assert_datetime_equal
+from tests.utils import make_drf_request_with_version
 
 @pytest.fixture()
 def user():
-    return UserFactory()
+    return AuthUserFactory()
 
 @pytest.mark.django_db
 class TestNodeSerializer:
@@ -47,17 +53,15 @@ def test_node_serializer(self, user):
         assert 'files' in relationships
         assert 'parent' in relationships
         assert 'affiliated_institutions' in relationships
-        parent_link = relationships['parent']['links']['related']['href']
-        assert (
-            urlparse(parent_link).path ==
-            '/{}nodes/{}/'.format(API_BASE, parent._id))
         assert 'registrations' in relationships
         # Not a fork, so forked_from is removed entirely
         assert 'forked_from' not in relationships
+        parent_link = relationships['parent']['links']['related']['href']
+        assert urlparse(parent_link).path == '/{}nodes/{}/'.format(API_BASE, parent._id)
 
     #   test_fork_serialization
         node = NodeFactory(creator=user)
-        fork = node.fork_node(auth=Auth(user=node.creator))
+        fork = node.fork_node(auth=Auth(user))
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(fork, context={'request': req}).data
         data = result['data']
@@ -65,13 +69,11 @@ def test_node_serializer(self, user):
         # Relationships
         relationships = data['relationships']
         forked_from = relationships['forked_from']['links']['related']['href']
-        assert (
-            urlparse(forked_from).path ==
-            '/{}nodes/{}/'.format(API_BASE, node._id))
+        assert urlparse(forked_from).path == '/{}nodes/{}/'.format(API_BASE, node._id)
 
     #   test_template_serialization
         node = NodeFactory(creator=user)
-        fork = node.use_as_template(auth=Auth(user=node.creator))
+        fork = node.use_as_template(auth=Auth(user))
         req = make_drf_request_with_version(version='2.0')
         result = NodeSerializer(fork, context={'request': req}).data
         data = result['data']
@@ -79,20 +81,18 @@ def test_node_serializer(self, user):
         # Relationships
         relationships = data['relationships']
         templated_from = relationships['template_node']['links']['related']['href']
-        assert (
-            urlparse(templated_from).path ==
-            '/{}nodes/{}/'.format(API_BASE, node._id))
+        assert urlparse(templated_from).path == '/{}nodes/{}/'.format(API_BASE, node._id)
 
 @pytest.mark.django_db
 class TestNodeRegistrationSerializer:
 
     def test_serialization(self):
         user = UserFactory()
-        req = make_drf_request_with_version(version='2.2')
-        reg = RegistrationFactory(creator=user)
-        result = RegistrationSerializer(reg, context={'request': req}).data
+        versioned_request = make_drf_request_with_version(version='2.2')
+        registration = RegistrationFactory(creator=user)
+        result = RegistrationSerializer(registration, context={'request': versioned_request}).data
         data = result['data']
-        assert data['id'] == reg._id
+        assert data['id'] == registration._id
         assert data['type'] == 'registrations'
         should_not_relate_to_registrations = [
             'registered_from',
@@ -104,27 +104,22 @@ def test_serialization(self):
         attributes = data['attributes']
         assert_datetime_equal(
             parse_date(attributes['date_registered']),
-            reg.registered_date
+            registration.registered_date
         )
-        assert attributes['withdrawn'] == reg.is_retracted
+        assert attributes['withdrawn'] == registration.is_retracted
 
         # Relationships
         relationships = data['relationships']
-        relationship_urls = {}
-        for relationship in relationships:
-            relationship_urls[relationship]=relationships[relationship]['links']['related']['href']
+        relationship_urls = {k: v['links']['related']['href'] for k, v in relationships.items()}
         assert 'registered_by' in relationships
         registered_by = relationships['registered_by']['links']['related']['href']
-        assert (
-            urlparse(registered_by).path ==
-            '/{}users/{}/'.format(API_BASE, user._id))
+        assert urlparse(registered_by).path == '/{}users/{}/'.format(API_BASE, user._id)
         assert 'registered_from' in relationships
         registered_from = relationships['registered_from']['links']['related']['href']
-        assert (
-            urlparse(registered_from).path ==
-            '/{}nodes/{}/'.format(API_BASE, reg.registered_from._id))
+        assert urlparse(registered_from).path == '/{}nodes/{}/'.format(API_BASE, registration.registered_from._id)
+        api_registrations_url = '/{}registrations/'.format(API_BASE)
         for relationship in relationship_urls:
             if relationship in should_not_relate_to_registrations:
-                assert '/{}registrations/'.format(API_BASE) not in relationship_urls[relationship]
+                assert api_registrations_url not in relationship_urls[relationship]
             else:
-                assert '/{}registrations/'.format(API_BASE) in relationship_urls[relationship], 'For key {}'.format(relationship)
+                assert api_registrations_url in relationship_urls[relationship], 'For key {}'.format(relationship)
diff --git a/api_tests/nodes/views/test_node_citations.py b/api_tests/nodes/views/test_node_citations.py
index 8c120f4950d..738ae0ae0b7 100644
--- a/api_tests/nodes/views/test_node_citations.py
+++ b/api_tests/nodes/views/test_node_citations.py
@@ -1,8 +1,8 @@
 import pytest
 
-from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
+from framework.auth.core import Auth
+from rest_framework import exceptions
 from tests.factories import (
     ProjectFactory,
     AuthUserFactory,
@@ -10,18 +10,18 @@
 
 @pytest.fixture()
 def admin_contributor():
-	return AuthUserFactory()
+    return AuthUserFactory()
 
 @pytest.fixture()
-def rw_contributor():
+def write_contrib():
 	return AuthUserFactory()
 
 @pytest.fixture()
-def read_contributor():
+def read_contrib():
 	return AuthUserFactory()
 
 @pytest.fixture()
-def non_contributor():
+def non_contrib():
 	return AuthUserFactory()
 
 @pytest.fixture()
@@ -29,39 +29,39 @@ def public_project(admin_contributor):
 	return ProjectFactory(creator=admin_contributor, is_public=True)
 
 @pytest.fixture()
-def private_project(admin_contributor, rw_contributor, read_contributor):
+def private_project(admin_contributor, write_contrib, read_contrib):
 	private_project = ProjectFactory(creator=admin_contributor)
-	private_project.add_contributor(rw_contributor, auth=Auth(admin_contributor))
-	private_project.add_contributor(read_contributor, permissions=['read'], auth=Auth(admin_contributor))
+	private_project.add_contributor(write_contrib, permissions=['read','write'], auth=Auth(admin_contributor))
+	private_project.add_contributor(read_contrib, permissions=['read'], auth=Auth(admin_contributor))
 	private_project.save()
 	return private_project
 
 @pytest.mark.django_db
 class NodeCitationsMixin:
 
-	def test_node_citations(self, app, admin_contributor, rw_contributor, read_contributor, non_contributor, private_url, public_url):
+    def test_node_citations(self, app, admin_contributor, write_contrib, read_contrib, non_contrib, private_url, public_url):
 
-	# 	test_admin_can_view_private_project_citations
+	#   test_admin_can_view_private_project_citations
 		res = app.get(private_url, auth=admin_contributor.auth)
 		assert res.status_code == 200
 
-	# 	test_rw_contributor_can_view_private_project_citations
-		res = app.get(private_url, auth=rw_contributor.auth)
+	#   test_write_contrib_can_view_private_project_citations
+		res = app.get(private_url, auth=write_contrib.auth)
 		assert res.status_code == 200
 
-	# 	test_read_contributor_can_view_private_project_citations
-		res = app.get(private_url, auth=read_contributor.auth)
+	#   test_read_contrib_can_view_private_project_citations
+		res = app.get(private_url, auth=read_contrib.auth)
 		assert res.status_code == 200
 
-	#   test_non_contributor_cannot_view_private_project_citations
-		res = app.get(private_url, auth=non_contributor.auth, expect_errors=True)
+	#   test_non_contrib_cannot_view_private_project_citations
+		res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
 		assert res.status_code == 403
-		assert res.json['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+		assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
 	#   test_unauthenticated_cannot_view_private_project_citations
 		res = app.get(private_url, expect_errors=True)
 		assert res.status_code == 401
-		assert res.json['errors'][0]['detail'] == 'Authentication credentials were not provided.'
+		assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
 	#   test_unauthenticated_can_view_public_project_citations
 		res = app.get(public_url)
diff --git a/api_tests/nodes/views/test_node_embeds.py b/api_tests/nodes/views/test_node_embeds.py
index 265cda57d70..533c7dd4b24 100644
--- a/api_tests/nodes/views/test_node_embeds.py
+++ b/api_tests/nodes/views/test_node_embeds.py
@@ -1,13 +1,13 @@
-import pytest
 import functools
+import pytest
 
-from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
+from framework.auth.core import Auth
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory
 )
+from rest_framework import exceptions
 
 @pytest.fixture()
 def user():
@@ -17,16 +17,16 @@ def user():
 class TestNodeEmbeds:
 
     @pytest.fixture()
-    def contrib_one(self):
+    def write_contrib_one(self):
         return AuthUserFactory()
 
     @pytest.fixture()
-    def contrib_two(self):
+    def write_contrib_two(self):
         return AuthUserFactory()
 
     @pytest.fixture()
-    def contribs(self, contrib_one, contrib_two):
-        return [contrib_one, contrib_two]
+    def write_contribs(self, write_contrib_one, write_contrib_two):
+        return [write_contrib_one, write_contrib_two]
 
     @pytest.fixture()
     def auth(self, user):
@@ -37,17 +37,17 @@ def make_public_node(self, user):
         return functools.partial(ProjectFactory, is_public=False, creator=user)
 
     @pytest.fixture()
-    def root_node(self, auth, contrib_one, contrib_two, make_public_node):
+    def root_node(self, auth, write_contrib_one, write_contrib_two, make_public_node):
         root_node = make_public_node()
-        root_node.add_contributor(contrib_one, ['read', 'write'], auth=auth, save=True)
-        root_node.add_contributor(contrib_two, ['read', 'write'], auth=auth, save=True)
+        root_node.add_contributor(write_contrib_one, ['read', 'write'], auth=auth, save=True)
+        root_node.add_contributor(write_contrib_two, ['read', 'write'], auth=auth, save=True)
         return root_node
 
     @pytest.fixture()
-    def child_one(self, auth, contrib_one, contrib_two, make_public_node, root_node):
+    def child_one(self, auth, write_contrib_one, write_contrib_two, make_public_node, root_node):
         child_one = make_public_node(parent=root_node)
-        child_one.add_contributor(contrib_one, ['read', 'write'], auth=auth, save=True)
-        child_one.add_contributor(contrib_two, ['read', 'write'], auth=auth, save=True)
+        child_one.add_contributor(write_contrib_one, ['read', 'write'], auth=auth, save=True)
+        child_one.add_contributor(write_contrib_two, ['read', 'write'], auth=auth, save=True)
         return child_one
 
     @pytest.fixture()
@@ -55,75 +55,76 @@ def child_two(self, make_public_node, root_node):
         return make_public_node(parent=root_node)
 
     @pytest.fixture()
-    def subchild(self, child_two, contrib_one):
-        return ProjectFactory(parent=child_two, creator=contrib_one)
+    def subchild(self, child_two, write_contrib_one):
+        return ProjectFactory(parent=child_two, creator=write_contrib_one)
 
-    def test_node_embeds(self, app, user, contrib_one, contribs, subchild, root_node, child_one, child_two):
+    def test_node_embeds(self, app, user, write_contrib_one, write_contribs, subchild, root_node, child_one, child_two):
 
     #   test_embed_children
-        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, root_node._id)
+        url = '/{}nodes/{}/?embed=children'.format(API_BASE, root_node._id)
 
         res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
         ids = [child_one._id, child_two._id]
-        for child in embeds['children']['data']:
-            assert child['id'] in ids
+        assert len(embeds['children']['data']) == len(ids)
+        children = [child._id for child in res.json['data']['embeds']['children']['data']]
+        assert set(child_one._id, child_two._id) == set(children)
 
     #   test_embed_parent
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, child_one._id)
+        url = '/{}nodes/{}/?embed=parent'.format(API_BASE, child_one._id)
 
         res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
         assert embeds['parent']['data']['id'] == root_node._id
 
     #   test_embed_no_parent
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, root_node._id)
+        url = '/{}nodes/{}/?embed=parent'.format(API_BASE, root_node._id)
 
         res = app.get(url, auth=user.auth)
         data = res.json['data']
         assert 'embeds' not in data
 
     #   test_embed_contributors
-        url = '/{0}nodes/{1}/?embed=contributors'.format(API_BASE, child_one._id)
+        url = '/{}nodes/{}/?embed=contributors'.format(API_BASE, child_one._id)
 
         res = app.get(url, auth=user.auth)
         embeds = res.json['data']['embeds']
-        ids = [c._id for c in contribs] + [user._id]
-        ids = ['{}-{}'.format(child_one._id, id_) for id_ in ids]
-        for contrib in embeds['contributors']['data']:
-            assert contrib['id'] in ids
+        all_contribs = write_contribs + [user]
+        formatted_ids = ['{}-{}'.format(child_one._id, contrib._id) for contrib in all_contribs]
+        embed_contrib_ids = [contrib['id'] for contrib in embeds['contributors']['data']]
+        assert set(formatted_ids) == set(embed_contrib_ids)
 
     #   test_embed_children_filters_unauthorized
-        url = '/{0}nodes/{1}/?embed=children'.format(API_BASE, root_node._id)
+        url = '/{}nodes/{}/?embed=children'.format(API_BASE, root_node._id)
 
-        res = app.get(url, auth=contrib_one.auth)
+        res = app.get(url, auth=write_contrib_one.auth)
         embeds = res.json['data']['embeds']
         ids = [c['id'] for c in embeds['children']['data']]
         assert child_two._id not in ids
         assert child_one._id in ids
 
     #   test_embed_parent_unauthorized
-        url = '/{0}nodes/{1}/?embed=parent'.format(API_BASE, subchild._id)
+        url = '/{}nodes/{}/?embed=parent'.format(API_BASE, subchild._id)
 
-        res = app.get(url, auth=contrib_one.auth)
+        res = app.get(url, auth=write_contrib_one.auth)
         assert 'errors' in res.json['data']['embeds']['parent']
-        assert res.json['data']['embeds']['parent']['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+        assert res.json['data']['embeds']['parent']['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
     #   test_embed_attributes_not_relationships
         url = '/{}nodes/{}/?embed=title'.format(API_BASE, root_node._id)
 
-        res = app.get(url, auth=contrib_one.auth, expect_errors=True)
+        res = app.get(url, auth=write_contrib_one.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'The following fields are not embeddable: title'
 
     #   test_embed_contributors_pagination
         url = '/{}nodes/{}/?embed=contributors'.format(API_BASE, root_node._id)
-        res = app.get(url, auth=contrib_one.auth)
+        res = app.get(url, auth=write_contrib_one.auth)
         assert res.status_code == 200
         assert res.json['data']['embeds']['contributors']['links']['meta']['total_bibliographic'] == 3
 
     #   test_embed_contributors_updated_pagination
         url = '/{}nodes/{}/?version=2.1&embed=contributors'.format(API_BASE, root_node._id)
-        res = app.get(url, auth=contrib_one.auth)
+        res = app.get(url, auth=write_contrib_one.auth)
         assert res.status_code == 200
         assert res.json['data']['embeds']['contributors']['meta']['total_bibliographic'] == 3
diff --git a/api_tests/nodes/views/test_node_exceptions.py b/api_tests/nodes/views/test_node_exceptions.py
index 6010892db19..ae67c390447 100644
--- a/api_tests/nodes/views/test_node_exceptions.py
+++ b/api_tests/nodes/views/test_node_exceptions.py
@@ -1,11 +1,11 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory
 )
+from rest_framework import exceptions
 
 @pytest.fixture()
 def user():
@@ -44,47 +44,50 @@ def private_url(self, private_project):
 
     def test_exception_formatting(self, app, user, non_contrib, public_project, private_project, private_url, project_no_title):
 
+        error_required_field = 'This field is required.'
+        error_blank_field = 'This field may not be blank.'
+
     #   test_creates_project_with_no_title_formatting
         url = '/{}nodes/'.format(API_BASE)
         res = app.post_json_api(url, project_no_title, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
+        assert isinstance(errors, list)
         assert res.json['errors'][0]['source'] == {'pointer': '/data/attributes/title'}
-        assert res.json['errors'][0]['detail'] == 'This field is required.'
+        assert res.json['errors'][0]['detail'] == error_required_field
 
     #   test_node_does_not_exist_formatting
         url = '/{}nodes/{}/'.format(API_BASE, '12345')
         res = app.get(url, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
-        assert errors[0] == {'detail': 'Not found.'}
+        assert isinstance(errors, list)
+        assert errors[0] == {'detail': exceptions.NotFound.default_detail}
 
     #   test_forbidden_formatting
         res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
-        assert errors[0] == {'detail': 'You do not have permission to perform this action.'}
+        assert isinstance(errors, list)
+        assert errors[0] == {'detail': exceptions.PermissionDenied.default_detail}
 
     #   test_not_authorized_formatting
         res = app.get(private_url, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
-        assert errors[0] == {'detail': 'Authentication credentials were not provided.'}
+        assert isinstance(errors, list)
+        assert errors[0] == {'detail': exceptions.NotAuthenticated.default_detail}
 
     #   test_update_project_with_no_title_or_category_formatting
         res = app.put_json_api(private_url, {'data': {'type': 'nodes', 'id': private_project._id, 'attributes': {'description': 'New description'}}}, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
+        assert isinstance(errors, list)
         assert len(errors) == 2
         errors = res.json['errors']
         assert errors[0]['source'] == {'pointer': '/data/attributes/category'}
         assert errors[1]['source'] == {'pointer': '/data/attributes/title'}
 
-        assert errors[0]['detail'] == 'This field is required.'
-        assert errors[1]['detail'] == 'This field is required.'
+        assert errors[0]['detail'] == error_required_field
+        assert errors[1]['detail'] == error_required_field
 
     #   test_create_node_link_no_target_formatting
-        url = private_url + 'node_links/'
+        url = '{}node_links/'.format(private_url)
         res = app.post_json_api(url, {
             'data': {
                 'type': 'node_links',
@@ -99,13 +102,13 @@ def test_exception_formatting(self, app, user, non_contrib, public_project, priv
             }
         }, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
+        assert isinstance(errors, list)
         assert res.status_code == 400
         assert res.json['errors'][0]['source'] == {'pointer': '/data/id'}
-        assert res.json['errors'][0]['detail'] == 'This field may not be blank.'
+        assert res.json['errors'][0]['detail'] == error_blank_field
 
     #   test_node_link_already_exists
-        url = private_url + 'node_links/'
+        url = '{}node_links/'.format(private_url)
         res = app.post_json_api(url, {
             'data': {
                 'type': 'node_links',
@@ -133,6 +136,6 @@ def test_exception_formatting(self, app, user, non_contrib, public_project, priv
             }
         }}, auth=user.auth, expect_errors=True)
         errors = res.json['errors']
-        assert(isinstance(errors, list))
+        assert isinstance(errors, list)
         assert res.status_code == 400
-        assert(public_project._id in res.json['errors'][0]['detail'])
+        assert public_project._id in res.json['errors'][0]['detail']
diff --git a/api_tests/nodes/views/test_node_links_detail.py b/api_tests/nodes/views/test_node_links_detail.py
index dc10d41dbbf..739c561081a 100644
--- a/api_tests/nodes/views/test_node_links_detail.py
+++ b/api_tests/nodes/views/test_node_links_detail.py
@@ -1,16 +1,16 @@
 import pytest
 from urlparse import urlparse
 
+from api.base.settings.defaults import API_BASE
 from framework.auth.core import Auth 
 from osf.models import NodeLog
-from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
-from tests.utils import assert_latest_log
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
     AuthUserFactory,
 )
+from rest_framework import exceptions
+from tests.utils import assert_latest_log
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
@@ -22,7 +22,7 @@ def user():
 class TestNodeLinkDetail:
 
     @pytest.fixture()
-    def non_contributor(self):
+    def non_contrib(self):
         return AuthUserFactory()
 
     @pytest.fixture()
@@ -57,7 +57,7 @@ def public_pointer(self, user, public_project, public_pointer_project):
     def public_url(self, public_project, public_pointer):
         return '/{}nodes/{}/node_links/{}/'.format(API_BASE, public_project._id, public_pointer._id)
 
-    def test_node_link_detail(self, app, user, non_contributor, private_pointer_project, public_pointer_project, public_url, private_url):
+    def test_node_link_detail(self, app, user, non_contrib, private_pointer_project, public_pointer_project, public_url, private_url):
 
     #   test_returns_embedded_public_node_pointer_detail_logged_out
         res = app.get(public_url)
@@ -80,7 +80,7 @@ def test_node_link_detail(self, app, user, non_contributor, private_pointer_proj
         assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
         assert 'errors' in target_node
-        assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+        assert target_node['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
     #   test_returns_private_node_pointer_detail_logged_in_contributor
         res = app.get(private_url, auth=user.auth)
@@ -90,12 +90,12 @@ def test_node_link_detail(self, app, user, non_contributor, private_pointer_proj
         embedded = res_json['embeds']['target_node']['data']['id']
         assert embedded == private_pointer_project._id
 
-    #   test_returns_private_node_pointer_detail_logged_in_non_contributor
-        res = app.get(private_url, auth=non_contributor.auth, expect_errors=True)
+    #   test_returns_private_node_pointer_detail_logged_in_non_contrib
+        res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 200
         target_node = res.json['data']['embeds']['target_node']
         assert 'errors' in target_node
-        assert target_node['errors'][0]['detail'] == 'You do not have permission to perform this action.'
+        assert target_node['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
     #   test_self_link_points_to_node_link_detail_url
         res = app.get(public_url, auth=user.auth)
@@ -212,7 +212,7 @@ def test_deletes_private_node_pointer_logged_in_contributor(self, app, user, pri
             assert res.status_code == 204
             assert len(private_project.nodes_pointer) == 0
 
-    def test_deletes_private_node_pointer_logged_in_non_contributor(self, app, user_two, private_url):
+    def test_deletes_private_node_pointer_logged_in_non_contrib(self, app, user_two, private_url):
         res = app.delete(private_url, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
@@ -249,4 +249,4 @@ def test_delete_link_that_is_not_linked_to_correct_node(self, app, user, public_
         assert res.status_code == 404
         errors = res.json['errors']
         assert len(errors) == 1
-        assert errors[0]['detail'] == 'Not found.'
+        assert errors[0]['detail'] == exceptions.NotFound.default_detail
diff --git a/api_tests/nodes/views/test_node_links_list.py b/api_tests/nodes/views/test_node_links_list.py
index 5f014962050..fbabe087f2d 100644
--- a/api_tests/nodes/views/test_node_links_list.py
+++ b/api_tests/nodes/views/test_node_links_list.py
@@ -1,16 +1,16 @@
 import pytest
 from urlparse import urlparse
 
+from api.base.settings.defaults import API_BASE
 from framework.auth.core import Auth
 from osf.models import NodeLog
-from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
-from tests.utils import assert_latest_log
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
     AuthUserFactory
 )
+from rest_framework import exceptions
+from tests.utils import assert_latest_log
 
 node_url_for = lambda n_id: '/{}nodes/{}/'.format(API_BASE, n_id)
 
@@ -187,7 +187,7 @@ def test_add_node_link(self, app, user, public_pointer_project, public_url):
         }
         res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
-        assert res.json['errors'][0]['detail'] == 'Malformed request.'
+        assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
 
     #   test_add_node_link_no_relationships
         data = {
@@ -226,7 +226,7 @@ def test_add_node_link(self, app, user, public_pointer_project, public_url):
         }
         res = app.post_json_api(public_url, data, auth=user.auth, expect_errors=True)
         assert res.status_code == 400
-        assert res.json['errors'][0]['detail'] == 'Malformed request.'
+        assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
 
     #   test_add_node_links_no_data_in_relationships
         data = {
@@ -315,7 +315,7 @@ def test_add_node_link(self, app, user, public_pointer_project, public_url):
     def test_create_node_link_invalid_data(self, app, user, public_url):
         res = app.post_json_api(public_url, 'Incorrect data', auth=user.auth, expect_errors=True)
         assert res.status_code == 400
-        assert res.json['errors'][0]['detail'] == 'Malformed request.'
+        assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
 
     def test_creates_node_link_target_not_nested(self, app, user_two, private_pointer_project, public_url):
         payload = {
@@ -633,8 +633,7 @@ def test_bulk_create_errors(self, app, user, user_two, public_project, user_two_
         assert res.json['data'] == []
 
     #   test_bulk_creates_public_node_pointer_logged_in_non_contrib
-        res = app.post_json_api(public_url, public_payload,
-                                     auth=user_two.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(public_url, public_payload, auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
 
     #   test_bulk_creates_private_node_pointers_logged_out
@@ -646,8 +645,7 @@ def test_bulk_create_errors(self, app, user, user_two, public_project, user_two_
         assert res.json['data'] == []
 
     #   test_bulk_creates_private_node_pointers_logged_in_non_contributor
-        res = app.post_json_api(private_url, private_payload,
-                                     auth=user_two.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(private_url, private_payload, auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
@@ -663,16 +661,14 @@ def test_bulk_create_errors(self, app, user, user_two, public_project, user_two_
     #   test_bulk_creates_pointers_non_contributing_node_to_fake_node
         fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'rheis', 'type': 'nodes'}}}}]}
 
-        res = app.post_json_api(private_url, fake_payload,
-                                     auth=user_two.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(private_url, fake_payload, auth=user_two.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
     #   test_bulk_creates_pointers_contributing_node_to_fake_node
         fake_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'id': 'rheis', 'type': 'nodes'}}}}]}
 
-        res = app.post_json_api(private_url, fake_payload,
-                                     auth=user.auth, expect_errors=True, bulk=True)
+        res = app.post_json_api(private_url, fake_payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert 'detail' in res.json['errors'][0]
 
@@ -690,8 +686,7 @@ def test_bulk_create_errors(self, app, user, user_two, public_project, user_two_
     #   test_bulk_creates_node_pointer_to_itself_unauthorized
         point_to_itself_payload = {'data': [{'type': 'node_links', 'relationships': {'nodes': {'data': {'type': 'nodes', 'id': public_project._id}}}}]}
 
-        res = app.post_json_api(public_url, point_to_itself_payload, bulk=True, auth=user_two.auth,
-                                     expect_errors=True)
+        res = app.post_json_api(public_url, point_to_itself_payload, bulk=True, auth=user_two.auth, expect_errors=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
@@ -861,15 +856,13 @@ def test_bulk_delete_errors(self, app, user, non_contrib, public_project, public
         assert res.status_code == 400
 
     #   test_bulk_delete_pointer_limits
-        res = app.delete_json_api(public_url, {'data': [public_payload['data'][0]] * 101},
-                                       auth=user.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, {'data': [public_payload['data'][0]] * 101}, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
         assert res.json['errors'][0]['source']['pointer'] == '/data'
 
     #   test_bulk_delete_dict_inside_data
-        res = app.delete_json_api(public_url, {'data': {'id': public_project._id, 'type': 'node_links'}},
-                                       auth=user.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, {'data': {'id': public_project._id, 'type': 'node_links'}}, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
 
@@ -916,8 +909,7 @@ def test_bulk_delete_errors(self, app, user, non_contrib, public_project, public
 
     #   test_bulk_deletes_public_node_pointers_fails_if_bad_auth
         node_count_before = len(public_project.nodes_pointer)
-        res = app.delete_json_api(public_url, public_payload,
-                                       auth=non_contrib.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(public_url, public_payload, auth=non_contrib.auth, expect_errors=True, bulk=True)
         # This is could arguably be a 405, but we don't need to go crazy with status codes
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
@@ -925,8 +917,7 @@ def test_bulk_delete_errors(self, app, user, non_contrib, public_project, public
         assert node_count_before == len(public_project.nodes_pointer)
 
     #   test_bulk_deletes_private_node_pointers_logged_in_non_contributor
-        res = app.delete_json_api(private_url, private_payload,
-                                       auth=non_contrib.auth, expect_errors=True, bulk=True)
+        res = app.delete_json_api(private_url, private_payload, auth=non_contrib.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
         assert 'detail' in res.json['errors'][0]
 
diff --git a/api_tests/nodes/views/test_node_logs.py b/api_tests/nodes/views/test_node_logs.py
index 1ab4904085f..c756bb9cc1f 100644
--- a/api_tests/nodes/views/test_node_logs.py
+++ b/api_tests/nodes/views/test_node_logs.py
@@ -1,20 +1,20 @@
+import datetime
 import pytest
-import urlparse
 import pytz
-import datetime
+import urlparse
 
 from dateutil.parser import parse as parse_date
 
+from api.base.settings.defaults import API_BASE
 from framework.auth.core import Auth
 from osf.models import NodeLog
-from website.util import disconnected_from_listeners
-from website.project.signals import contributor_removed
-from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase, assert_datetime_equal
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
 )
+from tests.base import assert_datetime_equal
+from website.util import disconnected_from_listeners
+from website.project.signals import contributor_removed
 
 API_LATEST = 0
 API_FIRST = -1
@@ -64,7 +64,7 @@ def public_url(self, public_project):
 
     def test_add_tag(self, app, user, user_auth, public_project, public_url):
         public_project.add_tag('Rheisen', auth=user_auth)
-        assert 'tag_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'tag_added'
         res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
         assert len(res.json['data']) == public_project.logs.count()
@@ -73,14 +73,14 @@ def test_add_tag(self, app, user, user_auth, public_project, public_url):
 
     def test_remove_tag(self, app, user, user_auth, public_project, public_url):
         public_project.add_tag('Rheisen', auth=user_auth)
-        assert 'tag_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'tag_added'
         public_project.remove_tag('Rheisen', auth=user_auth)
-        assert 'tag_removed' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'tag_removed'
         res = app.get(public_url, auth=user)
         assert res.status_code == 200
         assert len(res.json['data']) == public_project.logs.count()
         assert res.json['data'][API_LATEST]['attributes']['action'] == 'tag_removed'
-        assert 'Rheisen' == public_project.logs.latest().params['tag']
+        assert public_project.logs.latest().params['tag'] == 'Rheisen'
 
     def test_project_creation(self, app, user, public_project, private_project, public_url, private_url):
 
@@ -109,7 +109,7 @@ def test_project_creation(self, app, user, public_project, private_project, publ
 
     def test_add_addon(self, app, user, user_auth, public_project, public_url):
         public_project.add_addon('github', auth=user_auth)
-        assert 'addon_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'addon_added'
         res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
         assert len(res.json['data']) == public_project.logs.count()
@@ -117,12 +117,12 @@ def test_add_addon(self, app, user, user_auth, public_project, public_url):
 
     def test_project_add_remove_contributor(self, app, user, contrib, user_auth, public_project, public_url):
         public_project.add_contributor(contrib, auth=user_auth)
-        assert 'contributor_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'contributor_added'
         # Disconnect contributor_removed so that we don't check in files
         # We can remove this when StoredFileNode is implemented in osf-models
         with disconnected_from_listeners(contributor_removed):
             public_project.remove_contributor(contrib, auth=user_auth)
-        assert 'contributor_removed' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'contributor_removed'
         res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
         assert len(res.json['data']) == public_project.logs.count()
@@ -131,10 +131,10 @@ def test_project_add_remove_contributor(self, app, user, contrib, user_auth, pub
 
     def test_remove_addon(self, app, user, user_auth, public_project, public_url):
         public_project.add_addon('github', auth=user_auth)
-        assert 'addon_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'addon_added'
         old_log_length = len(list(public_project.logs.all()))
         public_project.delete_addon('github', auth=user_auth)
-        assert 'addon_removed' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'addon_removed'
         assert (public_project.logs.count() - 1) == old_log_length
         res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
@@ -143,7 +143,7 @@ def test_remove_addon(self, app, user, user_auth, public_project, public_url):
 
     def test_add_pointer(self, app, user_auth, public_project, pointer, public_url):
         public_project.add_pointer(pointer, auth=user_auth, save=True)
-        assert 'pointer_created' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'pointer_created'
         res = app.get(public_url, auth=user_auth)
         assert res.status_code == 200
         assert len(res.json['data']) == public_project.logs.count()
@@ -154,15 +154,15 @@ class TestNodeLogFiltering(TestNodeLogList):
 
     def test_filter_action_not_equal(self, app, user, user_auth, public_project):
         public_project.add_tag('Rheisen', auth=user_auth)
-        assert 'tag_added' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'tag_added'
         url = '/{}nodes/{}/logs/?filter[action][ne]=tag_added'.format(API_BASE, public_project._id)
         res = app.get(url, auth=user.auth)
         assert len(res.json['data']) == 1
-        assert res.json['data'][0]['attributes']['action'] == 'project_created'
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'project_created'
 
     def test_filter_date_not_equal(self, app, user, public_project, pointer):
         public_project.add_pointer(pointer, auth=Auth(user), save=True)
-        assert 'pointer_created' == public_project.logs.latest().action
+        assert public_project.logs.latest().action == 'pointer_created'
         assert public_project.logs.count() == 2
 
         pointer_added_log = public_project.logs.get(action='pointer_created')
@@ -172,4 +172,4 @@ def test_filter_date_not_equal(self, app, user, public_project, pointer):
         res = app.get(url, auth=user.auth)
         assert res.status_code == 200
         assert len(res.json['data']) == 1
-        assert res.json['data'][0]['attributes']['action'] == 'project_created'
+        assert res.json['data'][API_LATEST]['attributes']['action'] == 'project_created'
diff --git a/api_tests/nodes/views/test_node_registrations_list.py b/api_tests/nodes/views/test_node_registrations_list.py
index 69d25d7842b..1984ce9a73a 100644
--- a/api_tests/nodes/views/test_node_registrations_list.py
+++ b/api_tests/nodes/views/test_node_registrations_list.py
@@ -2,7 +2,6 @@
 from urlparse import urlparse
 
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     RegistrationFactory,
@@ -48,7 +47,7 @@ def test_node_registration_list(self, app, user, public_project, private_project
         res = app.get(public_url)
         assert res.status_code == 200
         assert res.content_type == 'application/vnd.api+json'
-        assert res.json['data'][0]['attributes']['registration'] == True
+        assert res.json['data'][0]['attributes']['registration'] is True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
         assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, public_project._id)
         assert res.json['data'][0]['type'] == 'registrations'
@@ -56,7 +55,7 @@ def test_node_registration_list(self, app, user, public_project, private_project
     #   test_return_public_registrations_logged_in
         res = app.get(public_url, auth=user.auth)
         assert res.status_code == 200
-        assert res.json['data'][0]['attributes']['registration'] == True
+        assert res.json['data'][0]['attributes']['registration'] is True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
         assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, public_project._id)
         assert res.content_type == 'application/vnd.api+json'
@@ -70,7 +69,7 @@ def test_node_registration_list(self, app, user, public_project, private_project
     #   test_return_private_registrations_logged_in_contributor
         res = app.get(private_url, auth=user.auth)
         assert res.status_code == 200
-        assert res.json['data'][0]['attributes']['registration'] == True
+        assert res.json['data'][0]['attributes']['registration'] is True
         url = res.json['data'][0]['relationships']['registered_from']['links']['related']['href']
         assert urlparse(url).path == '/{}nodes/{}/'.format(API_BASE, private_project._id)
         assert res.content_type == 'application/vnd.api+json'
diff --git a/api_tests/nodes/views/test_node_sparse_fieldsets.py b/api_tests/nodes/views/test_node_sparse_fieldsets.py
index ae56e34f189..134873f12b7 100644
--- a/api_tests/nodes/views/test_node_sparse_fieldsets.py
+++ b/api_tests/nodes/views/test_node_sparse_fieldsets.py
@@ -1,13 +1,13 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
-from website.util import permissions
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
     PrivateLinkFactory,
 )
+from tests.base import ApiTestCase
+from website.util import permissions
 
 @pytest.fixture()
 def user():
@@ -51,15 +51,15 @@ def test_node_sparse_fields_list(self, app, user, deleted_project, private_proje
 
     #   test_returns_expected_nodes
         res = app.get(url + 'title')
-        node_json = res.json['data']
+        data = res.json['data']
 
-        ids = [each['id'] for each in node_json]
+        ids = [each['id'] for each in data]
         assert public_project._id in ids
         assert deleted_project._id not in ids
         assert private_project._id not in ids
 
-        assert len(node_json) == 1
-        node_json = node_json[0]
+        assert len(data) == 1
+        node_json = data[0]
         assert node_json['attributes']['title'] == public_project.title
         assert len(node_json['attributes']) == 1
         assert set(node_json.keys()) == set(['links', 'type', 'id', 'attributes'])
@@ -180,6 +180,7 @@ def test_update_with_sparse_fields(self, app, user, node, url):
         assert res.json['data']['attributes'] == {}
         node.reload()
         assert node.title != old_title
+        assert node.title == 'new title'
 
 @pytest.mark.django_db
 class TestSparseViewOnlyLinks:
@@ -204,7 +205,7 @@ def contributing_write_user(self):
     def private_node_one(self, creation_user, contributing_read_user, contributing_write_user):
         private_node_one = ProjectFactory(is_public=False, creator=creation_user, title='Private One')
         private_node_one.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
-        private_node_one.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+        private_node_one.add_contributor(contributing_write_user, permissions=[permissions.READ, permissions.WRITE], save=True)
         return private_node_one
 
     @pytest.fixture()
diff --git a/api_tests/nodes/views/test_node_view_only_links_detail.py b/api_tests/nodes/views/test_node_view_only_links_detail.py
index e583bb8ccf5..f1be08d6351 100644
--- a/api_tests/nodes/views/test_node_view_only_links_detail.py
+++ b/api_tests/nodes/views/test_node_view_only_links_detail.py
@@ -1,39 +1,38 @@
 import pytest
 
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
-from website.util import permissions
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
-    PrivateLinkFactory
+    PrivateLinkFactory,
 )
+from website.util import permissions
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def user():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def read_only_user():
+@pytest.fixture()
+def read_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def read_write_user():
+@pytest.fixture()
+def write_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def non_contributor():
+@pytest.fixture()
+def non_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def public_project(user, read_only_user, read_write_user):
+@pytest.fixture()
+def public_project(user, read_contrib, write_contrib):
     public_project = ProjectFactory(is_public=True, creator=user)
-    public_project.add_contributor(read_only_user, permissions=[permissions.READ])
-    public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+    public_project.add_contributor(read_contrib, permissions=[permissions.READ])
+    public_project.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE])
     public_project.save()
     return public_project
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def view_only_link(public_project):
     view_only_link = PrivateLinkFactory(name='testlink')
     view_only_link.nodes.add(public_project)
@@ -41,14 +40,13 @@ def view_only_link(public_project):
     return view_only_link
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
 class TestViewOnlyLinksDetail:
 
     @pytest.fixture()
     def url(self, public_project, view_only_link):
         return '/{}nodes/{}/view_only_links/{}/'.format(API_BASE, public_project._id, view_only_link._id)
 
-    def test_non_mutating_view_only_links_detail_tests(self, app, user, read_write_user, read_only_user, non_contributor, url, public_project, view_only_link):
+    def test_non_mutating_view_only_links_detail_tests(self, app, user, write_contrib, read_contrib, non_contrib, url, public_project, view_only_link):
 
     #   test_admin_can_view_vol_detail
         res = app.get(url, auth=user.auth)
@@ -56,15 +54,15 @@ def test_non_mutating_view_only_links_detail_tests(self, app, user, read_write_u
         assert res.json['data']['attributes']['name'] == 'testlink'
 
     #   test_read_write_cannot_view_vol_detail
-        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
+        res = app.get(url, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_view_vol_detail
-        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_view_vol_detail
-        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
+        res = app.get(url, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_view_vol_detail
@@ -83,7 +81,6 @@ def test_deleted_vol_not_returned(self, app, user, public_project, view_only_lin
         assert res.status_code == 404
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
 class TestViewOnlyLinksUpdate:
 
     @pytest.fixture()
@@ -133,7 +130,7 @@ def test_admin_can_update_vol_anonymous(self, app, user, view_only_link, url):
         assert res.json['data']['attributes']['name'] == 'testlink'
         assert res.json['data']['attributes']['anonymous'] == True
 
-    def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contributor, url):
+    def test_cannot_update_vol(self, app, write_contrib, read_contrib, non_contrib, url):
 
     #   test_read_write_cannot_update_vol
         payload = {
@@ -142,7 +139,7 @@ def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.put_json_api(url, {'data': payload}, auth=read_write_user.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_update_vol
@@ -152,7 +149,7 @@ def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.put_json_api(url, {'data': payload}, auth=read_only_user.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=read_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_update_vol
@@ -162,7 +159,7 @@ def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.put_json_api(url, {'data': payload}, auth=non_contributor.auth, expect_errors=True)
+        res = app.put_json_api(url, {'data': payload}, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_update_vol
@@ -176,7 +173,6 @@ def test_cannot_update_vol(self, app, read_write_user, read_only_user, non_contr
         assert res.status_code == 401
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
 class TestViewOnlyLinksDelete:
 
     @pytest.fixture()
@@ -189,18 +185,18 @@ def test_admin_can_delete_vol(self, app, user, url, view_only_link):
         assert res.status_code == 204
         assert view_only_link.is_deleted == True
 
-    def test_vol_delete(self, app, read_write_user, read_only_user, non_contributor, url):
+    def test_vol_delete(self, app, write_contrib, read_contrib, non_contrib, url):
 
     #   test_read_write_cannot_delete_vol
-        res = app.delete(url, auth=read_write_user.auth, expect_errors=True)
+        res = app.delete(url, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_delete_vol
-        res = app.delete(url, auth=read_only_user.auth, expect_errors=True)
+        res = app.delete(url, auth=read_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_delete_vol
-        res = app.delete(url, auth=non_contributor.auth, expect_errors=True)
+        res = app.delete(url, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_delete_vol
diff --git a/api_tests/nodes/views/test_node_view_only_links_list.py b/api_tests/nodes/views/test_node_view_only_links_list.py
index f9c991a3051..8832102b2c5 100644
--- a/api_tests/nodes/views/test_node_view_only_links_list.py
+++ b/api_tests/nodes/views/test_node_view_only_links_list.py
@@ -2,38 +2,37 @@
 
 from website.util import permissions
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
     PrivateLinkFactory
 )
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def user():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def read_only_user():
+@pytest.fixture()
+def read_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def read_write_user():
+@pytest.fixture()
+def write_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def non_contributor():
+@pytest.fixture()
+def non_contrib():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
-def public_project(user, read_only_user, read_write_user):
+@pytest.fixture()
+def public_project(user, read_contrib, write_contrib):
     public_project = ProjectFactory(is_public=True, creator=user)
-    public_project.add_contributor(read_only_user, permissions=[permissions.READ])
-    public_project.add_contributor(read_write_user, permissions=[permissions.WRITE])
+    public_project.add_contributor(read_contrib, permissions=[permissions.READ])
+    public_project.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE])
     public_project.save()
     return public_project
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def view_only_link(public_project):
     view_only_link = PrivateLinkFactory(name='testlink')
     view_only_link.nodes.add(public_project)
@@ -41,14 +40,13 @@ def view_only_link(public_project):
     return view_only_link
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
 class TestViewOnlyLinksList:
 
     @pytest.fixture()
-    def url(self, public_project):
+    def url(self, public_project, view_only_link):
         return '/{}nodes/{}/view_only_links/'.format(API_BASE, public_project._id)
 
-    def test_non_mutating_view_only_links_list_tests(self, app, user, read_write_user, read_only_user, non_contributor, public_project, url):
+    def test_non_mutating_view_only_links_list_tests(self, app, user, write_contrib, read_contrib, non_contrib, public_project, url):
 
     #   test_admin_can_view_vols_list
         res = app.get(url, auth=user.auth)
@@ -58,15 +56,15 @@ def test_non_mutating_view_only_links_list_tests(self, app, user, read_write_use
         assert data[0]['attributes']['name'] == 'testlink'
 
     #   test_read_write_cannot_view_vols_list
-        res = app.get(url, auth=read_write_user.auth, expect_errors=True)
+        res = app.get(url, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_view_vols_list
-        res = app.get(url, auth=read_only_user.auth, expect_errors=True)
+        res = app.get(url, auth=read_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_view_vols_list
-        res = app.get(url, auth=non_contributor.auth, expect_errors=True)
+        res = app.get(url, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_view_vols_list
@@ -92,7 +90,6 @@ def test_deleted_vols_not_returned(self, app, user, url, public_project):
         assert len(data) == 1
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('user', 'read_only_user', 'read_write_user', 'non_contributor', 'public_project', 'view_only_link')
 class TestViewOnlyLinksCreate:
 
     @pytest.fixture()
@@ -138,7 +135,7 @@ def test_default_name_not_in_payload(self, app, user, public_project):
         assert data['attributes']['anonymous'] == False
         assert data['embeds']['creator']['data']['id'] == user._id
 
-    def test_admin_can_create_vol(self, app, user, public_project):
+    def test_admin_can_create_vol(self, app, user, public_project, view_only_link):
         url = '/{}nodes/{}/view_only_links/?embed=creator'.format(API_BASE, public_project._id)
         payload = {
             'attributes': {
@@ -154,7 +151,7 @@ def test_admin_can_create_vol(self, app, user, public_project):
         assert data['attributes']['anonymous'] == True
         assert data['embeds']['creator']['data']['id'] == user._id
 
-    def test_cannot_create_vol(self, app, read_write_user, read_only_user, non_contributor, url):
+    def test_cannot_create_vol(self, app, write_contrib, read_contrib, non_contrib, url):
 
     #   test_read_write_cannot_create_vol
         payload = {
@@ -163,7 +160,7 @@ def test_cannot_create_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.post_json_api(url, {'data': payload}, auth=read_write_user.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=write_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_read_only_cannot_create_vol
@@ -173,7 +170,7 @@ def test_cannot_create_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.post_json_api(url, {'data': payload}, auth=read_only_user.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=read_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_logged_in_user_cannot_create_vol
@@ -183,7 +180,7 @@ def test_cannot_create_vol(self, app, read_write_user, read_only_user, non_contr
                 'anonymous': True,
             }
         }
-        res = app.post_json_api(url, {'data': payload}, auth=non_contributor.auth, expect_errors=True)
+        res = app.post_json_api(url, {'data': payload}, auth=non_contrib.auth, expect_errors=True)
         assert res.status_code == 403
 
     #   test_unauthenticated_user_cannot_create_vol
diff --git a/api_tests/nodes/views/test_view_only_query_parameter.py b/api_tests/nodes/views/test_view_only_query_parameter.py
index b56c99612b9..d8ede45e4dd 100644
--- a/api_tests/nodes/views/test_view_only_query_parameter.py
+++ b/api_tests/nodes/views/test_view_only_query_parameter.py
@@ -1,44 +1,39 @@
 import pytest
 
-from website.util import permissions
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf.models import AbstractNode as Node
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
     PrivateLinkFactory,
 )
+from website.util import permissions
 
 @pytest.fixture()
-def creation_user():
-    return AuthUserFactory()
-
-@pytest.fixture()
-def viewing_user():
+def admin():
     return AuthUserFactory()
 
 @pytest.fixture()
-def contributing_read_user():
+def read_contrib():
     return AuthUserFactory()
 
 @pytest.fixture()
-def contributing_write_user():
+def write_contrib():
     return AuthUserFactory()
 
 @pytest.fixture()
-def valid_contributors(creation_user, contributing_read_user, contributing_write_user):
+def valid_contributors(admin, read_contrib, write_contrib):
     return [
-        creation_user._id,
-        contributing_read_user._id,
-        contributing_write_user._id,
+        admin._id,
+        read_contrib._id,
+        write_contrib._id,
     ]
 
 @pytest.fixture()
-def private_node_one(creation_user, contributing_read_user, contributing_write_user):
-    private_node_one = ProjectFactory(is_public=False, creator=creation_user, title='Private One')
-    private_node_one.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
-    private_node_one.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+def private_node_one(admin, read_contrib, write_contrib):
+    private_node_one = ProjectFactory(is_public=False, creator=admin, title='Private One')
+    private_node_one.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+    private_node_one.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], save=True)
     return private_node_one
 
 @pytest.fixture()
@@ -60,10 +55,10 @@ def private_node_one_url(private_node_one):
     return '/{}nodes/{}/'.format(API_BASE, private_node_one._id)
 
 @pytest.fixture()
-def private_node_two(creation_user, contributing_read_user, contributing_write_user):
-    private_node_two = ProjectFactory(is_public=False, creator=creation_user, title='Private Two')
-    private_node_two.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
-    private_node_two.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+def private_node_two(admin, read_contrib, write_contrib):
+    private_node_two = ProjectFactory(is_public=False, creator=admin, title='Private Two')
+    private_node_two.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+    private_node_two.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], save=True)
     return private_node_two
 
 @pytest.fixture()
@@ -71,10 +66,10 @@ def private_node_two_url(private_node_two):
     return '/{}nodes/{}/'.format(API_BASE, private_node_two._id)
 
 @pytest.fixture()
-def public_node_one(creation_user, contributing_read_user, contributing_write_user):
-    public_node_one = ProjectFactory(is_public=True, creator=creation_user, title='Public One')
-    public_node_one.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
-    public_node_one.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+def public_node_one(admin, read_contrib, write_contrib):
+    public_node_one = ProjectFactory(is_public=True, creator=admin, title='Public One')
+    public_node_one.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+    public_node_one.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], save=True)
     return public_node_one
 
 @pytest.fixture()
@@ -96,10 +91,10 @@ def public_node_one_url(public_node_one):
     return '/{}nodes/{}/'.format(API_BASE, public_node_one._id)
 
 @pytest.fixture()
-def public_node_two(creation_user, contributing_read_user, contributing_write_user):
-    public_node_two = ProjectFactory(is_public=True, creator=creation_user, title='Public Two')
-    public_node_two.add_contributor(contributing_read_user, permissions=[permissions.READ], save=True)
-    public_node_two.add_contributor(contributing_write_user, permissions=[permissions.WRITE], save=True)
+def public_node_two(admin, read_contrib, write_contrib):
+    public_node_two = ProjectFactory(is_public=True, creator=admin, title='Public Two')
+    public_node_two.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+    public_node_two.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE], save=True)
     return public_node_two
 
 @pytest.fixture()
@@ -107,16 +102,16 @@ def public_node_two_url(public_node_two):
     return '/{}nodes/{}/'.format(API_BASE, public_node_two._id)
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('creation_user', 'viewing_user', 'contributing_read_user', 'contributing_write_user', 'valid_contributors', 
+@pytest.mark.usefixtures('admin', 'read_contrib', 'write_contrib', 'valid_contributors', 
     'private_node_one', 'private_node_one_anonymous_link', 'private_node_one_private_link', 'private_node_one_url',
     'private_node_two', 'private_node_two_url', 'public_node_one', 'public_node_one_anonymous_link',
     'public_node_one_private_link', 'public_node_one_url', 'public_node_two', 'public_node_two_url')
 class TestNodeDetailViewOnlyLinks:
 
-    def test_private_node(self, app, creation_user, contributing_read_user, valid_contributors, private_node_one, private_node_one_url, private_node_one_private_link, private_node_one_anonymous_link, public_node_one_url, public_node_one_private_link, public_node_one_anonymous_link):
+    def test_private_node(self, app, admin, read_contrib, valid_contributors, private_node_one, private_node_one_url, private_node_one_private_link, private_node_one_anonymous_link, public_node_one_url, public_node_one_private_link, public_node_one_anonymous_link):
 
     #   test_private_node_with_link_works_when_using_link
-        res_normal = app.get(private_node_one_url, auth=contributing_read_user.auth)
+        res_normal = app.get(private_node_one_url, auth=read_contrib.auth)
         assert res_normal.status_code == 200
         res_linked = app.get(private_node_one_url, {'view_only': private_node_one_private_link.key})
         assert res_linked.status_code == 200
@@ -159,7 +154,7 @@ def test_private_node(self, app, creation_user, contributing_read_user, valid_co
         res = app.get(private_node_one_url, {
             'view_only': private_node_one_private_link.key,
             'embed': 'contributors',
-        }, auth=creation_user.auth)
+        }, auth=admin.auth)
         assert res.status_code == 200
         contributors = res.json['data']['embeds']['contributors']['data']
         for contributor in contributors:
@@ -245,7 +240,7 @@ def test_private_node(self, app, creation_user, contributing_read_user, valid_co
         assert res.status_code == 401
         res = app.get(private_node_one_url+'logs/', {
             'view_only': 'thisisnotarealprivatekey',
-        }, auth=creation_user.auth)
+        }, auth=admin.auth)
         assert res.status_code == 200
 
     #   test_view_only_key_in_relationships_links
@@ -266,7 +261,7 @@ def test_private_node(self, app, creation_user, contributing_read_user, valid_co
         assert private_node_one_private_link.key in links['html']
 
 @pytest.mark.django_db
-@pytest.mark.usefixtures('creation_user', 'viewing_user', 'contributing_read_user', 'contributing_write_user', 'valid_contributors', 
+@pytest.mark.usefixtures('admin', 'read_contrib', 'write_contrib', 'valid_contributors', 
     'private_node_one', 'private_node_one_anonymous_link', 'private_node_one_private_link', 'private_node_one_url',
     'private_node_two', 'private_node_two_url', 'public_node_one', 'public_node_one_anonymous_link',
     'public_node_one_private_link', 'public_node_one_url', 'public_node_two', 'public_node_two_url')
diff --git a/api_tests/view_only_links/views/test_view_only_link_nodes.py b/api_tests/view_only_links/views/test_view_only_link_nodes.py
index abee5276c33..ca36cd29e5e 100644
--- a/api_tests/view_only_links/views/test_view_only_link_nodes.py
+++ b/api_tests/view_only_links/views/test_view_only_link_nodes.py
@@ -1,34 +1,32 @@
 import pytest
-from nose.tools import *  # flake8: noqa
 
-from website.util import permissions
 from api.base.settings.defaults import API_BASE
-from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
     PrivateLinkFactory,
-    NodeFactory
+    NodeFactory,
 )
+from website.util import permissions
 
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def user():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def read_only_user():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def read_write_user():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def non_contributor():
     return AuthUserFactory()
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def public_project(user, read_only_user, read_write_user):
     public_project = ProjectFactory(is_public=True, creator=user)
     public_project.add_contributor(read_only_user, permissions=[permissions.READ])
@@ -36,7 +34,7 @@ def public_project(user, read_only_user, read_write_user):
     public_project.save()
     return public_project
 
-@pytest.fixture(scope='function')
+@pytest.fixture()
 def view_only_link(public_project):
     view_only_link = PrivateLinkFactory(name='testlink')
     view_only_link.nodes.add(public_project)
diff --git a/tests/utils.py b/tests/utils.py
index 28fb5c87726..8c6387e4bd2 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -1,18 +1,19 @@
 import contextlib
+import datetime
 import functools
 import mock
-import datetime
 
 from django.http import HttpRequest
 from django.utils import timezone
 from nose import SkipTest
 from nose.tools import assert_equal, assert_not_equal
+
 from framework.auth import Auth
 from framework.celery_tasks.handlers import celery_teardown_request
-from website.archiver import ARCHIVER_SUCCESS
-from website.archiver import listeners as archiver_listeners
 from osf.models import Sanction
 from tests.base import get_default_metaschema
+from website.archiver import ARCHIVER_SUCCESS
+from website.archiver import listeners as archiver_listeners
 
 def requires_module(module):
     def decorator(fn):
@@ -43,7 +44,7 @@ def test_update_node(self):
     def outer_wrapper(func):
         @functools.wraps(func)
         def wrapper(self, *args, **kwargs):
-            node =  getattr(self, node_key)
+            node = getattr(self, node_key)
             last_log = node.logs.latest()
             func(self, *args, **kwargs)
             node.reload()
@@ -70,12 +71,12 @@ def wrapper(self, *args, **kwargs):
     return outer_wrapper
 
 @contextlib.contextmanager
-def assert_latest_log(log_action, node_key, index=-1):
-    node =  node_key
+def assert_latest_log(log_action, node_key, index=0):
+    node = node_key
     last_log = node.logs.latest()
     node.reload()
     yield
-    new_log = node.logs.order_by('-date')[-index - 1]
+    new_log = node.logs.order_by('-date')[index]
     assert last_log._id != new_log._id
     assert new_log.action == log_action
 

From d47bf11a0a0606c0f9de48a1663917bbb546f42c Mon Sep 17 00:00:00 2001
From: John Tordoff <john@cos.io>
Date: Thu, 8 Jun 2017 14:10:29 -0400
Subject: [PATCH 068/163] Fix bug in auto populating tags

---
 api/nodes/serializers.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/nodes/serializers.py b/api/nodes/serializers.py
index 3f2d5a9ffcc..e37c47e9071 100644
--- a/api/nodes/serializers.py
+++ b/api/nodes/serializers.py
@@ -443,7 +443,8 @@ def create(self, validated_data):
         except ValidationError as e:
             raise InvalidModelValueError(detail=e.messages[0])
         if len(tag_instances):
-            node.tags.add(*tag_instances)
+            for tag in tag_instances:
+                node.tags.add(tag)
         if is_truthy(request.GET.get('inherit_contributors')) and validated_data['parent'].has_permission(user, 'write'):
             auth = get_user_auth(request)
             parent = validated_data['parent']

From 3c25218bfbc330bf79560f1729b5549bbab5b37a Mon Sep 17 00:00:00 2001
From: John Tordoff <john@cos.io>
Date: Thu, 8 Jun 2017 14:11:13 -0400
Subject: [PATCH 069/163] add test for auto-populating tags

---
 api_tests/nodes/views/test_node_list.py | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/api_tests/nodes/views/test_node_list.py b/api_tests/nodes/views/test_node_list.py
index 4147182dd23..9491808a014 100644
--- a/api_tests/nodes/views/test_node_list.py
+++ b/api_tests/nodes/views/test_node_list.py
@@ -881,6 +881,31 @@ def test_create_component_inherit_contributors(self):
         assert_equal(len(new_component.contributors), 2)
         assert_equal(len(new_component.contributors), len(parent_project.contributors))
 
+    def test_create_component_with_tags(self):
+        parent_project = ProjectFactory(creator=self.user_one)
+        url = '/{}nodes/{}/children/'.format(API_BASE, parent_project._id)
+        component_data = {
+            'data': {
+                'type': 'nodes',
+                'attributes': {
+                    'title': self.title,
+                    'category': self.category,
+                    'tags': ['test tag 1', 'test tag 2']
+                }
+            }
+        }
+        res = self.app.post_json_api(url, component_data, auth=self.user_one.auth)
+        assert_equal(res.status_code, 201)
+        json_data = res.json['data']
+
+        new_component_id = json_data['id']
+        new_component = Node.load(new_component_id)
+
+        assert_equal(len(new_component.tags.all()), 2)
+        tag1, tag2 = new_component.tags.all()
+        assert_equal(tag1.name, 'test tag 1')
+        assert_equal(tag2.name, 'test tag 2')
+
     def test_create_component_inherit_contributors_with_unregistered_contributor(self):
         parent_project = ProjectFactory(creator=self.user_one)
         parent_project.add_unregistered_contributor(

From 53c9445a895509cdd05283c80d4dbe3e0bbedb13 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 8 Jun 2017 14:31:57 -0400
Subject: [PATCH 070/163] fix test_node_embeds error

---
 api_tests/nodes/views/test_node_embeds.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api_tests/nodes/views/test_node_embeds.py b/api_tests/nodes/views/test_node_embeds.py
index 533c7dd4b24..18e4da1450d 100644
--- a/api_tests/nodes/views/test_node_embeds.py
+++ b/api_tests/nodes/views/test_node_embeds.py
@@ -67,8 +67,8 @@ def test_node_embeds(self, app, user, write_contrib_one, write_contribs, subchil
         embeds = res.json['data']['embeds']
         ids = [child_one._id, child_two._id]
         assert len(embeds['children']['data']) == len(ids)
-        children = [child._id for child in res.json['data']['embeds']['children']['data']]
-        assert set(child_one._id, child_two._id) == set(children)
+        children = [child['id'] for child in res.json['data']['embeds']['children']['data']]
+        assert set([child_one._id, child_two._id]) == set(children)
 
     #   test_embed_parent
         url = '/{}nodes/{}/?embed=parent'.format(API_BASE, child_one._id)

From 18d93c9671561705b36ddaa295d4c94a53d0bb3f Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 8 Jun 2017 16:20:23 -0400
Subject: [PATCH 071/163] convert mixin to use pytext fixtures and reorder
 imports

---
 api_tests/nodes/views/test_node_preprints.py  |  70 ++++--
 .../test_preprint_provider_preprints_list.py  |  55 +++--
 api_tests/preprints/filters/test_filters.py   | 232 +++++++++++-------
 .../preprints/views/test_preprint_list.py     |  66 +++--
 .../users/views/test_user_preprints_list.py   |  61 +++--
 5 files changed, 311 insertions(+), 173 deletions(-)

diff --git a/api_tests/nodes/views/test_node_preprints.py b/api_tests/nodes/views/test_node_preprints.py
index e7139ba3dec..1dc0134b851 100644
--- a/api_tests/nodes/views/test_node_preprints.py
+++ b/api_tests/nodes/views/test_node_preprints.py
@@ -1,33 +1,59 @@
-import pytest
-
 from nose.tools import *  # flake8: noqa
+import pytest
 
-from framework.auth.core import Auth
-from tests.base import ApiTestCase
+from addons.osfstorage.models import OsfStorageFile
 from api.base.settings.defaults import API_BASE
+from api_tests import utils as test_utils
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
+from framework.auth.core import Auth
 from osf.models import PreprintService
-from addons.osfstorage.models import OsfStorageFile
-from osf_tests.factories import PreprintFactory, AuthUserFactory, ProjectFactory, SubjectFactory, PreprintProviderFactory
-from api_tests import utils as test_utils
+from osf_tests.factories import (
+    PreprintFactory, 
+    AuthUserFactory, 
+    ProjectFactory, 
+    SubjectFactory, 
+    PreprintProviderFactory
+)
+from tests.base import ApiTestCase
 
 class TestNodePreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.user = AuthUserFactory()
-        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = PreprintProviderFactory(name='Mockarxiv')
-        self.project_one = ProjectFactory(creator=self.user)
-        self.project_two = self.project_one
-        self.project_three = self.project_one
-        self.url = '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, self.project_one._id)
-        super(TestNodePreprintsListFiltering, self).setUp()
-
-    def test_provider_filter_equals_returns_one(self):
-        expected = [self.preprint_two._id]
-        res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
+
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self):
+        return PreprintProviderFactory(name='Mockarxiv')
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, project_one):
+        return project_one
+
+    @pytest.fixture()
+    def project_three(self, project_one):
+        return project_one
+
+    @pytest.fixture()
+    def url(self, project_one):
+        return '/{}nodes/{}/preprints/?version=2.2&'.format(API_BASE, project_one._id)
+
+    def test_provider_filter_equals_returns_one(self, app, user, provider_two, preprint_two, provider_url):
+        expected = [preprint_two._id]
+        res = app.get('{}{}'.format(provider_url, provider_two._id), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
diff --git a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
index 6dbba149e57..cca5e93014e 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_preprints_list.py
@@ -1,12 +1,10 @@
-import pytest
-
 from nose.tools import *  # flake8: noqa
+import pytest
 
 from api.base.settings.defaults import API_BASE
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
 from framework.auth.core import Auth
-from tests.base import ApiTestCase
 from osf_tests.factories import (
     ProjectFactory,
     PreprintFactory,
@@ -14,27 +12,48 @@
     SubjectFactory,
     PreprintProviderFactory
 )
+from tests.base import ApiTestCase
 
 class TestPreprintProviderPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.user = AuthUserFactory()
-        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = self.provider_one
-        self.provider_three = self.provider_one
-        self.project_one = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, self.provider_one._id)
-        super(TestPreprintProviderPreprintsListFiltering, self).setUp()
 
-    def test_provider_filter_equals_returns_multiple(self):
-        expected = set([self.preprint_one._id, self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.provider_url, self.provider_one._id), auth=self.user.auth)
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self, provider_one):
+        return '/{}preprint_providers/{}/preprints/?version=2.2&'.format(API_BASE, provider_one._id)
+
+    def test_provider_filter_equals_returns_multiple(self, app, user, provider_one, preprint_one, preprint_two, preprint_three, provider_url):
+        expected = set([preprint_one._id, preprint_two._id, preprint_three._id])
+        res = app.get('{}{}'.format(provider_url, provider_one._id), auth=user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-
 class TestPreprintProviderPreprintIsPublishedList(PreprintIsPublishedListMixin, ApiTestCase):
 
     def setUp(self):
diff --git a/api_tests/preprints/filters/test_filters.py b/api_tests/preprints/filters/test_filters.py
index 20a699f1ee7..1871be9767d 100644
--- a/api_tests/preprints/filters/test_filters.py
+++ b/api_tests/preprints/filters/test_filters.py
@@ -1,7 +1,6 @@
 import pytest
 
 from framework.auth.core import Auth
-from tests.json_api_test_app import JSONAPITestApp
 from osf_tests.factories import (
     PreprintFactory,
     AuthUserFactory,
@@ -11,150 +10,207 @@
 
 @pytest.mark.django_db
 class PreprintsListFilteringMixin(object):
-    def setUp(self):
-        assert self.user, 'Subclasses of PreprintsListFilteringMixin must define self.user'
-        assert self.provider_one, 'Subclasses of PreprintsListFilteringMixin must define self.provider_one'
-        assert self.provider_two, 'Subclasses of PreprintsListFilteringMixin must define self.provider_two'
-        assert self.provider_three, 'Subclasses of PreprintsListFilteringMixin must define self.provider_three'
-        assert self.project_one, 'Subclasses of PreprintsListFilteringMixin must define self.project_one'
-        assert self.project_two, 'Subclasses of PreprintsListFilteringMixin must define self.project_two'
-        assert self.project_three, 'Subclasses of PreprintsListFilteringMixin must define self.project_three'
-        assert self.url, 'Subclasses of PreprintsListFilteringMixin must define self.url'
-
-        self.app = JSONAPITestApp()
-        self.subject_one = SubjectFactory(text='First Subject')
-        self.subject_two = SubjectFactory(text='Second Subject')
-
-        self.preprint_one = PreprintFactory(creator=self.user, project=self.project_one, provider=self.provider_one, subjects=[[self.subject_one._id]])
-        self.preprint_two = PreprintFactory(creator=self.user, project=self.project_two, filename='tough.txt', provider=self.provider_two, subjects=[[self.subject_two._id]])
-        self.preprint_three = PreprintFactory(creator=self.user, project=self.project_three, filename='darn.txt', provider=self.provider_three, subjects=[[self.subject_one._id], [self.subject_two._id]])
-
-        self.preprint_two.date_created = '2013-12-11 10:09:08.070605+00:00'
-        self.preprint_two.date_published = '2013-12-11 10:09:08.070605+00:00'
-        self.preprint_two.save()
-
-        self.preprint_three.date_created = '2013-12-11 10:09:08.070605+00:00'
-        self.preprint_three.date_published = '2013-12-11 10:09:08.070605+00:00'
-        self.preprint_three.is_published = False
-        self.preprint_three.save()
-
-        self.provider_url = '{}filter[provider]='.format(self.url)
-        self.id_url = '{}filter[id]='.format(self.url)
-        self.date_created_url = '{}filter[date_created]='.format(self.url)
-        self.date_modified_url = '{}filter[date_modified]='.format(self.url)
-        self.date_published_url = '{}filter[date_published]='.format(self.url)
-        self.is_published_url = '{}filter[is_published]='.format(self.url)
-
-        self.is_published_and_modified_url = '{}filter[is_published]=true&filter[date_created]=2013-12-11'.format(self.url)
-
-        self.has_subject = '{}filter[subjects]='.format(self.url)
-
-    def test_provider_filter_null(self):
+
+    @pytest.fixture()
+    def user(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def provider_one(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def provider_two(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def provider_three(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def project_one(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def project_two(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def project_three(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def url(self):
+        raise NotImplementedError
+
+    @pytest.fixture()
+    def subject_one(self):
+        return SubjectFactory(text='First Subject')
+
+    @pytest.fixture()
+    def subject_two(self):
+        return SubjectFactory(text='Second Subject')
+
+    @pytest.fixture()
+    def preprint_one(self, user, project_one, provider_one, subject_one):
+        return PreprintFactory(creator=user, project=project_one, provider=provider_one, subjects=[[subject_one._id]])
+
+    @pytest.fixture()
+    def preprint_two(self, user, project_two, provider_two, subject_two):
+        preprint_two = PreprintFactory(creator=user, project=project_two, filename='howto_reason.txt', provider=provider_two, subjects=[[subject_two._id]])
+        preprint_two.date_created = '2013-12-11 10:09:08.070605+00:00'
+        preprint_two.date_published = '2013-12-11 10:09:08.070605+00:00'
+        preprint_two.save()
+        return preprint_two
+
+    @pytest.fixture()
+    def preprint_three(self, user, project_three, provider_three, subject_one, subject_two):
+        preprint_three = PreprintFactory(creator=user, project=project_three, filename='darn_reason.txt', provider=provider_three, subjects=[[subject_one._id], [subject_two._id]])
+        preprint_three.date_created = '2013-12-11 10:09:08.070605+00:00'
+        preprint_three.date_published = '2013-12-11 10:09:08.070605+00:00'
+        preprint_three.is_published = False
+        preprint_three.save()
+        return preprint_three
+
+
+    @pytest.fixture()
+    def provider_url(self, url):
+        return '{}filter[provider]='.format(url)
+
+    @pytest.fixture()
+    def id_url(self, url):
+        return '{}filter[id]='.format(url)
+
+    @pytest.fixture()
+    def date_created_url(self, url):
+        return '{}filter[date_created]='.format(url)
+
+    @pytest.fixture()
+    def date_modified_url(self, url):
+        return '{}filter[date_modified]='.format(url)
+
+    @pytest.fixture()
+    def date_published_url(self, url):
+        return '{}filter[date_published]='.format(url)
+
+    @pytest.fixture()
+    def is_published_url(self, url):
+        return '{}filter[is_published]='.format(url)
+
+    @pytest.fixture()
+    def is_published_and_modified_url(self, url):
+        return '{}filter[is_published]=true&filter[date_created]=2013-12-11'.format(url)
+
+    @pytest.fixture()
+    def has_subject(self, url):
+        return '{}filter[subjects]='.format(url)
+
+    def test_provider_filter_null(self, app, user, provider_url):
         expected = []
-        res = self.app.get('{}null'.format(self.provider_url), auth=self.user.auth)
+        res = app.get('{}null'.format(provider_url), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_id_filter_null(self):
+    def test_id_filter_null(self, app, user, id_url):
         expected = []
-        res = self.app.get('{}null'.format(self.id_url), auth=self.user.auth)
+        res = app.get('{}null'.format(id_url), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_id_filter_equals_returns_one(self):
-        expected = [self.preprint_two._id]
-        res = self.app.get('{}{}'.format(self.id_url, self.preprint_two._id), auth=self.user.auth)
+    def test_id_filter_equals_returns_one(self, app, user, preprint_two, id_url):
+        expected = [preprint_two._id]
+        res = app.get('{}{}'.format(id_url, preprint_two._id), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_date_created_filter_equals_returns_none(self):
+    def test_date_created_filter_equals_returns_none(self, app, user, date_created_url):
         expected = []
-        res = self.app.get('{}{}'.format(self.date_created_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
+        res = app.get('{}{}'.format(date_created_url, '2015-11-15 10:09:08.070605+00:00'), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_date_created_filter_equals_returns_one(self):
-        expected = [self.preprint_one._id]
-        res = self.app.get('{}{}'.format(self.date_created_url, self.preprint_one.date_created), auth=self.user.auth)
+    def test_date_created_filter_equals_returns_one(self, app, user, preprint_one, date_created_url):
+        expected = [preprint_one._id]
+        res = app.get('{}{}'.format(date_created_url, preprint_one.date_created), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_date_created_filter_equals_returns_multiple(self):
-        expected = set([self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.date_created_url, self.preprint_two.date_created), auth=self.user.auth)
+    def test_date_created_filter_equals_returns_multiple(self, app, user, preprint_two, preprint_three, date_created_url):
+        expected = set([preprint_two._id, preprint_three._id])
+        res = app.get('{}{}'.format(date_created_url, preprint_two.date_created), auth=user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_date_modified_filter_equals_returns_none(self):
+    def test_date_modified_filter_equals_returns_none(self, app, user, date_modified_url):
         expected = []
-        res = self.app.get('{}{}'.format(self.date_modified_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
+        res = app.get('{}{}'.format(date_modified_url, '2015-11-15 10:09:08.070605+00:00'), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
     # This test was causing problems because modifying anything caused set modified dates to update to current date
     # This test could hypothetically fail if the time between fixture creations splits a day (e.g., midnight)
-    def test_date_modified_filter_equals_returns_multiple(self):
-        expected = set([self.preprint_one._id, self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.date_modified_url, self.preprint_one.date_modified), auth=self.user.auth)
+    def test_date_modified_filter_equals_returns_multiple(self, app, user, preprint_one, preprint_two, preprint_three, date_modified_url):
+        expected = set([preprint_one._id, preprint_two._id, preprint_three._id])
+        res = app.get('{}{}'.format(date_modified_url, preprint_one.date_modified), auth=user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_date_published_filter_equals_returns_none(self):
+    def test_date_published_filter_equals_returns_none(self, app, user, date_published_url):
         expected = []
-        res = self.app.get('{}{}'.format(self.date_published_url, '2015-11-15 10:09:08.070605+00:00'), auth=self.user.auth)
+        res = app.get('{}{}'.format(date_published_url, '2015-11-15 10:09:08.070605+00:00'), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_date_published_filter_equals_returns_one(self):
-        expected = [self.preprint_one._id]
-        res = self.app.get('{}{}'.format(self.date_published_url, self.preprint_one.date_published), auth=self.user.auth)
+    def test_date_published_filter_equals_returns_one(self, app, user, preprint_one, date_published_url):
+        expected = [preprint_one._id]
+        res = app.get('{}{}'.format(date_published_url, preprint_one.date_published), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_date_published_filter_equals_returns_multiple(self):
-        expected = set([self.preprint_two._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.date_published_url, self.preprint_two.date_published), auth=self.user.auth)
+    def test_date_published_filter_equals_returns_multiple(self, app, user, preprint_two, preprint_three, date_published_url):
+        expected = set([preprint_two._id, preprint_three._id])
+        res = app.get('{}{}'.format(date_published_url, preprint_two.date_published), auth=user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_is_published_false_filter_equals_returns_one(self):
-        expected = [self.preprint_three._id]
-        res = self.app.get('{}{}'.format(self.is_published_url, 'false'), auth=self.user.auth)
+    def test_is_published_false_filter_equals_returns_one(self, app, user, preprint_three, is_published_url):
+        expected = [preprint_three._id]
+        res = app.get('{}{}'.format(is_published_url, 'false'), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-    def test_is_published_true_filter_equals_returns_multiple(self):
-        expected = set([self.preprint_one._id, self.preprint_two._id])
-        res = self.app.get('{}{}'.format(self.is_published_url, 'true'), auth=self.user.auth)
+    def test_is_published_true_filter_equals_returns_multiple(self, app, user, preprint_one, preprint_two, is_published_url):
+        expected = set([preprint_one._id, preprint_two._id])
+        res = app.get('{}{}'.format(is_published_url, 'true'), auth=user.auth)
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_multiple_filters_returns_one(self):
-        expected = set([self.preprint_two._id])
-        res = self.app.get(self.is_published_and_modified_url,
-            auth=self.user.auth
+    def test_multiple_filters_returns_one(self, app, user, preprint_two, is_published_and_modified_url):
+        expected = set([preprint_two._id])
+        res = app.get(is_published_and_modified_url,
+            auth=user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_subject_filter_using_id(self):
-        expected = set([self.preprint_one._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.has_subject, self.subject_one._id),
-            auth=self.user.auth
+    def test_subject_filter_using_id(self, app, user, subject_one, preprint_one, preprint_three, has_subject):
+        expected = set([preprint_one._id, preprint_three._id])
+        res = app.get('{}{}'.format(has_subject, subject_one._id),
+            auth=user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_subject_filter_using_text(self):
-        expected = set([self.preprint_one._id, self.preprint_three._id])
-        res = self.app.get('{}{}'.format(self.has_subject, self.subject_one.text),
-            auth=self.user.auth
+    def test_subject_filter_using_text(self, app, user, subject_one, preprint_one, preprint_three, has_subject):
+        expected = set([preprint_one._id, preprint_three._id])
+        res = app.get('{}{}'.format(has_subject, subject_one.text),
+            auth=user.auth
         )
         actual = set([preprint['id'] for preprint in res.json['data']])
         assert expected == actual
 
-    def test_unknows_subject_filter(self):
-        res = self.app.get('{}notActuallyASubjectIdOrTestMostLikely'.format(self.has_subject),
-            auth=self.user.auth
+    def test_unknows_subject_filter(self, app, user, has_subject):
+        res = app.get('{}notActuallyASubjectIdOrTestMostLikely'.format(has_subject),
+            auth=user.auth
         )
         assert len(res.json['data']) == 0
diff --git a/api_tests/preprints/views/test_preprint_list.py b/api_tests/preprints/views/test_preprint_list.py
index 2f6cf48178b..a30826bf428 100644
--- a/api_tests/preprints/views/test_preprint_list.py
+++ b/api_tests/preprints/views/test_preprint_list.py
@@ -1,18 +1,14 @@
-import pytest
 import mock
-
 from nose.tools import *  # flake8: noqa
+import pytest
 
 from addons.github.models import GithubFile
-from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
+from api_tests import utils as test_utils
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
-from website.util import permissions
+from framework.auth.core import Auth
 from osf.models import PreprintService, Node
-from website.project import signals as project_signals
-from tests.base import ApiTestCase, capture_signals
-from api_tests import utils as test_utils
 from osf_tests.factories import (
     ProjectFactory,
     PreprintFactory,
@@ -20,6 +16,9 @@
     SubjectFactory,
     PreprintProviderFactory
 )
+from tests.base import ApiTestCase, capture_signals
+from website.project import signals as project_signals
+from website.util import permissions
 
 def build_preprint_create_payload(node_id=None, provider_id=None, file_id=None, attrs={}):
     payload = {
@@ -77,27 +76,46 @@ def test_exclude_nodes_from_preprints_endpoint(self):
         assert_not_in(self.project._id, ids)
 
 class TestPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.mock_change_identifier = mock.patch('website.identifiers.client.EzidClient.change_status_identifier')
-        self.mock_change_identifier.start()
-        self.user = AuthUserFactory()
-        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = self.provider_one
-        self.project_one = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}preprints/?version=2.2&'.format(API_BASE)
-        super(TestPreprintsListFiltering, self).setUp()
 
-    def test_provider_filter_equals_returns_one(self):
-        expected = [self.preprint_two._id]
-        res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self):
+        return '/{}preprints/?version=2.2&'.format(API_BASE)
+
+    @mock.patch('website.identifiers.client.EzidClient.change_status_identifier')
+    def test_provider_filter_equals_returns_one(self, mock_change_identifier, app, user, provider_two, preprint_two, provider_url):
+        expected = [preprint_two._id]
+        res = app.get('{}{}'.format(provider_url, provider_two._id), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-
 class TestPreprintCreate(ApiTestCase):
     def setUp(self):
         super(TestPreprintCreate, self).setUp()
diff --git a/api_tests/users/views/test_user_preprints_list.py b/api_tests/users/views/test_user_preprints_list.py
index 850897618dd..3c9ca3bb863 100644
--- a/api_tests/users/views/test_user_preprints_list.py
+++ b/api_tests/users/views/test_user_preprints_list.py
@@ -1,13 +1,10 @@
-import pytest
-
 from nose.tools import *  # flake8: noqa
+import pytest
 
-from tests.base import ApiTestCase
-from osf.models import PreprintService, Node
-from website.util import permissions
 from api.base.settings.defaults import API_BASE
 from api_tests.preprints.filters.test_filters import PreprintsListFilteringMixin
 from api_tests.preprints.views.test_preprint_list_mixin import PreprintIsPublishedListMixin, PreprintIsValidListMixin
+from osf.models import PreprintService, Node
 from osf_tests.factories import (
     ProjectFactory,
     PreprintFactory,
@@ -15,6 +12,8 @@
     SubjectFactory,
     PreprintProviderFactory
 )
+from tests.base import ApiTestCase
+from website.util import permissions
 
 class TestUserPreprints(ApiTestCase):
 
@@ -72,25 +71,45 @@ def test_get_projects_logged_in_as_different_user(self):
         assert_not_in(self.private_project._id, ids)
 
 class TestUserPreprintsListFiltering(PreprintsListFilteringMixin):
-    @pytest.fixture(autouse=True)
-    def setUp(self):
-        self.user = AuthUserFactory()
-        self.provider_one = PreprintProviderFactory(name='Sockarxiv')
-        self.provider_two = PreprintProviderFactory(name='Piratearxiv')
-        self.provider_three = self.provider_one
-        self.project_one = ProjectFactory(creator=self.user)
-        self.project_two = ProjectFactory(creator=self.user)
-        self.project_three = ProjectFactory(creator=self.user)
-        self.url = '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, self.user._id)
-        super(TestUserPreprintsListFiltering, self).setUp()
-
-    def test_provider_filter_equals_returns_one(self):
-        expected = [self.preprint_two._id]
-        res = self.app.get('{}{}'.format(self.provider_url, self.provider_two._id), auth=self.user.auth)
+
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def provider_one(self):
+        return PreprintProviderFactory(name='Sockarxiv')
+
+    @pytest.fixture()
+    def provider_two(self):
+        return PreprintProviderFactory(name='Piratearxiv')
+
+    @pytest.fixture()
+    def provider_three(self, provider_one):
+        return provider_one
+
+    @pytest.fixture()
+    def project_one(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_two(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def project_three(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def url(self, user):
+        return '/{}users/{}/preprints/?version=2.2&'.format(API_BASE, user._id)
+
+    def test_provider_filter_equals_returns_one(self, app, user, provider_two, preprint_two, provider_url):
+        expected = [preprint_two._id]
+        res = app.get('{}{}'.format(provider_url, provider_two._id), auth=user.auth)
         actual = [preprint['id'] for preprint in res.json['data']]
         assert expected == actual
 
-
 class TestUserPreprintIsPublishedList(PreprintIsPublishedListMixin, ApiTestCase):
     def setUp(self):
         self.admin = AuthUserFactory()

From fbdc81f5d27276e77d06793caa9e3bbb51fb169a Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Fri, 9 Jun 2017 15:16:58 -0400
Subject: [PATCH 072/163] Special case checkout banner for preregistration
 checkouts

---
 addons/base/views.py                     | 13 ++++++-
 website/static/js/filepage/index.js      | 44 +++++++++---------------
 website/templates/project/view_file.mako |  2 ++
 3 files changed, 30 insertions(+), 29 deletions(-)

diff --git a/addons/base/views.py b/addons/base/views.py
index 761a76f0c86..94f3a76fbf0 100644
--- a/addons/base/views.py
+++ b/addons/base/views.py
@@ -748,12 +748,23 @@ def addon_view_file(auth, node, file_node, version):
         'file_tags': list(file_node.tags.filter(system=False).values_list('name', flat=True)) if not file_node._state.adding else [],  # Only access ManyRelatedManager if saved
         'file_guid': file_node.get_guid()._id,
         'file_id': file_node._id,
-        'allow_comments': file_node.provider in settings.ADDONS_COMMENTABLE
+        'allow_comments': file_node.provider in settings.ADDONS_COMMENTABLE,
+        'checkout_user': file_node.checkout._id if file_node.checkout else None,
+        'pre_reg_checkout': is_pre_reg_checkout(node, file_node),
     })
 
     ret.update(rubeus.collect_addon_assets(node))
     return ret
 
+def is_pre_reg_checkout(node, file_node):
+    checkout_user = file_node.checkout
+    if not checkout_user:
+        return False
+    if checkout_user in node.contributors:
+        return False
+    if checkout_user.has_perm('osf.prereg_view'):
+        return node.draft_registrations_active.filter(registration_schema__name='Prereg Challenge').exists()
+    return False
 
 def get_archived_from_url(node, file_node):
     if file_node.copied_from:
diff --git a/website/static/js/filepage/index.js b/website/static/js/filepage/index.js
index eb683aa9be9..cc0a4b0bae0 100644
--- a/website/static/js/filepage/index.js
+++ b/website/static/js/filepage/index.js
@@ -114,42 +114,29 @@ var FileViewPage = {
         self.file = self.context.file;
         self.node = self.context.node;
         self.editorMeta = self.context.editor;
-        self.file.checkoutUser = null;
         self.requestDone = false;
         self.isLatestVersion = false;
 
         self.selectLatest = function() {
             self.isLatestVersion = true;
         };
-
-        self.isCheckoutUser = function() {
-            $.ajax({
-                headers: {
-                    'Accept': 'application/json',
-                    'Content-Type': 'application/vnd.api+json'
-                },
-                method: 'get',
-                url: window.contextVars.apiV2Prefix + 'files' + self.file.path + '/',
-                beforeSend: $osf.setXHRAuthorization
-            }).done(function(resp) {
-                self.requestDone = true;
-                self.file.checkoutUser = resp.data.relationships.checkout ? ((resp.data.relationships.checkout.links.related.href).split('users/')[1]).replace('/', ''): null;
-                if ((self.file.checkoutUser) && (self.file.checkoutUser !== self.context.currentUser.id)) {
-                    m.render(document.getElementById('alertBar'), m('.alert.alert-warning[role="alert"]', m('span', [
-                        m('strong', 'File is checked out.'),
-                        ' This file has been checked out by a ',
-                        m('a[href="/' + self.file.checkoutUser + '"]', 'collaborator'),
-                        '. It needs to be checked in before any changes can be made.'
-                    ])));
-                }
-                self.enableEditing();
-            });
-        };
-        if (self.file.provider === 'osfstorage'){
+        if (self.file.provider === 'osfstorage') {
             self.canEdit = function() {
-                return (self.requestDone && ((!self.file.checkoutUser) || (self.file.checkoutUser === self.context.currentUser.id))) ? self.context.currentUser.canEdit : false;
+                return ((!self.file.checkoutUser) || (self.file.checkoutUser === self.context.currentUser.id)) ? self.context.currentUser.canEdit : false;
             };
-            self.isCheckoutUser();
+            if (self.file.isPreregCheckout){
+                m.render(document.getElementById('alertBar'), m('.alert.alert-warning[role="alert"]', m('span', [
+                    m('strong', 'File is checked out.'),
+                    ' This file has been checked out by a COS Preregistration Challenge Reviewer. It needs to be checked in before any changes can be made.',
+                ])));
+            } else if ((self.file.checkoutUser) && (self.file.checkoutUser !== self.context.currentUser.id)) {
+                m.render(document.getElementById('alertBar'), m('.alert.alert-warning[role="alert"]', m('span', [
+                    m('strong', 'File is checked out.'),
+                    ' This file has been checked out by a ',
+                    m('a[href="/' + self.file.checkoutUser + '"]', 'collaborator'),
+                    '. It needs to be checked in before any changes can be made.'
+                ])));
+            }
         } else {
             self.requestDone = true;
             self.canEdit = function() {
@@ -378,6 +365,7 @@ var FileViewPage = {
             }
             m.redraw(true);
         };
+        self.enableEditing();
 
         //Hack to polyfill the Panel interface
         //Ran into problems with mithrils caching messing up with multiple "Panels"
diff --git a/website/templates/project/view_file.mako b/website/templates/project/view_file.mako
index 8149c42efe2..bba0e5fbe54 100644
--- a/website/templates/project/view_file.mako
+++ b/website/templates/project/view_file.mako
@@ -203,6 +203,8 @@
             file_tags: ${file_tags if file_tags else False| sjson, n},
             guid: ${file_guid | sjson, n},
             id: ${file_id | sjson, n},
+            checkoutUser: ${checkout_user | sjson, n},
+            isPreregCheckout: ${pre_reg_checkout | sjson, n},
           urls: {
         %if error is None:
               render: ${ urls['render'] | sjson, n },

From b834b6431ae678928dd867762aec35025e6d4bab Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 9 Jun 2017 16:34:48 -0400
Subject: [PATCH 073/163] Show error msg on signup unchecked recaptcha

---
 website/static/js/passwordForms.js | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/website/static/js/passwordForms.js b/website/static/js/passwordForms.js
index 934d5db27db..6a1b2d29875 100644
--- a/website/static/js/passwordForms.js
+++ b/website/static/js/passwordForms.js
@@ -295,11 +295,10 @@ var SignUpViewModel = oop.extend(BaseViewModel, {
         if ($('.g-recaptcha').length !== 0) {
             var captchaResponse = $('#g-recaptcha-response').val();
             if (captchaResponse.length === 0) {
-                $osf.growl('Error','Please complete reCAPTCHA.');
-                // self.changeMessage(
-                //     'Please complete reCAPTCHA',
-                //     'text-danger p-xs'
-                // );
+                self.changeMessage(
+                    'Please complete reCAPTCHA',
+                    'text-danger p-xs'
+                );
                 return false;
             }
             $.extend(payload, {'g-recaptcha-response': captchaResponse});

From 8459ea91691e327f635ea2ab90e7a5a0e2c8b8e4 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 12 Jun 2017 13:06:05 -0400
Subject: [PATCH 074/163] pytest conversion of test_node_wiki_list.py

---
 api_tests/nodes/views/test_node_wiki_list.py | 391 ++++++++++---------
 1 file changed, 215 insertions(+), 176 deletions(-)

diff --git a/api_tests/nodes/views/test_node_wiki_list.py b/api_tests/nodes/views/test_node_wiki_list.py
index fe8c865134a..8ad6c785b80 100644
--- a/api_tests/nodes/views/test_node_wiki_list.py
+++ b/api_tests/nodes/views/test_node_wiki_list.py
@@ -1,205 +1,244 @@
-# -*- coding: utf-8 -*-
 import mock
-from nose.tools import *  # flake8: noqa
+import pytest
 
-from api.base.settings.defaults import API_BASE
-
-from tests.base import ApiWikiTestCase, ApiTestCase
-from osf_tests.factories import AuthUserFactory, ProjectFactory, RegistrationFactory
 from addons.wiki.tests.factories import NodeWikiFactory
-
-
-class TestNodeWikiList(ApiWikiTestCase):
-
-    def _set_up_public_project_with_wiki_page(self):
-        self.public_project = ProjectFactory(is_public=True, creator=self.user)
-        self.public_wiki = self._add_project_wiki_page(self.public_project, self.user)
-        self.public_url = '/{}nodes/{}/wikis/'.format(API_BASE, self.public_project._id)
-
-    def _set_up_private_project_with_wiki_page(self):
-        self.private_project = ProjectFactory(creator=self.user)
-        self.private_wiki = self._add_project_wiki_page(self.private_project, self.user)
-        self.private_url = '/{}nodes/{}/wikis/'.format(API_BASE, self.private_project._id)
-
-    def _set_up_public_registration_with_wiki_page(self):
-        self._set_up_public_project_with_wiki_page()
-        self.public_registration = RegistrationFactory(project=self.public_project, user=self.user, is_public=True)
-        self.public_registration_wiki_id = self.public_registration.wiki_pages_versions['home'][0]
-        self.public_registration.wiki_pages_current = {'home': self.public_registration_wiki_id}
-        self.public_registration.save()
-        self.public_registration_url = '/{}registrations/{}/wikis/'.format(API_BASE, self.public_registration._id)
-
-    def _set_up_registration_with_wiki_page(self):
-        self._set_up_private_project_with_wiki_page()
-        self.registration = RegistrationFactory(project=self.private_project, user=self.user)
-        self.registration_wiki_id = self.registration.wiki_pages_versions['home'][0]
-        self.registration.wiki_pages_current = {'home': self.registration_wiki_id}
-        self.registration.save()
-        self.registration_url = '/{}registrations/{}/wikis/'.format(API_BASE, self.registration._id)
-
-    def test_return_public_node_wikis_logged_out_user(self):
-        self._set_up_public_project_with_wiki_page()
-        res = self.app.get(self.public_url)
-        assert_equal(res.status_code, 200)
+from api.base.settings.defaults import API_BASE
+from osf_tests.factories import (
+    AuthUserFactory, 
+    ProjectFactory, 
+    RegistrationFactory,
+)
+from rest_framework import exceptions
+
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
+@pytest.mark.django_db
+class TestNodeWikiList:
+
+    @pytest.fixture()
+    def add_project_wiki_page(self):
+        def add_page(node, user):
+            with mock.patch('osf.models.AbstractNode.update_search'):
+                return NodeWikiFactory(node=node, user=user)
+        return add_page
+
+    @pytest.fixture()
+    def non_contrib(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_wiki(self, add_project_wiki_page, user, public_project):
+        return add_project_wiki_page(public_project, user)
+
+    @pytest.fixture()
+    def public_url(self, public_project, public_wiki):
+        return '/{}nodes/{}/wikis/'.format(API_BASE, public_project._id)
+
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def private_wiki(self, add_project_wiki_page, user, private_project):
+        return add_project_wiki_page(private_project, user)
+
+    @pytest.fixture()
+    def private_url(self, private_project, private_wiki):
+        return '/{}nodes/{}/wikis/'.format(API_BASE, private_project._id)
+
+    @pytest.fixture()
+    def public_registration(self, user, public_project, public_wiki):
+        public_registration = RegistrationFactory(project=public_project, user=user, is_public=True)
+        wiki_id = public_registration.wiki_pages_versions['home'][0]
+        public_registration.wiki_pages_current = {'home': wiki_id}
+        public_registration.save()
+        return public_registration
+
+    @pytest.fixture()
+    def public_registration_url(self, public_registration):
+        return '/{}registrations/{}/wikis/'.format(API_BASE, public_registration._id)
+
+    @pytest.fixture()
+    def private_registration(self, user, private_project, private_wiki):
+        private_registration = RegistrationFactory(project=private_project, user=user)
+        wiki_id = private_registration.wiki_pages_versions['home'][0]
+        private_registration.wiki_pages_current = {'home': wiki_id}
+        private_registration.save()
+        return private_registration
+
+    @pytest.fixture()
+    def private_registration_url(self, private_registration):
+        return '/{}registrations/{}/wikis/'.format(API_BASE, private_registration._id)
+
+    def test_return_wikis(self, app, user, non_contrib, private_registration, public_wiki, private_wiki, public_url, private_url, private_registration_url):
+
+    #   test_return_public_node_wikis_logged_out_user
+        res = app.get(public_url)
+        assert res.status_code == 200
         wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.public_wiki._id, wiki_ids)
+        assert public_wiki._id in wiki_ids
 
-    def test_return_public_node_wikis_logged_in_non_contributor(self):
-        self._set_up_public_project_with_wiki_page()
-        res = self.app.get(self.public_url, auth=self.non_contributor.auth)
-        assert_equal(res.status_code, 200)
+    #   test_return_public_node_wikis_logged_in_non_contributor
+        res = app.get(public_url, auth=non_contrib.auth)
+        assert res.status_code == 200
         wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.public_wiki._id, wiki_ids)
+        assert public_wiki._id in wiki_ids
 
-    def test_return_public_node_wikis_logged_in_contributor(self):
-        self._set_up_public_project_with_wiki_page()
-        res = self.app.get(self.public_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+    #   test_return_public_node_wikis_logged_in_contributor
+        res = app.get(public_url, auth=user.auth)
+        assert res.status_code == 200
         wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.public_wiki._id, wiki_ids)
-
-    def test_return_private_node_wikis_logged_out_user(self):
-        self._set_up_private_project_with_wiki_page()
-        res = self.app.get(self.private_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
-
-    def test_return_private_node_wikis_logged_in_non_contributor(self):
-        self._set_up_private_project_with_wiki_page()
-        res = self.app.get(self.private_url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-    def test_return_private_node_wikis_logged_in_contributor(self):
-        self._set_up_private_project_with_wiki_page()
-        res = self.app.get(self.private_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        assert public_wiki._id in wiki_ids
+
+    #   test_return_private_node_wikis_logged_out_user
+        res = app.get(private_url, expect_errors=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
+
+    #   test_return_private_node_wikis_logged_in_non_contributor
+        res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+    #   test_return_private_node_wikis_logged_in_contributor
+        res = app.get(private_url, auth=user.auth)
+        assert res.status_code == 200
         wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.private_wiki._id, wiki_ids)
-
-    def test_return_registration_wikis_logged_out_user(self):
-        self._set_up_registration_with_wiki_page()
-        res = self.app.get(self.registration_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
-
-    def test_return_registration_wikis_logged_in_non_contributor(self):
-        self._set_up_registration_with_wiki_page()
-        res = self.app.get(self.registration_url, auth=self.non_contributor.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-    def test_return_registration_wikis_logged_in_contributor(self):
-        self._set_up_registration_with_wiki_page()
-        res = self.app.get(self.registration_url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
+        assert private_wiki._id in wiki_ids
+
+    #   test_return_registration_wikis_logged_out_user
+        res = app.get(private_registration_url, expect_errors=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
+
+    #   test_return_registration_wikis_logged_in_non_contributor
+        res = app.get(private_registration_url, auth=non_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+    #   test_return_registration_wikis_logged_in_contributor
+        res = app.get(private_registration_url, auth=user.auth)
+        assert res.status_code == 200
         wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.registration_wiki_id, wiki_ids)
+        assert private_registration.wiki_pages_versions['home'][0] in wiki_ids
 
-    def test_wikis_not_returned_for_withdrawn_registration(self):
-        self._set_up_registration_with_wiki_page()
-        self.registration.is_public = True
-        withdrawal = self.registration.retract_registration(user=self.user, save=True)
+    def test_wikis_not_returned_for_withdrawn_registration(self, app, user, private_registration, private_registration_url):
+        private_registration.is_public = True
+        withdrawal = private_registration.retract_registration(user=user, save=True)
         token = withdrawal.approval_state.values()[0]['approval_token']
         # TODO: Remove mocking when StoredFileNode is implemented
         with mock.patch('osf.models.AbstractNode.update_search'):
-            withdrawal.approve_retraction(self.user, token)
+            withdrawal.approve_retraction(user, token)
             withdrawal.save()
-        res = self.app.get(self.registration_url, auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-    def test_public_node_wikis_relationship_links(self):
-        self._set_up_public_project_with_wiki_page()
-        res = self.app.get(self.public_url)
-        expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, self.public_project._id)
-        assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
-        assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
-
-    def test_private_node_wikis_relationship_links(self):
-        self._set_up_private_project_with_wiki_page()
-        res = self.app.get(self.private_url, auth=self.user.auth)
-        expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, self.private_project._id)
-        assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
-        assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
-
-    def test_public_registration_wikis_relationship_links(self):
-        self._set_up_public_registration_with_wiki_page()
-        res = self.app.get(self.public_registration_url)
-        expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, self.public_registration._id)
-        expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, self.public_registration._id)
-        assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
-        assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
-
-    def test_private_registration_wikis_relationship_links(self):
-        self._set_up_registration_with_wiki_page()
-        res = self.app.get(self.registration_url, auth=self.user.auth)
-        expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, self.registration._id)
-        expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, self.registration._id)
-        assert_in(expected_nodes_relationship_url, res.json['data'][0]['relationships']['node']['links']['related']['href'])
-        assert_in(expected_comments_relationship_url, res.json['data'][0]['relationships']['comments']['links']['related']['href'])
-
-    def test_registration_wikis_not_returned_from_nodes_endpoint(self):
-        self._set_up_public_project_with_wiki_page()
-        self._set_up_public_registration_with_wiki_page()
-        res = self.app.get(self.public_url)
+        res = app.get(private_registration_url, auth=user.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+    def test_relationship_links(self, app, user, public_project, private_project, public_registration, private_registration, public_url, private_url, public_registration_url, private_registration_url):
+
+    #   test_public_node_wikis_relationship_links
+        res = app.get(public_url)
+        expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, public_project._id)
+        expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, public_project._id)
+        assert expected_nodes_relationship_url in res.json['data'][0]['relationships']['node']['links']['related']['href']
+        assert expected_comments_relationship_url in res.json['data'][0]['relationships']['comments']['links']['related']['href']
+
+    #   test_private_node_wikis_relationship_links
+        res = app.get(private_url, auth=user.auth)
+        expected_nodes_relationship_url = '{}nodes/{}/'.format(API_BASE, private_project._id)
+        expected_comments_relationship_url = '{}nodes/{}/comments/'.format(API_BASE, private_project._id)
+        assert expected_nodes_relationship_url in res.json['data'][0]['relationships']['node']['links']['related']['href']
+        assert expected_comments_relationship_url in res.json['data'][0]['relationships']['comments']['links']['related']['href']
+
+    #   test_public_registration_wikis_relationship_links
+        res = app.get(public_registration_url)
+        expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, public_registration._id)
+        expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, public_registration._id)
+        assert expected_nodes_relationship_url in res.json['data'][0]['relationships']['node']['links']['related']['href']
+        assert expected_comments_relationship_url in res.json['data'][0]['relationships']['comments']['links']['related']['href']
+
+    #   test_private_registration_wikis_relationship_links
+        res = app.get(private_registration_url, auth=user.auth)
+        expected_nodes_relationship_url = '{}registrations/{}/'.format(API_BASE, private_registration._id)
+        expected_comments_relationship_url = '{}registrations/{}/comments/'.format(API_BASE, private_registration._id)
+        assert expected_nodes_relationship_url in res.json['data'][0]['relationships']['node']['links']['related']['href']
+        assert expected_comments_relationship_url in res.json['data'][0]['relationships']['comments']['links']['related']['href']
+
+    def test_not_returned(self, app, public_project, public_registration, public_url, public_registration_url):
+
+    #   test_registration_wikis_not_returned_from_nodes_endpoint
+        res = app.get(public_url)
         node_relationships = [
             node_wiki['relationships']['node']['links']['related']['href']
             for node_wiki in res.json['data']
         ]
-        assert_equal(res.status_code, 200)
-        assert_equal(len(node_relationships), 1)
-        assert_in(self.public_project._id, node_relationships[0])
-
-    def test_node_wikis_not_returned_from_registrations_endpoint(self):
-        self._set_up_public_project_with_wiki_page()
-        self._set_up_public_registration_with_wiki_page()
-        res = self.app.get(self.public_registration_url)
+        assert res.status_code == 200
+        assert len(node_relationships) == 1
+        assert public_project._id in node_relationships[0]
+
+    #   test_node_wikis_not_returned_from_registrations_endpoint
+        res = app.get(public_registration_url)
         node_relationships = [
             node_wiki['relationships']['node']['links']['related']['href']
             for node_wiki in res.json['data']
             ]
-        assert_equal(res.status_code, 200)
-        assert_equal(len(node_relationships), 1)
-        assert_in(self.public_registration._id, node_relationships[0])
+        assert res.status_code == 200
+        assert len(node_relationships) == 1
+        assert public_registration._id in node_relationships[0]
+
+
+@pytest.mark.django_db
+class TestFilterNodeWikiList:
 
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(creator=user)
 
-class TestFilterNodeWikiList(ApiTestCase):
+    @pytest.fixture()
+    def base_url(self, private_project):
+        return '/{}nodes/{}/wikis/'.format(API_BASE, private_project._id)
 
-    def setUp(self):
-        super(TestFilterNodeWikiList, self).setUp()
-        self.user = AuthUserFactory()
-        self.project = ProjectFactory(creator=self.user)
-        self.base_url = '/{}nodes/{}/wikis/'.format(API_BASE, self.project._id)
+    @pytest.fixture()
+    def wiki(self, user, private_project):
         # TODO: Remove mocking when StoredFileNode is implemented
         with mock.patch('osf.models.AbstractNode.update_search'):
-            self.wiki = NodeWikiFactory(node=self.project, user=self.user)
-        self.date = self.wiki.date.strftime('%Y-%m-%dT%H:%M:%S.%f')
+            return NodeWikiFactory(node=private_project, user=user)
 
-    def test_node_wikis_with_no_filter_returns_all(self):
-        res = self.app.get(self.base_url, auth=self.user.auth)
-        wiki_ids = [wiki['id'] for wiki in res.json['data']]
-        assert_in(self.wiki._id, wiki_ids)
-
-    def test_filter_wikis_by_page_name(self):
-        url = self.base_url + '?filter[name]=home'
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(len(res.json['data']), 1)
-        assert_equal(res.json['data'][0]['attributes']['name'], 'home')
-
-    def test_filter_wikis_modified_on_date(self):
-        url = self.base_url + '?filter[date_modified][eq]={}'.format(self.date)
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(len(res.json['data']), 1)
-
-    def test_filter_wikis_modified_before_date(self):
-        url = self.base_url + '?filter[date_modified][lt]={}'.format(self.date)
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(len(res.json['data']), 0)
-
-    def test_filter_wikis_modified_after_date(self):
-        url = self.base_url + '?filter[date_modified][gt]={}'.format(self.date)
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(len(res.json['data']), 0)
+    @pytest.fixture()
+    def date(self, wiki):
+        return wiki.date.strftime('%Y-%m-%dT%H:%M:%S.%f')
+
+    def test_filter_node_wiki_list(self, app, user, wiki, date, base_url):
+
+    #   test_node_wikis_with_no_filter_returns_all
+        res = app.get(base_url, auth=user.auth)
+        wiki_ids = [item['id'] for item in res.json['data']]
+
+        assert wiki._id in wiki_ids
+
+    #   test_filter_wikis_by_page_name
+        url = base_url + '?filter[name]=home'
+        res = app.get(url, auth=user.auth)
+        assert len(res.json['data']) == 1
+        assert res.json['data'][0]['attributes']['name'] == 'home'
+
+    #   test_filter_wikis_modified_on_date
+        url = base_url + '?filter[date_modified][eq]={}'.format(date)
+        res = app.get(url, auth=user.auth)
+        assert len(res.json['data']) == 1
+
+    #   test_filter_wikis_modified_before_date
+        url = base_url + '?filter[date_modified][lt]={}'.format(date)
+        res = app.get(url, auth=user.auth)
+        assert len(res.json['data']) == 0
+
+    #   test_filter_wikis_modified_after_date
+        url = base_url + '?filter[date_modified][gt]={}'.format(date)
+        res = app.get(url, auth=user.auth)
+        assert len(res.json['data']) == 0

From 83c060f621d576526c292f5761e85b32ff9f9f4e Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Mon, 12 Jun 2017 14:03:14 -0400
Subject: [PATCH 075/163] Move enableEditing button, remove requestDone

---
 website/static/js/filepage/index.js | 11 ++++-------
 1 file changed, 4 insertions(+), 7 deletions(-)

diff --git a/website/static/js/filepage/index.js b/website/static/js/filepage/index.js
index cc0a4b0bae0..1df2c6c354d 100644
--- a/website/static/js/filepage/index.js
+++ b/website/static/js/filepage/index.js
@@ -114,7 +114,6 @@ var FileViewPage = {
         self.file = self.context.file;
         self.node = self.context.node;
         self.editorMeta = self.context.editor;
-        self.requestDone = false;
         self.isLatestVersion = false;
 
         self.selectLatest = function() {
@@ -138,7 +137,6 @@ var FileViewPage = {
                 ])));
             }
         } else {
-            self.requestDone = true;
             self.canEdit = function() {
                 return self.context.currentUser.canEdit;
             };
@@ -365,7 +363,6 @@ var FileViewPage = {
             }
             m.redraw(true);
         };
-        self.enableEditing();
 
         //Hack to polyfill the Panel interface
         //Ran into problems with mithrils caching messing up with multiple "Panels"
@@ -421,6 +418,7 @@ var FileViewPage = {
             changeVersionHeader();
         }
 
+        self.enableEditing()
     },
     view: function(ctrl) {
         //This code was abstracted into a panel toggler at one point
@@ -497,18 +495,17 @@ var FileViewPage = {
                 (ctrl.node.preprintFileId !== ctrl.file.id) &&
                     !(ctrl.file.provider === 'figshare' && ctrl.file.extra.status === 'public') &&
                 (ctrl.file.provider !== 'osfstorage' || !ctrl.file.checkoutUser) &&
-                ctrl.requestDone &&
                 ($(document).context.URL.indexOf('version=latest-published') < 0)
             ) ? m('.btn-group.m-l-xs.m-t-xs', [
                         ctrl.isLatestVersion ? m('button.btn.btn-sm.btn-danger.file-delete', {onclick: $(document).trigger.bind($(document), 'fileviewpage:delete') }, 'Delete') : null
             ]) : '',
-            ctrl.context.currentUser.canEdit && (!ctrl.canEdit()) && ctrl.requestDone && (ctrl.context.currentUser.isAdmin) ? m('.btn-group.m-l-xs.m-t-xs', [
+            ctrl.context.currentUser.canEdit && (!ctrl.canEdit()) && (ctrl.context.currentUser.isAdmin) ? m('.btn-group.m-l-xs.m-t-xs', [
                 ctrl.isLatestVersion ? m('.btn.btn-sm.btn-danger', {onclick: $(document).trigger.bind($(document), 'fileviewpage:force_checkin')}, 'Force check in') : null
             ]) : '',
-            ctrl.canEdit() && (!ctrl.file.checkoutUser) && ctrl.requestDone && (ctrl.file.provider === 'osfstorage') ? m('.btn-group.m-l-xs.m-t-xs', [
+            ctrl.canEdit() && (!ctrl.file.checkoutUser) && (ctrl.file.provider === 'osfstorage') ? m('.btn-group.m-l-xs.m-t-xs', [
                 ctrl.isLatestVersion ? m('.btn.btn-sm.btn-warning', {onclick: $(document).trigger.bind($(document), 'fileviewpage:checkout')}, 'Check out') : null
             ]) : '',
-            (ctrl.canEdit() && (ctrl.file.checkoutUser === ctrl.context.currentUser.id) && ctrl.requestDone) ? m('.btn-group.m-l-xs.m-t-xs', [
+            (ctrl.canEdit() && (ctrl.file.checkoutUser === ctrl.context.currentUser.id) ) ? m('.btn-group.m-l-xs.m-t-xs', [
                 ctrl.isLatestVersion ? m('.btn.btn-sm.btn-warning', {onclick: $(document).trigger.bind($(document), 'fileviewpage:checkin')}, 'Check in') : null
             ]) : '',
             window.contextVars.node.isPublic? m('.btn-group.m-t-xs', [

From 9611410e55021bd1615897252bc918df9b064b6b Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Mon, 12 Jun 2017 14:20:01 -0400
Subject: [PATCH 076/163] semicolon

---
 website/static/js/filepage/index.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/filepage/index.js b/website/static/js/filepage/index.js
index 1df2c6c354d..3526e18d00d 100644
--- a/website/static/js/filepage/index.js
+++ b/website/static/js/filepage/index.js
@@ -418,7 +418,7 @@ var FileViewPage = {
             changeVersionHeader();
         }
 
-        self.enableEditing()
+        self.enableEditing();
     },
     view: function(ctrl) {
         //This code was abstracted into a panel toggler at one point

From a5f00c0f1ed8f8ac3ebc9b142d2bd9090dbe385f Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 12 Jun 2017 16:13:55 -0400
Subject: [PATCH 077/163] pytest conversion of
 test_node_relationship_institutions.py

---
 .../test_node_relationship_institutions.py    | 662 +++++++++---------
 1 file changed, 346 insertions(+), 316 deletions(-)

diff --git a/api_tests/nodes/views/test_node_relationship_institutions.py b/api_tests/nodes/views/test_node_relationship_institutions.py
index 731aa22c45c..8c635481c23 100644
--- a/api_tests/nodes/views/test_node_relationship_institutions.py
+++ b/api_tests/nodes/views/test_node_relationship_institutions.py
@@ -1,472 +1,502 @@
-from nose.tools import *  # flake8: noqa
-
-from tests.base import ApiTestCase
-from osf_tests.factories import InstitutionFactory, AuthUserFactory, NodeFactory
+import pytest
 
 from api.base.settings.defaults import API_BASE
-
+from osf_tests.factories import (
+    InstitutionFactory, 
+    AuthUserFactory, 
+    NodeFactory,
+)
 from website.util import permissions
 
+@pytest.mark.django_db
+class TestNodeRelationshipInstitutions:
 
-class TestNodeRelationshipInstitutions(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeRelationshipInstitutions, self).setUp()
-
-        self.institution2 = InstitutionFactory()
-        self.institution1 = InstitutionFactory()
-
-        self.user = AuthUserFactory()
-        self.user.affiliated_institutions.add(self.institution1)
-        self.user.affiliated_institutions.add(self.institution2)
-        self.user.save()
-
-        self.read_write_contributor = AuthUserFactory()
-        self.read_write_contributor_institution = InstitutionFactory()
-        self.read_write_contributor.affiliated_institutions.add(self.read_write_contributor_institution)
-        self.read_write_contributor.save()
+    @pytest.fixture()
+    def institution_one(self):
+        return InstitutionFactory()
 
-        self.read_only_contributor = AuthUserFactory()
-        self.read_only_contributor_institution = InstitutionFactory()
-        self.read_only_contributor.affiliated_institutions.add(self.read_only_contributor_institution)
-        self.read_only_contributor.save()
+    @pytest.fixture()
+    def institution_two(self):
+        return InstitutionFactory()
 
-        self.node = NodeFactory(creator=self.user)
-        self.node.add_contributor(self.read_write_contributor, permissions=[permissions.WRITE])
-        self.node.add_contributor(self.read_only_contributor, permissions=[permissions.READ])
-        self.node.save()
+    @pytest.fixture()
+    def write_contrib_institution(self):
+        return InstitutionFactory()
 
-        self.node_institutions_url = '/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, self.node._id)
+    @pytest.fixture()
+    def read_contrib_institution(self):
+        return InstitutionFactory()
 
-    def create_payload(self, *institution_ids):
-        data = []
-        for id_ in institution_ids:
-            data.append({'type': 'institutions', 'id': id_})
-        return {'data': data}
-
-    def test_node_with_no_permissions(self):
+    @pytest.fixture()
+    def user(self, institution_one, institution_two):
         user = AuthUserFactory()
-        user.affiliated_institutions.add(self.institution1)
+        user.affiliated_institutions.add(institution_one)
+        user.affiliated_institutions.add(institution_two)
         user.save()
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            self.create_payload([self.institution1._id]),
-            auth=user.auth,
+        return user
+
+    @pytest.fixture()
+    def write_contrib(self, write_contrib_institution):
+        write_contrib = AuthUserFactory()
+        write_contrib.affiliated_institutions.add(write_contrib_institution)
+        write_contrib.save()
+        return write_contrib
+
+    @pytest.fixture()
+    def read_contrib(self, read_contrib_institution):
+        read_contrib = AuthUserFactory()
+        read_contrib.affiliated_institutions.add(read_contrib_institution)
+        read_contrib.save()
+        return read_contrib
+
+    @pytest.fixture()
+    def node(self, user, write_contrib, read_contrib):
+        node = NodeFactory(creator=user)
+        node.add_contributor(write_contrib, permissions=[permissions.WRITE])
+        node.add_contributor(read_contrib, permissions=[permissions.READ])
+        node.save()
+        return node
+
+    @pytest.fixture()
+    def node_institutions_url(self, node):
+        return '/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, node._id)
+
+    @pytest.fixture()
+    def create_payload(self):
+        def payload(*institution_ids):
+            data = []
+            for id_ in institution_ids:
+                data.append({'type': 'institutions', 'id': id_})
+            return {'data': data}
+        return payload
+
+    def test_node_errors(self, app, user, institution_one, create_payload, node_institutions_url):
+
+    #   test_node_with_no_permissions
+        unauthorized_user = AuthUserFactory()
+        unauthorized_user.affiliated_institutions.add(institution_one)
+        unauthorized_user.save()
+        res = app.put_json_api(
+            node_institutions_url,
+            create_payload([institution_one._id]),
+            auth=unauthorized_user.auth,
             expect_errors=True,
         )
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_user_with_no_institution(self):
-        user = AuthUserFactory()
-        node = NodeFactory(creator=user)
-        res = self.app.put_json_api(
+    #   test_user_with_no_institution
+        unauthorized_user = AuthUserFactory()
+        node = NodeFactory(creator=unauthorized_user)
+        res = app.put_json_api(
             '/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, node._id),
-            self.create_payload(self.institution1._id),
+            create_payload(institution_one._id),
+            expect_errors=True,
+            auth=unauthorized_user.auth
+        )
+        assert res.status_code == 403
+
+    #   test_institution_does_not_exist
+        res = app.put_json_api(
+            node_institutions_url,
+            create_payload('not_an_id'),
             expect_errors=True,
             auth=user.auth
         )
-        assert_equal(res.status_code, 403)
 
-    def test_get_public_node(self):
-        self.node.is_public = True
-        self.node.save()
+        assert res.status_code == 404
 
-        res = self.app.get(
-            self.node_institutions_url
+    #   test_wrong_type
+        res = app.put_json_api(
+            node_institutions_url,
+            {'data': [{'type': 'not_institution', 'id': institution_one._id}]},
+            expect_errors=True,
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data'], [])
+        assert res.status_code == 409
 
-    def test_institution_does_not_exist(self):
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            self.create_payload('not_an_id'),
-            expect_errors=True,
-            auth=self.user.auth
+    #   test_remove_institutions_with_no_permissions
+        res = app.put_json_api(
+            node_institutions_url,
+            create_payload(),
+            expect_errors=True
         )
+        assert res.status_code == 401
 
-        assert_equal(res.status_code, 404)
+    #   test_retrieve_private_node_no_auth
+        res = app.get(node_institutions_url, expect_errors=True)
+        assert res.status_code == 401
 
-    def test_wrong_type(self):
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            {'data': [{'type': 'not_institution', 'id': self.institution1._id}]},
-            expect_errors=True,
-            auth=self.user.auth
+    def test_get_public_node(self, app, node, node_institutions_url):
+        node.is_public = True
+        node.save()
+
+        res = app.get(
+            node_institutions_url
         )
 
-        assert_equal(res.status_code, 409)
+        assert res.status_code == 200
+        assert res.json['data'] == []
 
-    def test_user_with_institution_and_permissions(self):
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
+    def test_user_with_institution_and_permissions(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        assert institution_one not in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
 
-        res = self.app.post_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id, self.institution2._id),
-            auth=self.user.auth
+        res = app.post_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id, institution_two._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 201)
+        assert res.status_code == 201
         data = res.json['data']
         ret_institutions = [inst['id'] for inst in data]
 
-        assert_in(self.institution1._id, ret_institutions)
-        assert_in(self.institution2._id, ret_institutions)
+        assert institution_one._id in ret_institutions
+        assert institution_two._id in ret_institutions
 
-        self.node.reload()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_in(self.institution2, self.node.affiliated_institutions.all())
+        node.reload()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two in node.affiliated_institutions.all()
 
-    def test_user_with_institution_and_permissions_through_patch(self):
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
+    def test_user_with_institution_and_permissions_through_patch(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        assert institution_one not in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
 
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id, self.institution2._id),
-            auth=self.user.auth
+        res = app.put_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id, institution_two._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         data = res.json['data']
         ret_institutions = [inst['id'] for inst in data]
 
-        assert_in(self.institution1._id, ret_institutions)
-        assert_in(self.institution2._id, ret_institutions)
-
-        self.node.reload()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_in(self.institution2, self.node.affiliated_institutions.all())
+        assert institution_one._id in ret_institutions
+        assert institution_two._id in ret_institutions
 
-    def test_remove_institutions_with_no_permissions(self):
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            self.create_payload(),
-            expect_errors=True
-        )
-        assert_equal(res.status_code, 401)
+        node.reload()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two in node.affiliated_institutions.all()
 
-    def test_remove_institutions_with_affiliated_user(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+    def test_remove_institutions_with_affiliated_user(self, app, user, institution_one, node, node_institutions_url):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
 
-        res = self.app.put_json_api(
-            self.node_institutions_url,
+        res = app.put_json_api(
+            node_institutions_url,
             {'data': []},
-            auth=self.user.auth
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 200)
-        self.node.reload()
-        assert_equal(self.node.affiliated_institutions.count(), 0)
+        assert res.status_code == 200
+        node.reload()
+        assert node.affiliated_institutions.count() == 0
 
-    def test_using_post_making_no_changes_returns_204(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+    def test_using_post_making_no_changes_returns_204(self, app, user, institution_one, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
 
-        res = self.app.post_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
-            auth=self.user.auth
+        res = app.post_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 204)
-        self.node.reload()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+        assert res.status_code == 204
+        node.reload()
+        assert institution_one in node.affiliated_institutions.all()
 
-    def test_put_not_admin_but_affiliated(self):
+    def test_put_not_admin_but_affiliated(self, app, institution_one, node, node_institutions_url, create_payload):
         user = AuthUserFactory()
-        user.affiliated_institutions.add(self.institution1)
+        user.affiliated_institutions.add(institution_one)
         user.save()
-        self.node.add_contributor(user)
-        self.node.save()
+        node.add_contributor(user)
+        node.save()
 
-        res = self.app.put_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
+        res = app.put_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
             auth=user.auth
         )
 
-        self.node.reload()
-        assert_equal(res.status_code, 200)
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-
-    def test_retrieve_private_node_no_auth(self):
-        res = self.app.get(self.node_institutions_url, expect_errors=True)
-        assert_equal(res.status_code, 401)
+        node.reload()
+        assert res.status_code == 200
+        assert institution_one in node.affiliated_institutions.all()
 
-    def test_add_through_patch_one_inst_to_node_with_inst(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
+    def test_add_through_patch_one_inst_to_node_with_inst(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
 
-        res = self.app.patch_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id, self.institution2._id),
-            auth=self.user.auth
+        res = app.patch_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id, institution_two._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 200)
-        self.node.reload()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_in(self.institution2, self.node.affiliated_institutions.all())
-
-    def test_add_through_patch_one_inst_while_removing_other(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
-
-        res = self.app.patch_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution2._id),
-            auth=self.user.auth
+        assert res.status_code == 200
+        node.reload()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two in node.affiliated_institutions.all()
+
+    def test_add_through_patch_one_inst_while_removing_other(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
+
+        res = app.patch_json_api(
+            node_institutions_url,
+            create_payload(institution_two._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 200)
-        self.node.reload()
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_in(self.institution2, self.node.affiliated_institutions.all())
-
-    def test_add_one_inst_with_post_to_node_with_inst(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
-
-        res = self.app.post_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution2._id),
-            auth=self.user.auth
+        assert res.status_code == 200
+        node.reload()
+        assert institution_one not in node.affiliated_institutions.all()
+        assert institution_two in node.affiliated_institutions.all()
+
+    def test_add_one_inst_with_post_to_node_with_inst(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
+
+        res = app.post_json_api(
+            node_institutions_url,
+            create_payload(institution_two._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 201)
-        self.node.reload()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_in(self.institution2, self.node.affiliated_institutions.all())
+        assert res.status_code == 201
+        node.reload()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two in node.affiliated_institutions.all()
 
-    def test_delete_nothing(self):
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(),
-            auth=self.user.auth
+    def test_delete_nothing(self, app, user, node_institutions_url, create_payload):
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(),
+            auth=user.auth
         )
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
-    def test_delete_existing_inst(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+    def test_delete_existing_inst(self, app, user, institution_one, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
 
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
-            auth=self.user.auth
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 204)
-        self.node.reload()
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
+        assert res.status_code == 204
+        node.reload()
+        assert institution_one not in node.affiliated_institutions.all()
 
-    def test_delete_not_affiliated_and_affiliated_insts(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
+    def test_delete_not_affiliated_and_affiliated_insts(self, app, user, institution_one, institution_two, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
+        assert institution_one in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
 
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id, self.institution2._id),
-            auth=self.user.auth,
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id, institution_two._id),
+            auth=user.auth,
         )
 
-        assert_equal(res.status_code, 204)
-        self.node.reload()
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
-        assert_not_in(self.institution2, self.node.affiliated_institutions.all())
+        assert res.status_code == 204
+        node.reload()
+        assert institution_one not in node.affiliated_institutions.all()
+        assert institution_two not in node.affiliated_institutions.all()
 
-    def test_delete_user_is_admin(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
+    def test_delete_user_is_admin(self, app, user, institution_one, node, node_institutions_url, create_payload):
+        node.affiliated_institutions.add(institution_one)
+        node.save()
 
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
-            auth=self.user.auth
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
+            auth=user.auth
         )
 
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
-    def test_delete_user_is_read_write(self):
+    def test_delete_user_is_read_write(self, app, institution_one, node, node_institutions_url, create_payload):
         user = AuthUserFactory()
-        user.affiliated_institutions.add(self.institution1)
+        user.affiliated_institutions.add(institution_one)
         user.save()
-        self.node.add_contributor(user)
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
+        node.add_contributor(user)
+        node.affiliated_institutions.add(institution_one)
+        node.save()
 
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
             auth=user.auth
         )
 
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
 
-    def test_delete_user_is_read_only(self):
+    def test_delete_user_is_read_only(self, app, institution_one, node, node_institutions_url, create_payload):
         user = AuthUserFactory()
-        user.affiliated_institutions.add(self.institution1)
+        user.affiliated_institutions.add(institution_one)
         user.save()
-        self.node.add_contributor(user, permissions=[permissions.READ])
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
+        node.add_contributor(user, permissions=[permissions.READ])
+        node.affiliated_institutions.add(institution_one)
+        node.save()
 
-        res = self.app.delete_json_api(
-            self.node_institutions_url,
-            self.create_payload(self.institution1._id),
+        res = app.delete_json_api(
+            node_institutions_url,
+            create_payload(institution_one._id),
             auth=user.auth,
             expect_errors=True
         )
 
-        assert_equal(res.status_code, 403)
+        assert res.status_code == 403
 
-    def test_delete_user_is_admin_but_not_affiliated_with_inst(self):
+    def test_delete_user_is_admin_but_not_affiliated_with_inst(self, app, institution_one, create_payload):
         user = AuthUserFactory()
         node = NodeFactory(creator=user)
-        node.affiliated_institutions.add(self.institution1)
+        node.affiliated_institutions.add(institution_one)
         node.save()
-        assert_in(self.institution1, node.affiliated_institutions.all())
+        assert institution_one in node.affiliated_institutions.all()
 
-        res = self.app.delete_json_api(
+        res = app.delete_json_api(
             '/{0}nodes/{1}/relationships/institutions/'.format(API_BASE, node._id),
-            self.create_payload(self.institution1._id),
+            create_payload(institution_one._id),
             auth=user.auth,
         )
 
-        assert_equal(res.status_code, 204)
+        assert res.status_code == 204
         node.reload()
-        assert_not_in(self.institution1, node.affiliated_institutions.all())
+        assert institution_one not in node.affiliated_institutions.all()
 
-    def test_admin_can_add_affiliated_institution(self):
+    def test_admin_can_add_affiliated_institution(self, app, user, institution_one, node, node_institutions_url):
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.institution1._id
+                'id': institution_one._id
             }]
         }
-        res = self.app.post_json_api(self.node_institutions_url, payload, auth=self.user.auth)
-        self.node.reload()
-        assert_equal(res.status_code, 201)
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+        res = app.post_json_api(node_institutions_url, payload, auth=user.auth)
+        node.reload()
+        assert res.status_code == 201
+        assert institution_one in node.affiliated_institutions.all()
 
-    def test_admin_can_remove_admin_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.institution1)
+    def test_admin_can_remove_admin_affiliated_institution(self, app, user, institution_one, node, node_institutions_url):
+        node.affiliated_institutions.add(institution_one)
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.institution1._id
+                'id': institution_one._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.user.auth)
-        self.node.reload()
-        assert_equal(res.status_code, 204)
-        assert_not_in(self.institution1, self.node.affiliated_institutions.all())
-
-    def test_admin_can_remove_read_write_contributor_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.read_write_contributor_institution)
-        self.node.save()
+        res = app.delete_json_api(node_institutions_url, payload, auth=user.auth)
+        node.reload()
+        assert res.status_code == 204
+        assert institution_one not in node.affiliated_institutions.all()
+
+    def test_admin_can_remove_read_write_contributor_affiliated_institution(self, app, user, read_contrib_institution, node, node_institutions_url):
+        node.affiliated_institutions.add(read_contrib_institution)
+        node.save()
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.read_write_contributor_institution._id
+                'id': read_contrib_institution._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.user.auth)
-        self.node.reload()
-        assert_equal(res.status_code, 204)
-        assert_not_in(self.read_write_contributor_institution, self.node.affiliated_institutions.all())
+        res = app.delete_json_api(node_institutions_url, payload, auth=user.auth)
+        node.reload()
+        assert res.status_code == 204
+        assert read_contrib_institution not in node.affiliated_institutions.all()
 
-    def test_read_write_contributor_can_add_affiliated_institution(self):
+    def test_read_write_contributor_can_add_affiliated_institution(self, app, write_contrib, write_contrib_institution, node, node_institutions_url):
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.read_write_contributor_institution._id
+                'id': write_contrib_institution._id
             }]
         }
-        res = self.app.post_json_api(self.node_institutions_url, payload, auth=self.read_write_contributor.auth)
-        self.node.reload()
-        assert_equal(res.status_code, 201)
-        assert_in(self.read_write_contributor_institution, self.node.affiliated_institutions.all())
-
-    def test_read_write_contributor_can_remove_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.read_write_contributor_institution)
-        self.node.save()
+        res = app.post_json_api(node_institutions_url, payload, auth=write_contrib.auth)
+        node.reload()
+        assert res.status_code == 201
+        assert write_contrib_institution in node.affiliated_institutions.all()
+
+    def test_read_write_contributor_can_remove_affiliated_institution(self, app, write_contrib, write_contrib_institution, node, node_institutions_url):
+        node.affiliated_institutions.add(write_contrib_institution)
+        node.save()
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.read_write_contributor_institution._id
+                'id': write_contrib_institution._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.read_write_contributor.auth)
-        self.node.reload()
-        assert_equal(res.status_code, 204)
-        assert_not_in(self.read_write_contributor_institution, self.node.affiliated_institutions.all())
-
-    def test_read_write_contributor_cannot_remove_admin_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
+        res = app.delete_json_api(node_institutions_url, payload, auth=write_contrib.auth)
+        node.reload()
+        assert res.status_code == 204
+        assert write_contrib_institution not in node.affiliated_institutions.all()
+
+    def test_contribs_cannot_perform_action(self, app, write_contrib, read_contrib, institution_one, read_contrib_institution, node, node_institutions_url):
+
+    #   test_read_write_contributor_cannot_remove_admin_affiliated_institution
+        node.affiliated_institutions.add(institution_one)
+        node.save()
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.institution1._id
+                'id': institution_one._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.read_write_contributor.auth, expect_errors=True)
-        self.node.reload()
-        assert_equal(res.status_code, 403)
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
-
-    def test_read_only_contributor_cannot_remove_admin_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.institution1)
-        self.node.save()
+        res = app.delete_json_api(node_institutions_url, payload, auth=write_contrib.auth, expect_errors=True)
+        node.reload()
+        assert res.status_code == 403
+        assert institution_one in node.affiliated_institutions.all()
+
+    #   test_read_only_contributor_cannot_remove_admin_affiliated_institution
+        node.affiliated_institutions.add(institution_one)
+        node.save()
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.institution1._id
+                'id': institution_one._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.read_only_contributor.auth, expect_errors=True)
-        self.node.reload()
-        assert_equal(res.status_code, 403)
-        assert_in(self.institution1, self.node.affiliated_institutions.all())
+        res = app.delete_json_api(node_institutions_url, payload, auth=read_contrib.auth, expect_errors=True)
+        node.reload()
+        assert res.status_code == 403
+        assert institution_one in node.affiliated_institutions.all()
 
-    def test_read_only_contributor_cannot_add_affiliated_institution(self):
+    #   test_read_only_contributor_cannot_add_affiliated_institution
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.read_only_contributor_institution._id
+                'id': read_contrib_institution._id
             }]
         }
-        res = self.app.post_json_api(self.node_institutions_url, payload, auth=self.read_only_contributor.auth, expect_errors=True)
-        self.node.reload()
-        assert_equal(res.status_code, 403)
-        assert_not_in(self.read_write_contributor_institution, self.node.affiliated_institutions.all())
-
-    def test_read_only_contributor_cannot_remove_affiliated_institution(self):
-        self.node.affiliated_institutions.add(self.read_only_contributor_institution)
-        self.node.save()
+        res = app.post_json_api(node_institutions_url, payload, auth=read_contrib.auth, expect_errors=True)
+        node.reload()
+        assert res.status_code == 403
+        assert read_contrib_institution not in node.affiliated_institutions.all()
+
+    #   test_read_only_contributor_cannot_remove_affiliated_institution
+        node.affiliated_institutions.add(read_contrib_institution)
+        node.save()
         payload = {
             'data': [{
                 'type': 'institutions',
-                'id': self.read_only_contributor_institution._id
+                'id': read_contrib_institution._id
             }]
         }
-        res = self.app.delete_json_api(self.node_institutions_url, payload, auth=self.read_only_contributor.auth, expect_errors=True)
-        self.node.reload()
-        assert_equal(res.status_code, 403)
-        assert_in(self.read_only_contributor_institution, self.node.affiliated_institutions.all())
+        res = app.delete_json_api(node_institutions_url, payload, auth=read_contrib.auth, expect_errors=True)
+        node.reload()
+        assert res.status_code == 403
+        assert read_contrib_institution in node.affiliated_institutions.all()

From db6c73bacab961debe41d4022aeebf1c8ee7b433 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 13 Jun 2017 11:11:06 -0400
Subject: [PATCH 078/163] Update admin users test views

---
 admin_tests/users/test_views.py | 28 +++++++++++++++++++++-------
 1 file changed, 21 insertions(+), 7 deletions(-)

diff --git a/admin_tests/users/test_views.py b/admin_tests/users/test_views.py
index 1316dfaa440..7038412ed33 100644
--- a/admin_tests/users/test_views.py
+++ b/admin_tests/users/test_views.py
@@ -87,14 +87,28 @@ def test_correct_view_permissions(self):
 
 
 class TestResetPasswordView(AdminTestCase):
-    def test_reset_password_context(self):
-        user = UserFactory()
+    def setUp(self):
+        super(TestResetPasswordView, self).setUp()
+        self.user = UserFactory()
+        user = self.user
+        self.request = RequestFactory().get('/fake_path')
+        self.request.user = self.user
+        self.plain_view = views.ResetPasswordView
+        self.view = setup_view(self.plain_view(), self.request, guid=user._id)
+
+    def test_get_initial(self):
+        self.view.user = self.user
+        self.view.get_initial()
+        res = self.view.initial
+        nt.assert_is_instance(res, dict)
+        nt.assert_equal(res['guid'], self.user._id)
+        nt.assert_equal(res['emails'], self.user.emails)
 
-        guid = user._id
-        request = RequestFactory().get('/fake_path')
-        view = views.ResetPasswordView(initial={})
-        view = setup_view(view, request, guid=guid)
-        res = view.get_context_data()
+    def test_reset_password_context(self):
+        self.view.user = self.user
+        res = self.view.get_context_data()
+        user = self.user
+        view = self.view
         nt.assert_is_instance(res, dict)
         nt.assert_in((user.emails.first().address, user.emails.first().address), view.initial['emails'])
 

From 93457a7f9c4b9b375280a1d330fe0c8012cb5e31 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Tue, 13 Jun 2017 13:32:15 -0400
Subject: [PATCH 079/163] switch tabs to spaces

---
 api_tests/nodes/views/test_node_citations.py | 96 ++++++++++----------
 1 file changed, 48 insertions(+), 48 deletions(-)

diff --git a/api_tests/nodes/views/test_node_citations.py b/api_tests/nodes/views/test_node_citations.py
index 738ae0ae0b7..6716d071d0f 100644
--- a/api_tests/nodes/views/test_node_citations.py
+++ b/api_tests/nodes/views/test_node_citations.py
@@ -14,82 +14,82 @@ def admin_contributor():
 
 @pytest.fixture()
 def write_contrib():
-	return AuthUserFactory()
+    return AuthUserFactory()
 
 @pytest.fixture()
 def read_contrib():
-	return AuthUserFactory()
+    return AuthUserFactory()
 
 @pytest.fixture()
 def non_contrib():
-	return AuthUserFactory()
+    return AuthUserFactory()
 
 @pytest.fixture()
 def public_project(admin_contributor):
-	return ProjectFactory(creator=admin_contributor, is_public=True)
+    return ProjectFactory(creator=admin_contributor, is_public=True)
 
 @pytest.fixture()
 def private_project(admin_contributor, write_contrib, read_contrib):
-	private_project = ProjectFactory(creator=admin_contributor)
-	private_project.add_contributor(write_contrib, permissions=['read','write'], auth=Auth(admin_contributor))
-	private_project.add_contributor(read_contrib, permissions=['read'], auth=Auth(admin_contributor))
-	private_project.save()
-	return private_project
+    private_project = ProjectFactory(creator=admin_contributor)
+    private_project.add_contributor(write_contrib, permissions=['read','write'], auth=Auth(admin_contributor))
+    private_project.add_contributor(read_contrib, permissions=['read'], auth=Auth(admin_contributor))
+    private_project.save()
+    return private_project
 
 @pytest.mark.django_db
 class NodeCitationsMixin:
 
     def test_node_citations(self, app, admin_contributor, write_contrib, read_contrib, non_contrib, private_url, public_url):
 
-	#   test_admin_can_view_private_project_citations
-		res = app.get(private_url, auth=admin_contributor.auth)
-		assert res.status_code == 200
+    #   test_admin_can_view_private_project_citations
+        res = app.get(private_url, auth=admin_contributor.auth)
+        assert res.status_code == 200
 
-	#   test_write_contrib_can_view_private_project_citations
-		res = app.get(private_url, auth=write_contrib.auth)
-		assert res.status_code == 200
+    #   test_write_contrib_can_view_private_project_citations
+        res = app.get(private_url, auth=write_contrib.auth)
+        assert res.status_code == 200
 
-	#   test_read_contrib_can_view_private_project_citations
-		res = app.get(private_url, auth=read_contrib.auth)
-		assert res.status_code == 200
+    #   test_read_contrib_can_view_private_project_citations
+        res = app.get(private_url, auth=read_contrib.auth)
+        assert res.status_code == 200
 
-	#   test_non_contrib_cannot_view_private_project_citations
-		res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
-		assert res.status_code == 403
-		assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+    #   test_non_contrib_cannot_view_private_project_citations
+        res = app.get(private_url, auth=non_contrib.auth, expect_errors=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
-	#   test_unauthenticated_cannot_view_private_project_citations
-		res = app.get(private_url, expect_errors=True)
-		assert res.status_code == 401
-		assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
+    #   test_unauthenticated_cannot_view_private_project_citations
+        res = app.get(private_url, expect_errors=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-	#   test_unauthenticated_can_view_public_project_citations
-		res = app.get(public_url)
-		assert res.status_code == 200
+    #   test_unauthenticated_can_view_public_project_citations
+        res = app.get(public_url)
+        assert res.status_code == 200
 
-	#   test_citations_are_read_only
-		post_res = app.post_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
-		assert post_res.status_code == 405
-		put_res = app.put_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
-		assert put_res.status_code == 405
-		delete_res = app.delete_json_api(public_url, auth=admin_contributor.auth, expect_errors=True)
-		assert delete_res.status_code == 405
+    #   test_citations_are_read_only
+        post_res = app.post_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
+        assert post_res.status_code == 405
+        put_res = app.put_json_api(public_url, {}, auth=admin_contributor.auth, expect_errors=True)
+        assert put_res.status_code == 405
+        delete_res = app.delete_json_api(public_url, auth=admin_contributor.auth, expect_errors=True)
+        assert delete_res.status_code == 405
 
 class TestNodeCitations(NodeCitationsMixin):
-	@pytest.fixture()
-	def public_url(self, public_project):
-		return '/{}nodes/{}/citation/'.format(API_BASE, public_project._id)
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/citation/'.format(API_BASE, public_project._id)
 
-	@pytest.fixture()
-	def private_url(self, private_project):
-		return '/{}nodes/{}/citation/'.format(API_BASE, private_project._id)
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/citation/'.format(API_BASE, private_project._id)
 
 
 class TestNodeCitationsStyle(NodeCitationsMixin):
-	@pytest.fixture()
-	def public_url(self, public_project):
-		return '/{}nodes/{}/citation/apa/'.format(API_BASE, public_project._id)
+    @pytest.fixture()
+    def public_url(self, public_project):
+        return '/{}nodes/{}/citation/apa/'.format(API_BASE, public_project._id)
 
-	@pytest.fixture()
-	def private_url(self, private_project):
-		return '/{}nodes/{}/citation/apa/'.format(API_BASE, private_project._id)
+    @pytest.fixture()
+    def private_url(self, private_project):
+        return '/{}nodes/{}/citation/apa/'.format(API_BASE, private_project._id)

From 87f911349568951dc7569a732a57c09d3c8a9e9e Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 15 Jun 2017 09:50:56 -0400
Subject: [PATCH 080/163] Update class tests

---
 admin/users/views.py            |  4 ++--
 admin_tests/users/test_views.py | 10 +++-------
 2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/admin/users/views.py b/admin/users/views.py
index 7b841a367d4..3ad0ac67297 100644
--- a/admin/users/views.py
+++ b/admin/users/views.py
@@ -525,9 +525,9 @@ def dispatch(self, request, *args, **kwargs):
         return super(ResetPasswordView, self).dispatch(request, *args, **kwargs)
 
     def get_initial(self):
-        user = self.user
         self.initial = {
-            'emails': [(r, r) for r in user.emails.values_list('address', flat=True)],
+            'guid': self.user._id,
+            'emails': [(r, r) for r in self.user.emails.values_list('address', flat=True)],
         }
         return super(ResetPasswordView, self).get_initial()
 
diff --git a/admin_tests/users/test_views.py b/admin_tests/users/test_views.py
index 7038412ed33..2d7f0c1591d 100644
--- a/admin_tests/users/test_views.py
+++ b/admin_tests/users/test_views.py
@@ -90,11 +90,10 @@ class TestResetPasswordView(AdminTestCase):
     def setUp(self):
         super(TestResetPasswordView, self).setUp()
         self.user = UserFactory()
-        user = self.user
         self.request = RequestFactory().get('/fake_path')
         self.request.user = self.user
         self.plain_view = views.ResetPasswordView
-        self.view = setup_view(self.plain_view(), self.request, guid=user._id)
+        self.view = setup_view(self.plain_view(), self.request, guid=self.user._id)
 
     def test_get_initial(self):
         self.view.user = self.user
@@ -102,15 +101,13 @@ def test_get_initial(self):
         res = self.view.initial
         nt.assert_is_instance(res, dict)
         nt.assert_equal(res['guid'], self.user._id)
-        nt.assert_equal(res['emails'], self.user.emails)
+        nt.assert_equal(res['emails'], [(r, r) for r in self.user.emails.values_list('address', flat=True)])
 
     def test_reset_password_context(self):
         self.view.user = self.user
         res = self.view.get_context_data()
-        user = self.user
-        view = self.view
         nt.assert_is_instance(res, dict)
-        nt.assert_in((user.emails.first().address, user.emails.first().address), view.initial['emails'])
+        nt.assert_in((self.user.emails.first().address, self.user.emails.first().address), self.view.initial['emails'])
 
     def test_no_user_permissions_raises_error(self):
         user = UserFactory()
@@ -301,7 +298,6 @@ def test_correct_view_permissions(self):
         response = self.plain_view.as_view()(request, guid=guid)
         self.assertEqual(response.status_code, 200)
 
-
 class TestFlaggedSpamUserList(SpamUserListMixin, AdminTestCase):
     def setUp(self):
         super(TestFlaggedSpamUserList, self).setUp()

From f51284af2132a8166f3190a450c6f49800da0d15 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 28 Apr 2017 14:19:35 -0400
Subject: [PATCH 081/163] Allow component api url to be passed as argument

---
 website/static/js/projectSettings.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/static/js/projectSettings.js b/website/static/js/projectSettings.js
index 11adf3be8a8..f9cfec549a1 100644
--- a/website/static/js/projectSettings.js
+++ b/website/static/js/projectSettings.js
@@ -29,7 +29,7 @@ var ProjectSettings = oop.extend(
             self.categoryOptions = params.categoryOptions;
             self.categoryPlaceholder = params.category;
             self.selectedCategory = ko.observable(params.category);
-            
+
             if (!params.updateUrl) {
                 throw new Error(language.instantiationErrorMessage);
             }
@@ -79,7 +79,7 @@ var ProjectSettings = oop.extend(
                     xhrFields: {withCredentials: true},
                     processData: false,
                     data: requestPayload
-                });            
+                });
             request.done(function(response) {
                 self.categoryPlaceholder = response.data.attributes.category;
                 self.titlePlaceholder = response.data.attributes.title;
@@ -152,7 +152,7 @@ request.fail(function(xhr, textStatus, err) {
  * Pulls a random name from the scientist list to use as confirmation string
  *  Ignores case and whitespace
  */
-var getConfirmationCode = function(nodeType, isPreprint) {
+var getConfirmationCode = function(nodeType, isPreprint, nodeApiUrl=nodeApiUrl) {
 
     var preprint_message = '<p class="danger">This ' + nodeType + ' contains a preprint. Deleting this ' +
         nodeType + ' will also delete your preprint. This action is irreversible.</p>';

From 2600d0c78359ea3d42e1fcf27c4e48dafafa81c1 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 28 Apr 2017 14:22:02 -0400
Subject: [PATCH 082/163] Add component settings file

---
 webpack.common.config.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/webpack.common.config.js b/webpack.common.config.js
index dfecd22ea20..7579a4dfd77 100644
--- a/webpack.common.config.js
+++ b/webpack.common.config.js
@@ -31,6 +31,7 @@ var entry = {
     'project-dashboard': staticPath('js/pages/project-dashboard-page.js'),
     'project-base-page': staticPath('js/pages/project-base-page.js'),
     'project-settings-page': staticPath('js/pages/project-settings-page.js'),
+    'component-settings-page': staticPath('js/pages/component-settings-page.js'),
     'project-registrations-page': staticPath('js/pages/project-registrations-page.js'),
     'registration-retraction-page': staticPath('js/pages/registration-retraction-page.js'),
     'registration-edit-page': staticPath('js/pages/registration-edit-page.js'),

From 8287d8b5563bf70b23695f686bce8171ff9f14e7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 28 Apr 2017 14:24:10 -0400
Subject: [PATCH 083/163] Add common actions for component widget

---
 .../js/pages/component-settings-page.js       | 22 +++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 website/static/js/pages/component-settings-page.js

diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
new file mode 100644
index 00000000000..b1eec6233e5
--- /dev/null
+++ b/website/static/js/pages/component-settings-page.js
@@ -0,0 +1,22 @@
+'use strict';
+
+var $ = require('jquery');
+var bootbox = require('bootbox');
+var Raven = require('raven-js');
+var ko = require('knockout');
+var $osf = require('js/osfHelpers.js');
+var ProjectSettings = require('js/projectSettings.js');
+
+$(document).ready(function() {
+  $(".deleteComponent").each( function() {
+    $(this).off().on('click', function(e) {
+        var component = $(this).data('summary');
+        if(component.childExists){
+            $osf.growl('Error', 'Any child components must be deleted prior to deleting this project.','danger', 30000);
+        }else{
+            ProjectSettings.getConfirmationCode(component.node_type, component.isPreprint, component.api_url);
+        }
+     });
+   });
+
+});

From 148fbb885f7eba83c12cb3455424b30b113fff15 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 28 Apr 2017 14:26:02 -0400
Subject: [PATCH 084/163] Add html for common actions menu in component widget

---
 website/templates/util/render_node.mako | 24 +++++++++++++++++++++++-
 1 file changed, 23 insertions(+), 1 deletion(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 949d11dac45..312e6a2adf9 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -58,7 +58,22 @@
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                <i id="icon-${summary['id']}" class="pointer fa fa-angle-down" onclick="NodeActions.openCloseNode('${summary['id']}');" style="font-weight:bold;"></i>
+                <div id="projectSettings" class="dropdown">
+                  <button class="btn btn-default btn-sm dropdown-toggle" type="button" id="commonActions" data-toggle="dropdown" aria-haspopup="true" aria-expanded="true">
+                    <span class="glyphicon glyphicon-option-horizontal"></span>
+                  </button>
+                  <ul class="dropdown-menu dropdown-menu-right" aria-labelledby="commonActions">
+                    <li><a type="button">Upload</a></li>
+                    <li><a href="${domain}${summary['id']}/settings/">Settings</a></li>
+                    <li><a href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
+                    % if 'admin' in user['permissions']:
+                        <li><a class="deleteComponent" type="button">Delete</a></li>
+                        <script type="text/javascript">
+                            $(".deleteComponent").data("summary", ${summary | sjson, n}) ;
+                        </script>
+                    % endif
+                  </ul>
+                </div>
             </div>
             % endif
         </h4>
@@ -137,6 +152,10 @@
 </div>
 <script type="text/javascript">
     window.contextVars = window.contextVars || {};
+    window.contextVars.node = window.contextVars.node || {};
+    window.contextVars.node.urls = window.contextVars.node.urls || {};
+    window.contextVars.node.urls.api = window.contextVars.node.urls.api || '';
+
     var nodes = window.contextVars.nodes || [];
     nodes.push({
         node : ${summary | sjson, n},
@@ -146,4 +165,7 @@
         nodes : nodes
     });
 </script>
+
+<script type="text/javascript" src=${"/static/public/js/component-settings-page.js" | webpack_asset}></script>
+
 </%def>

From e318d3809cec1055f0a8ea159d67b91b889f13d4 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 19 May 2017 12:27:03 -0400
Subject: [PATCH 085/163] Remove upload from menu, add osf styling for menu

---
 .../js/pages/component-settings-page.js       | 33 +++++++++----
 .../static/js/pages/project-settings-page.js  |  4 +-
 website/templates/util/render_node.mako       | 48 ++++++++++++++-----
 3 files changed, 60 insertions(+), 25 deletions(-)

diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
index b1eec6233e5..6e74b6c5682 100644
--- a/website/static/js/pages/component-settings-page.js
+++ b/website/static/js/pages/component-settings-page.js
@@ -3,20 +3,33 @@
 var $ = require('jquery');
 var bootbox = require('bootbox');
 var Raven = require('raven-js');
-var ko = require('knockout');
 var $osf = require('js/osfHelpers.js');
-var ProjectSettings = require('js/projectSettings.js');
+var { getConfirmationCode } = require('js/projectSettings.js');
+
+
 
 $(document).ready(function() {
+
+  //Project overview >> Component Widget >> Event/Click handler for componentQuickActions menu item: Delete.
   $(".deleteComponent").each( function() {
     $(this).off().on('click', function(e) {
-        var component = $(this).data('summary');
-        if(component.childExists){
-            $osf.growl('Error', 'Any child components must be deleted prior to deleting this project.','danger', 30000);
-        }else{
-            ProjectSettings.getConfirmationCode(component.node_type, component.isPreprint, component.api_url);
-        }
-     });
-   });
+      var {node_type, api_url, isPreprint, childExists} = $(this).data('component');
+
+      if(childExists){
+        $osf.growl(
+          'Error',
+          'Any child components must be deleted prior to deleting this component.',
+          'danger',
+          30000
+        );
+      }else{
+        getConfirmationCode(
+          node_type,
+          isPreprint,
+          api_url
+        );
+      }
+    });
+  })
 
 });
diff --git a/website/static/js/pages/project-settings-page.js b/website/static/js/pages/project-settings-page.js
index caadd45bc2a..799d6e35070 100644
--- a/website/static/js/pages/project-settings-page.js
+++ b/website/static/js/pages/project-settings-page.js
@@ -86,7 +86,7 @@ $(document).ready(function() {
         if(ctx.node.childExists){
             $osf.growl('Error', 'Any child components must be deleted prior to deleting this project.','danger', 30000);
         }else{
-            ProjectSettings.getConfirmationCode(ctx.node.nodeType, ctx.node.isPreprint);
+            ProjectSettings.getConfirmationCode(ctx.node.nodeType, ctx.node.isPreprint, ctx.node.urls.api);
         }
     });
 
@@ -141,7 +141,7 @@ $(document).ready(function() {
         var unchecked = checkedOnLoad.filter('#selectAddonsForm input:not(:checked)');
         var checked = uncheckedOnLoad.filter('#selectAddonsForm input:checked');
         var msgElm = $(this).find('.addon-settings-message');
-        
+
         var submit = function() {
             var request = $osf.postJSON(ctx.node.urls.api + 'settings/addons/', formData);
             return request;
diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 312e6a2adf9..71332dc9e27 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -2,6 +2,29 @@
 ## TODO: Rename summary to node
 <%def name="render_node(summary, show_path)">
 ## TODO: Don't rely on ID
+<style >
+
+.dropdown-menu > li > a:hover {
+    background-image: none !important;
+    background-color: #D9D9D9;
+}
+
+.quickActions {
+  padding: 3px 12px;
+  line-height: 0;
+}
+
+#componentQuickActions {
+    background-color: #EFEFEF;
+    min-width: 180px;
+}
+
+#componentQuickActions a {
+    color: #333;
+}
+
+</style>
+
 <div id="render-node">
 % if summary['can_view']:
 
@@ -58,18 +81,17 @@
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                <div id="projectSettings" class="dropdown">
-                  <button class="btn btn-default btn-sm dropdown-toggle" type="button" id="commonActions" data-toggle="dropdown" aria-haspopup="true" aria-expanded="true">
+                <div class="dropdown pull-right">
+                  <button class="btn btn-default dropdown-toggle quickActions" type="button" data-toggle="dropdown">
                     <span class="glyphicon glyphicon-option-horizontal"></span>
                   </button>
-                  <ul class="dropdown-menu dropdown-menu-right" aria-labelledby="commonActions">
-                    <li><a type="button">Upload</a></li>
-                    <li><a href="${domain}${summary['id']}/settings/">Settings</a></li>
-                    <li><a href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
+                  <ul class="dropdown-menu dropdown-menu-right" id="componentQuickActions">
+                    <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
+                    <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
                     % if 'admin' in user['permissions']:
-                        <li><a class="deleteComponent" type="button">Delete</a></li>
+                        <li><a tabindex="-1" class="deleteComponent" type="button">Delete</a></li>
                         <script type="text/javascript">
-                            $(".deleteComponent").data("summary", ${summary | sjson, n}) ;
+                            $(".deleteComponent").data("component", ${summary | sjson, n}) ;
                         </script>
                     % endif
                   </ul>
@@ -142,12 +164,12 @@
             % if not summary['primary'] and 'write' in user['permissions'] and not node['is_registration']:
                 ## Allow deletion of pointers, even if user doesn't know what they are deleting
                 <span class="pull-right">
-                    <i class="fa fa-times remove-pointer pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
+                    <i class="fa fa-times remove-pointer pointer" data-id="${summary['id']}"
+                    data-toggle="tooltip" title="Remove link"></i>
                 </span>
             % endif
         </p>
     </li>
-
 % endif
 </div>
 <script type="text/javascript">
@@ -158,11 +180,11 @@
 
     var nodes = window.contextVars.nodes || [];
     nodes.push({
-        node : ${summary | sjson, n},
-        id: ${summary['primary_id'] if not summary['primary'] and summary['can_view'] else summary['id'] | sjson, n}
+      node : ${summary | sjson, n},
+      id: ${summary['primary_id'] if not summary['primary'] and summary['can_view'] else summary['id'] | sjson, n}
     });
     window.contextVars = $.extend(true, {}, window.contextVars, {
-        nodes : nodes
+      nodes : nodes
     });
 </script>
 

From 1c72346551e4503e290f67d23907b1de0b638a33 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 22 May 2017 14:43:58 -0400
Subject: [PATCH 086/163] Prevent component with children from being deleted.

---
 website/static/js/pages/component-settings-page.js |  7 +++++--
 website/templates/util/render_node.mako            | 13 +++++--------
 website/templates/util/render_nodes.mako           |  4 ++--
 website/views.py                                   |  2 ++
 4 files changed, 14 insertions(+), 12 deletions(-)

diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
index 6e74b6c5682..32fb0514405 100644
--- a/website/static/js/pages/component-settings-page.js
+++ b/website/static/js/pages/component-settings-page.js
@@ -13,7 +13,10 @@ $(document).ready(function() {
   //Project overview >> Component Widget >> Event/Click handler for componentQuickActions menu item: Delete.
   $(".deleteComponent").each( function() {
     $(this).off().on('click', function(e) {
-      var {node_type, api_url, isPreprint, childExists} = $(this).data('component');
+      var componentIndex = $(this).data('index');
+      var component = window.contextVars.nodes[componentIndex]['node'];
+
+      var {node_type, api_url, isPreprint, childExists} = component;
 
       if(childExists){
         $osf.growl(
@@ -21,7 +24,7 @@ $(document).ready(function() {
           'Any child components must be deleted prior to deleting this component.',
           'danger',
           30000
-        );
+        )
       }else{
         getConfirmationCode(
           node_type,
diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 71332dc9e27..fffadafc823 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -1,8 +1,8 @@
 <%namespace name="contributor_list" file="./contributor_list.mako" />
 ## TODO: Rename summary to node
-<%def name="render_node(summary, show_path)">
+<%def name="render_node(index, summary, show_path)">
 ## TODO: Don't rely on ID
-<style >
+<style>
 
 .dropdown-menu > li > a:hover {
     background-image: none !important;
@@ -10,7 +10,7 @@
 }
 
 .quickActions {
-  padding: 3px 12px;
+  padding: 4px 12px;
   line-height: 0;
 }
 
@@ -27,7 +27,6 @@
 
 <div id="render-node">
 % if summary['can_view']:
-
     <li
             node_id="${summary['id']}"
             class="
@@ -89,10 +88,7 @@
                     <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
                     <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
                     % if 'admin' in user['permissions']:
-                        <li><a tabindex="-1" class="deleteComponent" type="button">Delete</a></li>
-                        <script type="text/javascript">
-                            $(".deleteComponent").data("component", ${summary | sjson, n}) ;
-                        </script>
+                        <li><a tabindex="-1" data-index="${index}" class="deleteComponent" type="button">Delete</a></li>
                     % endif
                   </ul>
                 </div>
@@ -186,6 +182,7 @@
     window.contextVars = $.extend(true, {}, window.contextVars, {
       nodes : nodes
     });
+
 </script>
 
 <script type="text/javascript" src=${"/static/public/js/component-settings-page.js" | webpack_asset}></script>
diff --git a/website/templates/util/render_nodes.mako b/website/templates/util/render_nodes.mako
index 8587c27a64d..be2e00559f1 100644
--- a/website/templates/util/render_nodes.mako
+++ b/website/templates/util/render_nodes.mako
@@ -6,8 +6,8 @@
         <ul data-bind="stopBinding: true" class="list-group m-md ${'sortable' if sortable and 'write' in user['permissions'] else ''}">
             ## TODO: Add .scripted when JS is hooked up
             <span id='${pluralized_node_type if pluralized_node_type is not UNDEFINED else 'osfNodeList'}' class="render-nodes-list">
-                % for each in nodes:
-                    ${ render_node.render_node(each, show_path=show_path) }
+                % for index, each in enumerate(nodes):
+                    ${ render_node.render_node(index, each, show_path=show_path) }
                 % endfor
             </span>
         </ul>
diff --git a/website/views.py b/website/views.py
index 2abfbad0953..82be17a34ee 100644
--- a/website/views.py
+++ b/website/views.py
@@ -86,6 +86,8 @@ def serialize_node_summary(node, auth, primary=True, show_path=False):
             'api_url': node.api_url,
             'title': node.title,
             'category': node.category,
+            'isPreprint': node.is_preprint,
+            'childExists': bool(node.nodes_active),
             'node_type': node.project_or_component,
             'is_fork': node.is_fork,
             'is_registration': node.is_registration,

From 7c35ae4ffa3c15dd39539ba4211329d23a10ccea Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 22 May 2017 14:55:49 -0400
Subject: [PATCH 087/163] Fix jshint errors

---
 website/static/js/pages/component-settings-page.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
index 32fb0514405..f453faed0ea 100644
--- a/website/static/js/pages/component-settings-page.js
+++ b/website/static/js/pages/component-settings-page.js
@@ -11,10 +11,10 @@ var { getConfirmationCode } = require('js/projectSettings.js');
 $(document).ready(function() {
 
   //Project overview >> Component Widget >> Event/Click handler for componentQuickActions menu item: Delete.
-  $(".deleteComponent").each( function() {
+  $('.deleteComponent').each( function() {
     $(this).off().on('click', function(e) {
       var componentIndex = $(this).data('index');
-      var component = window.contextVars.nodes[componentIndex]['node'];
+      var component = window.contextVars.nodes[componentIndex].node;
 
       var {node_type, api_url, isPreprint, childExists} = component;
 
@@ -24,7 +24,7 @@ $(document).ready(function() {
           'Any child components must be deleted prior to deleting this component.',
           'danger',
           30000
-        )
+        );
       }else{
         getConfirmationCode(
           node_type,
@@ -33,6 +33,6 @@ $(document).ready(function() {
         );
       }
     });
-  })
+  });
 
 });

From 43aaeefb2c42d2d1ad28861ad3000e5ef1ebfe8e Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 24 May 2017 15:57:24 -0400
Subject: [PATCH 088/163] Modify menu visibility based on component permissions

---
 website/static/css/style.css                  | 20 +++++++
 .../js/pages/component-settings-page.js       | 14 ++---
 website/templates/util/render_node.mako       | 52 ++++++-------------
 website/views.py                              |  6 ++-
 4 files changed, 45 insertions(+), 47 deletions(-)

diff --git a/website/static/css/style.css b/website/static/css/style.css
index 77b4a5314db..fdc84c3c8c4 100644
--- a/website/static/css/style.css
+++ b/website/static/css/style.css
@@ -735,3 +735,23 @@ div.ball-scale-blue>div {
     margin-bottom: 0;
 }
 
+/* To be added to osf-style: project overview -> componentQuickActions menu */
+#componentQuickActions ul.dropdown-menu > li > a:hover,
+#componentQuickActions ul.dropdown-menu > li > a:focus{
+    background-image: none;
+    background-color: #D9D9D9;
+}
+
+#componentQuickActions button{
+  padding: 4px 12px;
+  line-height: 0;
+}
+
+#componentQuickActions ul{
+    background-color: #EFEFEF;
+    min-width: 180px;
+}
+
+#componentQuickActions a {
+    color: #333;
+}
diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
index f453faed0ea..19380ff386b 100644
--- a/website/static/js/pages/component-settings-page.js
+++ b/website/static/js/pages/component-settings-page.js
@@ -4,9 +4,7 @@ var $ = require('jquery');
 var bootbox = require('bootbox');
 var Raven = require('raven-js');
 var $osf = require('js/osfHelpers.js');
-var { getConfirmationCode } = require('js/projectSettings.js');
-
-
+var getConfirmationCode = require('js/projectSettings.js').getConfirmationCode;
 
 $(document).ready(function() {
 
@@ -16,9 +14,7 @@ $(document).ready(function() {
       var componentIndex = $(this).data('index');
       var component = window.contextVars.nodes[componentIndex].node;
 
-      var {node_type, api_url, isPreprint, childExists} = component;
-
-      if(childExists){
+      if(component.childExists){
         $osf.growl(
           'Error',
           'Any child components must be deleted prior to deleting this component.',
@@ -27,9 +23,9 @@ $(document).ready(function() {
         );
       }else{
         getConfirmationCode(
-          node_type,
-          isPreprint,
-          api_url
+          component.node_type,
+          component.isPreprint,
+          component.api_url
         );
       }
     });
diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index fffadafc823..6c36db3d8be 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -2,28 +2,6 @@
 ## TODO: Rename summary to node
 <%def name="render_node(index, summary, show_path)">
 ## TODO: Don't rely on ID
-<style>
-
-.dropdown-menu > li > a:hover {
-    background-image: none !important;
-    background-color: #D9D9D9;
-}
-
-.quickActions {
-  padding: 4px 12px;
-  line-height: 0;
-}
-
-#componentQuickActions {
-    background-color: #EFEFEF;
-    min-width: 180px;
-}
-
-#componentQuickActions a {
-    color: #333;
-}
-
-</style>
 
 <div id="render-node">
 % if summary['can_view']:
@@ -73,27 +51,26 @@
             % endif
             </span>
 
-            <!-- Show/Hide recent activity log -->
-            % if not summary['archiving']:
             <div class="pull-right">
                 % if not summary['primary'] and 'write' in user['permissions'] and not node['is_registration']:
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                <div class="dropdown pull-right">
-                  <button class="btn btn-default dropdown-toggle quickActions" type="button" data-toggle="dropdown">
-                    <span class="glyphicon glyphicon-option-horizontal"></span>
-                  </button>
-                  <ul class="dropdown-menu dropdown-menu-right" id="componentQuickActions">
-                    <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
-                    <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
-                    % if 'admin' in user['permissions']:
-                        <li><a tabindex="-1" data-index="${index}" class="deleteComponent" type="button">Delete</a></li>
-                    % endif
-                  </ul>
-                </div>
+                % if summary['logged_in'] and summary['is_contributor']:
+                  <div class="dropdown pull-right" id="componentQuickActions">
+                    <button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
+                      <span class="glyphicon glyphicon-option-horizontal"></span>
+                    </button>
+                    <ul class="dropdown-menu dropdown-menu-right">
+                      <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
+                      <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
+                      % if summary['is_admin']:
+                          <li><a tabindex="-1" data-index="${index}" class="deleteComponent" type="button">Delete</a></li>
+                      % endif
+                    </ul>
+                  </div>
+                % endif
             </div>
-            % endif
         </h4>
 
         % if show_path and summary['node_type'] == 'component':
@@ -166,6 +143,7 @@
             % endif
         </p>
     </li>
+
 % endif
 </div>
 <script type="text/javascript">
diff --git a/website/views.py b/website/views.py
index 82be17a34ee..ebd8d10f630 100644
--- a/website/views.py
+++ b/website/views.py
@@ -76,6 +76,7 @@ def serialize_node_summary(node, auth, primary=True, show_path=False):
     contributor_data = serialize_contributors_for_summary(node)
 
     parent_node = node.parent_node
+    user = auth.user
     if node.can_view(auth):
         summary.update({
             'can_view': True,
@@ -86,8 +87,11 @@ def serialize_node_summary(node, auth, primary=True, show_path=False):
             'api_url': node.api_url,
             'title': node.title,
             'category': node.category,
-            'isPreprint': node.is_preprint,
+            'isPreprint': bool(node.preprint_file and node.preprint_file._id),
             'childExists': bool(node.nodes_active),
+            'is_admin': node.has_permission(user, permissions.ADMIN),
+            'is_contributor': node.is_contributor(user),
+            'logged_in': auth.logged_in,
             'node_type': node.project_or_component,
             'is_fork': node.is_fork,
             'is_registration': node.is_registration,

From 9a39a2bf448118a70c48af63db15b4132c7248e5 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:14:34 -0400
Subject: [PATCH 089/163] Clean up code no longer used

---
 website/static/js/project.js | 33 ---------------------------------
 1 file changed, 33 deletions(-)

diff --git a/website/static/js/project.js b/website/static/js/project.js
index cc0dac16019..d14ef16a6d8 100644
--- a/website/static/js/project.js
+++ b/website/static/js/project.js
@@ -176,39 +176,6 @@ NodeActions.useAsTemplate = function() {
     });
 };
 
-/*
-Hide/show recent logs for for a node on the project view page.
-*/
-NodeActions.openCloseNode = function(nodeId) {
-
-    var icon = $('#icon-' + nodeId);
-    var body = $('#body-' + nodeId);
-
-    body.toggleClass('hide');
-    var node = null;
-
-    if (document.getElementById('logFeed-' + nodeId).children[0].classList.item(0) === 'spinner-loading-wrapper') {
-        for (var i = 0; i < window.contextVars.nodes.length; ++i){
-            if (window.contextVars.nodes[i].id === nodeId) {
-                node = window.contextVars.nodes[i].node;
-            }
-        }
-    }
-
-    if (body.hasClass('hide')) {
-        icon.removeClass('fa fa-angle-up');
-        icon.addClass('fa fa-angle-down');
-    } else {
-        if (node && node.can_view && !node.archiving && !node.is_retracted) {
-            var nodeLogFeed = 'logFeed-' + node.primary_id;
-            m.mount(document.getElementById(nodeLogFeed), m.component(LogFeed.LogFeed, {node: node, limitLogs: true}));
-        }
-        icon.removeClass('fa fa-angle-down');
-        icon.addClass('fa fa-angle-up');
-    }
-};
-
-
 NodeActions.reorderChildren = function(idList, elm) {
     $osf.postJSON(
         ctx.node.urls.api + 'reorder_components/',

From 3ae600989ec70de1a46da428423e3d0b02051b55 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:16:00 -0400
Subject: [PATCH 090/163] Remove nodeApiUrl as parameter

---
 website/static/js/projectSettings.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/projectSettings.js b/website/static/js/projectSettings.js
index f9cfec549a1..d4ca74d7877 100644
--- a/website/static/js/projectSettings.js
+++ b/website/static/js/projectSettings.js
@@ -152,7 +152,7 @@ request.fail(function(xhr, textStatus, err) {
  * Pulls a random name from the scientist list to use as confirmation string
  *  Ignores case and whitespace
  */
-var getConfirmationCode = function(nodeType, isPreprint, nodeApiUrl=nodeApiUrl) {
+var getConfirmationCode = function(nodeType, isPreprint) {
 
     var preprint_message = '<p class="danger">This ' + nodeType + ' contains a preprint. Deleting this ' +
         nodeType + ' will also delete your preprint. This action is irreversible.</p>';

From 53b417001403bd545665124f1991ed17beb058fc Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:18:40 -0400
Subject: [PATCH 091/163] Delete in favor of inline click handlers

---
 .../js/pages/component-settings-page.js       | 34 -------------------
 1 file changed, 34 deletions(-)
 delete mode 100644 website/static/js/pages/component-settings-page.js

diff --git a/website/static/js/pages/component-settings-page.js b/website/static/js/pages/component-settings-page.js
deleted file mode 100644
index 19380ff386b..00000000000
--- a/website/static/js/pages/component-settings-page.js
+++ /dev/null
@@ -1,34 +0,0 @@
-'use strict';
-
-var $ = require('jquery');
-var bootbox = require('bootbox');
-var Raven = require('raven-js');
-var $osf = require('js/osfHelpers.js');
-var getConfirmationCode = require('js/projectSettings.js').getConfirmationCode;
-
-$(document).ready(function() {
-
-  //Project overview >> Component Widget >> Event/Click handler for componentQuickActions menu item: Delete.
-  $('.deleteComponent').each( function() {
-    $(this).off().on('click', function(e) {
-      var componentIndex = $(this).data('index');
-      var component = window.contextVars.nodes[componentIndex].node;
-
-      if(component.childExists){
-        $osf.growl(
-          'Error',
-          'Any child components must be deleted prior to deleting this component.',
-          'danger',
-          30000
-        );
-      }else{
-        getConfirmationCode(
-          component.node_type,
-          component.isPreprint,
-          component.api_url
-        );
-      }
-    });
-  });
-
-});

From c8f76cfc2a74e5bdba1d35c70440700a3ceb5de6 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:19:40 -0400
Subject: [PATCH 092/163] Cleanup, api url no longer needed as parameter

---
 website/static/js/pages/project-settings-page.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/pages/project-settings-page.js b/website/static/js/pages/project-settings-page.js
index 799d6e35070..cec30011629 100644
--- a/website/static/js/pages/project-settings-page.js
+++ b/website/static/js/pages/project-settings-page.js
@@ -86,7 +86,7 @@ $(document).ready(function() {
         if(ctx.node.childExists){
             $osf.growl('Error', 'Any child components must be deleted prior to deleting this project.','danger', 30000);
         }else{
-            ProjectSettings.getConfirmationCode(ctx.node.nodeType, ctx.node.isPreprint, ctx.node.urls.api);
+            ProjectSettings.getConfirmationCode(ctx.node.nodeType, ctx.node.isPreprint);
         }
     });
 

From 7e3c3ececb57915346097e88b269f536a24f3944 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:20:32 -0400
Subject: [PATCH 093/163] Bind componentActions to component scope

---
 website/static/js/pages/render-nodes.js | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/static/js/pages/render-nodes.js b/website/static/js/pages/render-nodes.js
index d8da7d6a56b..bcd9e212e6d 100644
--- a/website/static/js/pages/render-nodes.js
+++ b/website/static/js/pages/render-nodes.js
@@ -3,10 +3,10 @@
 var $osf = require('js/osfHelpers');
 var $ = require('jquery');
 
-// model for components, due to simplicity did not create a new file
-var ComponentControl = {};
+//ComponentActions namespace needed for deleting components.
+var ComponentActions = require('js/componentActions');
 
 // binds to component scope in render_nodes.mako
 $('.render-nodes-list').each(function() {
-    $osf.applyBindings(ComponentControl, this);
+    $osf.applyBindings(ComponentActions, this);
 });

From 8d9078bbd52d1857ba471cadadd51dc07f9eb622 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:21:43 -0400
Subject: [PATCH 094/163] Add inline click handlers with ComponentActions

---
 website/templates/util/render_node.mako | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 6c36db3d8be..e69e8a47626 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -65,7 +65,11 @@
                       <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
                       <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
                       % if summary['is_admin']:
-                          <li><a tabindex="-1" data-index="${index}" class="deleteComponent" type="button">Delete</a></li>
+                          <li>
+                              <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
+                                    Delete
+                              </a>
+                          </li>
                       % endif
                     </ul>
                   </div>
@@ -163,6 +167,6 @@
 
 </script>
 
-<script type="text/javascript" src=${"/static/public/js/component-settings-page.js" | webpack_asset}></script>
+## <script type="text/javascript" src=${"/static/public/js/component-settings-page.js" | webpack_asset}></script>
 
 </%def>

From 5af2744740c00bb3cff6901a3bf8666c3f877b23 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 25 May 2017 21:22:44 -0400
Subject: [PATCH 095/163] Define namespace for component actions

---
 website/static/js/componentActions.js | 55 +++++++++++++++++++++++++++
 1 file changed, 55 insertions(+)
 create mode 100644 website/static/js/componentActions.js

diff --git a/website/static/js/componentActions.js b/website/static/js/componentActions.js
new file mode 100644
index 00000000000..2397ec84200
--- /dev/null
+++ b/website/static/js/componentActions.js
@@ -0,0 +1,55 @@
+'use strict';
+
+var $ = require('jquery');
+var $osf = require('js/osfHelpers');
+
+var ComponentActions = {};
+
+ComponentActions.deleteNode = function(childExists, nodeType, isPreprint, nodeApiUrl) {
+
+  if(childExists){
+    $osf.growl(
+      'Error',
+      'Any child components must be deleted prior to deleting this component.',
+      'danger',
+      30000
+    );
+  } else {
+
+    var preprint_message = '<p class="danger">This ' + nodeType + ' contains a preprint. Deleting this ' +
+    nodeType + ' will also delete your preprint. This action is irreversible.</p>';
+
+    // It's possible that the XHR request for contributors has not finished before getting to this
+    // point; only construct the HTML for the list of contributors if the contribs list is populated
+    var message = '<p>It will no longer be available to other contributors on the project.' +
+    (isPreprint ? preprint_message : '');
+
+    $osf.confirmDangerousAction({
+      title: 'Are you sure you want to delete this ' + nodeType + '?',
+      message: message,
+      callback: function () {
+        var request = $.ajax({
+          type: 'DELETE',
+          dataType: 'json',
+          url: nodeApiUrl
+        });
+        request.done(function(response) {
+          // Redirect to either the parent project or the dashboard
+          window.location.href = response.url;
+        });
+        request.fail($osf.handleJSONError);
+      },
+      buttons: {
+        success: {
+          label: 'Delete'
+        }
+      }
+    });
+
+  }
+
+};
+
+
+window.ComponentActions = ComponentActions;
+module.exports = ComponentActions;

From 8a9f8e9f3c2f89811d4053e88a547efc983d02bf Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 26 May 2017 13:46:22 -0400
Subject: [PATCH 096/163] Cleanup unused vars

---
 website/templates/util/render_nodes.mako | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/website/templates/util/render_nodes.mako b/website/templates/util/render_nodes.mako
index be2e00559f1..8587c27a64d 100644
--- a/website/templates/util/render_nodes.mako
+++ b/website/templates/util/render_nodes.mako
@@ -6,8 +6,8 @@
         <ul data-bind="stopBinding: true" class="list-group m-md ${'sortable' if sortable and 'write' in user['permissions'] else ''}">
             ## TODO: Add .scripted when JS is hooked up
             <span id='${pluralized_node_type if pluralized_node_type is not UNDEFINED else 'osfNodeList'}' class="render-nodes-list">
-                % for index, each in enumerate(nodes):
-                    ${ render_node.render_node(index, each, show_path=show_path) }
+                % for each in nodes:
+                    ${ render_node.render_node(each, show_path=show_path) }
                 % endfor
             </span>
         </ul>

From 0e8567dbf1bd228887240784cb12990942c24043 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 26 May 2017 13:47:09 -0400
Subject: [PATCH 097/163] Fix indentation and cleanup

---
 website/templates/util/render_node.mako | 76 +++++++++++--------------
 1 file changed, 34 insertions(+), 42 deletions(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index e69e8a47626..4bf813a379e 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -1,6 +1,6 @@
 <%namespace name="contributor_list" file="./contributor_list.mako" />
 ## TODO: Rename summary to node
-<%def name="render_node(index, summary, show_path)">
+<%def name="render_node(summary, show_path)">
 ## TODO: Don't rely on ID
 
 <div id="render-node">
@@ -15,27 +15,27 @@
         <h4 class="list-group-item-heading">
             <span class="component-overflow f-w-lg" style="line-height: 1.5;">
             % if not summary['primary']:
-              <i class="fa fa-link" data-toggle="tooltip" title="Linked ${summary['node_type']}"></i>
+                <i class="fa fa-link" data-toggle="tooltip" title="Linked ${summary['node_type']}"></i>
             % endif
 
             % if not summary['is_public']:
                 <span class="fa fa-lock" data-toggle="tooltip" title="This project is private"></span>
             % endif
                 <span class="project-statuses-lg">
-                  % if summary['is_pending_registration']:
-                    <span class="label label-info"><strong>Pending registration</strong></span> |
-                  % elif summary['is_retracted']:
-                    <span class="label label-danger"><strong>Withdrawn</strong></span> |
-                  % elif summary['is_pending_retraction']:
-                    <span class="label label-info"><strong>Pending withdrawal</strong></span> |
-                  % elif summary['is_embargoed']:
-                    <span class="label label-info"><strong>Embargoed</strong></span> |
-                  % elif summary['is_pending_embargo']:
-                    <span class="label label-info"><strong>Pending embargo</strong></span> |
-                  % endif
-                  % if summary['archiving']:
-                    <span class="label label-primary"><strong>Archiving</strong></span> |
-                  % endif
+                    % if summary['is_pending_registration']:
+                        <span class="label label-info"><strong>Pending registration</strong></span> |
+                    % elif summary['is_retracted']:
+                        <span class="label label-danger"><strong>Withdrawn</strong></span> |
+                    % elif summary['is_pending_retraction']:
+                        <span class="label label-info"><strong>Pending withdrawal</strong></span> |
+                    % elif summary['is_embargoed']:
+                        <span class="label label-info"><strong>Embargoed</strong></span> |
+                    % elif summary['is_pending_embargo']:
+                        <span class="label label-info"><strong>Pending embargo</strong></span> |
+                    % endif
+                    % if summary['archiving']:
+                        <span class="label label-primary"><strong>Archiving</strong></span> |
+                    % endif
                 </span>
             <span data-bind='getIcon: ${ summary["category"] | sjson, n }'></span>
             % if not summary['archiving']:
@@ -56,22 +56,22 @@
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                % if summary['logged_in'] and summary['is_contributor']:
-                  <div class="dropdown pull-right" id="componentQuickActions">
-                    <button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
-                      <span class="glyphicon glyphicon-option-horizontal"></span>
-                    </button>
-                    <ul class="dropdown-menu dropdown-menu-right">
-                      <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
-                      <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
-                      % if summary['is_admin']:
-                          <li>
-                              <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
+                % if summary['node_type'] == 'component' and summary['logged_in'] and summary['is_contributor']:
+                    <div class="dropdown pull-right" id="componentQuickActions">
+                        <button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
+                            <span class="glyphicon glyphicon-option-horizontal"></span>
+                        </button>
+                        <ul class="dropdown-menu dropdown-menu-right">
+                            <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
+                            <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
+                            % if summary['is_admin']:
+                            <li>
+                                <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
                                     Delete
-                              </a>
-                          </li>
-                      % endif
-                    </ul>
+                                </a>
+                            </li>
+                            % endif
+                        </ul>
                   </div>
                 % endif
             </div>
@@ -152,21 +152,13 @@
 </div>
 <script type="text/javascript">
     window.contextVars = window.contextVars || {};
-    window.contextVars.node = window.contextVars.node || {};
-    window.contextVars.node.urls = window.contextVars.node.urls || {};
-    window.contextVars.node.urls.api = window.contextVars.node.urls.api || '';
-
     var nodes = window.contextVars.nodes || [];
     nodes.push({
-      node : ${summary | sjson, n},
-      id: ${summary['primary_id'] if not summary['primary'] and summary['can_view'] else summary['id'] | sjson, n}
+        node : ${summary | sjson, n},
+        id: ${summary['primary_id'] if not summary['primary'] and summary['can_view'] else summary['id'] | sjson, n}
     });
     window.contextVars = $.extend(true, {}, window.contextVars, {
-      nodes : nodes
+        nodes : nodes
     });
-
 </script>
-
-## <script type="text/javascript" src=${"/static/public/js/component-settings-page.js" | webpack_asset}></script>
-
 </%def>

From 264ddc8e40c171aa25bc37744e62cd15b5b9ba8c Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 26 May 2017 13:49:47 -0400
Subject: [PATCH 098/163] Fix indentation

---
 website/static/js/componentActions.js | 78 +++++++++++++--------------
 1 file changed, 39 insertions(+), 39 deletions(-)

diff --git a/website/static/js/componentActions.js b/website/static/js/componentActions.js
index 2397ec84200..31ba9c0e825 100644
--- a/website/static/js/componentActions.js
+++ b/website/static/js/componentActions.js
@@ -7,46 +7,46 @@ var ComponentActions = {};
 
 ComponentActions.deleteNode = function(childExists, nodeType, isPreprint, nodeApiUrl) {
 
-  if(childExists){
-    $osf.growl(
-      'Error',
-      'Any child components must be deleted prior to deleting this component.',
-      'danger',
-      30000
-    );
-  } else {
-
-    var preprint_message = '<p class="danger">This ' + nodeType + ' contains a preprint. Deleting this ' +
-    nodeType + ' will also delete your preprint. This action is irreversible.</p>';
-
-    // It's possible that the XHR request for contributors has not finished before getting to this
-    // point; only construct the HTML for the list of contributors if the contribs list is populated
-    var message = '<p>It will no longer be available to other contributors on the project.' +
-    (isPreprint ? preprint_message : '');
-
-    $osf.confirmDangerousAction({
-      title: 'Are you sure you want to delete this ' + nodeType + '?',
-      message: message,
-      callback: function () {
-        var request = $.ajax({
-          type: 'DELETE',
-          dataType: 'json',
-          url: nodeApiUrl
+    if(childExists){
+        $osf.growl(
+            'Error',
+            'Any child components must be deleted prior to deleting this component.',
+            'danger',
+            30000
+        );
+    } else {
+
+        var preprint_message = '<p class="danger">This ' + nodeType + ' contains a preprint. Deleting this ' +
+        nodeType + ' will also delete your preprint. This action is irreversible.</p>';
+
+        // It's possible that the XHR request for contributors has not finished before getting to this
+        // point; only construct the HTML for the list of contributors if the contribs list is populated
+        var message = '<p>It will no longer be available to other contributors on the project.' +
+        (isPreprint ? preprint_message : '');
+
+        $osf.confirmDangerousAction({
+            title: 'Are you sure you want to delete this ' + nodeType + '?',
+            message: message,
+            callback: function () {
+                var request = $.ajax({
+                    type: 'DELETE',
+                    dataType: 'json',
+                    url: nodeApiUrl
+                });
+                request.done(function(response) {
+                    // Redirect to either the parent project or the dashboard
+                    window.location.href = response.url;
+                });
+                request.fail($osf.handleJSONError);
+            },
+            buttons: {
+                success: {
+                    label: 'Delete'
+                }
+            }
         });
-        request.done(function(response) {
-          // Redirect to either the parent project or the dashboard
-          window.location.href = response.url;
-        });
-        request.fail($osf.handleJSONError);
-      },
-      buttons: {
-        success: {
-          label: 'Delete'
-        }
-      }
-    });
-
-  }
+
+    }
 
 };
 

From da34f5750827aeb44e33bff9644b4c509c30a756 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 14 Jun 2017 16:50:34 -0400
Subject: [PATCH 099/163] Allow only 'Manage Contributors' option on
 registration's components

---
 website/templates/util/render_node.mako | 16 +++++++++-------
 1 file changed, 9 insertions(+), 7 deletions(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 4bf813a379e..9381ad8f84f 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -62,14 +62,16 @@
                             <span class="glyphicon glyphicon-option-horizontal"></span>
                         </button>
                         <ul class="dropdown-menu dropdown-menu-right">
-                            <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
                             <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
-                            % if summary['is_admin']:
-                            <li>
-                                <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
-                                    Delete
-                                </a>
-                            </li>
+                            % if not node['is_registration']:
+                                <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
+                                % if summary['is_admin']:
+                                <li>
+                                    <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
+                                        Delete
+                                    </a>
+                                </li>
+                                % endif
                             % endif
                         </ul>
                   </div>

From d6065c0cb78f5ffcce24aa6c9748de008a2d8511 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 14 Jun 2017 17:06:47 -0400
Subject: [PATCH 100/163] Follow css guidelines

---
 website/static/css/style.css | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/static/css/style.css b/website/static/css/style.css
index fdc84c3c8c4..8765fe19ce9 100644
--- a/website/static/css/style.css
+++ b/website/static/css/style.css
@@ -737,17 +737,17 @@ div.ball-scale-blue>div {
 
 /* To be added to osf-style: project overview -> componentQuickActions menu */
 #componentQuickActions ul.dropdown-menu > li > a:hover,
-#componentQuickActions ul.dropdown-menu > li > a:focus{
+#componentQuickActions ul.dropdown-menu > li > a:focus {
     background-image: none;
     background-color: #D9D9D9;
 }
 
-#componentQuickActions button{
+#componentQuickActions button {
   padding: 4px 12px;
   line-height: 0;
 }
 
-#componentQuickActions ul{
+#componentQuickActions ul {
     background-color: #EFEFEF;
     min-width: 180px;
 }

From 55ff4711634a3100f746492691775a8c70be3aaf Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 14 Jun 2017 17:07:48 -0400
Subject: [PATCH 101/163] Remove extra lines

---
 website/static/js/componentActions.js | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/website/static/js/componentActions.js b/website/static/js/componentActions.js
index 31ba9c0e825..83784aefb39 100644
--- a/website/static/js/componentActions.js
+++ b/website/static/js/componentActions.js
@@ -45,11 +45,8 @@ ComponentActions.deleteNode = function(childExists, nodeType, isPreprint, nodeAp
                 }
             }
         });
-
     }
-
 };
 
-
 window.ComponentActions = ComponentActions;
 module.exports = ComponentActions;

From 396bb2ec58e7d761d0851a588ac7e99d2f46a833 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 14 Jun 2017 17:08:38 -0400
Subject: [PATCH 102/163] Add back archiving check

---
 website/templates/util/render_node.mako | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 9381ad8f84f..0fea67134f2 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -51,6 +51,7 @@
             % endif
             </span>
 
+            % if not summary['archiving']:
             <div class="pull-right">
                 % if not summary['primary'] and 'write' in user['permissions'] and not node['is_registration']:
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
@@ -77,6 +78,7 @@
                   </div>
                 % endif
             </div>
+            % endif
         </h4>
 
         % if show_path and summary['node_type'] == 'component':

From 9adede356ae7db11e045d99bf6afbfe2d8abae4c Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 14 Jun 2017 17:09:23 -0400
Subject: [PATCH 103/163] Use preprint_file_id for isPreprint check

---
 website/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/views.py b/website/views.py
index ebd8d10f630..40193fa6d50 100644
--- a/website/views.py
+++ b/website/views.py
@@ -87,7 +87,7 @@ def serialize_node_summary(node, auth, primary=True, show_path=False):
             'api_url': node.api_url,
             'title': node.title,
             'category': node.category,
-            'isPreprint': bool(node.preprint_file and node.preprint_file._id),
+            'isPreprint': bool(node.preprint_file_id),
             'childExists': bool(node.nodes_active),
             'is_admin': node.has_permission(user, permissions.ADMIN),
             'is_contributor': node.is_contributor(user),

From 05f204a787152b94c875b25bda85c52b721e7d1e Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 15 Jun 2017 13:04:51 -0400
Subject: [PATCH 104/163] pytest conversion of test_node_list and associated
 mixin

---
 .../views/test_institution_nodes_list.py      |  253 +-
 api_tests/nodes/filters/test_filters.py       |  155 +-
 api_tests/nodes/views/test_node_list.py       | 3208 +++++++++--------
 .../test_node_relationship_institutions.py    |    1 +
 api_tests/nodes/views/test_node_wiki_list.py  |    2 +
 api_tests/users/views/test_user_nodes_list.py |  289 +-
 tests/utils.py                                |    6 +
 7 files changed, 2149 insertions(+), 1765 deletions(-)

diff --git a/api_tests/institutions/views/test_institution_nodes_list.py b/api_tests/institutions/views/test_institution_nodes_list.py
index 867af961063..c6b98144ce6 100644
--- a/api_tests/institutions/views/test_institution_nodes_list.py
+++ b/api_tests/institutions/views/test_institution_nodes_list.py
@@ -1,123 +1,170 @@
-from nose.tools import *  # flake8: noqa
-
-from tests.base import ApiTestCase
-from osf_tests.factories import InstitutionFactory, AuthUserFactory, ProjectFactory, NodeFactory
+import pytest
 
 from api.base.settings.defaults import API_BASE
 from api_tests.nodes.filters.test_filters import NodesListFilteringMixin
-
-class TestInstitutionNodeList(ApiTestCase):
-
-    def setUp(self):
-        super(TestInstitutionNodeList, self).setUp()
-        self.institution = InstitutionFactory()
-        self.node1 = ProjectFactory(is_public=True)
-        self.node1.affiliated_institutions.add(self.institution)
-        self.node1.save()
-        self.user1 = AuthUserFactory()
-        self.node2 = ProjectFactory(creator=self.user1, is_public=False)
-        self.node2.affiliated_institutions.add(self.institution)
-        self.node2.save()
-        self.node3 = ProjectFactory(is_public=False)
-        self.node3.affiliated_institutions.add(self.institution)
-        self.node3.save()
-
-        self.institution_node_url = '/{0}institutions/{1}/nodes/'.format(API_BASE, self.institution._id)
-
-    def test_return_all_public_nodes(self):
-        res = self.app.get(self.institution_node_url)
-
-        assert_equal(res.status_code, 200)
+from osf_tests.factories import (
+    InstitutionFactory,
+    AuthUserFactory,
+    ProjectFactory,
+    NodeFactory,
+)
+
+
+@pytest.mark.django_db
+class TestInstitutionNodeList:
+
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def institution(self):
+        return InstitutionFactory()
+
+    @pytest.fixture()
+    def public_node(self, institution):
+        public_node = ProjectFactory(is_public=True)
+        public_node.affiliated_institutions.add(institution)
+        public_node.save()
+        return public_node
+
+    @pytest.fixture()
+    def user_private_node(self, user, institution):
+        user_private_node = ProjectFactory(creator=user, is_public=False)
+        user_private_node.affiliated_institutions.add(institution)
+        user_private_node.save()
+        return user_private_node
+
+    @pytest.fixture()
+    def private_node(self, institution):
+        private_node = ProjectFactory(is_public=False)
+        private_node.affiliated_institutions.add(institution)
+        private_node.save()
+        return private_node
+
+    @pytest.fixture()
+    def institution_node_url(self, institution):
+        return '/{0}institutions/{1}/nodes/'.format(API_BASE, institution._id)
+
+    def test_return_all_public_nodes(self, app, public_node, user_private_node, private_node, institution_node_url):
+        res = app.get(institution_node_url)
+
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.node1._id, ids)
-        assert_not_in(self.node2._id, ids)
-        assert_not_in(self.node3._id, ids)
+        assert public_node._id in ids
+        assert user_private_node._id not in ids
+        assert private_node._id not in ids
 
-    def test_does_not_return_private_nodes_with_auth(self):
-        res = self.app.get(self.institution_node_url, auth=self.user1.auth)
+    def test_does_not_return_private_nodes_with_auth(self, app, user, public_node, user_private_node, private_node, institution_node_url):
+        res = app.get(institution_node_url, auth=user.auth)
 
-        assert_equal(res.status_code, 200)
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.node1._id, ids)
-        assert_not_in(self.node2._id, ids)
-        assert_not_in(self.node3._id, ids)
+        assert public_node._id in ids
+        assert user_private_node._id not in ids
+        assert private_node._id not in ids
 
-    def test_affiliated_component_with_affiliated_parent_not_returned(self):
+    def test_affiliated_component_with_affiliated_parent_not_returned(self, app, user, institution, public_node, institution_node_url):
         # version < 2.2
-        self.component = NodeFactory(parent=self.node1, is_public=True)
-        self.component.affiliated_institutions.add(self.institution)
-        self.component.save()
-        res = self.app.get(self.institution_node_url, auth=self.user1.auth)
+        component = NodeFactory(parent=public_node, is_public=True)
+        component.affiliated_institutions.add(institution)
+        component.save()
+        res = app.get(institution_node_url, auth=user.auth)
         affiliated_node_ids = [node['id'] for node in res.json['data']]
-        assert_equal(res.status_code, 200)
-        assert_in(self.node1._id, affiliated_node_ids)
-        assert_not_in(self.component._id, affiliated_node_ids)
+        assert res.status_code == 200
+        assert public_node._id in affiliated_node_ids
+        assert component._id not in affiliated_node_ids
 
-    def test_affiliated_component_without_affiliated_parent_not_returned(self):
+    def test_affiliated_component_without_affiliated_parent_not_returned(self, app, user, institution, institution_node_url):
         # version < 2.2
-        self.node = ProjectFactory(is_public=True)
-        self.component = NodeFactory(parent=self.node, is_public=True)
-        self.component.affiliated_institutions.add(self.institution)
-        self.component.save()
-        res = self.app.get(self.institution_node_url, auth=self.user1.auth)
+        node = ProjectFactory(is_public=True)
+        component = NodeFactory(parent=node, is_public=True)
+        component.affiliated_institutions.add(institution)
+        component.save()
+        res = app.get(institution_node_url, auth=user.auth)
         affiliated_node_ids = [node['id'] for node in res.json['data']]
-        assert_equal(res.status_code, 200)
-        assert_not_in(self.node._id, affiliated_node_ids)
-        assert_not_in(self.component._id, affiliated_node_ids)
+        assert res.status_code == 200
+        assert node._id not in affiliated_node_ids
+        assert component._id not in affiliated_node_ids
 
-    def test_affiliated_component_with_affiliated_parent_returned(self):
+    def test_affiliated_component_with_affiliated_parent_returned(self, app, user, institution, public_node, institution_node_url):
         # version 2.2
-        self.component = NodeFactory(parent=self.node1, is_public=True)
-        self.component.affiliated_institutions.add(self.institution)
-        self.component.save()
-        url = '{}?version=2.2'.format(self.institution_node_url)
-        res = self.app.get(url, auth=self.user1.auth)
+        component = NodeFactory(parent=public_node, is_public=True)
+        component.affiliated_institutions.add(institution)
+        component.save()
+        url = '{}?version=2.2'.format(institution_node_url)
+        res = app.get(url, auth=user.auth)
         affiliated_node_ids = [node['id'] for node in res.json['data']]
-        assert_equal(res.status_code, 200)
-        assert_in(self.node1._id, affiliated_node_ids)
-        assert_in(self.component._id, affiliated_node_ids)
+        assert res.status_code == 200
+        assert public_node._id in affiliated_node_ids
+        assert component._id in affiliated_node_ids
 
-    def test_affiliated_component_without_affiliated_parent_returned(self):
+    def test_affiliated_component_without_affiliated_parent_returned(self, app, user, institution, public_node, institution_node_url):
         # version 2.2
-        self.node = ProjectFactory(is_public=True)
-        self.component = NodeFactory(parent=self.node, is_public=True)
-        self.component.affiliated_institutions.add(self.institution)
-        self.component.save()
-        url = '{}?version=2.2'.format(self.institution_node_url)
-        res = self.app.get(url, auth=self.user1.auth)
-        affiliated_node_ids = [node['id'] for node in res.json['data']]
-        assert_equal(res.status_code, 200)
-        assert_not_in(self.node._id, affiliated_node_ids)
-        assert_in(self.component._id, affiliated_node_ids)
-
-
-class TestNodeListFiltering(NodesListFilteringMixin, ApiTestCase):
-
-    def setUp(self):
-        self.institution = InstitutionFactory()
-        self.url = '/{}institutions/{}/nodes/?version=2.2&'.format(API_BASE, self.institution._id)
-
-        super(TestNodeListFiltering, self).setUp()
-
-        self.node_A.is_public = True
-        self.node_B1.is_public = True
-        self.node_B2.is_public = True
-        self.node_C1.is_public = True
-        self.node_C2.is_public = True
-        self.node_D2.is_public = True
-
-        self.node_A.affiliated_institutions.add(self.institution)
-        self.node_B1.affiliated_institutions.add(self.institution)
-        self.node_B2.affiliated_institutions.add(self.institution)
-        self.node_C1.affiliated_institutions.add(self.institution)
-        self.node_C2.affiliated_institutions.add(self.institution)
-        self.node_D2.affiliated_institutions.add(self.institution)
-
-        self.node_A.save()
-        self.node_B1.save()
-        self.node_B2.save()
-        self.node_C1.save()
-        self.node_C2.save()
-        self.node_D2.save()
+        node = ProjectFactory(is_public=True)
+        component = NodeFactory(parent=node, is_public=True)
+        component.affiliated_institutions.add(institution)
+        component.save()
+        url = '{}?version=2.2'.format(institution_node_url)
+        res = app.get(url, auth=user.auth)
+        affiliated_node_ids = [item['id'] for item in res.json['data']]
+        assert res.status_code == 200
+        assert node._id not in affiliated_node_ids
+        assert component._id in affiliated_node_ids
+
+
+@pytest.mark.django_db
+class TestNodeListFiltering(NodesListFilteringMixin):
+
+    @pytest.fixture()
+    def institution(self):
+        return InstitutionFactory()
+
+    @pytest.fixture()
+    def url(self, institution):
+        return '/{}institutions/{}/nodes/?version=2.2&'.format(API_BASE, institution._id)
+
+    @pytest.fixture()
+    def parent_project(self, user, contrib, institution):
+        parent_project = ProjectFactory(creator=user, is_public=True)
+        parent_project.add_contributor(contrib, save=False)
+        parent_project.affiliated_institutions.add(institution)
+        parent_project.save()
+        return parent_project
+
+    @pytest.fixture()
+    def child_node_one(self, user, parent_project, institution):
+        child_node_one = NodeFactory(parent=parent_project, creator=user, is_public = True)
+        child_node_one.affiliated_institutions.add(institution)
+        child_node_one.save()
+        return child_node_one
+
+    @pytest.fixture()
+    def child_node_two(self, user, parent_project, institution):
+        child_node_two = NodeFactory(parent=parent_project, creator=user, is_public = True)
+        child_node_two.affiliated_institutions.add(institution)
+        child_node_two.save()
+        return child_node_two
+
+    @pytest.fixture()
+    def grandchild_node_one(self, user, child_node_one, institution):
+        grandchild_node_one = NodeFactory(parent=child_node_one, creator=user, is_public = True)
+        grandchild_node_one.affiliated_institutions.add(institution)
+        grandchild_node_one.save()
+        return grandchild_node_one
+
+    @pytest.fixture()
+    def grandchild_node_two(self, user, child_node_two, institution):
+        grandchild_node_two = NodeFactory(parent=child_node_two, creator=user, is_public = True)
+        grandchild_node_two.affiliated_institutions.add(institution)
+        grandchild_node_two.save()
+        return grandchild_node_two
+
+    @pytest.fixture()
+    def great_grandchild_node_two(self, user, grandchild_node_two, institution):
+        great_grandchild_node_two = NodeFactory(parent=grandchild_node_two, creator=user, is_public = True)
+        great_grandchild_node_two.affiliated_institutions.add(institution)
+        great_grandchild_node_two.save()
+        return great_grandchild_node_two
diff --git a/api_tests/nodes/filters/test_filters.py b/api_tests/nodes/filters/test_filters.py
index abe58f7637b..d5e92f31a85 100644
--- a/api_tests/nodes/filters/test_filters.py
+++ b/api_tests/nodes/filters/test_filters.py
@@ -1,96 +1,129 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
 import pytest
 
-from osf.utils.auth import Auth
 from osf_tests.factories import (
     AuthUserFactory,
     NodeFactory,
     NodeRelationFactory,
     ProjectFactory,
 )
+from osf.utils.auth import Auth
+
 
 class NodesListFilteringMixin(object):
 
-    def setUp(self):
-        super(NodesListFilteringMixin, self).setUp()
+    @pytest.fixture()
+    def url(self):
+        raise NotImplementedError
 
-        assert self.url, 'Subclasses of NodesListFilteringMixin must define self.url'
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
 
-        self.user = AuthUserFactory()
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def contrib(self):
+        return AuthUserFactory()
 
-        self.node_A = ProjectFactory(creator=self.user)
-        self.node_B1 = NodeFactory(parent=self.node_A, creator=self.user)
-        self.node_B2 = NodeFactory(parent=self.node_A, creator=self.user)
-        self.node_C1 = NodeFactory(parent=self.node_B1, creator=self.user)
-        self.node_C2 = NodeFactory(parent=self.node_B2, creator=self.user)
-        self.node_D2 = NodeFactory(parent=self.node_C2, creator=self.user)
+    @pytest.fixture()
+    def parent_project(self, user, contrib):
+        parent_project = ProjectFactory(creator=user)
+        parent_project.add_contributor(contrib, save=True)
+        return parent_project
 
-        self.node_A.add_contributor(self.user_two, save=True)
+    @pytest.fixture()
+    def child_node_one(self, user, parent_project):
+        return NodeFactory(parent=parent_project, creator=user)
 
-        self.parent_url = '{}filter[parent]='.format(self.url)
-        self.root_url ='{}filter[root]='.format(self.url)
-        self.tags_url ='{}filter[tags]='.format(self.url)
-        self.contributors_url ='{}filter[contributors]='.format(self.url)
+    @pytest.fixture()
+    def child_node_two(self, user, parent_project):
+        return NodeFactory(parent=parent_project, creator=user)
 
-    def test_parent_filter_null(self):
-        expected = [self.node_A._id]
-        res = self.app.get('{}null'.format(self.parent_url), auth=self.user.auth)
-        actual = [node['id'] for node in res.json['data']]
-        assert_equal(expected, actual)
+    @pytest.fixture()
+    def grandchild_node_one(self, user, child_node_one):
+        return NodeFactory(parent=child_node_one, creator=user)
 
-    def test_parent_filter_excludes_linked_nodes(self):
-        linked_node = NodeFactory()
-        self.node_A.add_node_link(linked_node, auth=Auth(self.user))
-        expected = [self.node_B1._id, self.node_B2._id]
-        res = self.app.get('{}{}'.format(self.parent_url, self.node_A._id), auth=self.user.auth)
+    @pytest.fixture()
+    def grandchild_node_two(self, user, child_node_two):
+        return NodeFactory(parent=child_node_two, creator=user)
+
+    @pytest.fixture()
+    def great_grandchild_node_two(self, user, grandchild_node_two):
+        return NodeFactory(parent=grandchild_node_two, creator=user)
+
+    @pytest.fixture()
+    def parent_url(self, url):
+        return '{}filter[parent]='.format(url)
+
+    @pytest.fixture()
+    def root_url(self, url):
+        return '{}filter[root]='.format(url)
+
+    @pytest.fixture()
+    def tags_url(self, url):
+        return '{}filter[tags]='.format(url)
+
+    @pytest.fixture()
+    def contributors_url(self, url):
+        return '{}filter[contributors]='.format(url)
+
+    def test_non_mutating_list_filtering_tests(self, app, user, contrib, parent_project, child_node_one, child_node_two, grandchild_node_one, grandchild_node_two, great_grandchild_node_two, parent_url, root_url, contributors_url):
+
+    # def test_parent_filter_null(self, app, user, parent_project, parent_url):
+        expected = [parent_project._id]
+        res = app.get('{}null'.format(parent_url), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_not_in(linked_node._id, actual)
-        assert_equal(set(expected), set(actual))
+        assert expected == actual
 
-    def test_parent_filter_equals_returns_one(self):
-        expected = [self.node_C2._id]
-        res = self.app.get('{}{}'.format(self.parent_url, self.node_B2._id), auth=self.user.auth)
+    # def test_parent_filter_equals_returns_one(self, app, user, child_node_two, grandchild_node_two, parent_url):
+        expected = [grandchild_node_two._id]
+        res = app.get('{}{}'.format(parent_url, child_node_two._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
-    def test_parent_filter_equals_returns_multiple(self):
-        expected = [self.node_B1._id, self.node_B2._id]
-        res = self.app.get('{}{}'.format(self.parent_url, self.node_A._id), auth=self.user.auth)
+    # def test_parent_filter_equals_returns_multiple(self, app, user, parent_project, child_node_one, child_node_two, parent_url):
+        expected = [child_node_one._id, child_node_two._id]
+        res = app.get('{}{}'.format(parent_url, parent_project._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(set(expected), set(actual))
+        assert set(expected) == set(actual)
 
-    def test_root_filter_null(self):
-        res = self.app.get('{}null'.format(self.root_url), auth=self.user.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['parameter'], 'filter')
+    # def test_root_filter_null(self, app, user, root_url):
+        res = app.get('{}null'.format(root_url), auth=user.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['parameter'] == 'filter'
 
-    def test_root_filter_equals_returns_branch(self):
+    # def test_root_filter_equals_returns_branch(self, app, user, child_node_two, root_url):
         expected = []
-        res = self.app.get('{}{}'.format(self.root_url, self.node_B2._id), auth=self.user.auth)
+        res = app.get('{}{}'.format(root_url, child_node_two._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(expected, actual)
+        assert expected == actual
 
-    def test_root_filter_equals_returns_tree(self):
-        expected = [self.node_A._id, self.node_B1._id, self.node_B2._id, self.node_C1._id, self.node_C2._id, self.node_D2._id]
-        res = self.app.get('{}{}'.format(self.root_url, self.node_A._id), auth=self.user.auth)
+    # def test_root_filter_equals_returns_tree(self, app, user, parent_project, child_node_one, child_node_two, grandchild_node_one, grandchild_node_two, great_grandchild_node_two, root_url):
+        expected = [parent_project._id, child_node_one._id, child_node_two._id, grandchild_node_one._id, grandchild_node_two._id, great_grandchild_node_two._id]
+        res = app.get('{}{}'.format(root_url, parent_project._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(set(expected), set(actual))
+        assert set(expected) == set(actual)
 
-    def test_tag_filter(self):
-        self.node_A.add_tag('nerd', auth=Auth(self.node_A.creator), save=True)
-        expected = [self.node_A._id]
-        res = self.app.get('{}nerd'.format(self.tags_url), auth=self.user.auth)
+    # def test_contributor_filter(self, app, user, contrib, parent_project, contributors_url):
+        expected = [parent_project._id]
+        res = app.get('{}{}'.format(contributors_url, contrib._id), auth=user.auth)
+        actual = [node['id'] for node in res.json['data']]
+        assert expected == actual
+
+    def test_parent_filter_excludes_linked_nodes(self, app, user, parent_project, child_node_one, child_node_two, parent_url):
+        linked_node = NodeFactory()
+        parent_project.add_node_link(linked_node, auth=Auth(user))
+        expected = [child_node_one._id, child_node_two._id]
+        res = app.get('{}{}'.format(parent_url, parent_project._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(expected, actual)
+        assert linked_node._id not in actual
+        assert set(expected) == set(actual)
 
-        res = self.app.get('{}bird'.format(self.tags_url), auth=self.user.auth)
+    def test_tag_filter(self, app, user, parent_project, tags_url):
+        parent_project.add_tag('reason', auth=Auth(parent_project.creator), save=True)
+        expected = [parent_project._id]
+        res = app.get('{}reason'.format(tags_url), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal([], actual)
+        assert expected == actual
 
-    def test_contributor_filter(self):
-        expected = [self.node_A._id]
-        res = self.app.get('{}{}'.format(self.contributors_url, self.user_two._id), auth=self.user.auth)
+        res = app.get('{}bird'.format(tags_url), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
-        assert_equal(expected, actual)
+        assert [] == actual
diff --git a/api_tests/nodes/views/test_node_list.py b/api_tests/nodes/views/test_node_list.py
index 4147182dd23..5316327cf5c 100644
--- a/api_tests/nodes/views/test_node_list.py
+++ b/api_tests/nodes/views/test_node_list.py
@@ -1,20 +1,11 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
-import pytest
-
 from django.db.models import F
 from modularodm import Q
-from framework.auth.core import Auth
-
-from osf.models import AbstractNode as Node, NodeLog
-from website.util import permissions
-from website.util.sanitize import strip_html
-from website.views import find_bookmark_collection
+import pytest
 
 from api.base.settings.defaults import API_BASE, MAX_PAGE_SIZE
 from api_tests.nodes.filters.test_filters import NodesListFilteringMixin
-
-from tests.base import ApiTestCase
+from framework.auth.core import Auth
+from osf.models import AbstractNode as Node, NodeLog
 from osf_tests.factories import (
     BookmarkCollectionFactory,
     CollectionFactory,
@@ -25,632 +16,679 @@
     UserFactory,
     PreprintFactory,
 )
+from rest_framework import exceptions
+from tests.utils import assert_items_equal
+from website.util import permissions
+from website.util.sanitize import strip_html
+from website.views import find_bookmark_collection
+
+
+@pytest.fixture()
+def user():
+    return AuthUserFactory()
+
+@pytest.fixture()
+def non_contrib():
+    return AuthUserFactory()
+
 
+@pytest.mark.django_db
+class TestNodeList:
 
-class TestNodeList(ApiTestCase):
-    def setUp(self):
-        super(TestNodeList, self).setUp()
-        self.user = AuthUserFactory()
+    @pytest.fixture()
+    def deleted_project(self):
+        return ProjectFactory(is_deleted=True)
 
-        self.non_contrib = AuthUserFactory()
+    @pytest.fixture()
+    def private_project(self, user):
+        return ProjectFactory(is_public=False, creator=user)
 
-        self.deleted = ProjectFactory(is_deleted=True)
-        self.private = ProjectFactory(is_public=False, creator=self.user)
-        self.public = ProjectFactory(is_public=True, creator=self.user)
+    @pytest.fixture()
+    def public_project(self, user):
+        return ProjectFactory(is_public=True, creator=user)
 
-        self.url = '/{}nodes/'.format(API_BASE)
+    @pytest.fixture()
+    def url(self, user):
+        return '/{}nodes/'.format(API_BASE)
 
-    def test_only_returns_non_deleted_public_projects(self):
-        res = self.app.get(self.url)
+    def test_return(self, app, user, non_contrib, deleted_project, private_project, public_project, url):
+
+    #   test_only_returns_non_deleted_public_projects
+        res = app.get(url)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.public._id, ids)
-        assert_not_in(self.deleted._id, ids)
-        assert_not_in(self.private._id, ids)
-
-    def test_return_public_node_list_logged_out_user(self):
-        res = self.app.get(self.url, expect_errors=True)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert public_project._id in ids
+        assert deleted_project._id not in ids
+        assert private_project._id not in ids
+
+    #   test_return_public_node_list_logged_out_user
+        res = app.get(url, expect_errors=True)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         ids = [each['id'] for each in res.json['data']]
-        assert_in(self.public._id, ids)
-        assert_not_in(self.private._id, ids)
+        assert public_project._id in ids
+        assert private_project._id not in ids
 
-    def test_return_public_node_list_logged_in_user(self):
-        res = self.app.get(self.url, auth=self.non_contrib)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+    #   test_return_public_node_list_logged_in_user
+        res = app.get(url, auth=non_contrib)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         ids = [each['id'] for each in res.json['data']]
-        assert_in(self.public._id, ids)
-        assert_not_in(self.private._id, ids)
+        assert public_project._id in ids
+        assert private_project._id not in ids
 
-    def test_return_private_node_list_logged_out_user(self):
-        res = self.app.get(self.url)
+    #   test_return_private_node_list_logged_out_user
+        res = app.get(url)
         ids = [each['id'] for each in res.json['data']]
-        assert_in(self.public._id, ids)
-        assert_not_in(self.private._id, ids)
+        assert public_project._id in ids
+        assert private_project._id not in ids
 
-    def test_return_private_node_list_logged_in_contributor(self):
-        res = self.app.get(self.url, auth=self.user.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+    #   test_return_private_node_list_logged_in_contributor
+        res = app.get(url, auth=user.auth)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
         ids = [each['id'] for each in res.json['data']]
-        assert_in(self.public._id, ids)
-        assert_in(self.private._id, ids)
+        assert public_project._id in ids
+        assert private_project._id in ids
 
-    def test_return_private_node_list_logged_in_non_contributor(self):
-        res = self.app.get(self.url, auth=self.non_contrib.auth)
+    #   test_return_private_node_list_logged_in_non_contributor
+        res = app.get(url, auth=non_contrib.auth)
         ids = [each['id'] for each in res.json['data']]
-        assert_in(self.public._id, ids)
-        assert_not_in(self.private._id, ids)
+        assert public_project._id in ids
+        assert private_project._id not in ids
 
-    def test_node_list_does_not_returns_registrations(self):
-        registration = RegistrationFactory(project=self.public, creator=self.user)
-        res = self.app.get(self.url, auth=self.user.auth)
+    def test_node_list_does_not_returns_registrations(self, app, user, public_project, url):
+        registration = RegistrationFactory(project=public_project, creator=user)
+        res = app.get(url, auth=user.auth)
         ids = [each['id'] for each in res.json['data']]
-        assert_not_in(registration._id, ids)
+        assert registration._id not in ids
 
-    def test_node_list_has_root(self):
-        res = self.app.get(self.url, auth=self.user.auth)
+    def test_node_list_has_root(self, app, user, url, public_project, private_project, deleted_project):
+        res = app.get(url, auth=user.auth)
         projects_with_root = 0
         for project in res.json['data']:
             if project['relationships'].get('root', None):
                 projects_with_root += 1
-        assert_not_equal(projects_with_root, 0)
-        assert_true(
-            all([each['relationships'].get(
-                'root'
-            ) is not None for each in res.json['data']])
-        )
-
+        assert projects_with_root != 0
+        assert all([each['relationships'].get('root') is not None for each in res.json['data']])
 
-    def test_node_list_has_proper_root(self):
-        project_one = ProjectFactory(title="Project One", is_public=True)
+    def test_node_list_has_proper_root(self, app, user, url):
+        project_one = ProjectFactory(title='Project One', is_public=True)
         ProjectFactory(parent=project_one, is_public=True)
 
-        res = self.app.get(self.url+'?embed=root&embed=parent', auth=self.user.auth)
+        res = app.get(url+'?embed=root&embed=parent', auth=user.auth)
 
         for project_json in res.json['data']:
             project = Node.load(project_json['id'])
-            assert_equal(project_json['embeds']['root']['data']['id'], project.root._id)
-
-
-class TestNodeFiltering(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeFiltering, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.user_two = AuthUserFactory()
-        self.project_one = ProjectFactory(title="Project One", is_public=True)
-        self.project_two = ProjectFactory(title="Project Two", description="One Three", is_public=True)
-        self.project_three = ProjectFactory(title="Three", is_public=True)
-        self.private_project_user_one = ProjectFactory(title="Private Project User One",
-                                                       is_public=False,
-                                                       creator=self.user_one)
-        self.private_project_user_two = ProjectFactory(title="Private Project User Two",
-                                                       is_public=False,
-                                                       creator=self.user_two)
-        self.folder = CollectionFactory()
-        self.bookmark_collection = find_bookmark_collection(self.user_one)
-
-        self.url = "/{}nodes/".format(API_BASE)
-
-        self.tag1, self.tag2 = 'tag1', 'tag2'
-        self.project_one.add_tag(self.tag1, Auth(self.project_one.creator), save=False)
-        self.project_one.add_tag(self.tag2, Auth(self.project_one.creator), save=False)
-        self.project_one.save()
-
-        self.project_two.add_tag(self.tag1, Auth(self.project_two.creator), save=True)
-
-        self.preprint = PreprintFactory(creator=self.user_one)
-
-    def test_filtering_by_id(self):
-        url = '/{}nodes/?filter[id]={}'.format(API_BASE, self.project_one._id)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+            assert project_json['embeds']['root']['data']['id'] == project.root._id
+
+
+@pytest.mark.django_db
+class TestNodeFiltering:
+
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def tag_one(self):
+        return 'tag_one'
+
+    @pytest.fixture()
+    def tag_two(self):
+        return 'tag_two'
+
+    @pytest.fixture()
+    def public_project_one(self, tag_one, tag_two):
+        public_project_one = ProjectFactory(title='Public Project One', is_public=True)
+        public_project_one.add_tag(tag_one, Auth(public_project_one.creator), save=False)
+        public_project_one.add_tag(tag_two, Auth(public_project_one.creator), save=False)
+        public_project_one.save()
+        return public_project_one
+
+    @pytest.fixture()
+    def public_project_two(self, tag_one):
+        public_project_two = ProjectFactory(title='Public Project Two', description='reason is shook', is_public=True)
+        public_project_two.add_tag(tag_one, Auth(public_project_two.creator), save=True)
+        return public_project_two
+
+    @pytest.fixture()
+    def public_project_three(self):
+        return ProjectFactory(title='Unique Test Title', is_public=True)
+
+    @pytest.fixture()
+    def user_one_private_project(self, user_one):
+        return ProjectFactory(title='User One Private Project', is_public=False, creator=user_one)
+
+    @pytest.fixture()
+    def user_two_private_project(self, user_two):
+        return ProjectFactory(title='User Two Private Project', is_public=False, creator=user_two)
+
+    @pytest.fixture()
+    def preprint(self, user_one):
+        return PreprintFactory(creator=user_one)
+
+    @pytest.fixture()
+    def folder(self):
+        return CollectionFactory()
+
+    @pytest.fixture()
+    def bookmark_collection(self, user_one):
+        return find_bookmark_collection(user_one)
+
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
+
+    def test_filtering(self, app, user_one, public_project_one, public_project_two, public_project_three, user_one_private_project, user_two_private_project, preprint):
+
+    #   test_filtering_by_id
+        url = '/{}nodes/?filter[id]={}'.format(API_BASE, public_project_one._id)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.project_one._id, ids)
-        assert_equal(len(ids), 1)
+        assert public_project_one._id in ids
+        assert len(ids) == 1
 
-    def test_filtering_by_multiple_ids(self):
-        url = '/{}nodes/?filter[id]={},{}'.format(API_BASE, self.project_one._id, self.project_two._id)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+    #   test_filtering_by_multiple_ids
+        url = '/{}nodes/?filter[id]={},{}'.format(API_BASE, public_project_one._id, public_project_two._id)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_equal(len(ids), 2)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert len(ids) == 2
 
-    def test_filtering_by_multiple_ids_one_private(self):
-        url = '/{}nodes/?filter[id]={},{}'.format(API_BASE, self.project_one._id, self.private_project_user_two._id)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+    #   test_filtering_by_multiple_ids_one_private
+        url = '/{}nodes/?filter[id]={},{}'.format(API_BASE, public_project_one._id, user_two_private_project._id)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.project_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_equal(len(ids), 1)
+        assert public_project_one._id in ids
+        assert user_two_private_project._id not in ids
+        assert len(ids) == 1
 
-    def test_filtering_by_multiple_ids_brackets_in_query_params(self):
-        url = '/{}nodes/?filter[id]=[{},   {}]'.format(API_BASE, self.project_one._id, self.project_two._id)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+    #   test_filtering_by_multiple_ids_brackets_in_query_params
+        url = '/{}nodes/?filter[id]=[{},   {}]'.format(API_BASE, public_project_one._id, public_project_two._id)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         ids = [each['id'] for each in res.json['data']]
 
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_equal(len(ids), 2)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert len(ids) == 2
+
+    #   test_filtering_on_title_not_equal
+        url = '/{}nodes/?filter[title][ne]=Public%20Project%20One'.format(API_BASE)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
+        data = res.json['data']
+        assert len(data) == 4
+
+        titles = [each['attributes']['title'] for each in data]
+
+        assert public_project_one.title not in titles
+        assert public_project_two.title in titles
+        assert public_project_three.title in titles
+        assert user_one_private_project.title in titles
+
+    #   test_filtering_on_description_not_equal
+        url = '/{}nodes/?filter[description][ne]=reason%20is%20shook'.format(API_BASE)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
+        data = res.json['data']
+        assert len(data) == 4
+
+        descriptions = [each['attributes']['description'] for each in data]
+
+        assert public_project_two.description not in descriptions
+        assert public_project_one.description in descriptions
+        assert public_project_three.description in descriptions
+        assert user_one_private_project.description in descriptions
+
+    #   test_filtering_on_preprint
+        url = '/{}nodes/?filter[preprint]=true'.format(API_BASE)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
+        data = res.json['data']
+        ids = [each['id'] for each in data]
+
+        preprints = Node.find(Q('preprint_file', 'ne', None) & Q('_is_preprint_orphan', 'ne', True))
+        assert len(data) == len(preprints)
+        assert preprint.node._id in ids
+        assert public_project_one._id not in ids
+        assert public_project_two._id not in ids
+        assert public_project_three._id not in ids
+
+    #   test_filtering_out_preprint
+        url = '/{}nodes/?filter[preprint]=false'.format(API_BASE)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
+        data = res.json['data']
+
+        ids = [each['id'] for each in data]
 
-    def test_filtering_by_category(self):
-        project = ProjectFactory(creator=self.user_one, category='hypothesis')
-        project2 = ProjectFactory(creator=self.user_one, category='procedure')
+        assert preprint.node._id not in ids
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id in ids
+
+    def test_filtering_by_category(self, app, user_one):
+        project_one = ProjectFactory(creator=user_one, category='hypothesis')
+        project_two = ProjectFactory(creator=user_one, category='procedure')
         url = '/{}nodes/?filter[category]=hypothesis'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
+        res = app.get(url, auth=user_one.auth)
 
         node_json = res.json['data']
         ids = [each['id'] for each in node_json]
 
-        assert_in(project._id, ids)
-        assert_not_in(project2._id, ids)
+        assert project_one._id in ids
+        assert project_two._id not in ids
 
-    def test_filtering_by_public(self):
-        project = ProjectFactory(creator=self.user_one, is_public=True)
-        project2 = ProjectFactory(creator=self.user_one, is_public=False)
+    def test_filtering_by_public(self, app, user_one):
+        public_project = ProjectFactory(creator=user_one, is_public=True)
+        private_project = ProjectFactory(creator=user_one, is_public=False)
 
         url = '/{}nodes/?filter[public]=false'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         # No public projects returned
-        assert_false(
-            any([each['attributes']['public'] for each in node_json])
-        )
+        assert not any([each['attributes']['public'] for each in node_json])
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(project._id, ids)
-        assert_in(project2._id, ids)
+        assert public_project._id not in ids
+        assert private_project._id in ids
 
         url = '/{}nodes/?filter[public]=true'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         # No private projects returned
-        assert_true(
-            all([each['attributes']['public'] for each in node_json])
-        )
+        assert all([each['attributes']['public'] for each in node_json])
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(project2._id, ids)
-        assert_in(project._id, ids)
+        assert private_project._id not in ids
+        assert public_project._id in ids
 
-    def test_filtering_tags(self):
-        # both project_one and project_two have tag1
-        url = '/{}nodes/?filter[tags]={}'.format(API_BASE, self.tag1)
+    def test_filtering_tags(self, app, public_project_one, public_project_two, tag_one, tag_two):
+        url = '/{}nodes/?filter[tags]={}'.format(API_BASE, tag_one)
 
-        res = self.app.get(url, auth=self.project_one.creator.auth)
+        res = app.get(url, auth=public_project_one.creator.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
 
-        # filtering two tags
-        # project_one has both tags; project_two only has one
-        url = '/{}nodes/?filter[tags]={}&filter[tags]={}'.format(API_BASE, self.tag1, self.tag2)
+    #   test_filter_two_tags
+        url = '/{}nodes/?filter[tags]={}&filter[tags]={}'.format(API_BASE, tag_one, tag_two)
 
-        res = self.app.get(url, auth=self.project_one.creator.auth)
+        res = app.get(url, auth=public_project_one.creator.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
+        assert public_project_one._id in ids
+        assert public_project_two._id not in ids
 
-    def test_filter_no_tags(self):
-        project_no_tag = ProjectFactory(title="Project One", is_public=True)
+    #   test_filter_no_tags
+        project_no_tag = ProjectFactory(title='Project No Tags', is_public=True)
 
         url = '/{}nodes/?filter[tags]=null'.format(API_BASE)
 
-        res = self.app.get(url, auth=project_no_tag.creator.auth)
+        res = app.get(url, auth=project_no_tag.creator.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
-        assert_in(project_no_tag._id, ids)
-
-    def test_filtering_tags_exact(self):
-        self.project_one.add_tag('cats', Auth(self.user_one))
-        self.project_two.add_tag('cats', Auth(self.user_one))
-        self.project_one.add_tag('cat', Auth(self.user_one))
-        res = self.app.get(
-            '/{}nodes/?filter[tags]=cat'.format(
+        assert public_project_one._id not in ids
+        assert public_project_two._id not in ids
+        assert project_no_tag._id in ids
+
+    def test_filtering_tags_exact(self, app, user_one, public_project_one, public_project_two):
+        public_project_one.add_tag('logic', Auth(user_one))
+        public_project_two.add_tag('logic', Auth(user_one))
+        public_project_one.add_tag('reason', Auth(user_one))
+        res = app.get(
+            '/{}nodes/?filter[tags]=reason'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_tags_capitalized_query(self):
-        self.project_one.add_tag('cat', Auth(self.user_one))
-        res = self.app.get(
-            '/{}nodes/?filter[tags]=CAT'.format(
+    def test_filtering_tags_capitalized_query(self, app, user_one, public_project_one):
+        public_project_one.add_tag('covfefe', Auth(user_one))
+        res = app.get(
+            '/{}nodes/?filter[tags]=COVFEFE'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_tags_capitalized_tag(self):
-        self.project_one.add_tag('CAT', Auth(self.user_one))
-        res = self.app.get(
-            '/{}nodes/?filter[tags]=cat'.format(
+    def test_filtering_tags_capitalized_tag(self, app, user_one, public_project_one):
+        public_project_one.add_tag('COVFEFE', Auth(user_one))
+        res = app.get(
+            '/{}nodes/?filter[tags]=covfefe'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_on_multiple_tags(self):
-        self.project_one.add_tag('cat', Auth(self.user_one))
-        self.project_one.add_tag('sand', Auth(self.user_one))
-        res = self.app.get(
-            '/{}nodes/?filter[tags]=cat&filter[tags]=sand'.format(
+    def test_filtering_on_multiple_tags(self, app, user_one, public_project_one):
+        public_project_one.add_tag('lovechild', Auth(user_one))
+        public_project_one.add_tag('flowerchild', Auth(user_one))
+        res = app.get(
+            '/{}nodes/?filter[tags]=lovechild&filter[tags]=flowerchild'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_on_multiple_tags_must_match_both(self):
-        self.project_one.add_tag('cat', Auth(self.user_one))
-        res = self.app.get(
-            '/{}nodes/?filter[tags]=cat&filter[tags]=sand'.format(
+    def test_filtering_on_multiple_tags_must_match_both(self, app, user_one, public_project_one):
+        public_project_one.add_tag('lovechild', Auth(user_one))
+        res = app.get(
+            '/{}nodes/?filter[tags]=lovechild&filter[tags]=flowerchild'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 0)
+        assert len(res.json.get('data')) == 0
 
-    def test_filtering_tags_returns_distinct(self):
+    def test_filtering_tags_returns_distinct(self, app, user_one, public_project_one):
        # regression test for returning multiple of the same file
-        self.project_one.add_tag('cat', Auth(self.user_one))
-        self.project_one.add_tag('cAt', Auth(self.user_one))
-        self.project_one.add_tag('caT', Auth(self.user_one))
-        self.project_one.add_tag('CAT', Auth(self.user_one))
-        res = self.app.get(
+        public_project_one.add_tag('cat', Auth(user_one))
+        public_project_one.add_tag('cAt', Auth(user_one))
+        public_project_one.add_tag('caT', Auth(user_one))
+        public_project_one.add_tag('CAT', Auth(user_one))
+        res = app.get(
             '/{}nodes/?filter[tags]=cat'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 1)
+        assert len(res.json.get('data')) == 1
 
-    def test_filtering_contributors(self):
-        res = self.app.get(
+    def test_filtering_contributors(self, app, user_one, user_one_private_project, preprint):
+        res = app.get(
             '/{}nodes/?filter[contributors]={}'.format(
-                API_BASE, self.user_one._id
+                API_BASE, user_one._id
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 2)
+        assert len(res.json.get('data')) == 2
 
-    def test_filtering_contributors_bad_id(self):
-        res = self.app.get(
-            '/{}nodes/?filter[contributors]=acatdresseduplikeahuman'.format(
+    def test_filtering_contributors_bad_id(self, app, user_one):
+        res = app.get(
+            '/{}nodes/?filter[contributors]=alovechilddresseduplikeaflowerchild'.format(
                 API_BASE
             ),
-            auth=self.user_one.auth
+            auth=user_one.auth
         )
-        assert_equal(len(res.json.get('data')), 0)
+        assert len(res.json.get('data')) == 0
+
+    def test_get_projects(self, app, user_one, public_project_one, public_project_two, public_project_three, user_one_private_project, user_two_private_project, folder, bookmark_collection, url):
 
-    def test_get_all_projects_with_no_filter_logged_in(self):
-        res = self.app.get(self.url, auth=self.user_one.auth)
+    #   test_get_all_projects_with_no_filter_logged_in
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_in(self.project_three._id, ids)
-        assert_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_all_projects_with_no_filter_not_logged_in(self):
-        res = self.app.get(self.url)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id in ids
+        assert user_one_private_project._id in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_all_projects_with_no_filter_not_logged_in
+        res = app.get(url)
         node_json = res.json['data']
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_one_project_with_exact_filter_logged_in(self):
-        url = "/{}nodes/?filter[title]=Project%20One".format(API_BASE)
-
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_one_project_with_exact_filter_logged_in
+        url = '/{}nodes/?filter[title]=Project%20One'.format(API_BASE)
+
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_one_project_with_exact_filter_not_logged_in(self):
-        url = "/{}nodes/?filter[title]=Project%20One".format(API_BASE)
-
-        res = self.app.get(url)
+        assert public_project_one._id in ids
+        assert public_project_two._id not in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_one_project_with_exact_filter_not_logged_in
+        url = '/{}nodes/?filter[title]=Project%20One'.format(API_BASE)
+
+        res = app.get(url)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_some_projects_with_substring_logged_in(self):
-        url = "/{}nodes/?filter[title]=Two".format(API_BASE)
-
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_one._id in ids
+        assert public_project_two._id not in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_some_projects_with_substring_logged_in
+        url = '/{}nodes/?filter[title]=Two'.format(API_BASE)
+
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_some_projects_with_substring_not_logged_in(self):
-        url = "/{}nodes/?filter[title]=Two".format(API_BASE)
-
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_one._id not in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_some_projects_with_substring_not_logged_in
+        url = '/{}nodes/?filter[title]=Two'.format(API_BASE)
+
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_only_public_or_my_projects_with_filter_logged_in(self):
-        url = "/{}nodes/?filter[title]=Project".format(API_BASE)
-
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_one._id not in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_only_public_or_my_projects_with_filter_logged_in
+        url = '/{}nodes/?filter[title]=Project'.format(API_BASE)
+
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_get_only_public_projects_with_filter_not_logged_in(self):
-        url = "/{}nodes/?filter[title]=Project".format(API_BASE)
-
-        res = self.app.get(url)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_get_only_public_projects_with_filter_not_logged_in
+        url = '/{}nodes/?filter[title]=Project'.format(API_BASE)
+
+        res = app.get(url)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_alternate_filtering_field_logged_in(self):
-        url = "/{}nodes/?filter[description]=Three".format(API_BASE)
-
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_one._id in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_alternate_filtering_field_logged_in
+        url = '/{}nodes/?filter[description]=shook'.format(API_BASE)
+
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_alternate_filtering_field_not_logged_in(self):
-        url = "/{}nodes/?filter[description]=Three".format(API_BASE)
-
-        res = self.app.get(url)
+        assert public_project_one._id not in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    #   test_alternate_filtering_field_not_logged_in
+        url = '/{}nodes/?filter[description]=reason'.format(API_BASE)
+
+        res = app.get(url)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_not_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.bookmark_collection._id, ids)
-
-    def test_incorrect_filtering_field_not_logged_in(self):
+        assert public_project_one._id not in ids
+        assert public_project_two._id in ids
+        assert public_project_three._id not in ids
+        assert user_one_private_project._id not in ids
+        assert user_two_private_project._id not in ids
+        assert folder._id not in ids
+        assert bookmark_collection._id not in ids
+
+    def test_incorrect_filtering_field_not_logged_in(self, app):
         url = '/{}nodes/?filter[notafield]=bogus'.format(API_BASE)
 
-        res = self.app.get(url, expect_errors=True)
-        assert_equal(res.status_code, 400)
+        res = app.get(url, expect_errors=True)
+        assert res.status_code == 400
         errors = res.json['errors']
-        assert_equal(len(errors), 1)
-        assert_equal(errors[0]['detail'], "'notafield' is not a valid field for this endpoint.")
+        assert len(errors) == 1
+        assert errors[0]['detail'] == '\'notafield\' is not a valid field for this endpoint.'
 
-    def test_filtering_on_root(self):
+    def test_filtering_on_root(self, app, user_one):
         root = ProjectFactory(is_public=True)
         child = ProjectFactory(parent=root, is_public=True)
         ProjectFactory(parent=root, is_public=True)
         ProjectFactory(parent=child, is_public=True)
         # create some unrelated projects
-        ProjectFactory(title="Road Dogg Jesse James", is_public=True)
-        ProjectFactory(title="Badd *** Billy Gunn", is_public=True)
+        ProjectFactory(title='A theory on why reason has a ridiculously large project', is_public=True)
+        ProjectFactory(title='How one intern changed thousands of lines within a codebase', is_public=True)
 
         url = '/{}nodes/?filter[root]={}'.format(API_BASE, root._id)
 
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
 
         root_nodes = Node.objects.filter(root__guids___id=root._id)
 
-        assert_equal(len(res.json['data']), root_nodes.count())
+        assert len(res.json['data']) == root_nodes.count()
 
-    def test_filtering_on_parent(self):
+    def test_filtering_on_parent(self, app):
         root = ProjectFactory(is_public=True)
-        parent = NodeFactory(parent=root, is_public=True)
-        parent2 = NodeFactory(is_public=True, parent=root)
-        child = NodeFactory(parent=parent, is_public=True)
-        child2 = NodeFactory(parent=parent, is_public=True)
+        parent_one = NodeFactory(parent=root, is_public=True)
+        parent_two = NodeFactory(is_public=True, parent=root)
+        child_one = NodeFactory(parent=parent_one, is_public=True)
+        child_two = NodeFactory(parent=parent_one, is_public=True)
 
-        url = '/{}nodes/?filter[parent]={}'.format(API_BASE, parent._id)
-        res = self.app.get(url)
-        assert_equal(res.status_code, 200)
+        url = '/{}nodes/?filter[parent]={}'.format(API_BASE, parent_one._id)
+        res = app.get(url)
+        assert res.status_code == 200
 
         guids = [each['id'] for each in res.json['data']]
-        assert_in(child._id, guids)
-        assert_in(child2._id, guids)
-        assert_not_in(parent._id, guids)
-        assert_not_in(parent2._id, guids)
+        assert child_one._id in guids
+        assert child_two._id in guids
+        assert parent_one._id not in guids
+        assert parent_two._id not in guids
 
-    def test_filtering_on_null_parent(self):
+    def test_filtering_on_null_parent(self, app):
         # add some nodes TO be included
         new_user = AuthUserFactory()
         root = ProjectFactory(is_public=True)
-        root2 = ProjectFactory(is_public=True)
+        root_two = ProjectFactory(is_public=True)
         # Build up a some of nodes not to be included
-        child = ProjectFactory(parent=root, is_public=True)
-        child2 = ProjectFactory(parent=root, is_public=True)
-        grandchild = ProjectFactory(parent=child, is_public=True)
+        child_one = ProjectFactory(parent=root, is_public=True)
+        child_two = ProjectFactory(parent=root, is_public=True)
+        grandchild = ProjectFactory(parent=child_one, is_public=True)
 
         url = '/{}nodes/?filter[parent]=null'.format(API_BASE)
 
-        res = self.app.get(url, auth=new_user.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=new_user.auth)
+        assert res.status_code == 200
 
         public_root_nodes = Node.find(Q('is_public', 'eq', True)).get_roots()
-        assert_equal(len(res.json['data']), public_root_nodes.count())
+        assert len(res.json['data']) == public_root_nodes.count()
 
         guids = [each['id'] for each in res.json['data']]
-        assert_in(root._id, guids)
-        assert_in(root2._id, guids)
-        assert_not_in(child._id, guids)
-        assert_not_in(child2._id, guids)
-        assert_not_in(grandchild._id, guids)
-
-    def test_filtering_on_title_not_equal(self):
-        url = '/{}nodes/?filter[title][ne]=Project%20One'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        data = res.json['data']
-        assert_equal(len(data), 4)
-
-        titles = [each['attributes']['title'] for each in data]
-
-        assert_not_in(self.project_one.title, titles)
-        assert_in(self.project_two.title, titles)
-        assert_in(self.project_three.title, titles)
-        assert_in(self.private_project_user_one.title, titles)
-
-    def test_filtering_on_description_not_equal(self):
-        url = '/{}nodes/?filter[description][ne]=One%20Three'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        data = res.json['data']
-        assert_equal(len(data), 4)
-
-        descriptions = [each['attributes']['description'] for each in data]
-
-        assert_not_in(self.project_two.description, descriptions)
-        assert_in(self.project_one.description, descriptions)
-        assert_in(self.project_three.description, descriptions)
-        assert_in(self.private_project_user_one.description, descriptions)
-
-    def test_filtering_on_preprint(self):
-        url = '/{}nodes/?filter[preprint]=true'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        data = res.json['data']
-        ids = [each['id'] for each in data]
-
-        preprints = Node.find(Q('preprint_file', 'ne', None) & Q('_is_preprint_orphan', 'ne', True))
-        assert_equal(len(data), len(preprints))
-        assert_in(self.preprint.node._id, ids)
-        assert_not_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
-
-    def test_filtering_out_preprint(self):
-        url = '/{}nodes/?filter[preprint]=false'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        data = res.json['data']
-
-        ids = [each['id'] for each in data]
-
-        assert_not_in(self.preprint.node._id, ids)
-        assert_in(self.project_one._id, ids)
-        assert_in(self.project_two._id, ids)
-        assert_in(self.project_three._id, ids)
-
-    def test_preprint_filter_excludes_orphans(self):
-        orphan = PreprintFactory(creator=self.preprint.node.creator)
+        assert root._id in guids
+        assert root_two._id in guids
+        assert child_one._id not in guids
+        assert child_two._id not in guids
+        assert grandchild._id not in guids
+
+    def test_preprint_filter_excludes_orphans(self, app, user_one, preprint, public_project_one, public_project_two, public_project_three):
+        orphan = PreprintFactory(creator=preprint.node.creator)
         orphan._is_preprint_orphan = True
         orphan.save()
 
         url = '/{}nodes/?filter[preprint]=true'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         data = res.json['data']
 
         ids = [each['id'] for each in data]
 
-        assert_in(self.preprint.node._id, ids)
-        assert_not_in(orphan._id, ids)
-        assert_not_in(self.project_one._id, ids)
-        assert_not_in(self.project_two._id, ids)
-        assert_not_in(self.project_three._id, ids)
+        assert preprint.node._id in ids
+        assert orphan._id not in ids
+        assert public_project_one._id not in ids
+        assert public_project_two._id not in ids
+        assert public_project_three._id not in ids
 
-    def test_deleted_preprint_file_not_in_filtered_results(self):
-        orphan = PreprintFactory(creator=self.preprint.node.creator)
+    def test_deleted_preprint_file_not_in_filtered_results(self, app, user_one, preprint):
+        orphan = PreprintFactory(creator=preprint.node.creator)
 
         # orphan the preprint by deleting the file
         orphan.node.preprint_file = None
         orphan.node.save()
         url = '/{}nodes/?filter[preprint]=true'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         data = res.json['data']
 
         ids = [each['id'] for each in data]
 
-        assert_in(self.preprint.node._id, ids)
-        assert_not_in(orphan.node._id, ids)
+        assert preprint.node._id in ids
+        assert orphan.node._id not in ids
 
-    def test_deleted_preprint_file_in_preprint_false_filtered_results(self):
-        orphan = PreprintFactory(creator=self.preprint.node.creator)
+    def test_deleted_preprint_file_in_preprint_false_filtered_results(self, app, user_one, preprint):
+        orphan = PreprintFactory(creator=preprint.node.creator)
 
         # orphan the preprint by deleting the file
         orphan.node.preprint_file = None
@@ -658,564 +696,649 @@ def test_deleted_preprint_file_in_preprint_false_filtered_results(self):
         orphan.refresh_from_db()
 
         url = '/{}nodes/?filter[preprint]=false'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         data = res.json['data']
 
         ids = [each['id'] for each in data]
 
-        assert_not_in(self.preprint.node._id, ids)
-        assert_in(orphan.node._id, ids)
+        assert preprint.node._id not in ids
+        assert orphan.node._id in ids
 
-    def test_unpublished_preprint_not_in_preprint_true_filter_results(self):
-        unpublished = PreprintFactory(creator=self.preprint.node.creator, is_published=False)
-        assert_false(unpublished.is_published)
+    def test_unpublished_preprint_not_in_preprint_true_filter_results(self, app, user_one, preprint):
+        unpublished = PreprintFactory(creator=preprint.node.creator, is_published=False)
+        assert not unpublished.is_published
 
         url = '/{}nodes/?filter[preprint]=true'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         data = res.json['data']
         ids = [each['id'] for each in data]
 
-        assert_in(self.preprint.node._id, ids)
-        assert_not_in(unpublished.node._id, ids)
+        assert preprint.node._id in ids
+        assert unpublished.node._id not in ids
 
-    def test_unpublished_preprint_in_preprint_false_filter_results(self):
-        unpublished = PreprintFactory(creator=self.preprint.node.creator, is_published=False)
-        assert_false(unpublished.is_published)
+    def test_unpublished_preprint_in_preprint_false_filter_results(self, app, user_one, preprint):
+        unpublished = PreprintFactory(creator=preprint.node.creator, is_published=False)
+        assert not unpublished.is_published
 
         url = '/{}nodes/?filter[preprint]=false'.format(API_BASE)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
         data = res.json['data']
         ids = [each['id'] for each in data]
 
-        assert_not_in(self.preprint.node._id, ids)
-        assert_in(unpublished.node._id, ids)
+        assert preprint.node._id not in ids
+        assert unpublished.node._id in ids
+
+
+@pytest.mark.django_db
+class TestNodeCreate:
+
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
 
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
 
-class TestNodeCreate(ApiTestCase):
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
 
-    def setUp(self):
-        super(TestNodeCreate, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.url = '/{}nodes/'.format(API_BASE)
+    @pytest.fixture()
+    def title(self):
+        return 'Rheisen is bored'
 
-        self.title = 'Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.category = 'data'
+    @pytest.fixture()
+    def description(self):
+        return 'Pytest conversions are tedious'
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def category(self):
+        return 'data'
 
-        self.public_project = {
+    @pytest.fixture()
+    def public_project(self, title, description, category):
+        return {
             'data': {
                 'type': 'nodes',
-                'attributes':
-                    {
-                        'title': self.title,
-                        'description': self.description,
-                        'category': self.category,
-                        'public': True,
-                    }
+                'attributes': {
+                    'title': title,
+                    'description': description,
+                    'category': category,
+                    'public': True,
+                }
             }
         }
-        self.private_project = {
+
+    @pytest.fixture()
+    def private_project(self, title, description, category):
+        return {
             'data': {
                 'type': 'nodes',
                 'attributes': {
-                    'title': self.title,
-                    'description': self.description,
-                    'category': self.category,
+                    'title': title,
+                    'description': description,
+                    'category': category,
                     'public': False
                 }
             }
         }
-    def test_node_create_invalid_data(self):
-        res = self.app.post_json_api(self.url, "Incorrect data", auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
-
-        res = self.app.post_json_api(self.url, ["Incorrect data"], auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], "Malformed request.")
-
-    def test_creates_public_project_logged_out(self):
-        res = self.app.post_json_api(self.url, self.public_project, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
-
-    def test_creates_public_project_logged_in(self):
-        res = self.app.post_json_api(self.url, self.public_project, expect_errors=True, auth=self.user_one.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.json['data']['attributes']['title'], self.public_project['data']['attributes']['title'])
-        assert_equal(res.json['data']['attributes']['description'], self.public_project['data']['attributes']['description'])
-        assert_equal(res.json['data']['attributes']['category'], self.public_project['data']['attributes']['category'])
-        assert_equal(res.content_type, 'application/vnd.api+json')
+
+    def test_create_node_errors(self, app, user_one, public_project, private_project, url):
+
+    #   test_node_create_invalid_data
+        res = app.post_json_api(url, 'Incorrect data', auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
+
+        res = app.post_json_api(url, ['Incorrect data'], auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
+
+    #   test_creates_public_project_logged_out
+        res = app.post_json_api(url, public_project, expect_errors=True)
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
+
+    #   test_creates_private_project_logged_out
+        res = app.post_json_api(url, private_project, expect_errors=True)
+        assert res.status_code == 401
+        assert 'detail' in res.json['errors'][0]
+
+    def test_creates_public_project_logged_in(self, app, user_one, public_project, url):
+        res = app.post_json_api(url, public_project, expect_errors=True, auth=user_one.auth)
+        assert res.status_code == 201
+        assert res.json['data']['attributes']['title'] == public_project['data']['attributes']['title']
+        assert res.json['data']['attributes']['description'] == public_project['data']['attributes']['description']
+        assert res.json['data']['attributes']['category'] == public_project['data']['attributes']['category']
+        assert res.content_type == 'application/vnd.api+json'
         pid = res.json['data']['id']
         project = Node.load(pid)
-        assert_equal(project.logs.latest().action, NodeLog.PROJECT_CREATED)
-
-    def test_creates_private_project_logged_out(self):
-        res = self.app.post_json_api(self.url, self.private_project, expect_errors=True)
-        assert_equal(res.status_code, 401)
-        assert_in('detail', res.json['errors'][0])
-
-    def test_creates_private_project_logged_in_contributor(self):
-        res = self.app.post_json_api(self.url, self.private_project, auth=self.user_one.auth)
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
-        assert_equal(res.json['data']['attributes']['title'], self.private_project['data']['attributes']['title'])
-        assert_equal(res.json['data']['attributes']['description'], self.private_project['data']['attributes']['description'])
-        assert_equal(res.json['data']['attributes']['category'], self.private_project['data']['attributes']['category'])
+        assert project.logs.latest().action == NodeLog.PROJECT_CREATED
+
+    def test_creates_private_project_logged_in_contributor(self, app, user_one, private_project, url):
+        res = app.post_json_api(url, private_project, auth=user_one.auth)
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
+        assert res.json['data']['attributes']['title'] == private_project['data']['attributes']['title']
+        assert res.json['data']['attributes']['description'] == private_project['data']['attributes']['description']
+        assert res.json['data']['attributes']['category'] == private_project['data']['attributes']['category']
         pid = res.json['data']['id']
         project = Node.load(pid)
-        assert_equal(project.logs.latest().action, NodeLog.PROJECT_CREATED)
+        assert project.logs.latest().action == NodeLog.PROJECT_CREATED
 
-    def test_creates_project_from_template(self):
-        template_from = ProjectFactory(creator=self.user_one, is_public=True)
-        template_component = ProjectFactory(creator=self.user_one, is_public=True, parent=template_from)
-        templated_project_title = 'Templated Project'
+    def test_create_from_template_errors(self, app, user_one, user_two, url):
+
+    #   test_404_on_create_from_template_of_nonexistent_project
+        template_from_id = 'thisisnotavalidguid'
         templated_project_data = {
             'data': {
                 'type': 'nodes',
                 'attributes':
                     {
-                        'title': templated_project_title,
-                        'category': self.category,
-                        'template_from': template_from._id,
+                        'title': 'No title',
+                        'category': 'project',
+                        'template_from': template_from_id,
                     }
             }
         }
+        res = app.post_json_api(url, templated_project_data, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 404
 
-        res = self.app.post_json_api(self.url, templated_project_data, auth=self.user_one.auth)
-        assert_equal(res.status_code, 201)
-        json_data = res.json['data']
-
-        new_project_id = json_data['id']
-        new_project = Node.load(new_project_id)
-        assert_equal(new_project.title, templated_project_title)
-        assert_equal(new_project.description, '')
-        assert_false(new_project.is_public)
-        assert_equal(len(new_project.nodes), len(template_from.nodes))
-        assert_equal(new_project.nodes[0].title, template_component.title)
-
-    def test_404_on_create_from_template_of_nonexistent_project(self):
-        template_from_id = 'thisisnotavalidguid'
+    #   test_403_on_create_from_template_of_unauthorized_project
+        template_from = ProjectFactory(creator=user_two, is_public=True)
         templated_project_data = {
             'data': {
                 'type': 'nodes',
                 'attributes':
                     {
-                        'title': 'No title',
+                        'title': 'No permission',
                         'category': 'project',
-                        'template_from': template_from_id,
+                        'template_from': template_from._id,
                     }
             }
         }
-        res = self.app.post_json_api(self.url, templated_project_data, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 404)
+        res = app.post_json_api(url, templated_project_data, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 403
 
-    def test_403_on_create_from_template_of_unauthorized_project(self):
-        template_from = ProjectFactory(creator=self.user_two, is_public=True)
+    def test_creates_project_from_template(self, app, user_one, category, url):
+        template_from = ProjectFactory(creator=user_one, is_public=True)
+        template_component = ProjectFactory(creator=user_one, is_public=True, parent=template_from)
+        templated_project_title = 'Templated Project'
         templated_project_data = {
             'data': {
                 'type': 'nodes',
                 'attributes':
                     {
-                        'title': 'No permission',
-                        'category': 'project',
+                        'title': templated_project_title,
+                        'category': category,
                         'template_from': template_from._id,
                     }
             }
         }
-        res = self.app.post_json_api(self.url, templated_project_data, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 403)
 
-    def test_creates_project_creates_project_and_sanitizes_html(self):
+        res = app.post_json_api(url, templated_project_data, auth=user_one.auth)
+        assert res.status_code == 201
+        json_data = res.json['data']
+
+        new_project_id = json_data['id']
+        new_project = Node.load(new_project_id)
+        assert new_project.title == templated_project_title
+        assert new_project.description == ''
+        assert not new_project.is_public
+        assert len(new_project.nodes) == len(template_from.nodes)
+        assert new_project.nodes[0].title == template_component.title
+
+    def test_creates_project_creates_project_and_sanitizes_html(self, app, user_one, category, url):
         title = '<em>Cool</em> <strong>Project</strong>'
         description = 'An <script>alert("even cooler")</script> project'
 
-        res = self.app.post_json_api(self.url, {
+        res = app.post_json_api(url, {
             'data': {
                 'attributes': {
                     'title': title,
                     'description': description,
-                    'category': self.category,
+                    'category': category,
                     'public': True
                 },
                 'type': 'nodes'
             }
-        }, auth=self.user_one.auth)
+        }, auth=user_one.auth)
         project_id = res.json['data']['id']
-        assert_equal(res.status_code, 201)
-        assert_equal(res.content_type, 'application/vnd.api+json')
+        assert res.status_code == 201
+        assert res.content_type == 'application/vnd.api+json'
         url = '/{}nodes/{}/'.format(API_BASE, project_id)
 
         project = Node.load(project_id)
-        assert_equal(project.logs.latest().action, NodeLog.PROJECT_CREATED)
+        assert project.logs.latest().action == NodeLog.PROJECT_CREATED
 
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.json['data']['attributes']['title'], strip_html(title))
-        assert_equal(res.json['data']['attributes']['description'], strip_html(description))
-        assert_equal(res.json['data']['attributes']['category'], self.category)
+        res = app.get(url, auth=user_one.auth)
+        assert res.json['data']['attributes']['title'] == strip_html(title)
+        assert res.json['data']['attributes']['description'] == strip_html(description)
+        assert res.json['data']['attributes']['category'] == category
 
-    def test_create_component_inherit_contributors(self):
-        parent_project = ProjectFactory(creator=self.user_one)
-        parent_project.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
+    def test_create_component_inherit_contributors(self, app, user_one, user_two, title, category):
+        parent_project = ProjectFactory(creator=user_one)
+        parent_project.add_contributor(user_two, permissions=[permissions.READ], save=True)
         url = '/{}nodes/{}/children/?inherit_contributors=true'.format(API_BASE, parent_project._id)
         component_data = {
             'data': {
                 'type': 'nodes',
                 'attributes': {
-                    'title': self.title,
-                    'category': self.category,
+                    'title': title,
+                    'category': category,
                 }
             }
         }
-        res = self.app.post_json_api(url, component_data, auth=self.user_one.auth)
-        assert_equal(res.status_code, 201)
+        res = app.post_json_api(url, component_data, auth=user_one.auth)
+        assert res.status_code == 201
         json_data = res.json['data']
 
         new_component_id = json_data['id']
         new_component = Node.load(new_component_id)
-        assert_equal(len(new_component.contributors), 2)
-        assert_equal(len(new_component.contributors), len(parent_project.contributors))
+        assert len(new_component.contributors) == 2
+        assert len(new_component.contributors) == len(parent_project.contributors)
 
-    def test_create_component_inherit_contributors_with_unregistered_contributor(self):
-        parent_project = ProjectFactory(creator=self.user_one)
+    def test_create_component_inherit_contributors_with_unregistered_contributor(self, app, user_one, title, category):
+        parent_project = ProjectFactory(creator=user_one)
         parent_project.add_unregistered_contributor(
             fullname='far', email='foo@bar.baz', permissions=[permissions.READ],
-            auth= Auth(user=self.user_one), save=True
+            auth= Auth(user=user_one), save=True
         )
         url = '/{}nodes/{}/children/?inherit_contributors=true'.format(API_BASE, parent_project._id)
         component_data = {
             'data': {
                 'type': 'nodes',
                 'attributes': {
-                    'title': self.title,
-                    'category': self.category,
+                    'title': title,
+                    'category': category,
                 }
             }
         }
-        res = self.app.post_json_api(url, component_data, auth=self.user_one.auth)
-        assert_equal(res.status_code, 201)
+        res = app.post_json_api(url, component_data, auth=user_one.auth)
+        assert res.status_code == 201
         json_data = res.json['data']
 
         new_component_id = json_data['id']
         new_component = Node.load(new_component_id)
-        assert_equal(len(new_component.contributors), 2)
-        assert_equal(len(new_component.contributors), len(parent_project.contributors))
+        assert len(new_component.contributors) == 2
+        assert len(new_component.contributors) == len(parent_project.contributors)
+
+    def test_create_project_errors(self, app, user_one, title, description, category, url):
 
-    def test_creates_project_no_type(self):
+    #   test_creates_project_no_type
         project = {
             'data': {
                 'attributes': {
-                    'title': self.title,
-                    'description': self.description,
-                    'category': self.category,
+                    'title': title,
+                    'description': description,
+                    'category': category,
                     'public': False
                 }
             }
         }
-        res = self.app.post_json_api(self.url, project, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'This field may not be null.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/type')
+        res = app.post_json_api(url, project, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'This field may not be null.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data/type'
 
-    def test_creates_project_incorrect_type(self):
+    #   test_creates_project_incorrect_type
         project = {
             'data': {
                 'attributes': {
-                    'title': self.title,
-                    'description': self.description,
-                    'category': self.category,
+                    'title': title,
+                    'description': description,
+                    'category': category,
                     'public': False
                 },
                 'type': 'Wrong type.'
             }
         }
-        res = self.app.post_json_api(self.url, project, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 409)
-        assert_equal(res.json['errors'][0]['detail'], 'This resource has a type of "nodes", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.')
+        res = app.post_json_api(url, project, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 409
+        assert res.json['errors'][0]['detail'] == 'This resource has a type of "nodes", but you set the json body\'s type field to "Wrong type.". You probably need to change the type field to match the resource\'s type.'
 
-    def test_creates_project_properties_not_nested(self):
+    #   test_creates_project_properties_not_nested
         project = {
             'data': {
-                'title': self.title,
-                'description': self.description,
-                'category': self.category,
+                'title': title,
+                'description': description,
+                'category': category,
                 'public': False,
                 'type': 'nodes'
             }
         }
-        res = self.app.post_json_api(self.url, project, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data/attributes.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/attributes')
+        res = app.post_json_api(url, project, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /data/attributes.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data/attributes'
 
-    def test_create_project_invalid_title(self):
+    #   test_create_project_invalid_title
         project = {
             'data': {
                 'type': 'nodes',
                 'attributes': {
                     'title': 'A' * 201,
-                    'description': self.description,
-                    'category': self.category,
+                    'description': description,
+                    'category': category,
                     'public': False,
                 }
             }
         }
-        res = self.app.post_json_api(self.url, project, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Title cannot exceed 200 characters.')
-
-
-class TestNodeBulkCreate(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeBulkCreate, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.url = '/{}nodes/'.format(API_BASE)
-
-        self.title = 'Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.category = 'data'
-
-        self.user_two = AuthUserFactory()
+        res = app.post_json_api(url, project, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Title cannot exceed 200 characters.'
+
+
+@pytest.mark.django_db
+class TestNodeBulkCreate:
+
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
+
+    @pytest.fixture()
+    def title(self):
+        return 'Rheisen is bored'
+
+    @pytest.fixture()
+    def description(self):
+        return 'Pytest conversions are tedious'
+
+    @pytest.fixture()
+    def category(self):
+        return 'data'
+
+    @pytest.fixture()
+    def public_project(self, title, description, category):
+        return {
+            'type': 'nodes',
+            'attributes': {
+                'title': title,
+                'description': description,
+                'category': category,
+                'public': True
+            }
+        }
 
-        self.public_project = {
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.title,
-                    'description': self.description,
-                    'category': self.category,
-                    'public': True
-                }
+    @pytest.fixture()
+    def private_project(self, title, description, category):
+        return {
+            'type': 'nodes',
+            'attributes': {
+                'title': title,
+                'description': description,
+                'category': category,
+                'public': False
+            }
         }
 
-        self.private_project = {
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.title,
-                    'description': self.description,
-                    'category': self.category,
-                    'public': False
-                }
+    @pytest.fixture()
+    def empty_project(self):
+        return {
+            'type': 'nodes', 
+            'attributes': {
+                'title': '',
+                'description': '',
+                'category': ''
+            }
         }
 
-        self.empty_project = {'type': 'nodes', 'attributes': {'title': "", 'description': "", "category": ""}}
+    def test_bulk_create(self, app, user_one, public_project, private_project, empty_project, title, category, url):
 
-    def test_bulk_create_nodes_blank_request(self):
-        res = self.app.post_json_api(self.url, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+    #   test_bulk_create_nodes_blank_request
+        res = app.post_json_api(url, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
 
-    def test_bulk_create_all_or_nothing(self):
-        res = self.app.post_json_api(self.url, {'data': [self.public_project, self.empty_project]}, bulk=True, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
+    #   test_bulk_create_all_or_nothing
+        res = app.post_json_api(url, {'data': [public_project, empty_project]}, bulk=True, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_logged_out(self):
-        res = self.app.post_json_api(self.url, {'data': [self.public_project, self.private_project]}, bulk=True, expect_errors=True)
-        assert_equal(res.status_code, 401)
+    #   test_bulk_create_logged_out
+        res = app.post_json_api(url, {'data': [public_project, private_project]}, bulk=True, expect_errors=True)
+        assert res.status_code == 401
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_error_formatting(self):
-        res = self.app.post_json_api(self.url, {'data': [self.empty_project, self.empty_project]}, bulk=True, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 2)
+    #   test_bulk_create_error_formatting
+        res = app.post_json_api(url, {'data': [empty_project, empty_project]}, bulk=True, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 2
         errors = res.json['errors']
-        assert_items_equal([errors[0]['source'], errors[1]['source']],
-                           [{'pointer': '/data/0/attributes/title'}, {'pointer': '/data/1/attributes/title'}])
-        assert_items_equal([errors[0]['detail'], errors[1]['detail']],
-                           ["This field may not be blank.", "This field may not be blank."])
+        assert errors[0]['source'] == {'pointer': '/data/0/attributes/title'}
+        assert errors[1]['source'] ==  {'pointer': '/data/1/attributes/title'}
+        assert errors[0]['detail'] == 'This field may not be blank.'
+        assert errors[1]['detail'] == 'This field may not be blank.'
 
-    def test_bulk_create_limits(self):
-        node_create_list = {'data': [self.public_project] * 101}
-        res = self.app.post_json_api(self.url, node_create_list, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
+    #   test_bulk_create_limits
+        node_create_list = {'data': [public_project] * 101}
+        res = app.post_json_api(url, node_create_list, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_no_type(self):
-        payload = {'data': [{"attributes": {'category': self.category, 'title': self.title}}]}
-        res = self.app.post_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/0/type')
+    #   test_bulk_create_no_type
+        payload = {'data': [{"attributes": {'category': category, 'title': title}}]}
+        res = app.post_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/0/type'
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_incorrect_type(self):
-        payload = {'data': [self.public_project, {'type': 'Incorrect type.', "attributes": {'category': self.category, 'title': self.title}}]}
-        res = self.app.post_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
+    #   test_bulk_create_incorrect_type
+        payload = {'data': [public_project, {'type': 'Incorrect type.', "attributes": {'category': category, 'title': title}}]}
+        res = app.post_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 409
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_no_attributes(self):
-        payload = {'data': [self.public_project, {'type': 'nodes', }]}
-        res = self.app.post_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
+    #   test_bulk_create_no_attributes
+        payload = {'data': [public_project, {'type': 'nodes', }]}
+        res = app.post_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
 
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/attributes')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/attributes'
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_bulk_create_no_title(self):
-        payload = {'data': [self.public_project, {'type': 'nodes', "attributes": {'category': self.category}}]}
-        res = self.app.post_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
+    #   test_bulk_create_no_title
+        payload = {'data': [public_project, {'type': 'nodes', 'attributes': {'category': category}}]}
+        res = app.post_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
 
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/1/attributes/title')
+        assert res.status_code == 400
+        assert res.json['errors'][0]['source']['pointer'] == '/data/1/attributes/title'
 
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
 
-    def test_ugly_payload(self):
+    #   test_ugly_payload
         payload = 'sdf;jlasfd'
-        res = self.app.post_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 0)
-
-    def test_bulk_create_logged_in(self):
-        res = self.app.post_json_api(self.url, {'data': [self.public_project, self.private_project]}, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 201)
-        assert_equal(len(res.json['data']), 2)
-        assert_equal(res.json['data'][0]['attributes']['title'], self.public_project['attributes']['title'])
-        assert_equal(res.json['data'][0]['attributes']['category'], self.public_project['attributes']['category'])
-        assert_equal(res.json['data'][0]['attributes']['description'], self.public_project['attributes']['description'])
-        assert_equal(res.json['data'][1]['attributes']['title'], self.private_project['attributes']['title'])
-        assert_equal(res.json['data'][1]['attributes']['category'], self.public_project['attributes']['category'])
-        assert_equal(res.json['data'][1]['attributes']['description'], self.public_project['attributes']['description'])
-        assert_equal(res.content_type, 'application/vnd.api+json')
-
-        res = self.app.get(self.url, auth=self.user_one.auth)
-        assert_equal(len(res.json['data']), 2)
+        res = app.post_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 0
+
+    def test_bulk_create_logged_in(self, app, user_one, public_project, private_project, url):
+        res = app.post_json_api(url, {'data': [public_project, private_project]}, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 201
+        assert len(res.json['data']) == 2
+        assert res.json['data'][0]['attributes']['title'] == public_project['attributes']['title']
+        assert res.json['data'][0]['attributes']['category'] == public_project['attributes']['category']
+        assert res.json['data'][0]['attributes']['description'] == public_project['attributes']['description']
+        assert res.json['data'][1]['attributes']['title'] == private_project['attributes']['title']
+        assert res.json['data'][1]['attributes']['category'] == public_project['attributes']['category']
+        assert res.json['data'][1]['attributes']['description'] == public_project['attributes']['description']
+        assert res.content_type == 'application/vnd.api+json'
+
+        res = app.get(url, auth=user_one.auth)
+        assert len(res.json['data']) == 2
         id_one = res.json['data'][0]['id']
         id_two = res.json['data'][1]['id']
 
-        res = self.app.delete_json_api(self.url, {'data': [{'id': id_one, 'type': 'nodes'},
+        res = app.delete_json_api(url, {'data': [{'id': id_one, 'type': 'nodes'},
                                                            {'id': id_two, 'type': 'nodes'}]},
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 204)
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 204
+
 
+@pytest.mark.django_db
+class TestNodeBulkUpdate:
 
-class TestNodeBulkUpdate(ApiTestCase):
+    @pytest.fixture()
+    def title(self):
+        return 'Rheisen is bored'
 
-    def setUp(self):
-        super(TestNodeBulkUpdate, self).setUp()
-        self.user = AuthUserFactory()
+    @pytest.fixture()
+    def new_title(self):
+        return 'Rheisen is very bored'
 
-        self.title = 'Cool Project'
-        self.new_title = 'Super Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.new_description = 'An even cooler project'
-        self.category = 'data'
+    @pytest.fixture()
+    def description(self):
+        return 'Pytest conversions are tedious'
 
-        self.new_category = 'project'
+    @pytest.fixture()
+    def new_description(self):
+        return 'Pytest conversions are death'
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def category(self):
+        return 'data'
 
-        self.public_project = ProjectFactory(title=self.title,
-                                             description=self.description,
-                                             category=self.category,
-                                             is_public=True,
-                                             creator=self.user)
+    @pytest.fixture()
+    def new_category(self):
+        return 'project'
 
-        self.public_project_two = ProjectFactory(title=self.title,
-                                                description=self.description,
-                                                category=self.category,
-                                                is_public=True,
-                                                creator=self.user)
+    @pytest.fixture()
+    def public_project_one(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user)
 
-        self.public_payload = {
+    @pytest.fixture()
+    def public_project_two(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user)
+
+    @pytest.fixture()
+    def public_payload(self, public_project_one, public_project_two, new_title, new_description, new_category):
+        return {
             'data': [
                 {
-                    'id': self.public_project._id,
+                    'id': public_project_one._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 },
                 {
-                    'id': self.public_project_two._id,
+                    'id': public_project_two._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 }
             ]
         }
 
-        self.url = '/{}nodes/'.format(API_BASE)
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
 
-        self.private_project = ProjectFactory(title=self.title,
-                                              description=self.description,
-                                              category=self.category,
-                                              is_public=False,
-                                              creator=self.user)
+    @pytest.fixture()
+    def private_project_one(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=False, creator=user)
 
-        self.private_project_two = ProjectFactory(title=self.title,
-                                              description=self.description,
-                                              category=self.category,
-                                              is_public=False,
-                                              creator=self.user)
+    @pytest.fixture()
+    def private_project_two(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=False, creator=user)
 
-        self.private_payload = {'data': [
+    @pytest.fixture()
+    def private_payload(self, private_project_one, private_project_two, new_title, new_description, new_category):
+        return {
+            'data': [
                 {
-                    'id': self.private_project._id,
+                    'id': private_project_one._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': False
                     }
                 },
                 {
-                    'id': self.private_project_two._id,
+                    'id': private_project_two._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': False
                     }
                 }
             ]
         }
 
+    @pytest.fixture()
+    def empty_payload(self, public_project_one, public_project_two):
+        return {
+            'data': [
+                {
+                    'id': public_project_one._id, 
+                    'type': 'nodes', 
+                    'attributes': {
+                        'title': '', 
+                        'description': '', 
+                        'category': ''
+                    }
+                },
+                {
+                    'id': public_project_two._id, 
+                    'type': 'nodes', 
+                    'attributes': {
+                        'title': '', 
+                        'description': '', 
+                        'category': ''
+                    }
+                }
+            ]
+        }
 
-        self.empty_payload = {'data': [
-            {'id': self.public_project._id, 'type': 'nodes', 'attributes': {'title': "", 'description': "", "category": ""}},
-            {'id': self.public_project_two._id, 'type': 'nodes', 'attributes': {'title': "", 'description': "", "category": ""}}
-        ]}
+    def test_bulk_update_errors(self, app, user, public_project_one, public_project_two, private_project_one, private_project_two, public_payload, private_payload, empty_payload, title, new_title, new_category, url):
 
-    def test_bulk_update_nodes_blank_request(self):
-        res = self.app.put_json_api(self.url, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+    #   test_bulk_update_nodes_blank_request
+        res = app.put_json_api(url, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
 
-    def test_bulk_update_blank_but_not_empty_title(self):
+    #   test_bulk_update_blank_but_not_empty_title
         payload = {
             "data": [
                 {
-                  "id": self.public_project._id,
+                  "id": public_project_one._id,
                   "type": "nodes",
                   "attributes": {
                     "title": "This shouldn't update.",
@@ -1223,7 +1346,7 @@ def test_bulk_update_blank_but_not_empty_title(self):
                   }
                 },
                 {
-                  "id": self.public_project_two._id,
+                  "id": public_project_two._id,
                   "type": "nodes",
                   "attributes": {
                     "title": " ",
@@ -1232,897 +1355,1016 @@ def test_bulk_update_blank_but_not_empty_title(self):
                 }
               ]
             }
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        res = self.app.put_json_api(self.url, payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+        public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
 
-        res = self.app.get(url)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(public_project_one_url)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_update_with_tags(self):
-        new_payload = {'data': [{'id': self.public_project._id, 'type': 'nodes', 'attributes': {'title': 'New title', 'category': 'project', 'tags': ['new tag']}}]}
-
-        res = self.app.put_json_api(self.url, new_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.json['data'][0]['attributes']['tags'], ['new tag'])
-
-    def test_bulk_update_public_projects_one_not_found(self):
-        empty_payload = {'data': [
+    #   test_bulk_update_public_projects_one_not_found
+        payload = {'data': [
             {
                 'id': '12345',
                 'type': 'nodes',
                 'attributes': {
-                    'title': self.new_title,
-                    'category': self.new_category
+                    'title': new_title,
+                    'category': new_category
                 }
-            }, self.public_payload['data'][0]
+            }, public_payload['data'][0]
         ]}
 
-        res = self.app.put_json_api(self.url, empty_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Could not find all objects to update.')
-
+        res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Could not find all objects to update.'
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        res = self.app.get(url)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
 
+        public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+        res = app.get(public_project_one_url)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_update_public_projects_logged_out(self):
-        res = self.app.put_json_api(self.url, self.public_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], "Authentication credentials were not provided.")
+    #   test_bulk_update_public_projects_logged_out
+        res = app.put_json_api(url, public_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
+        public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
 
-        res = self.app.get(url)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(public_project_one_url)
+        assert res.json['data']['attributes']['title'] == title
 
-        res = self.app.get(url_two)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_update_public_projects_logged_in(self):
-        res = self.app.put_json_api(self.url, self.public_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 200)
-        assert_equal({self.public_project._id, self.public_project_two._id},
-                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
-        assert_equal(res.json['data'][0]['attributes']['title'], self.new_title)
-        assert_equal(res.json['data'][1]['attributes']['title'], self.new_title)
-
-    def test_bulk_update_private_projects_logged_out(self):
-        res = self.app.put_json_api(self.url, self.private_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
+        res = app.get(public_project_two_url)
+        assert res.json['data']['attributes']['title'] == title
 
+    #   test_bulk_update_private_projects_logged_out
+        res = app.put_json_api(url, private_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_update_private_projects_logged_in_contrib(self):
-        res = self.app.put_json_api(self.url, self.private_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 200)
-        assert_equal({self.private_project._id, self.private_project_two._id},
-                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
-        assert_equal(res.json['data'][0]['attributes']['title'], self.new_title)
-        assert_equal(res.json['data'][1]['attributes']['title'], self.new_title)
-
-    def test_bulk_update_private_projects_logged_in_non_contrib(self):
-        res = self.app.put_json_api(self.url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
-
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_update_private_projects_logged_in_read_only_contrib(self):
-        self.private_project.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
-        self.private_project_two.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
-        res = self.app.put_json_api(self.url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
-
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_update_projects_send_dictionary_not_list(self):
-        res = self.app.put_json_api(self.url, {'data': {'id': self.public_project._id, 'type': 'nodes',
-                                                        'attributes': {'title': self.new_title, 'category': "project"}}},
-                                    auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".')
-
-    def test_bulk_update_error_formatting(self):
-        res = self.app.put_json_api(self.url, self.empty_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 2)
-        errors = res.json['errors']
-        assert_items_equal([errors[0]['source'], errors[1]['source']],
-                           [{'pointer': '/data/0/attributes/title'}, {'pointer': '/data/1/attributes/title'}])
-        assert_items_equal([errors[0]['detail'], errors[1]['detail']],
-                           ['This field may not be blank.'] * 2)
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_update_id_not_supplied(self):
-        res = self.app.put_json_api(self.url, {'data': [self.public_payload['data'][1], {'type': 'nodes', 'attributes':
-            {'title': self.new_title, 'category': self.new_category}}]}, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 1)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/1/id')
-        assert_equal(res.json['errors'][0]['detail'], "This field may not be null.")
+    #   test_bulk_update_private_projects_logged_in_non_contrib
+        non_contrib = AuthUserFactory()
+        res = app.put_json_api(url, private_payload, auth=non_contrib.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_update_type_not_supplied(self):
-        res = self.app.put_json_api(self.url, {'data': [self.public_payload['data'][1], {'id': self.public_project._id, 'attributes':
-            {'title': self.new_title, 'category': self.new_category}}]}, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 1)
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data/1/type')
-        assert_equal(res.json['errors'][0]['detail'], "This field may not be null.")
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
+    #   test_bulk_update_projects_send_dictionary_not_list
+        res = app.put_json_api(url, {'data': {'id': public_project_one._id, 'type': 'nodes',
+                                                        'attributes': {'title': new_title, 'category': "project"}}},
+                                    auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_update_incorrect_type(self):
-        res = self.app.put_json_api(self.url, {'data': [self.public_payload['data'][1], {'id': self.public_project._id, 'type': 'Incorrect', 'attributes':
-            {'title': self.new_title, 'category': self.new_category}}]}, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
-
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
-
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+    #   test_bulk_update_error_formatting
+        res = app.put_json_api(url, empty_payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 2
+        errors = res.json['errors']
+        assert errors[0]['source'] == {'pointer': '/data/0/attributes/title'}
+        assert errors[1]['source'] == {'pointer': '/data/1/attributes/title'}
+        assert errors[0]['detail'] == 'This field may not be blank.'
+        assert errors[1]['detail'] == 'This field may not be blank.'
+
+    #   test_bulk_update_id_not_supplied
+        res = app.put_json_api(url, {'data': [public_payload['data'][1], {'type': 'nodes', 'attributes':
+            {'title': new_title, 'category': new_category}}]}, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 1
+        assert res.json['errors'][0]['source']['pointer'] == '/data/1/id'
+        assert res.json['errors'][0]['detail'] == "This field may not be null."
+
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
+
+        res = app.get(public_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    #   test_bulk_update_type_not_supplied
+        res = app.put_json_api(url, {'data': [public_payload['data'][1], {'id': public_project_one._id, 'attributes':
+            {'title': new_title, 'category': new_category}}]}, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 1
+        assert res.json['errors'][0]['source']['pointer'] == '/data/1/type'
+        assert res.json['errors'][0]['detail'] == "This field may not be null."
+
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
+
+        res = app.get(public_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    #   test_bulk_update_incorrect_type
+        res = app.put_json_api(url, {'data': [public_payload['data'][1], {'id': public_project_one._id, 'type': 'Incorrect', 'attributes':
+            {'title': new_title, 'category': new_category}}]}, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 409
+
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
+
+        res = app.get(public_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    #   test_bulk_update_limits
+        node_update_list = {'data': [public_payload['data'][0]] * 101}
+        res = app.put_json_api(url, node_update_list, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
+
+    #   test_bulk_update_no_title_or_category
+        new_payload = {'id': public_project_one._id, 'type': 'nodes', 'attributes': {}}
+        res = app.put_json_api(url, {'data': [public_payload['data'][1], new_payload]}, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
+
+        res = app.get(public_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    def test_bulk_update_private_projects_logged_in_read_only_contrib(self, app, user, private_project_one, private_project_two, title, private_payload, url):
+        read_contrib = AuthUserFactory()
+        private_project_one.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+        private_project_two.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+        res = app.put_json_api(url, private_payload, auth=read_contrib.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
+
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    def test_bulk_update_public_projects_logged_in(self, app, user, public_project_one, public_project_two, public_payload, new_title, url):
+        res = app.put_json_api(url, public_payload, auth=user.auth, bulk=True)
+        assert res.status_code == 200
+        assert ({public_project_one._id, public_project_two._id} ==
+                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
+        assert res.json['data'][0]['attributes']['title'] == new_title
+        assert res.json['data'][1]['attributes']['title'] == new_title
 
-    def test_bulk_update_limits(self):
-        node_update_list = {'data': [self.public_payload['data'][0]] * 101}
-        res = self.app.put_json_api(self.url, node_update_list, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
+    def test_bulk_update_with_tags(self, app, user, public_project_one, url):
+        new_payload = {'data': [{'id': public_project_one._id, 'type': 'nodes', 'attributes': {'title': 'New title', 'category': 'project', 'tags': ['new tag']}}]}
 
-    def test_bulk_update_no_title_or_category(self):
-        new_payload = {'id': self.public_project._id, 'type': 'nodes', 'attributes': {}}
-        res = self.app.put_json_api(self.url, {'data': [self.public_payload['data'][1], new_payload]}, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+        res = app.put_json_api(url, new_payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 200
+        assert res.json['data'][0]['attributes']['tags'] == ['new tag']
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
+    def test_bulk_update_private_projects_logged_in_contrib(self, app, user, private_project_one, private_project_two, private_payload, new_title, url):
+        res = app.put_json_api(url, private_payload, auth=user.auth, bulk=True)
+        assert res.status_code == 200
+        assert ({private_project_one._id, private_project_two._id} == {res.json['data'][0]['id'], res.json['data'][1]['id']})
+        assert res.json['data'][0]['attributes']['title'] == new_title
+        assert res.json['data'][1]['attributes']['title'] == new_title
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+@pytest.mark.django_db
+class TestNodeBulkPartialUpdate:
 
+    @pytest.fixture()
+    def title(self):
+        return 'Rachel is great'
 
-class TestNodeBulkPartialUpdate(ApiTestCase):
+    @pytest.fixture()
+    def new_title(self):
+        return 'Rachel is awesome'
 
-    def setUp(self):
-        super(TestNodeBulkPartialUpdate, self).setUp()
-        self.user = AuthUserFactory()
+    @pytest.fixture()
+    def description(self):
+        return 'Such a cool person'
 
-        self.title = 'Cool Project'
-        self.new_title = 'Super Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.new_description = 'An even cooler project'
-        self.category = 'data'
+    @pytest.fixture()
+    def new_description(self):
+        return 'Such an amazing person'
 
-        self.new_category = 'project'
+    @pytest.fixture()
+    def category(self):
+        return 'data'
 
-        self.user_two = AuthUserFactory()
+    @pytest.fixture()
+    def new_category(self):
+        return 'project'
 
-        self.public_project = ProjectFactory(title=self.title,
-                                             description=self.description,
-                                             category=self.category,
-                                             is_public=True,
-                                             creator=self.user)
+    @pytest.fixture()
+    def public_project_one(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user)
 
-        self.public_project_two = ProjectFactory(title=self.title,
-                                                description=self.description,
-                                                category=self.category,
-                                                is_public=True,
-                                                creator=self.user)
+    @pytest.fixture()
+    def public_project_two(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user)
 
-        self.public_payload = {'data': [
-            {
-                'id': self.public_project._id,
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.new_title
-                }
-            },
-            {
-                'id': self.public_project_two._id,
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.new_title
+    @pytest.fixture()
+    def public_payload(self, public_project_one, public_project_two, new_title, new_description, new_category):
+        return {
+            'data': [
+                {
+                    'id': public_project_one._id,
+                    'type': 'nodes',
+                    'attributes': {
+                        'title': new_title,
+                    }
+                },
+                {
+                    'id': public_project_two._id,
+                    'type': 'nodes',
+                    'attributes': {
+                        'title': new_title,
+                    }
                 }
-            }
-        ]}
+            ]
+        }
 
-        self.url = '/{}nodes/'.format(API_BASE)
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
 
-        self.private_project = ProjectFactory(title=self.title,
-                                              description=self.description,
-                                              category=self.category,
-                                              is_public=False,
-                                              creator=self.user)
+    @pytest.fixture()
+    def private_project_one(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=False, creator=user)
 
-        self.private_project_two = ProjectFactory(title=self.title,
-                                              description=self.description,
-                                              category=self.category,
-                                              is_public=False,
-                                              creator=self.user)
+    @pytest.fixture()
+    def private_project_two(self, user, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=False, creator=user)
 
-        self.private_payload = {'data': [
-            {
-                'id': self.private_project._id,
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.new_title
-                }
-            },
-            {
-                'id': self.private_project_two._id,
-                'type': 'nodes',
-                'attributes': {
-                    'title': self.new_title
+    @pytest.fixture()
+    def private_payload(self, private_project_one, private_project_two, new_title, new_description, new_category):
+        return {
+            'data': [
+                {
+                    'id': private_project_one._id,
+                    'type': 'nodes',
+                    'attributes': {
+                        'title': new_title
+                    }
+                },
+                {
+                    'id': private_project_two._id,
+                    'type': 'nodes',
+                    'attributes': {
+                        'title': new_title
+                    }
                 }
-            }
-        ]}
+            ]
+        }
 
-        self.empty_payload = {'data': [
-            {'id': self.public_project._id, 'type': 'nodes', 'attributes': {'title': ""}},
-            {'id': self.public_project_two._id, 'type': 'nodes', 'attributes': {'title': ""}}
-        ]
+    @pytest.fixture()
+    def empty_payload(self, public_project_one, public_project_two):
+        return {
+            'data': [
+                {
+                    'id': public_project_one._id, 
+                    'type': 'nodes', 
+                    'attributes': {
+                        'title': ''
+                    }
+                },
+                {
+                    'id': public_project_two._id, 
+                    'type': 'nodes', 
+                    'attributes': {
+                        'title': ''
+                    }
+                }
+            ]
         }
 
-    def test_bulk_patch_nodes_blank_request(self):
-        res = self.app.patch_json_api(self.url, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+    def test_bulk_partial_update_errors(self, app, user, public_project_one, public_project_two, private_project_one, private_project_two, title, new_title, public_payload, private_payload, empty_payload, url):
 
-    def test_bulk_partial_update_public_projects_one_not_found(self):
-        empty_payload = {'data': [
+    #   test_bulk_patch_nodes_blank_request
+        res = app.patch_json_api(url, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+
+    #   test_bulk_partial_update_public_projects_one_not_found
+        payload = {'data': [
             {
                 'id': '12345',
                 'type': 'nodes',
                 'attributes': {
-                    'title': self.new_title
+                    'title': new_title
                 }
             },
-            self.public_payload['data'][0]
+            public_payload['data'][0]
         ]}
-        res = self.app.patch_json_api(self.url, empty_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Could not find all objects to update.')
-
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        res = self.app.get(url)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_partial_update_public_projects_logged_out(self):
-        res = self.app.patch_json_api(self.url, self.public_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], "Authentication credentials were not provided.")
-
-        url = '/{}nodes/{}/'.format(API_BASE, self.public_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.public_project_two._id)
-
-        res = self.app.get(url)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-        res = self.app.get(url_two)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
-
-    def test_bulk_partial_update_public_projects_logged_in(self):
-        res = self.app.patch_json_api(self.url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 200)
-        assert_equal({self.public_project._id, self.public_project_two._id},
-                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
-        assert_equal(res.json['data'][0]['attributes']['title'], self.new_title)
-        assert_equal(res.json['data'][1]['attributes']['title'], self.new_title)
+        res = app.patch_json_api(url, payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Could not find all objects to update.'
 
-    def test_bulk_partial_update_private_projects_logged_out(self):
-        res = self.app.patch_json_api(self.url, self.private_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
+        public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+        res = app.get(public_project_one_url)
+        assert res.json['data']['attributes']['title'] == title
 
+    #   test_bulk_partial_update_public_projects_logged_out
+        res = app.patch_json_api(url, public_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
+        public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+        public_project_two_url = '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(public_project_one_url)
+        assert res.json['data']['attributes']['title'] == title
 
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(public_project_two_url)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_partial_update_private_projects_logged_in_contrib(self):
-        res = self.app.patch_json_api(self.url, self.private_payload, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 200)
-        assert_equal({self.private_project._id, self.private_project_two._id},
-                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
-        assert_equal(res.json['data'][0]['attributes']['title'], self.new_title)
-        assert_equal(res.json['data'][1]['attributes']['title'], self.new_title)
+    #   test_bulk_partial_update_private_projects_logged_out
+        res = app.patch_json_api(url, private_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-    def test_bulk_partial_update_private_projects_logged_in_non_contrib(self):
-        res = self.app.patch_json_api(self.url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_partial_update_private_projects_logged_in_read_only_contrib(self):
-        self.private_project.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
-        self.private_project_two.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
-        res = self.app.patch_json_api(self.url, self.private_payload, auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
+    #   test_bulk_partial_update_private_projects_logged_in_non_contrib
+        non_contrib = AuthUserFactory()
+        res = app.patch_json_api(url, private_payload, auth=non_contrib.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
 
-        url = '/{}nodes/{}/'.format(API_BASE, self.private_project._id)
-        url_two = '/{}nodes/{}/'.format(API_BASE, self.private_project_two._id)
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
-        res = self.app.get(url, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-        res = self.app.get(url_two, auth=self.user.auth)
-        assert_equal(res.json['data']['attributes']['title'], self.title)
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
 
-    def test_bulk_partial_update_projects_send_dictionary_not_list(self):
-        res = self.app.patch_json_api(self.url, {'data': {'id': self.public_project._id, 'attributes': {'title': self.new_title, 'category': "project"}}},
-                                    auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".')
+    #   test_bulk_partial_update_projects_send_dictionary_not_list
+        res = app.patch_json_api(url, {'data': {'id': public_project_one._id, 'attributes': {'title': new_title, 'category': "project"}}},
+                                    auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
 
-    def test_bulk_partial_update_error_formatting(self):
-        res = self.app.patch_json_api(self.url, self.empty_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 2)
+    #   test_bulk_partial_update_error_formatting
+        res = app.patch_json_api(url, empty_payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 2
         errors = res.json['errors']
-        assert_items_equal([errors[0]['source'], errors[1]['source']],
-                           [{'pointer': '/data/0/attributes/title'}, {'pointer': '/data/1/attributes/title'}])
-        assert_items_equal([errors[0]['detail'], errors[1]['detail']],
-                           ['This field may not be blank.']*2)
-
-    def test_bulk_partial_update_id_not_supplied(self):
-        res = self.app.patch_json_api(self.url, {'data': [{'type': 'nodes', 'attributes': {'title': self.new_title}}]},
-                                      auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(len(res.json['errors']), 1)
-        assert_equal(res.json['errors'][0]['detail'], 'This field may not be null.')
-
-    def test_bulk_partial_update_limits(self):
-        node_update_list = {'data': [self.public_payload['data'][0]] * 101 }
-        res = self.app.patch_json_api(self.url, node_update_list, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
-
-    def test_bulk_partial_update_privacy_has_no_effect_on_tags(self):
-        self.public_project.add_tag('tag1', Auth(self.public_project.creator), save=True)
-        payload = {'id': self.public_project._id, 'type': 'nodes', 'attributes': {'public': False}}
-        res = self.app.patch_json_api(self.url, {'data': [payload]}, auth=self.user.auth, bulk=True)
-        assert_equal(res.status_code, 200)
-        self.public_project.reload()
-        assert_equal(list(self.public_project.tags.values_list('name', flat=True)), ['tag1'])
-        assert_equal(self.public_project.is_public, False)
-
-
-class TestNodeBulkUpdateSkipUneditable(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeBulkUpdateSkipUneditable, self).setUp()
-        self.user = AuthUserFactory()
-        self.user_two = AuthUserFactory()
-
-        self.title = 'Cool Project'
-        self.new_title = 'Super Cool Project'
-        self.description = 'A Properly Cool Project'
-        self.new_description = 'An even cooler project'
-        self.category = 'data'
-        self.new_category = 'project'
-
-        self.public_project = ProjectFactory(title=self.title,
-                                             description=self.description,
-                                             category=self.category,
-                                             is_public=True,
-                                             creator=self.user)
-
-        self.public_project_two = ProjectFactory(title=self.title,
-                                                description=self.description,
-                                                category=self.category,
-                                                is_public=True,
-                                                creator=self.user)
-
-        self.public_project_three = ProjectFactory(title=self.title,
-                                                description=self.description,
-                                                category=self.category,
-                                                is_public=True,
-                                                creator=self.user_two)
-
-        self.public_project_four = ProjectFactory(title=self.title,
-                                                description=self.description,
-                                                category=self.category,
-                                                is_public=True,
-                                                creator=self.user_two)
-
-        self.public_payload = {
+        assert errors[0]['source'] == {'pointer': '/data/0/attributes/title'}
+        assert errors[1]['source'] == {'pointer': '/data/1/attributes/title'}
+        assert errors[0]['detail'] == 'This field may not be blank.'
+        assert errors[1]['detail'] == 'This field may not be blank.'
+
+    #   test_bulk_partial_update_id_not_supplied
+        res = app.patch_json_api(url, {'data': [{'type': 'nodes', 'attributes': {'title': new_title}}]},
+                                      auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert len(res.json['errors']) == 1
+        assert res.json['errors'][0]['detail'] == 'This field may not be null.'
+
+    #   test_bulk_partial_update_limits
+        node_update_list = {'data': [public_payload['data'][0]] * 101 }
+        res = app.patch_json_api(url, node_update_list, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
+
+    def test_bulk_partial_update_public_projects_logged_in(self, app, user, public_project_one, public_project_two, new_title, public_payload, url):
+        res = app.patch_json_api(url, public_payload, auth=user.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 200
+        assert ({public_project_one._id, public_project_two._id} ==
+                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
+        assert res.json['data'][0]['attributes']['title'] == new_title
+        assert res.json['data'][1]['attributes']['title'] == new_title
+
+    def test_bulk_partial_update_private_projects_logged_in_contrib(self, app, user, private_project_one, private_project_two, new_title, private_payload, url):
+        res = app.patch_json_api(url, private_payload, auth=user.auth, bulk=True)
+        assert res.status_code == 200
+        assert ({private_project_one._id, private_project_two._id} ==
+                     {res.json['data'][0]['id'], res.json['data'][1]['id']})
+        assert res.json['data'][0]['attributes']['title'] == new_title
+        assert res.json['data'][1]['attributes']['title'] == new_title
+
+    def test_bulk_partial_update_private_projects_logged_in_read_only_contrib(self, app, user, private_project_one, private_project_two, title, private_payload, url):
+        read_contrib = AuthUserFactory()
+        private_project_one.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+        private_project_two.add_contributor(read_contrib, permissions=[permissions.READ], save=True)
+        res = app.patch_json_api(url, private_payload, auth=read_contrib.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+        private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
+        private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
+
+        res = app.get(private_project_one_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+        res = app.get(private_project_two_url, auth=user.auth)
+        assert res.json['data']['attributes']['title'] == title
+
+    def test_bulk_partial_update_privacy_has_no_effect_on_tags(self, app, user, public_project_one, url):
+        public_project_one.add_tag('tag1', Auth(public_project_one.creator), save=True)
+        payload = {'id': public_project_one._id, 'type': 'nodes', 'attributes': {'public': False}}
+        res = app.patch_json_api(url, {'data': [payload]}, auth=user.auth, bulk=True)
+        assert res.status_code == 200
+        public_project_one.reload()
+        assert list(public_project_one.tags.values_list('name', flat=True)) == ['tag1']
+        assert public_project_one.is_public == False
+
+@pytest.mark.django_db
+class TestNodeBulkUpdateSkipUneditable:
+
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def title(self):
+        return 'A painting of reason'
+
+    @pytest.fixture()
+    def new_title(self):
+        return 'A reason for painting'
+
+    @pytest.fixture()
+    def description(self):
+        return 'Truly a masterful work of reasoning'
+
+    @pytest.fixture()
+    def new_description(self):
+        return 'An insight into the reason for art'
+
+    @pytest.fixture()
+    def category(self):
+        return 'data'
+
+    @pytest.fixture()
+    def new_category(self):
+        return 'project'
+
+    @pytest.fixture()
+    def user_one_public_project_one(self, user_one, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def user_one_public_project_two(self, user_one, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def user_two_public_project_one(self, user_two, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def user_two_public_project_two(self, user_two, title, description, category):
+        return ProjectFactory(title=title, description=description, category=category, is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def public_payload(self, user_one_public_project_one, user_one_public_project_two, user_two_public_project_one, user_two_public_project_two, new_title, new_description, new_category):
+        return {
             'data': [
                 {
-                    'id': self.public_project._id,
+                    'id': user_one_public_project_one._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 },
                 {
-                    'id': self.public_project_two._id,
+                    'id': user_one_public_project_two._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 },
                  {
-                    'id': self.public_project_three._id,
+                    'id': user_two_public_project_one._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 },
                  {
-                    'id': self.public_project_four._id,
+                    'id': user_two_public_project_two._id,
                     'type': 'nodes',
                     'attributes': {
-                        'title': self.new_title,
-                        'description': self.new_description,
-                        'category': self.new_category,
+                        'title': new_title,
+                        'description': new_description,
+                        'category': new_category,
                         'public': True
                     }
                 }
             ]
         }
 
-        self.url = '/{}nodes/?skip_uneditable=True'.format(API_BASE)
-
-    def test_skip_uneditable_bulk_update(self):
-        res = self.app.put_json_api(self.url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 200)
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/?skip_uneditable=True'.format(API_BASE)
+
+    def test_bulk_update_skips(self, app, user_one, user_one_public_project_one, user_one_public_project_two, user_two_public_project_one, user_two_public_project_two, title, public_payload):
+
+    #   test_skip_uneditable_bulk_update_query_param_required
+        nodes_url = '/{}nodes/'.format(API_BASE)
+        res = app.put_json_api(nodes_url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        user_one_public_project_one.reload()
+        user_one_public_project_two.reload()
+        user_two_public_project_one.reload()
+        user_two_public_project_two.reload()
+
+        assert user_one_public_project_one.title == title
+        assert user_one_public_project_two.title == title
+        assert user_two_public_project_one.title == title
+        assert user_two_public_project_two.title == title
+
+    #   test_skip_uneditable_equals_false_bulk_update
+        skip_uneditable_url = '/{}nodes/?skip_uneditable=False'.format(API_BASE)
+        res = app.put_json_api(skip_uneditable_url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        user_one_public_project_one.reload()
+        user_one_public_project_two.reload()
+        user_two_public_project_one.reload()
+        user_two_public_project_two.reload()
+
+        assert user_one_public_project_one.title == title
+        assert user_one_public_project_two.title == title
+        assert user_two_public_project_one.title == title
+        assert user_two_public_project_two.title == title
+
+    #   test_skip_uneditable_bulk_partial_update_query_param_required
+        url = '/{}nodes/'.format(API_BASE)
+        res = app.patch_json_api(url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        user_one_public_project_one.reload()
+        user_one_public_project_two.reload()
+        user_two_public_project_one.reload()
+        user_two_public_project_two.reload()
+
+        assert user_one_public_project_one.title == title
+        assert user_one_public_project_two.title == title
+        assert user_two_public_project_one.title == title
+        assert user_two_public_project_two.title == title
+
+    def test_skip_uneditable_bulk_update(self, app, user_one, user_one_public_project_one, user_one_public_project_two, user_two_public_project_one, user_two_public_project_two, title, new_title, public_payload, url):
+        res = app.put_json_api(url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 200
         edited = res.json['data']
         skipped = res.json['errors']
         assert_items_equal([edited[0]['id'], edited[1]['id']],
-                           [self.public_project._id, self.public_project_two._id])
+                           [user_one_public_project_one._id, user_one_public_project_two._id])
         assert_items_equal([skipped[0]['_id'], skipped[1]['_id']],
-                           [self.public_project_three._id, self.public_project_four._id])
-        self.public_project.reload()
-        self.public_project_two.reload()
-        self.public_project_three.reload()
-        self.public_project_four.reload()
-
-        assert_equal(self.public_project.title, self.new_title)
-        assert_equal(self.public_project_two.title, self.new_title)
-        assert_equal(self.public_project_three.title, self.title)
-        assert_equal(self.public_project_four.title, self.title)
-
-
-    def test_skip_uneditable_bulk_update_query_param_required(self):
-        url = '/{}nodes/'.format(API_BASE)
-        res = self.app.put_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        self.public_project.reload()
-        self.public_project_two.reload()
-        self.public_project_three.reload()
-        self.public_project_four.reload()
-
-        assert_equal(self.public_project.title, self.title)
-        assert_equal(self.public_project_two.title, self.title)
-        assert_equal(self.public_project_three.title, self.title)
-        assert_equal(self.public_project_four.title, self.title)
-
-    def test_skip_uneditable_equals_false_bulk_update(self):
-        url = '/{}nodes/?skip_uneditable=False'.format(API_BASE)
-        res = self.app.put_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        self.public_project.reload()
-        self.public_project_two.reload()
-        self.public_project_three.reload()
-        self.public_project_four.reload()
-
-        assert_equal(self.public_project.title, self.title)
-        assert_equal(self.public_project_two.title, self.title)
-        assert_equal(self.public_project_three.title, self.title)
-        assert_equal(self.public_project_four.title, self.title)
-
-    def test_skip_uneditable_bulk_partial_update(self):
-        res = self.app.patch_json_api(self.url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 200)
+                           [user_two_public_project_one._id, user_two_public_project_two._id])
+        user_one_public_project_one.reload()
+        user_one_public_project_two.reload()
+        user_two_public_project_one.reload()
+        user_two_public_project_two.reload()
+
+        assert user_one_public_project_one.title == new_title
+        assert user_one_public_project_two.title == new_title
+        assert user_two_public_project_one.title == title
+        assert user_two_public_project_two.title == title
+
+    def test_skip_uneditable_bulk_partial_update(self, app, user_one, user_one_public_project_one, user_one_public_project_two, user_two_public_project_one, user_two_public_project_two, title, new_title, public_payload, url):
+        res = app.patch_json_api(url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 200
         edited = res.json['data']
         skipped = res.json['errors']
         assert_items_equal([edited[0]['id'], edited[1]['id']],
-                           [self.public_project._id, self.public_project_two._id])
+                           [user_one_public_project_one._id, user_one_public_project_two._id])
         assert_items_equal([skipped[0]['_id'], skipped[1]['_id']],
-                           [self.public_project_three._id, self.public_project_four._id])
-        self.public_project.reload()
-        self.public_project_two.reload()
-        self.public_project_three.reload()
-        self.public_project_four.reload()
+                           [user_two_public_project_one._id, user_two_public_project_two._id])
+        user_one_public_project_one.reload()
+        user_one_public_project_two.reload()
+        user_two_public_project_one.reload()
+        user_two_public_project_two.reload()
 
-        assert_equal(self.public_project.title, self.new_title)
-        assert_equal(self.public_project_two.title, self.new_title)
-        assert_equal(self.public_project_three.title, self.title)
-        assert_equal(self.public_project_four.title, self.title)
+        assert user_one_public_project_one.title == new_title
+        assert user_one_public_project_two.title == new_title
+        assert user_two_public_project_one.title == title
+        assert user_two_public_project_two.title == title
 
 
-    def test_skip_uneditable_bulk_partial_update_query_param_required(self):
-        url = '/{}nodes/'.format(API_BASE)
-        res = self.app.patch_json_api(url, self.public_payload, auth=self.user.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        self.public_project.reload()
-        self.public_project_two.reload()
-        self.public_project_three.reload()
-        self.public_project_four.reload()
-
-        assert_equal(self.public_project.title, self.title)
-        assert_equal(self.public_project_two.title, self.title)
-        assert_equal(self.public_project_three.title, self.title)
-        assert_equal(self.public_project_four.title, self.title)
-
-
-class TestNodeBulkDelete(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeBulkDelete, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.user_two = AuthUserFactory()
-        self.project_one = ProjectFactory(title="Project One", is_public=True, creator=self.user_one, category="project")
-        self.project_two = ProjectFactory(title="Project Two", description="One Three", is_public=True, creator=self.user_one)
-        self.private_project_user_one = ProjectFactory(title="Private Project User One",
-                                                       is_public=False,
-                                                       creator=self.user_one)
-        self.private_project_user_two = ProjectFactory(title="Private Project User Two",
-                                                       is_public=False,
-                                                       creator=self.user_two)
-
-        self.url = "/{}nodes/".format(API_BASE)
-        self.project_one_url = '/{}nodes/{}/'.format(API_BASE, self.project_one._id)
-        self.project_two_url = '/{}nodes/{}/'.format(API_BASE, self.project_two._id)
-        self.private_project_url = "/{}nodes/{}/".format(API_BASE, self.private_project_user_one._id)
-
-        self.public_payload = {'data': [{'id': self.project_one._id, 'type': 'nodes'}, {'id': self.project_two._id, 'type': 'nodes'}]}
-        self.public_query_params = 'id={},{}'.format(self.project_one._id, self.project_two._id)
-        self.type_query_param = 'type=nodes'
-        self.private_payload = {'data': [{'id': self.private_project_user_one._id, 'type': 'nodes'}]}
-        self.private_query_params = 'id={}'.format(self.private_project_user_one._id)
-
-    def test_bulk_delete_with_query_params(self):
-        url = '{}?{}&{}'.format(self.url, self.type_query_param, self.public_query_params)
-        res = self.app.delete_json_api(url, auth=self.user_one.auth, bulk=True)
-        assert_equal(res.status_code, 204)
-
-    def test_bulk_delete_with_query_params_and_payload(self):
-        url = '{}?{}&{}'.format(self.url, self.type_query_param, self.public_query_params)
-        res = self.app.delete_json_api(url, self.public_payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
-        assert_equal(
-            res.json['errors'][0]['detail'],
-            u'A bulk DELETE can only have a body or query parameters, not both.'
-        )
+@pytest.mark.django_db
+class TestNodeBulkDelete:
 
-    def test_bulk_delete_with_query_params_no_type(self):
-        url = '{}?{}'.format(self.url, self.public_query_params)
-        res = self.app.delete_json_api(url, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(
-            res.json['errors'][0]['detail'],
-            u'Type query parameter is also required for a bulk DELETE using query parameters.'
-        )
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
 
-    def test_bulk_delete_with_query_params_wrong_type(self):
-        url = '{}?{}&{}'.format(self.url, self.public_query_params, "type=node_not_nodes")
-        res = self.app.delete_json_api(url, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
-        assert_equal(
-            res.json['errors'][0]['detail'],
-            u'Type needs to match type expected at this endpoint.'
-        )
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def public_project_one(self, user_one):
+        return ProjectFactory(title='Project One', is_public=True, creator=user_one, category='project')
+
+    @pytest.fixture()
+    def public_project_two(self, user_one):
+        return ProjectFactory(title='Project Two', description='One Three', is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def user_one_private_project(self, user_one):
+        return ProjectFactory(title='User One Private Project', is_public=False, creator=user_one)
+
+    @pytest.fixture()
+    def user_two_private_project(self, user_two):
+        return ProjectFactory(title='User Two Private Project', is_public=False, creator=user_two)
+
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/'.format(API_BASE)
+
+    @pytest.fixture()
+    def public_project_one_url(self, public_project_one):
+        return '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
+
+    @pytest.fixture()
+    def public_project_two_url(self, public_project_two):
+        return '/{}nodes/{}/'.format(API_BASE, public_project_two._id)
+
+    @pytest.fixture()
+    def user_one_private_project_url(self, user_one_private_project):
+        return '/{}nodes/{}/'.format(API_BASE, user_one_private_project._id)
+
+    @pytest.fixture()
+    def public_payload(self, public_project_one, public_project_two):
+        return {
+            'data': [
+                {
+                    'id': public_project_one._id, 
+                    'type': 'nodes'
+                }, 
+                {
+                    'id': public_project_two._id, 
+                    'type': 'nodes'
+                }
+            ]
+        }
+
+    @pytest.fixture()
+    def public_query_params(self, public_project_one, public_project_two):
+        return 'id={},{}'.format(public_project_one._id, public_project_two._id)
+
+    @pytest.fixture()
+    def type_query_param(self):
+        return 'type=nodes'
+
+    @pytest.fixture()
+    def private_payload(self, user_one_private_project):
+        return {
+            'data': [
+                {
+                    'id': user_one_private_project._id, 
+                    'type': 'nodes'
+                }
+            ]
+        }
+
+    @pytest.fixture()
+    def private_query_params(self, user_one_private_project):
+        return 'id={}'.format(user_one_private_project._id)
+
+    def test_bulk_delete_errors(self, app, user_one, public_project_one, public_project_two, user_one_private_project, public_payload, private_payload, type_query_param, public_query_params, url):
+
+    #   test_bulk_delete_with_query_params_and_payload
+        res_url = '{}?{}&{}'.format(url, type_query_param, public_query_params)
+        res = app.delete_json_api(res_url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 409
+        assert res.json['errors'][0]['detail'] == u'A bulk DELETE can only have a body or query parameters, not both.'
+
+    #   test_bulk_delete_with_query_params_no_type
+        res_url = '{}?{}'.format(url, public_query_params)
+        res = app.delete_json_api(res_url, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == u'Type query parameter is also required for a bulk DELETE using query parameters.'
 
-    def test_bulk_delete_nodes_blank_request(self):
-        res = self.app.delete_json_api(self.url, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
+    #   test_bulk_delete_with_query_params_wrong_type
+        res_url = '{}?{}&{}'.format(url, public_query_params, "type=node_not_nodes")
+        res = app.delete_json_api(res_url, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 409
+        assert res.json['errors'][0]['detail'] == u'Type needs to match type expected at this endpoint.'
 
-    def test_bulk_delete_no_type(self):
+    #   test_bulk_delete_nodes_blank_request
+        res = app.delete_json_api(url, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+
+    #   test_bulk_delete_no_type
         payload = {'data': [
-            {'id': self.project_one._id},
-            {'id': self.project_two._id}
+            {'id': public_project_one._id},
+            {'id': public_project_two._id}
         ]}
-        res = self.app.delete_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /type.')
+        res = app.delete_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /type.'
 
-    def test_bulk_delete_no_id(self):
+    #   test_bulk_delete_no_id
         payload = {'data': [
             {'type': 'nodes'},
             {'id': 'nodes'}
         ]}
-        res = self.app.delete_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Request must include /data/id.')
-
-    def test_bulk_delete_dict_inside_data(self):
-        res = self.app.delete_json_api(self.url, {'data': {'id': self.project_one._id, 'type': 'nodes'}},
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Expected a list of items but got type "dict".')
-
-    def test_bulk_delete_invalid_type(self):
-        res = self.app.delete_json_api(self.url, {'data': [{'type': 'Wrong type', 'id': self.project_one._id}]},
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 409)
-
-    def test_bulk_delete_public_projects_logged_in(self):
-        res = self.app.delete_json_api(self.url, self.public_payload, auth=self.user_one.auth, bulk=True)
-        assert_equal(res.status_code, 204)
-
-        res = self.app.get(self.project_one_url, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 410)
-        self.project_one.reload()
-        self.project_two.reload()
-
-    def test_bulk_delete_public_projects_logged_out(self):
-        res = self.app.delete_json_api(self.url, self.public_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
-
-        res = self.app.get(self.project_one_url, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 200)
-
-        res = self.app.get(self.project_two_url, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 200)
-
-    def test_bulk_delete_private_projects_logged_out(self):
-        res = self.app.delete_json_api(self.url, self.private_payload, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 401)
-        assert_equal(res.json['errors'][0]['detail'], 'Authentication credentials were not provided.')
-
-    def test_bulk_delete_private_projects_logged_in_contributor(self):
-        res = self.app.delete_json_api(self.url, self.private_payload,
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 204)
-
-        res = self.app.get(self.private_project_url, auth=self.user_one.auth, expect_errors=True)
-        assert_equal(res.status_code, 410)
-        self.private_project_user_one.reload()
-
-    def test_bulk_delete_private_projects_logged_in_non_contributor(self):
-        res = self.app.delete_json_api(self.url, self.private_payload,
-                                       auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-        res = self.app.get(self.private_project_url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-
-    def test_bulk_delete_private_projects_logged_in_read_only_contributor(self):
-        self.private_project_user_one.add_contributor(self.user_two, permissions=[permissions.READ], save=True)
-        res = self.app.delete_json_api(self.url, self.private_payload,
-                                       auth=self.user_two.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-        res = self.app.get(self.private_project_url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-
-    def test_bulk_delete_all_or_nothing(self):
-        new_payload = {'data': [{'id': self.private_project_user_one._id, 'type': 'nodes'}, {'id': self.private_project_user_two._id, 'type': 'nodes'}]}
-        res = self.app.delete_json_api(self.url, new_payload,
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-        assert_equal(res.json['errors'][0]['detail'], 'You do not have permission to perform this action.')
-
-        res = self.app.get(self.private_project_url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-
-        url = "/{}nodes/{}/".format(API_BASE, self.private_project_user_two._id)
-        res = self.app.get(url, auth=self.user_two.auth)
-        assert_equal(res.status_code, 200)
-
-    def test_bulk_delete_limits(self):
-        new_payload = {'data': [{'id': self.private_project_user_one._id, 'type':'nodes'}] * 101 }
-        res = self.app.delete_json_api(self.url, new_payload,
-                                       auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Bulk operation limit is 100, got 101.')
-        assert_equal(res.json['errors'][0]['source']['pointer'], '/data')
-
-    def test_bulk_delete_invalid_payload_one_not_found(self):
-        new_payload = {'data': [self.public_payload['data'][0], {'id': '12345', 'type': 'nodes'}]}
-        res = self.app.delete_json_api(self.url, new_payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-        assert_equal(res.json['errors'][0]['detail'], 'Could not find all objects to delete.')
-
-        res = self.app.get(self.project_one_url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-
-    def test_bulk_delete_no_payload(self):
-        res = self.app.delete_json_api(self.url, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 400)
-
-
-class TestNodeBulkDeleteSkipUneditable(ApiTestCase):
-
-    def setUp(self):
-        super(TestNodeBulkDeleteSkipUneditable, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.user_two = AuthUserFactory()
-        self.project_one = ProjectFactory(title="Project One", is_public=True, creator=self.user_one)
-        self.project_two = ProjectFactory(title="Project Two",  is_public=True, creator=self.user_one)
-        self.project_three = ProjectFactory(title="Project Three", is_public=True, creator=self.user_two)
-        self.project_four = ProjectFactory(title="Project Four", is_public=True, creator=self.user_two)
-
-        self.payload = {
+        res = app.delete_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Request must include /data/id.'
+
+    #   test_bulk_delete_dict_inside_data
+        res = app.delete_json_api(url, {'data': {'id': public_project_one._id, 'type': 'nodes'}},
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Expected a list of items but got type "dict".'
+
+    #   test_bulk_delete_invalid_type
+        res = app.delete_json_api(url, {'data': [{'type': 'Wrong type', 'id': public_project_one._id}]},
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 409
+
+    #   test_bulk_delete_private_projects_logged_out
+        res = app.delete_json_api(url, private_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
+
+    #   test_bulk_delete_limits
+        new_payload = {'data': [{'id': user_one_private_project._id, 'type':'nodes'}] * 101 }
+        res = app.delete_json_api(url, new_payload,
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
+        assert res.json['errors'][0]['source']['pointer'] == '/data'
+
+    #   test_bulk_delete_no_payload
+        res = app.delete_json_api(url, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+
+    def test_bulk_delete_with_query_params(self, app, user_one, url, type_query_param, public_query_params):
+        url = '{}?{}&{}'.format(url, type_query_param, public_query_params)
+        res = app.delete_json_api(url, auth=user_one.auth, bulk=True)
+        assert res.status_code == 204
+
+    def test_bulk_delete_public_projects_logged_in(self, app, user_one, public_project_one, public_project_two, public_payload, url, public_project_one_url):
+        res = app.delete_json_api(url, public_payload, auth=user_one.auth, bulk=True)
+        assert res.status_code == 204
+
+        res = app.get(public_project_one_url, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 410
+        public_project_one.reload()
+        public_project_two.reload()
+
+    def test_bulk_delete_public_projects_logged_out(self, app, user_one, public_project_one, public_project_two, public_payload, url, public_project_one_url, public_project_two_url):
+        res = app.delete_json_api(url, public_payload, expect_errors=True, bulk=True)
+        assert res.status_code == 401
+        assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
+
+        res = app.get(public_project_one_url, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 200
+
+        res = app.get(public_project_two_url, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 200
+
+    def test_bulk_delete_private_projects_logged_in_contributor(self, app, user_one, user_one_private_project, private_payload, url, user_one_private_project_url):
+        res = app.delete_json_api(url, private_payload,
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 204
+
+        res = app.get(user_one_private_project_url, auth=user_one.auth, expect_errors=True)
+        assert res.status_code == 410
+        user_one_private_project.reload()
+
+    def test_bulk_delete_private_projects_logged_in_non_contributor(self, app, user_one, user_two, user_one_private_project, private_payload, url, user_one_private_project_url):
+        res = app.delete_json_api(url, private_payload,
+                                       auth=user_two.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+        res = app.get(user_one_private_project_url, auth=user_one.auth)
+        assert res.status_code == 200
+
+    def test_bulk_delete_private_projects_logged_in_read_only_contributor(self, app, user_one, user_two, user_one_private_project, private_payload, url, user_one_private_project_url):
+        user_one_private_project.add_contributor(user_two, permissions=[permissions.READ], save=True)
+        res = app.delete_json_api(url, private_payload,
+                                       auth=user_two.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+        res = app.get(user_one_private_project_url, auth=user_one.auth)
+        assert res.status_code == 200
+
+    def test_bulk_delete_all_or_nothing(self, app, user_one, user_two, user_one_private_project, user_two_private_project, url, user_one_private_project_url):
+        new_payload = {'data': [{'id': user_one_private_project._id, 'type': 'nodes'}, {'id': user_two_private_project._id, 'type': 'nodes'}]}
+        res = app.delete_json_api(url, new_payload,
+                                       auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
+        assert res.json['errors'][0]['detail'] == exceptions.PermissionDenied.default_detail
+
+        res = app.get(user_one_private_project_url, auth=user_one.auth)
+        assert res.status_code == 200
+
+        url = "/{}nodes/{}/".format(API_BASE, user_two_private_project._id)
+        res = app.get(url, auth=user_two.auth)
+        assert res.status_code == 200
+
+    def test_bulk_delete_invalid_payload_one_not_found(self, app, user_one, public_payload, public_project_one_url, url):
+        new_payload = {'data': [public_payload['data'][0], {'id': '12345', 'type': 'nodes'}]}
+        res = app.delete_json_api(url, new_payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 400
+        assert res.json['errors'][0]['detail'] == 'Could not find all objects to delete.'
+
+        res = app.get(public_project_one_url, auth=user_one.auth)
+        assert res.status_code == 200
+
+
+@pytest.mark.django_db
+class TestNodeBulkDeleteSkipUneditable:
+
+    @pytest.fixture()
+    def user_one(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def public_project_one(self, user_one):
+        return ProjectFactory(title='Project One', is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def public_project_two(self, user_one):
+        return ProjectFactory(title='Project Two', is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def public_project_three(self, user_two):
+        return ProjectFactory(title='Project Three', is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def public_project_four(self, user_two):
+        return ProjectFactory(title='Project Four', is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def payload(self, public_project_one, public_project_two, public_project_three, public_project_four):
+        return {
             'data': [
                 {
-                    'id': self.project_one._id,
+                    'id': public_project_one._id,
                     'type': 'nodes',
                 },
                 {
-                    'id': self.project_two._id,
+                    'id': public_project_two._id,
                     'type': 'nodes',
                 },
                  {
-                    'id': self.project_three._id,
+                    'id': public_project_three._id,
                     'type': 'nodes',
                 },
                  {
-                    'id': self.project_four._id,
+                    'id': public_project_four._id,
                     'type': 'nodes',
                 }
             ]
         }
 
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/?skip_uneditable=True'.format(API_BASE)
 
-
-        self.url = "/{}nodes/?skip_uneditable=True".format(API_BASE)
-
-    def test_skip_uneditable_bulk_delete(self):
-        res = self.app.delete_json_api(self.url, self.payload, auth=self.user_one.auth, bulk=True)
-        assert_equal(res.status_code, 200)
+    def test_skip_uneditable_bulk_delete(self, app, user_one, public_project_one, public_project_two, public_project_three, public_project_four, payload, url):
+        res = app.delete_json_api(url, payload, auth=user_one.auth, bulk=True)
+        assert res.status_code == 200
         skipped = res.json['errors']
         assert_items_equal([skipped[0]['id'], skipped[1]['id']],
-                           [self.project_three._id, self.project_four._id])
+                           [public_project_three._id, public_project_four._id])
 
-        res = self.app.get('/{}nodes/'.format(API_BASE), auth=self.user_one.auth)
+        res = app.get('/{}nodes/'.format(API_BASE), auth=user_one.auth)
         assert_items_equal([res.json['data'][0]['id'], res.json['data'][1]['id']],
-                           [self.project_three._id, self.project_four._id])
+                           [public_project_three._id, public_project_four._id])
 
-    def test_skip_uneditable_bulk_delete_query_param_required(self):
+    def test_skip_uneditable_bulk_delete_query_param_required(self, app, user_one, payload):
         url = '/{}nodes/'.format(API_BASE)
-        res = self.app.delete_json_api(url, self.payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
+        res = app.delete_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
 
-        res = self.app.get('/{}nodes/'.format(API_BASE), auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(len(res.json['data']), 4)
+        res = app.get('/{}nodes/'.format(API_BASE), auth=user_one.auth)
+        assert res.status_code == 200
+        assert len(res.json['data']) == 4
 
-    def test_skip_uneditable_has_admin_permission_for_all_nodes(self):
+    def test_skip_uneditable_has_admin_permission_for_all_nodes(self, app, user_one, public_project_one, public_project_two, url):
         payload = {
             'data': [
                 {
-                    'id': self.project_one._id,
+                    'id': public_project_one._id,
                     'type': 'nodes',
                 },
                 {
-                    'id': self.project_two._id,
+                    'id': public_project_two._id,
                     'type': 'nodes',
                 }
             ]
         }
 
-        res = self.app.delete_json_api(self.url, payload, auth=self.user_one.auth, bulk=True)
-        assert_equal(res.status_code, 204)
-        self.project_one.reload()
-        self.project_two.reload()
+        res = app.delete_json_api(url, payload, auth=user_one.auth, bulk=True)
+        assert res.status_code == 204
+        public_project_one.reload()
+        public_project_two.reload()
 
-        assert_equal(self.project_one.is_deleted, True)
-        assert_equal(self.project_two.is_deleted, True)
+        assert public_project_one.is_deleted == True
+        assert public_project_two.is_deleted == True
 
-    def test_skip_uneditable_does_not_have_admin_permission_for_any_nodes(self):
+    def test_skip_uneditable_does_not_have_admin_permission_for_any_nodes(self, app, user_one, public_project_three, public_project_four, url):
         payload = {
             'data': [
                 {
-                    'id': self.project_three._id,
+                    'id': public_project_three._id,
                     'type': 'nodes',
                 },
                 {
-                    'id': self.project_four._id,
+                    'id': public_project_four._id,
                     'type': 'nodes',
                 }
             ]
         }
 
-        res = self.app.delete_json_api(self.url, payload, auth=self.user_one.auth, expect_errors=True, bulk=True)
-        assert_equal(res.status_code, 403)
-
+        res = app.delete_json_api(url, payload, auth=user_one.auth, expect_errors=True, bulk=True)
+        assert res.status_code == 403
 
-class TestNodeListPagination(ApiTestCase):
+@pytest.mark.django_db
+class TestNodeListPagination:
 
-    def setUp(self):
-        super(TestNodeListPagination, self).setUp()
+    @pytest.fixture()
+    def users(self):
+        return [UserFactory() for _ in range(11)]
 
-        # Ordered by date modified: oldest first
-        self.users = [UserFactory() for _ in range(11)]
-        self.projects = [ProjectFactory(is_public=True, creator=self.users[0]) for _ in range(11)]
+    @pytest.fixture()
+    def projects(self, users):
+        return [ProjectFactory(is_public=True, creator=users[0]) for _ in range(11)]
 
-        self.url = '/{}nodes/'.format(API_BASE)
+    @pytest.fixture()
+    def url(self, users):
+        return '/{}nodes/'.format(API_BASE)
 
-    def test_default_pagination_size(self):
-        res = self.app.get(self.url, auth=Auth(self.users[0]))
+    def test_default_pagination_size(self, app, users, projects, url):
+        res = app.get(url, auth=Auth(users[0]))
         pids = [e['id'] for e in res.json['data']]
-        for project in self.projects[1:]:
-            assert_in(project._id, pids)
-        assert_not_in(self.projects[0]._id, pids)
-        assert_equal(res.json['links']['meta']['per_page'], 10)
-
-    def test_max_page_size_enforced(self):
-        url = '{}?page[size]={}'.format(self.url, MAX_PAGE_SIZE+1)
-        res = self.app.get(url, auth=Auth(self.users[0]))
+        for project in projects[1:]:
+            assert project._id in pids
+        assert projects[0]._id not in pids
+        assert res.json['links']['meta']['per_page'] == 10
+
+    def test_max_page_size_enforced(self, app, users, projects, url):
+        res_url = '{}?page[size]={}'.format(url, MAX_PAGE_SIZE+1)
+        res = app.get(res_url, auth=Auth(users[0]))
         pids = [e['id'] for e in res.json['data']]
-        for project in self.projects:
-            assert_in(project._id, pids)
-        assert_equal(res.json['links']['meta']['per_page'], MAX_PAGE_SIZE)
+        for project in projects:
+            assert project._id in pids
+        assert res.json['links']['meta']['per_page'] == MAX_PAGE_SIZE
 
-    def test_embed_page_size_not_affected(self):
-        for user in self.users[1:]:
-            self.projects[-1].add_contributor(user, auth=Auth(self.users[0]), save=True)
+    def test_embed_page_size_not_affected(self, app, users, projects, url):
+        for user in users[1:]:
+            projects[-1].add_contributor(user, auth=Auth(users[0]), save=True)
 
-        url = '{}?page[size]={}&embed=contributors'.format(self.url, MAX_PAGE_SIZE+1)
-        res = self.app.get(url, auth=Auth(self.users[0]))
+        res_url = '{}?page[size]={}&embed=contributors'.format(url, MAX_PAGE_SIZE+1)
+        res = app.get(res_url, auth=Auth(users[0]))
         pids = [e['id'] for e in res.json['data']]
-        for project in self.projects:
-            assert_in(project._id, pids)
-        assert_equal(res.json['links']['meta']['per_page'], MAX_PAGE_SIZE)
+        for project in projects:
+            assert project._id in pids
+        assert res.json['links']['meta']['per_page'] == MAX_PAGE_SIZE
 
         uids = [e['id'] for e in res.json['data'][0]['embeds']['contributors']['data']]
-        for user in self.users[:9]:
+        for user in users[:9]:
             contrib_id = '{}-{}'.format(res.json['data'][0]['id'], user._id)
-            assert_in(contrib_id, uids)
+            assert contrib_id in uids
 
-        assert_not_in('{}-{}'.format(res.json['data'][0]['id'], self.users[10]._id), uids)
-        assert_equal(res.json['data'][0]['embeds']['contributors']['links']['meta']['per_page'], 10)
+        assert '{}-{}'.format(res.json['data'][0]['id'], users[10]._id) not in uids
+        assert res.json['data'][0]['embeds']['contributors']['links']['meta']['per_page'] == 10
 
 
-class TestNodeListFiltering(NodesListFilteringMixin, ApiTestCase):
+@pytest.mark.django_db
+class TestNodeListFiltering(NodesListFilteringMixin):
 
-    url = '/{}nodes/?'.format(API_BASE)
+    @pytest.fixture()
+    def url(self):
+        return '/{}nodes/?'.format(API_BASE)
diff --git a/api_tests/nodes/views/test_node_relationship_institutions.py b/api_tests/nodes/views/test_node_relationship_institutions.py
index 8c635481c23..52a083c5dfc 100644
--- a/api_tests/nodes/views/test_node_relationship_institutions.py
+++ b/api_tests/nodes/views/test_node_relationship_institutions.py
@@ -8,6 +8,7 @@
 )
 from website.util import permissions
 
+
 @pytest.mark.django_db
 class TestNodeRelationshipInstitutions:
 
diff --git a/api_tests/nodes/views/test_node_wiki_list.py b/api_tests/nodes/views/test_node_wiki_list.py
index 8ad6c785b80..ae31fba6ce9 100644
--- a/api_tests/nodes/views/test_node_wiki_list.py
+++ b/api_tests/nodes/views/test_node_wiki_list.py
@@ -10,10 +10,12 @@
 )
 from rest_framework import exceptions
 
+
 @pytest.fixture()
 def user():
     return AuthUserFactory()
 
+
 @pytest.mark.django_db
 class TestNodeWikiList:
 
diff --git a/api_tests/users/views/test_user_nodes_list.py b/api_tests/users/views/test_user_nodes_list.py
index 8c18b95b028..69ac1eba694 100644
--- a/api_tests/users/views/test_user_nodes_list.py
+++ b/api_tests/users/views/test_user_nodes_list.py
@@ -1,7 +1,7 @@
-# -*- coding: utf-8 -*-
-from nose.tools import *  # flake8: noqa
+import pytest
 
-from tests.base import ApiTestCase
+from api.base.settings.defaults import API_BASE
+from api_tests.nodes.filters.test_filters import NodesListFilteringMixin
 from osf_tests.factories import (
     AuthUserFactory,
     BookmarkCollectionFactory,
@@ -11,139 +11,192 @@
     ProjectFactory,
     RegistrationFactory,
 )
+from website.views import find_bookmark_collection
 
-from api.base.settings.defaults import API_BASE
-from api_tests.nodes.filters.test_filters import NodesListFilteringMixin
 
-from website.views import find_bookmark_collection
+@pytest.mark.django_db
+class TestUserNodes:
+
+    @pytest.fixture()
+    def user_one(self):
+        user_one = AuthUserFactory()
+        user_one.social['twitter'] = 'RheisenDennis'
+        user_one.save()
+        return user_one
+
+    @pytest.fixture()
+    def user_two(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def public_project_user_one(self, user_one):
+        return ProjectFactory(title='Public Project User One', is_public=True, creator=user_one)
+
+    @pytest.fixture()
+    def private_project_user_one(self, user_one):
+        return ProjectFactory(title='Private Project User One', is_public=False, creator=user_one)
+
+    @pytest.fixture()
+    def public_project_user_two(self, user_two):
+        return ProjectFactory(title='Public Project User Two', is_public=True, creator=user_two)
+
+    @pytest.fixture()
+    def private_project_user_two(self, user_two):
+        return ProjectFactory(title='Private Project User Two', is_public=False, creator=user_two)
+
+    @pytest.fixture()
+    def deleted_project_user_one(self, user_one):
+        return CollectionFactory(title='Deleted Project User One', is_public=False, creator=user_one, is_deleted=True)
+
+    @pytest.fixture()
+    def folder(self):
+        return CollectionFactory()
+
+    @pytest.fixture()
+    def deleted_folder(self, user_one):
+        return CollectionFactory(title='Deleted Folder User One', is_public=False, creator=user_one, is_deleted=True)
+
+    @pytest.fixture()
+    def bookmark_collection(self, user_one):
+        return find_bookmark_collection(user_one)
+
+    @pytest.fixture()
+    def registration(self, user_one, public_project_user_one):
+        return RegistrationFactory(project=public_project_user_one, creator=user_one, is_public=True)
+
+    def test_user_nodes(self, app, user_one, user_two, public_project_user_one, public_project_user_two, private_project_user_one, private_project_user_two, deleted_project_user_one, folder, deleted_folder, registration):
+
+    #   test_authorized_in_gets_200
+        url = "/{}users/{}/nodes/".format(API_BASE, user_one._id)
+        res = app.get(url, auth=user_one.auth)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
 
+    #   test_anonymous_gets_200
+        url = "/{}users/{}/nodes/".format(API_BASE, user_one._id)
+        res = app.get(url)
+        assert res.status_code == 200
+        assert res.content_type == 'application/vnd.api+json'
 
-class TestUserNodes(ApiTestCase):
-
-    def setUp(self):
-        super(TestUserNodes, self).setUp()
-        self.user_one = AuthUserFactory()
-        self.user_one.social['twitter'] = 'howtopizza'
-        self.user_one.save()
-
-        self.user_two = AuthUserFactory()
-        self.public_project_user_one = ProjectFactory(title="Public Project User One",
-                                                      is_public=True,
-                                                      creator=self.user_one)
-        self.private_project_user_one = ProjectFactory(title="Private Project User One",
-                                                       is_public=False,
-                                                       creator=self.user_one)
-        self.public_project_user_two = ProjectFactory(title="Public Project User Two",
-                                                      is_public=True,
-                                                      creator=self.user_two)
-        self.private_project_user_two = ProjectFactory(title="Private Project User Two",
-                                                       is_public=False,
-                                                       creator=self.user_two)
-        self.deleted_project_user_one = CollectionFactory(title="Deleted Project User One",
-                                                          is_public=False,
-                                                          creator=self.user_one,
-                                                          is_deleted=True)
-        self.folder = CollectionFactory()
-        self.deleted_folder = CollectionFactory(title="Deleted Folder User One",
-                                                is_public=False,
-                                                creator=self.user_one,
-                                                is_deleted=True)
-        self.bookmark_collection = find_bookmark_collection(self.user_one)
-
-        self.registration = RegistrationFactory(project=self.public_project_user_one,
-                                                      creator=self.user_one, is_public=True)
-
-    def tearDown(self):
-        super(TestUserNodes, self).tearDown()
-
-    def test_authorized_in_gets_200(self):
-        url = "/{}users/{}/nodes/".format(API_BASE, self.user_one._id)
-        res = self.app.get(url, auth=self.user_one.auth)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
-
-    def test_anonymous_gets_200(self):
-        url = "/{}users/{}/nodes/".format(API_BASE, self.user_one._id)
-        res = self.app.get(url)
-        assert_equal(res.status_code, 200)
-        assert_equal(res.content_type, 'application/vnd.api+json')
-
-    def test_get_projects_logged_in(self):
-        url = "/{}users/{}/nodes/".format(API_BASE, self.user_one._id)
-        res = self.app.get(url, auth=self.user_one.auth)
+    #   test_get_projects_logged_in
+        url = "/{}users/{}/nodes/".format(API_BASE, user_one._id)
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.public_project_user_one._id, ids)
-        assert_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.public_project_user_two._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.deleted_folder._id, ids)
-        assert_not_in(self.deleted_project_user_one._id, ids)
-        assert_not_in(self.registration._id, ids)
-
-    def test_get_projects_not_logged_in(self):
-        url = "/{}users/{}/nodes/".format(API_BASE, self.user_one._id)
-        res = self.app.get(url)
+        assert public_project_user_one._id in ids
+        assert private_project_user_one._id in ids
+        assert public_project_user_two._id not in ids
+        assert private_project_user_two._id not in ids
+        assert folder._id not in ids
+        assert deleted_folder._id not in ids
+        assert deleted_project_user_one._id not in ids
+        assert registration._id not in ids
+
+    #   test_get_projects_not_logged_in
+        url = "/{}users/{}/nodes/".format(API_BASE, user_one._id)
+        res = app.get(url)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.public_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.public_project_user_two._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.deleted_project_user_one._id, ids)
-        assert_not_in(self.registration._id, ids)
-
-    def test_get_projects_logged_in_as_different_user(self):
-        url = "/{}users/{}/nodes/".format(API_BASE, self.user_two._id)
-        res = self.app.get(url, auth=self.user_one.auth)
+        assert public_project_user_one._id in ids
+        assert private_project_user_one._id not in ids
+        assert public_project_user_two._id not in ids
+        assert private_project_user_two._id not in ids
+        assert folder._id not in ids
+        assert deleted_project_user_one._id not in ids
+        assert registration._id not in ids
+
+    #   test_get_projects_logged_in_as_different_user
+        url = "/{}users/{}/nodes/".format(API_BASE, user_two._id)
+        res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
         ids = [each['id'] for each in node_json]
-        assert_in(self.public_project_user_two._id, ids)
-        assert_not_in(self.public_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_one._id, ids)
-        assert_not_in(self.private_project_user_two._id, ids)
-        assert_not_in(self.folder._id, ids)
-        assert_not_in(self.deleted_project_user_one._id, ids)
-        assert_not_in(self.registration._id, ids)
-
-
-class TestUserNodesPreprintsFiltering(ApiTestCase):
-
-    def setUp(self):
-        super(TestUserNodesPreprintsFiltering, self).setUp()
-        self.user = AuthUserFactory()
-        self.no_preprints_node = ProjectFactory(creator=self.user)
-        self.valid_preprint_node = ProjectFactory(creator=self.user)
-        self.orphaned_preprint_node = ProjectFactory(creator=self.user)
-        self.abandoned_preprint_node = ProjectFactory(creator=self.user)
-
-        self.valid_preprint = PreprintFactory(project=self.valid_preprint_node)
-        self.abandoned_preprint = PreprintFactory(project=self.abandoned_preprint_node, is_published=False)
-        self.orphaned_preprint = PreprintFactory(project=self.orphaned_preprint_node)
-        self.orphaned_preprint.node.preprint_file = None
-        self.orphaned_preprint.node.save()
-        self.url_base = '/{}users/me/nodes/?filter[preprint]='.format(API_BASE)
-
-    def test_filter_false(self):
-        expected_ids = [self.abandoned_preprint_node._id, self.no_preprints_node._id, self.orphaned_preprint_node._id]
-        res = self.app.get('{}false'.format(self.url_base), auth=self.user.auth)
+        assert public_project_user_two._id in ids
+        assert public_project_user_one._id not in ids
+        assert private_project_user_one._id not in ids
+        assert private_project_user_two._id not in ids
+        assert folder._id not in ids
+        assert deleted_project_user_one._id not in ids
+        assert registration._id not in ids
+
+
+@pytest.mark.django_db
+class TestUserNodesPreprintsFiltering:
+
+    @pytest.fixture()
+    def user(self):
+        return AuthUserFactory()
+
+    @pytest.fixture()
+    def no_preprints_node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def valid_preprint_node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def orphaned_preprint_node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def abandoned_preprint_node(self, user):
+        return ProjectFactory(creator=user)
+
+    @pytest.fixture()
+    def valid_preprint(self, valid_preprint_node):
+        return PreprintFactory(project=valid_preprint_node)
+
+    @pytest.fixture()
+    def abandoned_preprint(self, abandoned_preprint_node):
+        return PreprintFactory(project=abandoned_preprint_node, is_published=False)
+
+    @pytest.fixture()
+    def orphaned_preprint(self, orphaned_preprint_node):
+        orphaned_preprint = PreprintFactory(project=orphaned_preprint_node)
+        orphaned_preprint.node.preprint_file = None
+        orphaned_preprint.node.save()
+        return orphaned_preprint
+
+    @pytest.fixture()
+    def url_base(self):
+        return '/{}users/me/nodes/?filter[preprint]='.format(API_BASE)
+
+    # def setUp(self):
+    #     super(TestUserNodesPreprintsFiltering, self).setUp()
+    #     self.user = AuthUserFactory()
+    #     self.no_preprints_node = ProjectFactory(creator=self.user)
+    #     self.valid_preprint_node = ProjectFactory(creator=self.user)
+    #     self.orphaned_preprint_node = ProjectFactory(creator=self.user)
+    #     self.abandoned_preprint_node = ProjectFactory(creator=self.user)
+
+    #     self.valid_preprint = PreprintFactory(project=self.valid_preprint_node)
+    #     self.abandoned_preprint = PreprintFactory(project=self.abandoned_preprint_node, is_published=False)
+    #     self.orphaned_preprint = PreprintFactory(project=self.orphaned_preprint_node)
+    #     self.orphaned_preprint.node.preprint_file = None
+    #     self.orphaned_preprint.node.save()
+    #     self.url_base = '/{}users/me/nodes/?filter[preprint]='.format(API_BASE)
+
+    def test_filter_false(self, app, user, abandoned_preprint_node, no_preprints_node, orphaned_preprint_node, url_base):
+        expected_ids = [abandoned_preprint_node._id, no_preprints_node._id, orphaned_preprint_node._id]
+        res = app.get('{}false'.format(url_base), auth=user.auth)
         actual_ids = [n['id'] for n in res.json['data']]
 
-        assert_equal(set(expected_ids), set(actual_ids))
+        assert set(expected_ids) == set(actual_ids)
 
-    def test_filter_true(self):
-        expected_ids = [self.valid_preprint_node._id]
-        res = self.app.get('{}true'.format(self.url_base), auth=self.user.auth)
+    def test_filter_true(self, app, user, valid_preprint_node, valid_preprint, url_base):
+        expected_ids = [valid_preprint_node._id]
+        res = app.get('{}true'.format(url_base), auth=user.auth)
         actual_ids = [n['id'] for n in res.json['data']]
 
-        assert_equal(set(expected_ids), set(actual_ids))
+        assert set(expected_ids) == set(actual_ids)
 
 
-class TestNodeListFiltering(NodesListFilteringMixin, ApiTestCase):
+@pytest.mark.django_db
+class TestNodeListFiltering(NodesListFilteringMixin):
 
-    url = '/{}users/me/nodes/?'.format(API_BASE)
+    @pytest.fixture()
+    def url(self):
+        return '/{}users/me/nodes/?'.format(API_BASE)
diff --git a/tests/utils.py b/tests/utils.py
index 873e030f55a..188eb676fec 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -72,6 +72,12 @@ def wrapper(self, *args, **kwargs):
         return wrapper
     return outer_wrapper
 
+def assert_items_equal(first_item, *item_list):
+    first_item.sort()
+    for item in item_list:
+        item.sort()
+        assert item == first_item
+
 @contextlib.contextmanager
 def mock_archive(project, schema=None, auth=None, data=None, parent=None,
                  embargo=False, embargo_end_date=None,

From d16ed22dda812a3c1a1eaad9abb58be41bef052e Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 15 Jun 2017 13:12:55 -0400
Subject: [PATCH 105/163] small fix

---
 api_tests/nodes/views/test_node_preprints.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/api_tests/nodes/views/test_node_preprints.py b/api_tests/nodes/views/test_node_preprints.py
index 1dc0134b851..7eab148326c 100644
--- a/api_tests/nodes/views/test_node_preprints.py
+++ b/api_tests/nodes/views/test_node_preprints.py
@@ -1,4 +1,3 @@
-from nose.tools import *  # flake8: noqa
 import pytest
 
 from addons.osfstorage.models import OsfStorageFile
@@ -13,7 +12,7 @@
     AuthUserFactory, 
     ProjectFactory, 
     SubjectFactory, 
-    PreprintProviderFactory
+    PreprintProviderFactory,
 )
 from tests.base import ApiTestCase
 

From d4ea2bf5cb90cb0c664487b925f4a385a51ba820 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 15 Jun 2017 13:21:03 -0400
Subject: [PATCH 106/163] modify assert_items_equal to be boring

---
 tests/utils.py | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/tests/utils.py b/tests/utils.py
index 188eb676fec..85e07a3e98d 100644
--- a/tests/utils.py
+++ b/tests/utils.py
@@ -72,11 +72,10 @@ def wrapper(self, *args, **kwargs):
         return wrapper
     return outer_wrapper
 
-def assert_items_equal(first_item, *item_list):
-    first_item.sort()
-    for item in item_list:
-        item.sort()
-        assert item == first_item
+def assert_items_equal(item_one, item_two):
+    item_one.sort()
+    item_two.sort()
+    assert item_one == item_two
 
 @contextlib.contextmanager
 def mock_archive(project, schema=None, auth=None, data=None, parent=None,

From d736e627262bdf1c9824f741a47b9e5eb17d0c3d Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 15 Jun 2017 14:57:36 -0400
Subject: [PATCH 107/163] fix imports

---
 .../files/serializers/test_file_serializer.py  | 12 +++++++-----
 api_tests/files/views/test_file_detail.py      | 18 +++++++++++++-----
 2 files changed, 20 insertions(+), 10 deletions(-)

diff --git a/api_tests/files/serializers/test_file_serializer.py b/api_tests/files/serializers/test_file_serializer.py
index a30aaeb7700..2818d40061f 100644
--- a/api_tests/files/serializers/test_file_serializer.py
+++ b/api_tests/files/serializers/test_file_serializer.py
@@ -1,13 +1,15 @@
-# -*- coding: utf-8 -*-
-import pytest
 from datetime import datetime
+
+import pytest
 from pytz import utc
 
-from osf_tests.factories import UserFactory, NodeFactory
-from tests.base import DbTestCase
-from tests.utils import make_drf_request_with_version
 from api.files.serializers import FileSerializer
 from api_tests import utils
+from osf_tests.factories import (
+    UserFactory, 
+    NodeFactory,
+)
+from tests.utils import make_drf_request_with_version
 
 @pytest.fixture()
 def user():
diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index 7fe679880cb..209826ae6b6 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -1,8 +1,8 @@
 from __future__ import unicode_literals
 
-import pytest
 import itsdangerous
 import mock
+import pytest
 import pytz
 
 from addons.github.models import GithubFileNode
@@ -10,11 +10,15 @@
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as api_utils
 from framework.auth.core import Auth
-from osf_tests.factories import (AuthUserFactory, CommentFactory,
-                                 ProjectFactory, UserFactory)
-from tests.base import ApiTestCase, capture_signals
-from website import settings as website_settings
 from osf.models import NodeLog, Session
+from osf_tests.factories import (
+    AuthUserFactory,
+    CommentFactory,
+    ProjectFactory,
+    UserFactory,
+)
+from tests.base import capture_signals
+from website import settings as website_settings
 from website.project.signals import contributor_removed
 
 
@@ -30,6 +34,7 @@ def _dt_to_iso8601(value):
 def user():
     return AuthUserFactory()
 
+
 @pytest.mark.django_db
 class TestFileView:
     @pytest.fixture()
@@ -457,6 +462,7 @@ def test_folder_files_relationships_contains_guid_not_id(self, app, user, node):
         assert node._id in split_href
         assert node.id not in split_href
 
+
 @pytest.mark.django_db
 class TestFileVersionView:
 
@@ -532,8 +538,10 @@ def test_load_and_property(self, app, user, file):
             auth=user.auth,
         ).status_code == 405
 
+
 @pytest.mark.django_db
 class TestFileTagging:
+
     @pytest.fixture()
     def node(self, user):
         return ProjectFactory(creator=user)

From 8a877d227b853557e9a5046cf9aaf6418e4c36a0 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 15 Jun 2017 15:13:23 -0400
Subject: [PATCH 108/163] fix imports, rename variables

---
 api_tests/files/views/test_file_detail.py | 39 ++++++++++++-----------
 api_tests/files/views/test_file_list.py   |  5 +--
 2 files changed, 23 insertions(+), 21 deletions(-)

diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index 209826ae6b6..0a756d7dfc2 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -37,6 +37,7 @@ def user():
 
 @pytest.mark.django_db
 class TestFileView:
+
     @pytest.fixture()
     def node(self, user):
         return ProjectFactory(creator=user, comment_level='public')
@@ -347,13 +348,13 @@ def test_cannot_checkout_when_checked_out(self, app, user, node, file, file_url)
 
     def test_noncontrib_and_read_contrib_cannot_checkout(self, app, file, node, file_url):
         # test_noncontrib_cannot_checkout
-        user = AuthUserFactory()
+        non_contrib = AuthUserFactory()
         assert file.checkout == None
-        assert not node.has_permission(user, 'read')
+        assert not node.has_permission(non_contrib, 'read')
         res = app.put_json_api(
             file_url,
-            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': user._id}}},
-            auth=user.auth,
+            {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': non_contrib._id}}},
+            auth=non_contrib.auth,
             expect_errors=True,
         )
         file.reload()
@@ -363,14 +364,14 @@ def test_noncontrib_and_read_contrib_cannot_checkout(self, app, file, node, file
         assert node.logs.latest().action != NodeLog.CHECKED_OUT
 
         # test_read_contrib_cannot_checkout
-        user = AuthUserFactory()
-        node.add_contributor(user, permissions=['read'])
+        read_contrib = AuthUserFactory()
+        node.add_contributor(read_contrib, permissions=['read'])
         node.save()
-        assert not node.can_edit(user=user)
+        assert not node.can_edit(user=read_contrib)
         res = app.put_json_api(
             file_url,
             {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
-            auth=user.auth,
+            auth=read_contrib.auth,
             expect_errors=True
         )
         file.reload()
@@ -378,32 +379,32 @@ def test_noncontrib_and_read_contrib_cannot_checkout(self, app, file, node, file
         assert file.checkout == None
         assert node.logs.latest().action != NodeLog.CHECKED_OUT
 
-    def test_user_can_checkin(self, app, node, file, file_url):
-        user = AuthUserFactory()
-        node.add_contributor(user, permissions=['read', 'write'])
+    def test_write_contrib_can_checkin(self, app, node, file, file_url):
+        write_contrib = AuthUserFactory()
+        node.add_contributor(write_contrib, permissions=['read', 'write'])
         node.save()
-        assert node.can_edit(user=user)
-        file.checkout = user
+        assert node.can_edit(user=write_contrib)
+        file.checkout = write_contrib
         file.save()
         res = app.put_json_api(
             file_url,
             {'data': {'id': file._id, 'type': 'files', 'attributes': {'checkout': None}}},
-            auth=user.auth,
+            auth=write_contrib.auth,
         )
         file.reload()
         assert res.status_code == 200
         assert file.checkout == None
 
     def test_removed_contrib_files_checked_in(self, app, node, file):
-        user = AuthUserFactory()
-        node.add_contributor(user, permissions=['read', 'write'])
+        write_contrib = AuthUserFactory()
+        node.add_contributor(write_contrib, permissions=['read', 'write'])
         node.save()
-        assert node.can_edit(user=user)
-        file.checkout = user
+        assert node.can_edit(user=write_contrib)
+        file.checkout = write_contrib
         file.save()
         assert file.is_checked_out
         with capture_signals() as mock_signals:
-            node.remove_contributor(user, auth=Auth(user))
+            node.remove_contributor(write_contrib, auth=Auth(write_contrib))
         assert mock_signals.signals_sent() == set([contributor_removed])
         file.reload()
         assert not file.is_checked_out
diff --git a/api_tests/files/views/test_file_list.py b/api_tests/files/views/test_file_list.py
index c834dc6ddc6..b06ed287d49 100644
--- a/api_tests/files/views/test_file_list.py
+++ b/api_tests/files/views/test_file_list.py
@@ -1,14 +1,14 @@
 import pytest
 
-from framework.auth.core import Auth
 from api.base.settings.defaults import API_BASE
 from api_tests import utils as api_utils
-from tests.base import ApiTestCase
+from framework.auth.core import Auth
 from osf_tests.factories import (
     ProjectFactory,
     AuthUserFactory,
 )
 
+
 @pytest.fixture()
 def user():
     return AuthUserFactory()
@@ -40,6 +40,7 @@ def test_does_not_return_trashed_files(self, app, user, node, file, deleted_file
         data = res.json.get('data')
         assert len(data) == 1
 
+
 @pytest.mark.django_db
 class TestFileFiltering:
 

From de307b6fbae17732e57b5ff8a0bdfbed25b7a08d Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Fri, 16 Jun 2017 10:16:18 -0400
Subject: [PATCH 109/163] Add tests for fork/template contributor adds.

---
 tests/test_views.py | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)

diff --git a/tests/test_views.py b/tests/test_views.py
index 6977ad551d7..44254821cfd 100644
--- a/tests/test_views.py
+++ b/tests/test_views.py
@@ -1971,6 +1971,36 @@ def test_notify_contributor_email_sends_after_throttle_expires(self, send_mail):
         notify_added_contributor(project, contributor, auth, throttle=throttle)
         assert_equal(send_mail.call_count, 2)
 
+    @mock.patch('website.mails.send_mail')
+    def test_add_contributor_to_fork_sends_email(self, send_mail):
+        contributor = UserFactory()
+        fork = self.project.fork_node(auth=Auth(self.creator))
+        fork.add_contributor(contributor, auth=Auth(self.creator))
+        fork.save()
+        assert_true(send_mail.called)
+        assert_equal(send_mail.call_count, 1)
+
+    @mock.patch('website.mails.send_mail')
+    def test_add_contributor_to_template_sends_email(self, send_mail):
+        contributor = UserFactory()
+        template = self.project.use_as_template(auth=Auth(self.creator))
+        template.add_contributor(contributor, auth=Auth(self.creator))
+        template.save()
+        assert_true(send_mail.called)
+        assert_equal(send_mail.call_count, 1)
+
+    @mock.patch('website.mails.send_mail')
+    def test_creating_fork_does_not_email_creator(self, send_mail):
+        contributor = UserFactory()
+        fork = self.project.fork_node(auth=Auth(self.creator))
+        assert_false(send_mail.called)
+
+    @mock.patch('website.mails.send_mail')
+    def test_creating_template_does_not_email_creator(self, send_mail):
+        contributor = UserFactory()
+        template = self.project.use_as_template(auth=Auth(self.creator))
+        assert_false(send_mail.called)
+
     def test_add_multiple_contributors_only_adds_one_log(self):
         n_logs_pre = self.project.logs.count()
         reg_user = UserFactory()

From 493d28fd883431ed14f5cbe54d0fbc7a9e4be989 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 16 Jun 2017 18:16:49 -0400
Subject: [PATCH 110/163] Allow url to span 2 cols

---
 website/templates/include/profile/social.mako | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/website/templates/include/profile/social.mako b/website/templates/include/profile/social.mako
index 31fab6f1da7..d2ce2f8c623 100644
--- a/website/templates/include/profile/social.mako
+++ b/website/templates/include/profile/social.mako
@@ -157,13 +157,12 @@
     </div>
 
     <div data-bind="if: mode() === 'view'">
-
         <table class="table" data-bind="if: hasValues()">
             <tbody>
                 <tr data-bind="if: hasProfileWebsites()">
                     <td data-bind="visible: profileWebsites().length > 1">Personal websites</td>
                     <td data-bind="visible: profileWebsites().length === 1">Personal website</td>
-                    <td data-bind="foreach: profileWebsites"><a data-bind="attr: {href: $data}, text: $data"></a><br></td>
+                    <td colspan="2" data-bind="foreach: profileWebsites"><a data-bind="attr: {href: $data}, text: $data"></a><br></td>
                 </tr>
             </tbody>
 

From ed279f0332ceb7a22bcf2e65c2dc364d6ad354ac Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 16 Jun 2017 18:46:53 -0400
Subject: [PATCH 111/163] Make sure only valid profile url on submit

---
 website/static/js/profile.js | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/website/static/js/profile.js b/website/static/js/profile.js
index 5a163984ae0..8ff91c3e37a 100644
--- a/website/static/js/profile.js
+++ b/website/static/js/profile.js
@@ -676,6 +676,19 @@ var SocialViewModel = function(urls, modes, preventUnsaved) {
         return false;
     });
 
+    self.unmatchedUrls = ko.computed(function() {
+        var values = self.values();
+        var unmatched = [];
+        for (var i=0; i<self.values().length; i++) {
+            if (values[i].value) {
+                if (urlIsValid(values[i].text)) {
+                    unmatched.push(values[i].label);
+                }
+            }
+        }
+        return unmatched;
+    });
+
     self.addWebsiteInput = function() {
         this.profileWebsites.push(ko.observable().extend({
             ensureHttp: true
@@ -761,6 +774,16 @@ SocialViewModel.prototype.submit = function() {
             5000
         );
     }
+    else if (this.unmatchedUrls().length) {
+        var plural = this.unmatchedUrls().length > 1 ? 's' : '';
+        var message = 'Please check invalid profile url' + plural + ': <br>';
+        message += this.unmatchedUrls().join('<br>');
+        this.changeMessage(
+            message,
+            'text-danger',
+            8000
+        );
+    }
     else if (this.hasValidProperty() && this.isValid()) {
         var self = this;
         this.saving(true);

From f3cfffb6637ac2cbc732e4bee4b210f024de456f Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Thu, 1 Jun 2017 10:41:04 -0400
Subject: [PATCH 112/163] Error when attempting to add unconfirmed user by
 guid.

---
 api_tests/nodes/views/test_node_contributors_list.py | 3 ++-
 osf/models/node.py                                   | 5 +++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/api_tests/nodes/views/test_node_contributors_list.py b/api_tests/nodes/views/test_node_contributors_list.py
index 8fa5dcc9d53..5614bf632f2 100644
--- a/api_tests/nodes/views/test_node_contributors_list.py
+++ b/api_tests/nodes/views/test_node_contributors_list.py
@@ -1110,7 +1110,8 @@ def test_add_unconfirmed_user_by_guid(self):
         assert_equal(res.status_code, 404)
         assert_equal(
             res.json['errors'][0]['detail'],
-            'Cannot add unconfirmed user {} to node {}'.format(unconfirmed_user._id, self.public_project._id)
+            'Cannot add unconfirmed user {} to node {} by guid. Add an unregistered contributor with fullname and email.'
+            .format(unconfirmed_user._id, self.public_project._id)
         )
 
 
diff --git a/osf/models/node.py b/osf/models/node.py
index 67d71c08a3a..b32166552f5 100644
--- a/osf/models/node.py
+++ b/osf/models/node.py
@@ -1240,6 +1240,11 @@ def add_contributor_registered_or_not(self, auth, user_id=None,
             contributor = OSFUser.load(user_id)
             if not contributor:
                 raise ValueError('User with id {} was not found.'.format(user_id))
+            if not contributor.is_registered:
+                raise ValueError(
+                    'Cannot add unconfirmed user {} to node {} by guid. Add an unregistered contributor with fullname and email.'
+                    .format(user_id, self._id)
+                )
             if self.contributor_set.filter(user=contributor).exists():
                 raise ValidationValueError('{} is already a contributor.'.format(contributor.fullname))
             contributor, _ = self.add_contributor(contributor=contributor, auth=auth, visible=bibliographic,

From 66f903cc8ca42beae1681eeb1856b4ef9dfebdf6 Mon Sep 17 00:00:00 2001
From: John Tordoff <john@cos.io>
Date: Mon, 19 Jun 2017 10:24:55 -0400
Subject: [PATCH 113/163] Ensure contextVars accurately reflect added tags
 (important for child nodes inheriting newly added tags)

---
 website/static/js/pages/project-dashboard-page.js | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/website/static/js/pages/project-dashboard-page.js b/website/static/js/pages/project-dashboard-page.js
index a63cd019f11..aa8df025692 100644
--- a/website/static/js/pages/project-dashboard-page.js
+++ b/website/static/js/pages/project-dashboard-page.js
@@ -218,6 +218,9 @@ $(document).ready(function () {
             var url = nodeApiUrl + 'tags/';
             var data = {tag: tag};
             var request = $osf.postJSON(url, data);
+            request.success(function() {
+                window.contextVars.node.tags.push(tag);
+            });
             request.fail(function(xhr, textStatus, error) {
                 Raven.captureMessage('Failed to add tag', {
                     extra: {
@@ -233,6 +236,9 @@ $(document).ready(function () {
                 return false;
             }
             var request = $osf.ajaxJSON('DELETE', url, {'data': {'tag': tag}});
+            request.success(function() {
+                window.contextVars.node.tags.splice(window.contextVars.node.tags.indexOf(tag), 1);
+            });
             request.fail(function(xhr, textStatus, error) {
                 // Suppress "tag not found" errors, as the end result is what the user wanted (tag is gone)- eg could be because two people were working at same time
                 if (xhr.status !== 409) {

From 3b226e84c76b295eed97bdeb7924f4a6bf750a92 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Mon, 19 Jun 2017 10:50:20 -0400
Subject: [PATCH 114/163] Add preprints to search results.

---
 website/search/elastic_search.py | 26 ++++++++++++++-----
 website/search/search.py         |  2 ++
 website/static/js/search.js      | 20 ++++++++++-----
 website/templates/search.mako    | 44 ++++++++++++++++++++++++++++++++
 4 files changed, 79 insertions(+), 13 deletions(-)

diff --git a/website/search/elastic_search.py b/website/search/elastic_search.py
index cacd138bb16..3c7126a636c 100644
--- a/website/search/elastic_search.py
+++ b/website/search/elastic_search.py
@@ -44,6 +44,7 @@
     'total': 'Total',
     'file': 'Files',
     'institution': 'Institutions',
+    'preprint': 'Preprints',
 }
 
 DOC_TYPE_TO_MODEL = {
@@ -52,7 +53,8 @@
     'registration': Node,
     'user': User,
     'file': BaseFileNode,
-    'institution': Institution
+    'institution': Institution,
+    'preprint': Node,
 }
 
 # Prevent tokenizing and stop word removal.
@@ -238,7 +240,7 @@ def format_results(results):
             parent_info = load_parent(result.get('parent_id'))
             result['parent_url'] = parent_info.get('url') if parent_info else None
             result['parent_title'] = parent_info.get('title') if parent_info else None
-        elif result.get('category') in {'project', 'component', 'registration'}:
+        elif result.get('category') in {'project', 'component', 'registration', 'preprint'}:
             result = format_result(result, result.get('parent_id'))
         elif not result.get('category'):
             continue
@@ -270,6 +272,7 @@ def format_result(result, parent_id=None):
         'n_wikis': len(result['wikis']),
         'license': result.get('license'),
         'affiliated_institutions': result.get('affiliated_institutions'),
+        'preprint_url': result.get('preprint_url'),
     }
 
     return formatted_result
@@ -298,6 +301,8 @@ def load_parent(parent_id):
 def get_doctype_from_node(node):
     if node.is_registration:
         return 'registration'
+    elif node.is_preprint:
+        return 'preprint'
     elif node.parent_node is None:
         # ElasticSearch categorizes top-level projects differently than children
         return 'project'
@@ -366,6 +371,7 @@ def serialize_node(node, category):
         'affiliated_institutions': list(node.affiliated_institutions.values_list('name', flat=True)),
         'boost': int(not node.is_registration) + 1,  # This is for making registered projects less relevant
         'extra_search_terms': clean_splitters(node.title),
+        'preprint_url': node.preprint_url,
     }
     if not node.is_retracted:
         for wiki in NodeWikiPage.objects.filter(guids___id__in=node.wiki_pages_current.values()):
@@ -395,7 +401,7 @@ def bulk_update_nodes(serialize, nodes, index=None):
     """Updates the list of input projects
 
     :param function Node-> dict serialize:
-    :param Node[] nodes: Projects, components or registrations
+    :param Node[] nodes: Projects, components, registrations, or preprints
     :param str index: Index of the nodes
     :return:
     """
@@ -565,11 +571,11 @@ def delete_index(index):
 @requires_search
 def create_index(index=None):
     '''Creates index with some specified mappings to begin with,
-    all of which are applied to all projects, components, and registrations.
+    all of which are applied to all projects, components, preprints, and registrations.
     '''
     index = index or INDEX
-    document_types = ['project', 'component', 'registration', 'user', 'file', 'institution']
-    project_like_types = ['project', 'component', 'registration']
+    document_types = ['project', 'component', 'registration', 'user', 'file', 'institution', 'preprint']
+    project_like_types = ['project', 'component', 'registration', 'preprint']
     analyzed_fields = ['title', 'description']
 
     client().indices.create(index, ignore=[400])  # HTTP 400 if index already exists
@@ -618,7 +624,13 @@ def create_index(index=None):
 @requires_search
 def delete_doc(elastic_document_id, node, index=None, category=None):
     index = index or INDEX
-    category = category or 'registration' if node.is_registration else node.project_or_component
+    if not category:
+        if node.is_registration:
+            category = 'registration'
+        elif node.is_preprint:
+            category = 'preprint'
+        else:
+            category = node.project_or_component
     client().delete(index=index, doc_type=category, id=elastic_document_id, refresh=True, ignore=[404])
 
 
diff --git a/website/search/search.py b/website/search/search.py
index 81c818711d3..5fc22f7f5c0 100644
--- a/website/search/search.py
+++ b/website/search/search.py
@@ -55,6 +55,8 @@ def delete_node(node, index=None):
     doc_type = node.project_or_component
     if node.is_registration:
         doc_type = 'registration'
+    elif node.is_preprint:
+        doc_type = 'preprint'
     search_engine.delete_doc(node._id, node, index=index, category=doc_type)
 
 @requires_search
diff --git a/website/static/js/search.js b/website/static/js/search.js
index fa189c2a11d..267346de575 100644
--- a/website/static/js/search.js
+++ b/website/static/js/search.js
@@ -280,11 +280,18 @@ var ViewModel = function(params) {
 
     self.filter = function(alias) {
         self.searchStarted(false);
-        self.results([]);
         self.currentPage(1);
         self.category(alias);
+        var win = null;
         if (alias.name === 'SHARE') {
-            var win = window.open(window.contextVars.shareUrl + 'discover?' + $.param({q: self.query()}), '_blank');
+            win = window.open(window.contextVars.shareUrl + 'discover?' + $.param({q: self.query()}), '_blank');
+            win.opener = null;
+            win.focus();
+        } else if (alias.name === 'preprint') {
+            win = window.open(
+                window.location.origin + '/preprints/discover?' + $.param(
+                    {q: self.query(), provider: 'OSF'}
+                ), '_blank');
             win.opener = null;
             win.focus();
         } else {
@@ -398,22 +405,23 @@ var ViewModel = function(params) {
             self.licenses(licenseCounts);
 
             data.results.forEach(function(result){
-                if(result.category === 'user'){
+                if (result.category === 'user') {
                     if ($.inArray(result.url, self.urlLists()) === -1) {
                         self.results.push(new User(result));
                         self.urlLists.push(result.url);
                     }
                 }
                 else {
-                    if(typeof result.url !== 'undefined'){
+                    if (typeof result.url !== 'undefined') {
                         result.wikiUrl = result.url+'wiki/';
                         result.filesUrl = result.url+'files/';
                     }
-
                     self.results.push(result);
                 }
-                if(result.category === 'registration'){
+                if (result.category === 'registration') {
                     result.dateRegistered = new $osf.FormattableDate(result.date_registered);
+                } else if (result.category == 'preprint') {
+                    result.preprintUrl = result.preprint_url;
                 }
             });
 
diff --git a/website/templates/search.mako b/website/templates/search.mako
index 7679a0373ce..ca4a6f3c816 100644
--- a/website/templates/search.mako
+++ b/website/templates/search.mako
@@ -268,6 +268,50 @@
     <script type="text/html" id="component">
       <div data-bind="template: {name: 'node', data: $data}"></div>
     </script>
+    <script type="text/html" id="preprint">
+      <!-- ko if: parent_url -->
+      <h4><a data-bind="attr: {href: parent_url}, text: parent_title"></a> / <a data-bind="attr: {href: url}, text: title"></a></h4>
+        <!-- /ko -->
+        <!-- ko if: !parent_url -->
+        <h4><span data-bind="if: parent_title"><span data-bind="text: parent_title"></span> /</span> <a data-bind="attr: {href: url}, text: title"></a></h4>
+        <!-- /ko -->
+        <p data-bind="visible: description"><strong>Description:</strong> <span data-bind="fitText: {text: description, length: 500}"></span></p>
+        <!-- ko if: contributors.length > 0 -->
+        <p>
+            <strong>Contributors:</strong> <span data-bind="foreach: contributors">
+                <!-- ko if: url -->
+                    <a data-bind="attr: {href: url}, text: fullname"></a>
+                <!-- /ko-->
+                <!-- ko ifnot: url -->
+                    <span data-bind="text: fullname"></span>
+                <!-- /ko -->
+            <!-- ko if: ($index()+1) < ($parent.contributors.length) -->&nbsp;- <!-- /ko -->
+            </span>
+        </p>
+        <!-- /ko -->
+      <!-- ko if: affiliated_institutions ? affiliated_institutions.length > 0 : false -->
+        <p><strong>Affiliated institutions:</strong>
+            <!-- ko foreach {data: affiliated_institutions, as: 'item'} -->
+                <!-- ko if: item == $parent.affiliated_institutions[$parent.affiliated_institutions.length -1] -->
+                <span data-bind="text: item"></span>
+                <!-- /ko -->
+                <!-- ko if: item != $parent.affiliated_institutions[$parent.affiliated_institutions.length -1] -->
+                <span data-bind="text: item"></span>,
+                <!-- /ko -->
+            <!-- /ko -->
+        </p>
+        <!-- /ko -->
+        <!-- ko if: tags.length > 0 -->
+        <div data-bind="template: 'tag-cloud'"></div>
+        <!-- /ko -->
+        <p><strong>Jump to:</strong>
+            <a data-bind="attr: {href: preprintUrl}">Preprint</a> -
+            <!-- ko if: n_wikis > 0 -->
+            <a data-bind="attr: {href: wikiUrl}">Wiki</a> -
+            <!-- /ko -->
+            <a data-bind="attr: {href: filesUrl}">Files</a>
+        </p>
+    </script>
     <script type="text/html" id="registration">
         <!-- ko if: parent_url -->
         <h4><a data-bind="attr: {href: parent_url}, text: parent_title"></a> / <a data-bind="attr: {href: url}, text: title"></a>  (<span class="text-danger" data-bind="if: is_retracted">Withdrawn </span>Registration)</h4>

From 90195ed1060115f42b2662d67868cbcdaa584140 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Mon, 19 Jun 2017 12:52:08 -0400
Subject: [PATCH 115/163] Fix user emails in template

---
 admin/templates/users/user.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/templates/users/user.html b/admin/templates/users/user.html
index bdbd37c8461..6bf9c2f0827 100644
--- a/admin/templates/users/user.html
+++ b/admin/templates/users/user.html
@@ -143,7 +143,7 @@ <h3>User details</h3>
                 <tr>
                     <td>Emails</td>
                     <td>
-                        {% for email in emails %}
+                        {% for email in user.emails %}
                             <li>
                                 {% if email == user.username %}
                                     <strong>Primary: </strong>

From bf52af9ba45f0587a484e076173152ac19f02207 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 20 Jun 2017 20:07:03 -0400
Subject: [PATCH 116/163] Update At.js dependency

---
 bower.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bower.json b/bower.json
index 55c698e5670..ed56bd4ec49 100644
--- a/bower.json
+++ b/bower.json
@@ -20,7 +20,7 @@
     "raven-js": "2.1.0",
     "zeroclipboard": "2.1.6",
     "osf-style": "https://github.com/CenterForOpenScience/osf-style.git#1.0.0",
-    "At.js": "jquery.atwho#e18af47fdcb327605533a9da259225176e3013c8",
+    "At.js": "jquery.atwho",
     "academicons": "1.7.0"
   }
 }

From 31e2cff9e8705b28ae883cf676ea476a269a83a7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Tue, 20 Jun 2017 23:29:32 -0400
Subject: [PATCH 117/163] Fix impactStory profile url

---
 website/static/js/profile.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/profile.js b/website/static/js/profile.js
index 5a163984ae0..d2e5791344b 100644
--- a/website/static/js/profile.js
+++ b/website/static/js/profile.js
@@ -597,7 +597,7 @@ var SocialViewModel = function(urls, modes, preventUnsaved) {
     );
     self.impactStory = extendLink(
         ko.observable().extend({trimmed: true, cleanup: cleanByRule(socialRules.impactStory)}),
-        self, 'impactStory', 'https://www.impactstory.org/u/'
+        self, 'impactStory', 'https://impactstory.org/u/'
     );
     self.github = extendLink(
         ko.observable().extend({trimmed: true, cleanup: cleanByRule(socialRules.github)}),

From 01d6ceee0478b63fcd4d4f81cfef32065ed5b95d Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 21 Jun 2017 00:01:53 -0400
Subject: [PATCH 118/163] Add link to cos prereg journals

---
 website/templates/prereg_landing_info.mako | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/templates/prereg_landing_info.mako b/website/templates/prereg_landing_info.mako
index 5f79ad7495e..30ea9e70fd8 100644
--- a/website/templates/prereg_landing_info.mako
+++ b/website/templates/prereg_landing_info.mako
@@ -11,7 +11,7 @@
 <%def name="steps()">
   <ol>
     <li>Specify all your study and analysis decisions prior to investigating your data</li>
-    <li>Publish your study in an eligible journal</li>
+    <li>Publish your study in an <a target='_blank' href='https://cos.io/preregjournals'>eligible journal</a></li>
     <li>Receive $1,000</li>
   </ol>
 </%def>

From 300ac4c89a62dffb0617b08a1acb304cb48063c5 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 21 Jun 2017 00:13:27 -0400
Subject: [PATCH 119/163] Fix message language

---
 framework/auth/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/framework/auth/views.py b/framework/auth/views.py
index 27554964219..a68fcedad10 100644
--- a/framework/auth/views.py
+++ b/framework/auth/views.py
@@ -873,7 +873,7 @@ def resend_confirmation_post(auth):
     if form.validate():
         clean_email = form.email.data
         user = get_user(email=clean_email)
-        status_message = ('If there is an OSF account associated with this unconfirmed email {0}, '
+        status_message = ('If there is an OSF account associated with this unconfirmed email address {0}, '
                           'a confirmation email has been resent to it. If you do not receive an email and believe '
                           'you should have, please contact OSF Support.').format(clean_email)
         kind = 'success'

From 55606ee9de424a609f8b7f7a66fda54779b06efa Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 21 Jun 2017 09:48:54 -0400
Subject: [PATCH 120/163] Fix long url wrap issue for pre-existing urls

---
 website/static/css/pages/profile-page.css | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/website/static/css/pages/profile-page.css b/website/static/css/pages/profile-page.css
index 24e1fb4273a..29499d6cf44 100644
--- a/website/static/css/pages/profile-page.css
+++ b/website/static/css/pages/profile-page.css
@@ -129,3 +129,14 @@ table.table.table-plain th, table.table.table-plain td {
 .no-bottom-border {
     border-bottom-width: 0;
 }
+
+/* Table
+-----------------------*/
+table {
+  table-layout: fixed;
+  width: 100%;
+}
+
+table a {
+  word-wrap: break-word;
+}

From a126cf5174ea8de0001d147e26a9a6b5700facd0 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Wed, 21 Jun 2017 10:04:56 -0400
Subject: [PATCH 121/163] Apply table css to only social profile links

---
 website/static/css/pages/profile-page.css     | 4 ++--
 website/templates/include/profile/social.mako | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/website/static/css/pages/profile-page.css b/website/static/css/pages/profile-page.css
index 29499d6cf44..be3a2c9d564 100644
--- a/website/static/css/pages/profile-page.css
+++ b/website/static/css/pages/profile-page.css
@@ -132,11 +132,11 @@ table.table.table-plain th, table.table.table-plain td {
 
 /* Table
 -----------------------*/
-table {
+table.social-links {
   table-layout: fixed;
   width: 100%;
 }
 
-table a {
+table.social-links a {
   word-wrap: break-word;
 }
diff --git a/website/templates/include/profile/social.mako b/website/templates/include/profile/social.mako
index d2ce2f8c623..ab45e9ed175 100644
--- a/website/templates/include/profile/social.mako
+++ b/website/templates/include/profile/social.mako
@@ -157,7 +157,7 @@
     </div>
 
     <div data-bind="if: mode() === 'view'">
-        <table class="table" data-bind="if: hasValues()">
+        <table class="table social-links" data-bind="if: hasValues()">
             <tbody>
                 <tr data-bind="if: hasProfileWebsites()">
                     <td data-bind="visible: profileWebsites().length > 1">Personal websites</td>

From 478fa099f2a8011da4337cc4f97ca3f5ad67d439 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 21 Jun 2017 15:53:31 -0400
Subject: [PATCH 122/163] fix string concats to use format

---
 api_tests/files/views/test_file_detail.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index 0a756d7dfc2..62e389de7f7 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -75,7 +75,7 @@ def test_file_guid_guid_status(self, app, user, file, file_url):
 
     @mock.patch('api.base.throttling.CreateGuidThrottle.allow_request')
     def test_file_guid_not_created_with_basic_auth(self, mock_allow, app, user, file_url):
-        res = app.get(file_url + '?create_guid=1', auth=user.auth)
+        res = app.get('{}?create_guid=1'.format(file_url), auth=user.auth)
         guid = res.json['data']['attributes'].get('guid', None)
         assert res.status_code == 200
         assert mock_allow.call_count == 1
@@ -88,7 +88,7 @@ def test_file_guid_created_with_cookie(self, mock_allow, app, user, file_url, fi
         cookie = itsdangerous.Signer(website_settings.SECRET_KEY).sign(session._id)
         app.set_cookie(website_settings.COOKIE_NAME, str(cookie))
 
-        res = app.get(file_url + '?create_guid=1', auth=user.auth)
+        res = app.get('{}?create_guid=1'.format(file_url), auth=user.auth)
 
         app.reset()  # clear cookie
 

From bead6de1faf8709df8e023f00d65610f23ee94d9 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 21 Jun 2017 17:11:50 -0400
Subject: [PATCH 123/163] test autopep8 corrections on test_node_list.py

---
 api_tests/nodes/views/test_node_list.py | 121 ++++++++++++------------
 setup.cfg                               |   2 +-
 2 files changed, 59 insertions(+), 64 deletions(-)

diff --git a/api_tests/nodes/views/test_node_list.py b/api_tests/nodes/views/test_node_list.py
index 68e32b3062c..bfc4dd36651 100644
--- a/api_tests/nodes/views/test_node_list.py
+++ b/api_tests/nodes/views/test_node_list.py
@@ -1,4 +1,3 @@
-from django.db.models import F
 from modularodm import Q
 import pytest
 
@@ -7,7 +6,6 @@
 from framework.auth.core import Auth
 from osf.models import AbstractNode as Node, NodeLog
 from osf_tests.factories import (
-    BookmarkCollectionFactory,
     CollectionFactory,
     ProjectFactory,
     NodeFactory,
@@ -53,7 +51,7 @@ def url(self, user):
 
     def test_return(self, app, user, non_contrib, deleted_project, private_project, public_project, url):
 
-    #   test_only_returns_non_deleted_public_projects
+        #   test_only_returns_non_deleted_public_projects
         res = app.get(url)
         node_json = res.json['data']
 
@@ -117,7 +115,7 @@ def test_node_list_has_proper_root(self, app, user, url):
         project_one = ProjectFactory(title='Project One', is_public=True)
         ProjectFactory(parent=project_one, is_public=True)
 
-        res = app.get(url+'?embed=root&embed=parent', auth=user.auth)
+        res = app.get(url + '?embed=root&embed=parent', auth=user.auth)
 
         for project_json in res.json['data']:
             project = Node.load(project_json['id'])
@@ -187,7 +185,7 @@ def url(self):
 
     def test_filtering(self, app, user_one, public_project_one, public_project_two, public_project_three, user_one_private_project, user_two_private_project, preprint):
 
-    #   test_filtering_by_id
+        #   test_filtering_by_id
         url = '/{}nodes/?filter[id]={}'.format(API_BASE, public_project_one._id)
         res = app.get(url, auth=user_one.auth)
         assert res.status_code == 200
@@ -406,7 +404,7 @@ def test_filtering_on_multiple_tags_must_match_both(self, app, user_one, public_
         assert len(res.json.get('data')) == 0
 
     def test_filtering_tags_returns_distinct(self, app, user_one, public_project_one):
-       # regression test for returning multiple of the same file
+        # regression test for returning multiple of the same file
         public_project_one.add_tag('cat', Auth(user_one))
         public_project_one.add_tag('cAt', Auth(user_one))
         public_project_one.add_tag('caT', Auth(user_one))
@@ -439,7 +437,7 @@ def test_filtering_contributors_bad_id(self, app, user_one):
 
     def test_get_projects(self, app, user_one, public_project_one, public_project_two, public_project_three, user_one_private_project, user_two_private_project, folder, bookmark_collection, url):
 
-    #   test_get_all_projects_with_no_filter_logged_in
+        #   test_get_all_projects_with_no_filter_logged_in
         res = app.get(url, auth=user_one.auth)
         node_json = res.json['data']
 
@@ -789,7 +787,7 @@ def private_project(self, title, description, category):
 
     def test_create_node_errors(self, app, user_one, public_project, private_project, url):
 
-    #   test_node_create_invalid_data
+        #   test_node_create_invalid_data
         res = app.post_json_api(url, 'Incorrect data', auth=user_one.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == exceptions.ParseError.default_detail
@@ -832,7 +830,7 @@ def test_creates_private_project_logged_in_contributor(self, app, user_one, priv
 
     def test_create_from_template_errors(self, app, user_one, user_two, url):
 
-    #   test_404_on_create_from_template_of_nonexistent_project
+        #   test_404_on_create_from_template_of_nonexistent_project
         template_from_id = 'thisisnotavalidguid'
         templated_project_data = {
             'data': {
@@ -946,7 +944,7 @@ def test_create_component_inherit_contributors_with_unregistered_contributor(sel
         parent_project = ProjectFactory(creator=user_one)
         parent_project.add_unregistered_contributor(
             fullname='far', email='foo@bar.baz', permissions=[permissions.READ],
-            auth= Auth(user=user_one), save=True
+            auth=Auth(user=user_one), save=True
         )
         url = '/{}nodes/{}/children/?inherit_contributors=true'.format(API_BASE, parent_project._id)
         component_data = {
@@ -969,7 +967,7 @@ def test_create_component_inherit_contributors_with_unregistered_contributor(sel
 
     def test_create_project_errors(self, app, user_one, title, description, category, url):
 
-    #   test_creates_project_no_type
+        #   test_creates_project_no_type
         project = {
             'data': {
                 'attributes': {
@@ -1087,7 +1085,7 @@ def private_project(self, title, description, category):
     @pytest.fixture()
     def empty_project(self):
         return {
-            'type': 'nodes', 
+            'type': 'nodes',
             'attributes': {
                 'title': '',
                 'description': '',
@@ -1097,7 +1095,7 @@ def empty_project(self):
 
     def test_bulk_create(self, app, user_one, public_project, private_project, empty_project, title, category, url):
 
-    #   test_bulk_create_nodes_blank_request
+        #   test_bulk_create_nodes_blank_request
         res = app.post_json_api(url, auth=user_one.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
 
@@ -1121,7 +1119,7 @@ def test_bulk_create(self, app, user_one, public_project, private_project, empty
         assert len(res.json['errors']) == 2
         errors = res.json['errors']
         assert errors[0]['source'] == {'pointer': '/data/0/attributes/title'}
-        assert errors[1]['source'] ==  {'pointer': '/data/1/attributes/title'}
+        assert errors[1]['source'] == {'pointer': '/data/1/attributes/title'}
         assert errors[0]['detail'] == 'This field may not be blank.'
         assert errors[1]['detail'] == 'This field may not be blank.'
 
@@ -1308,20 +1306,20 @@ def empty_payload(self, public_project_one, public_project_two):
         return {
             'data': [
                 {
-                    'id': public_project_one._id, 
-                    'type': 'nodes', 
+                    'id': public_project_one._id,
+                    'type': 'nodes',
                     'attributes': {
-                        'title': '', 
-                        'description': '', 
+                        'title': '',
+                        'description': '',
                         'category': ''
                     }
                 },
                 {
-                    'id': public_project_two._id, 
-                    'type': 'nodes', 
+                    'id': public_project_two._id,
+                    'type': 'nodes',
                     'attributes': {
-                        'title': '', 
-                        'description': '', 
+                        'title': '',
+                        'description': '',
                         'category': ''
                     }
                 }
@@ -1330,7 +1328,7 @@ def empty_payload(self, public_project_one, public_project_two):
 
     def test_bulk_update_errors(self, app, user, public_project_one, public_project_two, private_project_one, private_project_two, public_payload, private_payload, empty_payload, title, new_title, new_category, url):
 
-    #   test_bulk_update_nodes_blank_request
+        #   test_bulk_update_nodes_blank_request
         res = app.put_json_api(url, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
 
@@ -1338,23 +1336,23 @@ def test_bulk_update_errors(self, app, user, public_project_one, public_project_
         payload = {
             "data": [
                 {
-                  "id": public_project_one._id,
-                  "type": "nodes",
-                  "attributes": {
-                    "title": "This shouldn't update.",
-                    "category": "instrumentation"
-                  }
+                    "id": public_project_one._id,
+                    "type": "nodes",
+                    "attributes": {
+                        "title": "This shouldn't update.",
+                        "category": "instrumentation"
+                    }
                 },
                 {
-                  "id": public_project_two._id,
-                  "type": "nodes",
-                  "attributes": {
-                    "title": " ",
-                    "category": "hypothesis"
-                  }
+                    "id": public_project_two._id,
+                    "type": "nodes",
+                    "attributes": {
+                        "title": " ",
+                        "category": "hypothesis"
+                    }
                 }
-              ]
-            }
+            ]
+        }
         public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
         res = app.put_json_api(url, payload, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
@@ -1378,7 +1376,6 @@ def test_bulk_update_errors(self, app, user, public_project_one, public_project_
         assert res.status_code == 400
         assert res.json['errors'][0]['detail'] == 'Could not find all objects to update.'
 
-
         public_project_one_url = '/{}nodes/{}/'.format(API_BASE, public_project_one._id)
         res = app.get(public_project_one_url)
         assert res.json['data']['attributes']['title'] == title
@@ -1402,7 +1399,6 @@ def test_bulk_update_errors(self, app, user, public_project_one, public_project_
         assert res.status_code == 401
         assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-
         private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
         private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
@@ -1629,15 +1625,15 @@ def empty_payload(self, public_project_one, public_project_two):
         return {
             'data': [
                 {
-                    'id': public_project_one._id, 
-                    'type': 'nodes', 
+                    'id': public_project_one._id,
+                    'type': 'nodes',
                     'attributes': {
                         'title': ''
                     }
                 },
                 {
-                    'id': public_project_two._id, 
-                    'type': 'nodes', 
+                    'id': public_project_two._id,
+                    'type': 'nodes',
                     'attributes': {
                         'title': ''
                     }
@@ -1647,7 +1643,7 @@ def empty_payload(self, public_project_one, public_project_two):
 
     def test_bulk_partial_update_errors(self, app, user, public_project_one, public_project_two, private_project_one, private_project_two, title, new_title, public_payload, private_payload, empty_payload, url):
 
-    #   test_bulk_patch_nodes_blank_request
+        #   test_bulk_patch_nodes_blank_request
         res = app.patch_json_api(url, auth=user.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
 
@@ -1689,7 +1685,6 @@ def test_bulk_partial_update_errors(self, app, user, public_project_one, public_
         assert res.status_code == 401
         assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
-
         private_project_one_url = '/{}nodes/{}/'.format(API_BASE, private_project_one._id)
         private_project_two_url = '/{}nodes/{}/'.format(API_BASE, private_project_two._id)
 
@@ -1738,7 +1733,7 @@ def test_bulk_partial_update_errors(self, app, user, public_project_one, public_
         assert res.json['errors'][0]['detail'] == 'This field may not be null.'
 
     #   test_bulk_partial_update_limits
-        node_update_list = {'data': [public_payload['data'][0]] * 101 }
+        node_update_list = {'data': [public_payload['data'][0]] * 101}
         res = app.patch_json_api(url, node_update_list, auth=user.auth, expect_errors=True, bulk=True)
         assert res.json['errors'][0]['detail'] == 'Bulk operation limit is 100, got 101.'
         assert res.json['errors'][0]['source']['pointer'] == '/data'
@@ -1783,7 +1778,7 @@ def test_bulk_partial_update_privacy_has_no_effect_on_tags(self, app, user, publ
         assert res.status_code == 200
         public_project_one.reload()
         assert list(public_project_one.tags.values_list('name', flat=True)) == ['tag1']
-        assert public_project_one.is_public == False
+        assert public_project_one.is_public is False
 
 @pytest.mark.django_db
 class TestNodeBulkUpdateSkipUneditable:
@@ -1860,7 +1855,7 @@ def public_payload(self, user_one_public_project_one, user_one_public_project_tw
                         'public': True
                     }
                 },
-                 {
+                {
                     'id': user_two_public_project_one._id,
                     'type': 'nodes',
                     'attributes': {
@@ -1870,7 +1865,7 @@ def public_payload(self, user_one_public_project_one, user_one_public_project_tw
                         'public': True
                     }
                 },
-                 {
+                {
                     'id': user_two_public_project_two._id,
                     'type': 'nodes',
                     'attributes': {
@@ -1889,7 +1884,7 @@ def url(self):
 
     def test_bulk_update_skips(self, app, user_one, user_one_public_project_one, user_one_public_project_two, user_two_public_project_one, user_two_public_project_two, title, public_payload):
 
-    #   test_skip_uneditable_bulk_update_query_param_required
+        #   test_skip_uneditable_bulk_update_query_param_required
         nodes_url = '/{}nodes/'.format(API_BASE)
         res = app.put_json_api(nodes_url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
         assert res.status_code == 403
@@ -2018,11 +2013,11 @@ def public_payload(self, public_project_one, public_project_two):
         return {
             'data': [
                 {
-                    'id': public_project_one._id, 
+                    'id': public_project_one._id,
                     'type': 'nodes'
-                }, 
+                },
                 {
-                    'id': public_project_two._id, 
+                    'id': public_project_two._id,
                     'type': 'nodes'
                 }
             ]
@@ -2041,7 +2036,7 @@ def private_payload(self, user_one_private_project):
         return {
             'data': [
                 {
-                    'id': user_one_private_project._id, 
+                    'id': user_one_private_project._id,
                     'type': 'nodes'
                 }
             ]
@@ -2053,7 +2048,7 @@ def private_query_params(self, user_one_private_project):
 
     def test_bulk_delete_errors(self, app, user_one, public_project_one, public_project_two, user_one_private_project, public_payload, private_payload, type_query_param, public_query_params, url):
 
-    #   test_bulk_delete_with_query_params_and_payload
+        #   test_bulk_delete_with_query_params_and_payload
         res_url = '{}?{}&{}'.format(url, type_query_param, public_query_params)
         res = app.delete_json_api(res_url, public_payload, auth=user_one.auth, expect_errors=True, bulk=True)
         assert res.status_code == 409
@@ -2110,7 +2105,7 @@ def test_bulk_delete_errors(self, app, user_one, public_project_one, public_proj
         assert res.json['errors'][0]['detail'] == exceptions.NotAuthenticated.default_detail
 
     #   test_bulk_delete_limits
-        new_payload = {'data': [{'id': user_one_private_project._id, 'type':'nodes'}] * 101 }
+        new_payload = {'data': [{'id': user_one_private_project._id, 'type': 'nodes'}] * 101}
         res = app.delete_json_api(url, new_payload,
                                        auth=user_one.auth, expect_errors=True, bulk=True)
         assert res.status_code == 400
@@ -2237,11 +2232,11 @@ def payload(self, public_project_one, public_project_two, public_project_three,
                     'id': public_project_two._id,
                     'type': 'nodes',
                 },
-                 {
+                {
                     'id': public_project_three._id,
                     'type': 'nodes',
                 },
-                 {
+                {
                     'id': public_project_four._id,
                     'type': 'nodes',
                 }
@@ -2291,8 +2286,8 @@ def test_skip_uneditable_has_admin_permission_for_all_nodes(self, app, user_one,
         public_project_one.reload()
         public_project_two.reload()
 
-        assert public_project_one.is_deleted == True
-        assert public_project_two.is_deleted == True
+        assert public_project_one.is_deleted is True
+        assert public_project_two.is_deleted is True
 
     def test_skip_uneditable_does_not_have_admin_permission_for_any_nodes(self, app, user_one, public_project_three, public_project_four, url):
         payload = {
@@ -2335,7 +2330,7 @@ def test_default_pagination_size(self, app, users, projects, url):
         assert res.json['links']['meta']['per_page'] == 10
 
     def test_max_page_size_enforced(self, app, users, projects, url):
-        res_url = '{}?page[size]={}'.format(url, MAX_PAGE_SIZE+1)
+        res_url = '{}?page[size]={}'.format(url, MAX_PAGE_SIZE + 1)
         res = app.get(res_url, auth=Auth(users[0]))
         pids = [e['id'] for e in res.json['data']]
         for project in projects:
@@ -2346,7 +2341,7 @@ def test_embed_page_size_not_affected(self, app, users, projects, url):
         for user in users[1:]:
             projects[-1].add_contributor(user, auth=Auth(users[0]), save=True)
 
-        res_url = '{}?page[size]={}&embed=contributors'.format(url, MAX_PAGE_SIZE+1)
+        res_url = '{}?page[size]={}&embed=contributors'.format(url, MAX_PAGE_SIZE + 1)
         res = app.get(res_url, auth=Auth(users[0]))
         pids = [e['id'] for e in res.json['data']]
         for project in projects:
@@ -2375,4 +2370,4 @@ class TestNodeListDateFiltering(NodesListDateFilteringMixin):
 
     @pytest.fixture()
     def url(self):
-        return '/{}nodes/?'.format(API_BASE) 
+        return '/{}nodes/?'.format(API_BASE)
diff --git a/setup.cfg b/setup.cfg
index fa01ab5ac6f..733d72848ef 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -8,7 +8,7 @@
 [flake8]
 ignore = E501,E127,E128,E265,E301,E302,E266,E731,N803,N806
 max-line-length = 100
-exclude = .git,.ropeproject,.tox,docs,setup.py,env,venv,models/migrations,tests/*,osf_tests/*,api_tests/*,scripts/*,src,website/uploads/,website/static/**/*,website/settings/*,framework/forms/*,addons/*/tests/*,env,venv,node_modules,admin/static/*,osf/migrations
+exclude = .git,.ropeproject,.tox,docs,setup.py,env,venv,models/migrations,tests/*,osf_tests/*,scripts/*,src,website/uploads/,website/static/**/*,website/settings/*,framework/forms/*,addons/*/tests/*,env,venv,node_modules,admin/static/*,osf/migrations
 
 [wheel]
 universal = 1

From be3f6d0c69525933c556639073602de90189c4f4 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 21 Jun 2017 17:12:40 -0400
Subject: [PATCH 124/163] revert setup to ignore api tests

---
 setup.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/setup.cfg b/setup.cfg
index 733d72848ef..fa01ab5ac6f 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -8,7 +8,7 @@
 [flake8]
 ignore = E501,E127,E128,E265,E301,E302,E266,E731,N803,N806
 max-line-length = 100
-exclude = .git,.ropeproject,.tox,docs,setup.py,env,venv,models/migrations,tests/*,osf_tests/*,scripts/*,src,website/uploads/,website/static/**/*,website/settings/*,framework/forms/*,addons/*/tests/*,env,venv,node_modules,admin/static/*,osf/migrations
+exclude = .git,.ropeproject,.tox,docs,setup.py,env,venv,models/migrations,tests/*,osf_tests/*,api_tests/*,scripts/*,src,website/uploads/,website/static/**/*,website/settings/*,framework/forms/*,addons/*/tests/*,env,venv,node_modules,admin/static/*,osf/migrations
 
 [wheel]
 universal = 1

From 87e28a74349c1e61d131e566713caf18bcf473de Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 22 Jun 2017 10:32:53 -0400
Subject: [PATCH 125/163] fix grouping comments

---
 api_tests/nodes/filters/test_filters.py | 26 ++++++++++++-------------
 1 file changed, 13 insertions(+), 13 deletions(-)

diff --git a/api_tests/nodes/filters/test_filters.py b/api_tests/nodes/filters/test_filters.py
index 6bdc6167dd5..4b716b8cdf7 100644
--- a/api_tests/nodes/filters/test_filters.py
+++ b/api_tests/nodes/filters/test_filters.py
@@ -67,42 +67,42 @@ def contributors_url(self, url):
 
     def test_non_mutating_list_filtering_tests(self, app, user, contrib, parent_project, child_node_one, child_node_two, grandchild_node_one, grandchild_node_two, great_grandchild_node_two, parent_url, root_url, contributors_url):
 
-    # def test_parent_filter_null(self, app, user, parent_project, parent_url):
+    #   test_parent_filter_null
         expected = [parent_project._id]
         res = app.get('{}null'.format(parent_url), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
         assert expected == actual
 
-    # def test_parent_filter_equals_returns_one(self, app, user, child_node_two, grandchild_node_two, parent_url):
+    #   test_parent_filter_equals_returns_one
         expected = [grandchild_node_two._id]
         res = app.get('{}{}'.format(parent_url, child_node_two._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
         assert expected == actual
 
-    # def test_parent_filter_equals_returns_multiple(self, app, user, parent_project, child_node_one, child_node_two, parent_url):
+    #   test_parent_filter_equals_returns_multiple
         expected = [child_node_one._id, child_node_two._id]
         res = app.get('{}{}'.format(parent_url, parent_project._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    # def test_root_filter_null(self, app, user, root_url):
+    #   test_root_filter_null
         res = app.get('{}null'.format(root_url), auth=user.auth, expect_errors=True)
         assert res.status_code == 400
         assert res.json['errors'][0]['source']['parameter'] == 'filter'
 
-    # def test_root_filter_equals_returns_branch(self, app, user, child_node_two, root_url):
+    #   test_root_filter_equals_returns_branch
         expected = []
         res = app.get('{}{}'.format(root_url, child_node_two._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
         assert expected == actual
 
-    # def test_root_filter_equals_returns_tree(self, app, user, parent_project, child_node_one, child_node_two, grandchild_node_one, grandchild_node_two, great_grandchild_node_two, root_url):
+    #   test_root_filter_equals_returns_tree
         expected = [parent_project._id, child_node_one._id, child_node_two._id, grandchild_node_one._id, grandchild_node_two._id, great_grandchild_node_two._id]
         res = app.get('{}{}'.format(root_url, parent_project._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    # def test_contributor_filter(self, app, user, contrib, parent_project, contributors_url):
+    #   test_contributor_filter
         expected = [parent_project._id]
         res = app.get('{}{}'.format(contributors_url, contrib._id), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
@@ -167,7 +167,7 @@ def date_created_url(self, url):
 
     def test_node_list_date_filter(self, app, user, node_may, node_june, node_july, url, date_created_url):
 
-    #   test_date_filter_equals(self):
+    #   test_date_filter_equals
         expected = []
         res = app.get('{}{}'.format(date_created_url, '2016-04-01'), auth=user.auth)
         actual = [node['id'] for node in res.json['data']]
@@ -178,7 +178,7 @@ def test_node_list_date_filter(self, app, user, node_may, node_june, node_july,
         actual = [node['id'] for node in res.json['data']]
         assert expected == actual
 
-    #   test_date_filter_gt(self):
+    #   test_date_filter_gt
         res_url = '{}filter[date_created][gt]='.format(url)
 
         expected = []
@@ -191,7 +191,7 @@ def test_node_list_date_filter(self, app, user, node_may, node_june, node_july,
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    #   test_date_filter_gte(self):
+    #   test_date_filter_gte
         res_url = '{}filter[date_created][gte]='.format(url)
 
         expected = []
@@ -204,7 +204,7 @@ def test_node_list_date_filter(self, app, user, node_may, node_june, node_july,
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    #   test_date_fitler_lt(self):
+    #   test_date_fitler_lt
         res_url = '{}filter[date_created][lt]='.format(url)
 
         expected = []
@@ -217,7 +217,7 @@ def test_node_list_date_filter(self, app, user, node_may, node_june, node_july,
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    #   test_date_filter_lte(self):
+    #   test_date_filter_lte
         res_url = '{}filter[date_created][lte]='.format(url)
 
         expected = []
@@ -230,7 +230,7 @@ def test_node_list_date_filter(self, app, user, node_may, node_june, node_july,
         actual = [node['id'] for node in res.json['data']]
         assert set(expected) == set(actual)
 
-    #   test_date_filter_eq(self):
+    #   test_date_filter_eq
         res_url = '{}filter[date_created][eq]='.format(url)
 
         expected = []

From 72f6bf56f211bafec901a476491f0e76a561bd4e Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 22 Jun 2017 13:15:16 -0400
Subject: [PATCH 126/163] Point to master branch

---
 bower.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bower.json b/bower.json
index ed56bd4ec49..db278fb178d 100644
--- a/bower.json
+++ b/bower.json
@@ -20,7 +20,7 @@
     "raven-js": "2.1.0",
     "zeroclipboard": "2.1.6",
     "osf-style": "https://github.com/CenterForOpenScience/osf-style.git#1.0.0",
-    "At.js": "jquery.atwho",
+    "At.js": "jquery.atwho#master",
     "academicons": "1.7.0"
   }
 }

From e3e70c74d18576f08cb545ee345fc985d013c1b7 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 23 Jun 2017 10:26:43 -0400
Subject: [PATCH 127/163] Point to cos at.js fork

---
 bower.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bower.json b/bower.json
index db278fb178d..096a4b74c47 100644
--- a/bower.json
+++ b/bower.json
@@ -20,7 +20,7 @@
     "raven-js": "2.1.0",
     "zeroclipboard": "2.1.6",
     "osf-style": "https://github.com/CenterForOpenScience/osf-style.git#1.0.0",
-    "At.js": "jquery.atwho#master",
+    "At.js": "CenterForOpenScience/At.js#cos",
     "academicons": "1.7.0"
   }
 }

From f8e00b5d48b6b706b420d863f06add21f505c19d Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 23 Jun 2017 11:23:07 -0400
Subject: [PATCH 128/163] Remove form validation js

---
 website/static/js/profile.js | 23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/website/static/js/profile.js b/website/static/js/profile.js
index 8ff91c3e37a..5a163984ae0 100644
--- a/website/static/js/profile.js
+++ b/website/static/js/profile.js
@@ -676,19 +676,6 @@ var SocialViewModel = function(urls, modes, preventUnsaved) {
         return false;
     });
 
-    self.unmatchedUrls = ko.computed(function() {
-        var values = self.values();
-        var unmatched = [];
-        for (var i=0; i<self.values().length; i++) {
-            if (values[i].value) {
-                if (urlIsValid(values[i].text)) {
-                    unmatched.push(values[i].label);
-                }
-            }
-        }
-        return unmatched;
-    });
-
     self.addWebsiteInput = function() {
         this.profileWebsites.push(ko.observable().extend({
             ensureHttp: true
@@ -774,16 +761,6 @@ SocialViewModel.prototype.submit = function() {
             5000
         );
     }
-    else if (this.unmatchedUrls().length) {
-        var plural = this.unmatchedUrls().length > 1 ? 's' : '';
-        var message = 'Please check invalid profile url' + plural + ': <br>';
-        message += this.unmatchedUrls().join('<br>');
-        this.changeMessage(
-            message,
-            'text-danger',
-            8000
-        );
-    }
     else if (this.hasValidProperty() && this.isValid()) {
         var self = this;
         this.saving(true);

From f8cf12cba239ed9e789328a45511ff8c031fcd72 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Thu, 22 Jun 2017 14:23:58 -0400
Subject: [PATCH 129/163] Separate redirect link from addons on project
 settings page

- Use APIv2 for enabling/disabling/updating redirect link
---
 addons/forward/apps.py                        |   4 +-
 addons/forward/static/forwardConfig.js        | 138 +++++++++++-------
 addons/forward/static/node-cfg.js             |  34 ++++-
 .../templates/forward_node_settings.mako      |   7 +-
 website/project/views/node.py                 |   2 +-
 .../static/js/pages/project-settings-page.js  |   2 +-
 website/templates/project/settings.mako       |  78 +++++++++-
 7 files changed, 193 insertions(+), 72 deletions(-)

diff --git a/addons/forward/apps.py b/addons/forward/apps.py
index b9c6b406aee..e56ecd213ac 100644
--- a/addons/forward/apps.py
+++ b/addons/forward/apps.py
@@ -13,9 +13,9 @@ class ForwardAddonAppConfig(BaseAddonAppConfig):
 
     name = 'addons.forward'
     label = 'addons_forward'
-    full_name = 'External Link'
+    full_name = 'Redirect Link'
     short_name = 'forward'
-    configs = ['node']
+    configs = []
     owners = ['node']
     views = ['widget']
     categories = ['other']
diff --git a/addons/forward/static/forwardConfig.js b/addons/forward/static/forwardConfig.js
index 2f0b996e847..27648d49684 100644
--- a/addons/forward/static/forwardConfig.js
+++ b/addons/forward/static/forwardConfig.js
@@ -8,21 +8,29 @@ var $osf = require('js/osfHelpers');
 
 var MESSAGE_TIMEOUT = 5000;
 
-var DEFAULT_FORWARD_BOOL = true;
-
 /**
  * Knockout view model for the Forward node settings widget.
  */
-var ViewModel = function(url, nodeId) {
+var ViewModel = function(node, enabled, url, label) {
 
     var self = this;
 
-    // Forward configuration
-    self.url = ko.observable().extend({
+    var forwardUrl = $osf.apiV2Url('nodes/' + node.id + '/addons/forward/');
+
+    self.enabled = ko.observable(enabled);
+    self.label = koHelpers.sanitizedObservable(label);
+    self.url = ko.observable(url).extend({
         ensureHttp: true,
         url: true,
         required: true
     });
+
+    // Flashed messages
+    self.message = ko.observable('');
+    self.messageClass = ko.observable('text-info');
+
+    self.pendingRequest = ko.observable(false);
+
     ko.validation.addAnonymousRule(
         self.url,
         koHelpers.makeRegexValidator(
@@ -31,50 +39,54 @@ var ViewModel = function(url, nodeId) {
             false
         )
     );
-    self.label = koHelpers.sanitizedObservable();
-
-    // Flashed messages
-    self.message = ko.observable('');
-    self.messageClass = ko.observable('text-info');
 
     self.validators = ko.validatedObservable({
         url: self.url,
     });
 
-
-    /**
-     * Update the view model from data returned from the server.
-     */
-    self.updateFromData = function(data) {
-        self.url(data.url);
-        self.label(data.label);
-    };
-
-    self.fetchFromServer = function() {
-        $.ajax({
-            type: 'GET',
-            url: url,
-            dataType: 'json'
-        }).done(function(response) {
-            self.updateFromData(response);
-        }).fail(function(xhr, textStatus, error) {
-            self.changeMessage('Could not retrieve Forward settings at ' +
-                'this time. Please refresh ' +
-                'the page. If the problem persists, email ' +
-                '<a href="mailto:support@osf.io">support@osf.io</a>.',
-                'text-danger');
-            Raven.captureMessage('Could not GET get Forward addon settings.', {
-                extra: {
-                    url: url,
-                    textStatus: textStatus,
-                    error: error
+    self.enabled.subscribe(function(newValue) {
+        self.pendingRequest(true);
+        if (!newValue) {
+            $osf.ajaxJSON(
+                'delete',
+                forwardUrl,
+                {'isCors': true}
+            ).done(function(response) {
+                self.pendingRequest(false);
+            }).fail(function(xhr, status, error) {
+                $osf.growl('Error', 'Unable to disable redirect link.');
+                Raven.captureMessage('Error disabling redirect link.', {
+                    extra: {
+                        url: forwardUrl, status: status, error: error
+                    }
+                });
+            });
+        } else {
+            $osf.ajaxJSON(
+                'post',
+                forwardUrl,
+                {
+                    'data': {
+                        'data': {
+                            'id': 'forward',
+                            'type': 'node_addons',
+                            'attributes': {}
+                        }
+                    },
+                    'isCors': true
                 }
+            ).done(function(response) {
+                self.pendingRequest(false);
+            }).fail(function(xhr, status, error) {
+                $osf.growl('Error', 'Unable to enable redirect link.');
+                Raven.captureMessage('Error enabling redirect link.', {
+                    extra: {
+                        url: forwardUrl, status: status, error: error
+                    }
+                });
             });
-        });
-    };
-
-    // Initial fetch from server
-    self.fetchFromServer();
+        }
+    });
 
     function onSubmitSuccess() {
         if (self.url() == null) {
@@ -103,9 +115,14 @@ var ViewModel = function(url, nodeId) {
         }
         else {
             self.changeMessage(
-                'Could not change settings. Please try again later.',
+                'Could not change redirect link settings. Please try again later.',
                 'text-danger'
             );
+            Raven.captureMessage('Error updating redirect link.', {
+                extra: {
+                    url: forwardUrl, status: status, error: error
+                }
+            });
         }
     }
 
@@ -113,14 +130,29 @@ var ViewModel = function(url, nodeId) {
      * Submit new settings.
      */
     self.submitSettings = function() {
-        $osf.putJSON(
-            url,
-            ko.toJS(self)
-        ).done(
-            onSubmitSuccess
-        ).fail(
-            onSubmitError
-        );
+        self.pendingRequest(true);
+        $osf.ajaxJSON(
+            'put',
+            forwardUrl,
+            {
+                'data': {
+                    'data': {
+                        'id': 'forward',
+                        'type': 'node_addons',
+                        'attributes': {
+                            'url': self.url(),
+                            'label': self.label()
+                        }
+                    }
+                },
+                'isCors': true
+            }
+        ).done(function(response) {
+            onSubmitSuccess()
+            self.pendingRequest(false);
+        }).fail(function(response) {
+            onSubmitError()
+        });
     };
 
     /** Change the flashed message. */
@@ -140,9 +172,9 @@ var ViewModel = function(url, nodeId) {
 };
 
 // Public API
-function ForwardConfig(selector, url, nodeId) {
+function ForwardConfig(selector, node, enabled, url, label) {
     var self = this;
-    self.viewModel = new ViewModel(url, nodeId);
+    self.viewModel = new ViewModel(node, enabled, url, label);
     $osf.applyBindings(self.viewModel, selector);
 }
 
diff --git a/addons/forward/static/node-cfg.js b/addons/forward/static/node-cfg.js
index 66593bb2abc..5ab07313c9b 100644
--- a/addons/forward/static/node-cfg.js
+++ b/addons/forward/static/node-cfg.js
@@ -1,7 +1,31 @@
+var $osf = require('js/osfHelpers');
 var ForwardConfig = require('./forwardConfig.js');
 
-var url = window.contextVars.node.urls.api + 'forward/config/';
-// #forwardScope will only be in the DOM if the addon is properly configured
-if ($('#forwardScope')[0]) {
-    new ForwardConfig('#forwardScope', url, window.contextVars.node.id);
-}
+var ctx = window.contextVars;
+
+var enabled = false;
+var url = '';
+var label = '';
+
+$(document).ready(function() {
+    $osf.ajaxJSON(
+        'GET',
+        $osf.apiV2Url('nodes/' + ctx.node.id + '/addons/'),
+        {'isCors': true}
+    ).done(function(response){
+        response.data.forEach(function(addon) {
+            if (addon.id === 'forward') {
+                enabled = true;
+                url = addon.attributes.url;
+                label = addon.attributes.label;
+            }
+        });
+        new ForwardConfig('#configureForward', ctx.node, enabled, url, label);
+    }).fail(function(response){
+        $osf.growl('Error:', 'Unable to retrieve settings.');
+        Raven.captureMessage('Error occurred retrieving node addons');
+    });
+
+});
+
+
diff --git a/addons/forward/templates/forward_node_settings.mako b/addons/forward/templates/forward_node_settings.mako
index ed3ad2eb259..27f3e62a35b 100644
--- a/addons/forward/templates/forward_node_settings.mako
+++ b/addons/forward/templates/forward_node_settings.mako
@@ -1,10 +1,5 @@
 <div id="forwardScope" class="scripted">
 
-    <h4 class="addon-title">
-        <i class="fa fa-external-link"></i>
-        External Link
-    </h4>
-
     <!-- Settings Pane -->
     <div class="forward-settings">
 
@@ -16,7 +11,7 @@
                         id="forwardUrl"
                         class="form-control"
                         data-bind="value: url"
-                        placeholder="Required"
+                        placeholder="Send people who visit your OSF project page to this link instead"
                         />
             </div>
 
diff --git a/website/project/views/node.py b/website/project/views/node.py
index 2a401a9589d..3f3a8fefde2 100644
--- a/website/project/views/node.py
+++ b/website/project/views/node.py
@@ -278,7 +278,7 @@ def node_setting(auth, node, **kwargs):
         addon
         for addon in settings.ADDONS_AVAILABLE
         if 'node' in addon.owners
-        and addon.short_name not in settings.SYSTEM_ADDED_ADDONS['node'] and addon.short_name != 'wiki'
+        and addon.short_name not in settings.SYSTEM_ADDED_ADDONS['node'] and addon.short_name not in ['wiki', 'forward']
     ], key=lambda addon: addon.full_name.lower())
 
     for addon in settings.ADDONS_AVAILABLE:
diff --git a/website/static/js/pages/project-settings-page.js b/website/static/js/pages/project-settings-page.js
index caadd45bc2a..cec30011629 100644
--- a/website/static/js/pages/project-settings-page.js
+++ b/website/static/js/pages/project-settings-page.js
@@ -141,7 +141,7 @@ $(document).ready(function() {
         var unchecked = checkedOnLoad.filter('#selectAddonsForm input:not(:checked)');
         var checked = uncheckedOnLoad.filter('#selectAddonsForm input:checked');
         var msgElm = $(this).find('.addon-settings-message');
-        
+
         var submit = function() {
             var request = $osf.postJSON(ctx.node.urls.api + 'settings/addons/', formData);
             return request;
diff --git a/website/templates/project/settings.mako b/website/templates/project/settings.mako
index 55857ca8664..91d42a2a647 100644
--- a/website/templates/project/settings.mako
+++ b/website/templates/project/settings.mako
@@ -17,6 +17,8 @@
                     % if not node['is_registration']:
                         <li><a href="#configureNodeAnchor">${node['node_type'].capitalize()}</a></li>
 
+                        <li><a href="#redirectLink">Redirect Link</a></li>
+
                         <li><a href="#selectAddonsAnchor">Select Add-ons</a></li>
 
                         % if addon_enabled_settings:
@@ -105,6 +107,76 @@
 
         % endif  ## End Configure Project
 
+        % if 'write' in user['permissions']:  ## Begin Redirect Link Config
+            % if not node['is_registration']:
+
+                <div class="panel panel-default">
+                    <span id="redirectLink" class="anchor"></span>
+                    <div class="panel-heading clearfix">
+                        <h3 class="panel-title">Redirect Link</h3>
+                    </div>
+                    <div class="panel-body" id="configureForward">
+                        <div>
+                            <label>
+                                <input
+                                    type="checkbox"
+                                    name="forward"
+                                    data-bind="checked: enabled, disable: pendingRequest"
+                                    ${'disabled' if node['is_registration'] else ''}
+                                />
+                                Redirect visitors from your project page to an external webpage
+                            </label>
+                        </div>
+
+                        <div data-bind="visible: enabled" style="display: none">
+
+                            <div class="forward-settings">
+
+                                <form class="form" data-bind="submit: submitSettings">
+
+                                    <div class="form-group">
+                                        <label for="forwardUrl">URL</label>
+                                        <input
+                                            id="forwardUrl"
+                                            class="form-control"
+                                            data-bind="value: url"
+                                            placeholder="Send people who visit your OSF project page to this link instead"
+                                        />
+                                    </div>
+
+                                    <div class="form-group">
+                                        <label for="forwardLabel">Label</label>
+                                        <input
+                                            id="forwardLabel"
+                                            class="form-control"
+                                            data-bind="value: label"
+                                            placeholder="Optional"
+                                        />
+                                    </div>
+
+                                    <div class="row">
+                                        <div class="col-md-10 overflow">
+                                            <p data-bind="html: message, attr: {class: messageClass}"></p>
+                                        </div>
+                                        <div class="col-md-2">
+                                            <input
+                                                type="submit"
+                                               class="btn btn-success pull-right"
+                                               value="Save"
+                                            />
+                                        </div>
+                                    </div>
+
+                                </form>
+
+                            </div><!-- end .forward-settings -->
+                        </div><!-- end #configureForward -->
+
+                    </div>
+                </div>
+            %endif
+        %endif ## End Redirect Link Config
+
         % if 'write' in user['permissions']:  ## Begin Select Addons
 
             % if not node['is_registration']:
@@ -441,8 +513,6 @@
 
 </div>
 
-
-
 <%def name="render_node_settings(data)">
     <%
        template_name = data['node_settings_template']
@@ -483,10 +553,10 @@
     </script>
 
     <script type="text/javascript" src=${"/static/public/js/project-settings-page.js" | webpack_asset}></script>
+    <script type="text/javascript" src=${"/static/public/js/forward/node-cfg.js" | webpack_asset}></script>
 
     % for js_asset in addon_js:
-    <script src="${js_asset | webpack_asset}"></script>
+        <script src="${js_asset | webpack_asset}"></script>
     % endfor
 
-
 </%def>

From dd94ce5f176c0dc8293d356b1075c555f357132c Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Wed, 28 Jun 2017 14:48:34 -0400
Subject: [PATCH 130/163] Set pendingRequest to false on request failure.

---
 addons/forward/static/forwardConfig.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/addons/forward/static/forwardConfig.js b/addons/forward/static/forwardConfig.js
index 27648d49684..1444aef9ea1 100644
--- a/addons/forward/static/forwardConfig.js
+++ b/addons/forward/static/forwardConfig.js
@@ -152,6 +152,7 @@ var ViewModel = function(node, enabled, url, label) {
             self.pendingRequest(false);
         }).fail(function(response) {
             onSubmitError()
+            self.pendingRequest(false);
         });
     };
 

From 0baed965e4a4b0836ff05d837dd27df59c616efd Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Thu, 29 Jun 2017 11:04:23 -0400
Subject: [PATCH 131/163] fix boolean comparisons & rename fixture

---
 .../files/serializers/test_file_serializer.py    | 16 ++++++++--------
 api_tests/files/views/test_file_detail.py        |  8 ++++----
 2 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/api_tests/files/serializers/test_file_serializer.py b/api_tests/files/serializers/test_file_serializer.py
index 2818d40061f..6f22881dd16 100644
--- a/api_tests/files/serializers/test_file_serializer.py
+++ b/api_tests/files/serializers/test_file_serializer.py
@@ -23,32 +23,32 @@ def node(self, user):
         return NodeFactory(creator=user)
 
     @pytest.fixture()
-    def file(self, node, user):
+    def file_one(self, node, user):
         return utils.create_test_file(node, user)
 
-    def test_file_serializer(self, file):
-        date_created = file.versions.first().date_created
-        date_modified = file.versions.last().date_created
+    def test_file_serializer(self, file_one):
+        date_created = file_one.versions.first().date_created
+        date_modified = file_one.versions.last().date_created
         date_created_tz_aware = date_created.replace(tzinfo=utc)
         date_modified_tz_aware = date_modified.replace(tzinfo=utc)
         new_format = '%Y-%m-%dT%H:%M:%S.%fZ'
 
         # test_date_modified_formats_to_old_format
         req = make_drf_request_with_version(version='2.0')
-        data = FileSerializer(file, context={'request': req}).data['data']
+        data = FileSerializer(file_one, context={'request': req}).data['data']
         assert date_modified_tz_aware == data['attributes']['date_modified']
 
         # test_date_modified_formats_to_new_format
         req = make_drf_request_with_version(version='2.2')
-        data = FileSerializer(file, context={'request': req}).data['data']
+        data = FileSerializer(file_one, context={'request': req}).data['data']
         assert datetime.strftime(date_modified, new_format) == data['attributes']['date_modified']
 
         # test_date_created_formats_to_old_format
         req = make_drf_request_with_version(version='2.0')
-        data = FileSerializer(file, context={'request': req}).data['data']
+        data = FileSerializer(file_one, context={'request': req}).data['data']
         assert date_created_tz_aware == data['attributes']['date_created']
 
         # test_date_created_formats_to_new_format
         req = make_drf_request_with_version(version='2.2')
-        data = FileSerializer(file, context={'request': req}).data['data']
+        data = FileSerializer(file_one, context={'request': req}).data['data']
         assert datetime.strftime(date_created, new_format) == data['attributes']['date_created']
diff --git a/api_tests/files/views/test_file_detail.py b/api_tests/files/views/test_file_detail.py
index 62e389de7f7..9a85e2e2d2d 100644
--- a/api_tests/files/views/test_file_detail.py
+++ b/api_tests/files/views/test_file_detail.py
@@ -154,13 +154,13 @@ def test_only_project_contrib_can_comment_on_closed_project(self, app, user, nod
         res = app.get(file_url, auth=user.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
         assert res.status_code == 200
-        assert can_comment == True
+        assert can_comment is True
 
         non_contributor = AuthUserFactory()
         res = app.get(file_url, auth=non_contributor.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
         assert res.status_code == 200
-        assert can_comment == False
+        assert can_comment is False
 
     def test_logged_or_not_user_comment_status_on_open_project(self, app, node, file_url):
         node.is_public = True
@@ -171,13 +171,13 @@ def test_logged_or_not_user_comment_status_on_open_project(self, app, node, file
         res = app.get(file_url, auth=non_contributor.auth)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
         assert res.status_code == 200
-        assert can_comment == True
+        assert can_comment is True
 
         # test_non_logged_in_user_cant_comment(self, app, file_url, node):
         res = app.get(file_url)
         can_comment = res.json['data']['attributes']['current_user_can_comment']
         assert res.status_code == 200
-        assert can_comment == False
+        assert can_comment is False
 
     def test_checkout(self, app, user, file, file_url, node):
         assert file.checkout == None

From 7a916fddb6eb23618e9fc2d8e4c20552d37cc817 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Fri, 30 Jun 2017 10:26:12 -0400
Subject: [PATCH 132/163] Move redirect link config to end of project settings
 page.

---
 website/templates/project/settings.mako | 144 ++++++++++++------------
 1 file changed, 72 insertions(+), 72 deletions(-)

diff --git a/website/templates/project/settings.mako b/website/templates/project/settings.mako
index 91d42a2a647..bebfe28362c 100644
--- a/website/templates/project/settings.mako
+++ b/website/templates/project/settings.mako
@@ -17,8 +17,6 @@
                     % if not node['is_registration']:
                         <li><a href="#configureNodeAnchor">${node['node_type'].capitalize()}</a></li>
 
-                        <li><a href="#redirectLink">Redirect Link</a></li>
-
                         <li><a href="#selectAddonsAnchor">Select Add-ons</a></li>
 
                         % if addon_enabled_settings:
@@ -37,6 +35,8 @@
 
                         <li><a href="#configureNotificationsAnchor">Email Notifications</a></li>
 
+                        <li><a href="#redirectLink">Redirect Link</a></li>
+
                     % endif
 
                     % if node['is_registration']:
@@ -107,76 +107,6 @@
 
         % endif  ## End Configure Project
 
-        % if 'write' in user['permissions']:  ## Begin Redirect Link Config
-            % if not node['is_registration']:
-
-                <div class="panel panel-default">
-                    <span id="redirectLink" class="anchor"></span>
-                    <div class="panel-heading clearfix">
-                        <h3 class="panel-title">Redirect Link</h3>
-                    </div>
-                    <div class="panel-body" id="configureForward">
-                        <div>
-                            <label>
-                                <input
-                                    type="checkbox"
-                                    name="forward"
-                                    data-bind="checked: enabled, disable: pendingRequest"
-                                    ${'disabled' if node['is_registration'] else ''}
-                                />
-                                Redirect visitors from your project page to an external webpage
-                            </label>
-                        </div>
-
-                        <div data-bind="visible: enabled" style="display: none">
-
-                            <div class="forward-settings">
-
-                                <form class="form" data-bind="submit: submitSettings">
-
-                                    <div class="form-group">
-                                        <label for="forwardUrl">URL</label>
-                                        <input
-                                            id="forwardUrl"
-                                            class="form-control"
-                                            data-bind="value: url"
-                                            placeholder="Send people who visit your OSF project page to this link instead"
-                                        />
-                                    </div>
-
-                                    <div class="form-group">
-                                        <label for="forwardLabel">Label</label>
-                                        <input
-                                            id="forwardLabel"
-                                            class="form-control"
-                                            data-bind="value: label"
-                                            placeholder="Optional"
-                                        />
-                                    </div>
-
-                                    <div class="row">
-                                        <div class="col-md-10 overflow">
-                                            <p data-bind="html: message, attr: {class: messageClass}"></p>
-                                        </div>
-                                        <div class="col-md-2">
-                                            <input
-                                                type="submit"
-                                               class="btn btn-success pull-right"
-                                               value="Save"
-                                            />
-                                        </div>
-                                    </div>
-
-                                </form>
-
-                            </div><!-- end .forward-settings -->
-                        </div><!-- end #configureForward -->
-
-                    </div>
-                </div>
-            %endif
-        %endif ## End Redirect Link Config
-
         % if 'write' in user['permissions']:  ## Begin Select Addons
 
             % if not node['is_registration']:
@@ -460,6 +390,76 @@
 
         % endif ## End Configure Email Notifications
 
+        % if 'write' in user['permissions']:  ## Begin Redirect Link Config
+            % if not node['is_registration']:
+
+                <div class="panel panel-default">
+                    <span id="redirectLink" class="anchor"></span>
+                    <div class="panel-heading clearfix">
+                        <h3 class="panel-title">Redirect Link</h3>
+                    </div>
+                    <div class="panel-body" id="configureForward">
+                        <div>
+                            <label>
+                                <input
+                                    type="checkbox"
+                                    name="forward"
+                                    data-bind="checked: enabled, disable: pendingRequest"
+                                    ${'disabled' if node['is_registration'] else ''}
+                                />
+                                Redirect visitors from your project page to an external webpage
+                            </label>
+                        </div>
+
+                        <div data-bind="visible: enabled" style="display: none">
+
+                            <div class="forward-settings">
+
+                                <form class="form" data-bind="submit: submitSettings">
+
+                                    <div class="form-group">
+                                        <label for="forwardUrl">URL</label>
+                                        <input
+                                            id="forwardUrl"
+                                            class="form-control"
+                                            data-bind="value: url"
+                                            placeholder="Send people who visit your OSF project page to this link instead"
+                                        />
+                                    </div>
+
+                                    <div class="form-group">
+                                        <label for="forwardLabel">Label</label>
+                                        <input
+                                            id="forwardLabel"
+                                            class="form-control"
+                                            data-bind="value: label"
+                                            placeholder="Optional"
+                                        />
+                                    </div>
+
+                                    <div class="row">
+                                        <div class="col-md-10 overflow">
+                                            <p data-bind="html: message, attr: {class: messageClass}"></p>
+                                        </div>
+                                        <div class="col-md-2">
+                                            <input
+                                                type="submit"
+                                               class="btn btn-success pull-right"
+                                               value="Save"
+                                            />
+                                        </div>
+                                    </div>
+
+                                </form>
+
+                            </div><!-- end .forward-settings -->
+                        </div><!-- end #configureForward -->
+
+                    </div>
+                </div>
+            %endif
+        %endif ## End Redirect Link Config
+
         % if 'admin' in user['permissions']:  ## Begin Retract Registration
 
             % if node['is_registration']:

From 220873a2a632862bcbaf3e5249949399a8d1acf5 Mon Sep 17 00:00:00 2001
From: TomBaxter <tkb608@gmail.com>
Date: Fri, 30 Jun 2017 11:29:04 -0400
Subject: [PATCH 133/163] Delete subjects_acceptable list from
 PreprintProviderSerializer

[#OSF-7948]
Preprint providers should not have subjects_acceptable in API response

Deprecated subjects_acceptable
New API version 2.5
Renamed PreprintProviderSubjectList to PreprintProviderTaxonomies as it
is now only used by the taxonomies endpoint.
---
 api/base/settings/defaults.py         | 1 +
 api/base/settings/local-dist.py       | 1 +
 api/preprint_providers/serializers.py | 5 ++++-
 api/preprint_providers/urls.py        | 2 +-
 api/preprint_providers/views.py       | 4 +---
 5 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/api/base/settings/defaults.py b/api/base/settings/defaults.py
index a1878ad1c4b..2abac9efabb 100644
--- a/api/base/settings/defaults.py
+++ b/api/base/settings/defaults.py
@@ -152,6 +152,7 @@
         '2.2',
         '2.3',
         '2.4',
+        '2.5',
     ),
     'DEFAULT_FILTER_BACKENDS': ('api.base.filters.ODMOrderingFilter',),
     'DEFAULT_PAGINATION_CLASS': 'api.base.pagination.JSONAPIPagination',
diff --git a/api/base/settings/local-dist.py b/api/base/settings/local-dist.py
index c18bb011222..76d80610f01 100644
--- a/api/base/settings/local-dist.py
+++ b/api/base/settings/local-dist.py
@@ -26,6 +26,7 @@
     '2.2',
     '2.3',
     '2.4',
+    '2.5',
     '3.0',
     '3.0.1',
 )
diff --git a/api/preprint_providers/serializers.py b/api/preprint_providers/serializers.py
index 0c33caf09c0..24c7f51dfe8 100644
--- a/api/preprint_providers/serializers.py
+++ b/api/preprint_providers/serializers.py
@@ -21,7 +21,6 @@ class PreprintProviderSerializer(JSONAPISerializer):
     example = ser.CharField(required=False, allow_null=True)
     domain = ser.CharField(required=False, allow_null=False)
     domain_redirect_enabled = ser.BooleanField(required=True)
-    subjects_acceptable = ser.JSONField(required=False, allow_null=True)
     footer_links = ser.CharField(required=False)
     share_source = ser.CharField(read_only=True)
     email_support = ser.CharField(required=False, allow_null=True)
@@ -78,6 +77,10 @@ class PreprintProviderSerializer(JSONAPISerializer):
         ser.CharField(required=False, allow_null=True),
         min_version='2.0', max_version='2.3'
     )
+    subjects_acceptable = ShowIfVersion(
+        ser.ListField(required=False, default=[]),
+        min_version='2.0', max_version='2.4'
+    )
 
     class Meta:
         type_ = 'preprint_providers'
diff --git a/api/preprint_providers/urls.py b/api/preprint_providers/urls.py
index 4319b8aaba3..69925d950f9 100644
--- a/api/preprint_providers/urls.py
+++ b/api/preprint_providers/urls.py
@@ -8,5 +8,5 @@
     url(r'^(?P<provider_id>\w+)/$', views.PreprintProviderDetail.as_view(), name=views.PreprintProviderDetail.view_name),
     url(r'^(?P<provider_id>\w+)/licenses/$', views.PreprintProviderLicenseList.as_view(), name=views.PreprintProviderLicenseList.view_name),
     url(r'^(?P<provider_id>\w+)/preprints/$', views.PreprintProviderPreprintList.as_view(), name=views.PreprintProviderPreprintList.view_name),
-    url(r'^(?P<provider_id>\w+)/taxonomies/$', views.PreprintProviderSubjectList.as_view(), name=views.PreprintProviderSubjectList.view_name),
+    url(r'^(?P<provider_id>\w+)/taxonomies/$', views.PreprintProviderTaxonomies.as_view(), name=views.PreprintProviderTaxonomies.view_name),
 ]
diff --git a/api/preprint_providers/views.py b/api/preprint_providers/views.py
index 91492acc43e..e0cae47faef 100644
--- a/api/preprint_providers/views.py
+++ b/api/preprint_providers/views.py
@@ -39,7 +39,6 @@ class PreprintProviderList(JSONAPIBaseView, generics.ListAPIView, ODMFilterMixin
         advisory_board           string              HTML for the advisory board/steering committee section
         email_contact            string              the contact email for the preprint provider
         email_support            string              the support email for the preprint provider
-        subjects_acceptable      [[string],boolean]  the list of acceptable subjects for the preprint provider
         social_facebook          string              the preprint provider's Facebook account
         social_instagram         string              the preprint provider's Instagram account
         social_twitter           string              the preprint provider's Twitter account
@@ -103,7 +102,6 @@ class PreprintProviderDetail(JSONAPIBaseView, generics.RetrieveAPIView):
         advisory_board           string              HTML for the advisory board/steering committee section
         email_contact            string              the contact email for the preprint provider
         email_support            string              the support email for the preprint provider
-        subjects_acceptable      [[string],boolean]  the list of acceptable subjects for the preprint provider
         social_facebook          string              the preprint provider's Facebook account
         social_instagram         string              the preprint provider's Instagram account
         social_twitter           string              the preprint provider's Twitter account
@@ -220,7 +218,7 @@ def get_queryset(self):
         return PreprintService.objects.filter(self.get_query_from_request()).distinct()
 
 
-class PreprintProviderSubjectList(JSONAPIBaseView, generics.ListAPIView):
+class PreprintProviderTaxonomies(JSONAPIBaseView, generics.ListAPIView):
     permission_classes = (
         drf_permissions.IsAuthenticatedOrReadOnly,
         base_permissions.TokenHasScope,

From 493c1cac9ac7be2463d18ba4b06f8ba2c6ab89bc Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 5 Jul 2017 10:21:09 -0400
Subject: [PATCH 134/163] fix spacing & permissions

---
 api_tests/nodes/views/test_node_list.py                      | 1 -
 api_tests/nodes/views/test_node_relationship_institutions.py | 2 +-
 api_tests/nodes/views/test_node_wiki_list.py                 | 1 -
 3 files changed, 1 insertion(+), 3 deletions(-)

diff --git a/api_tests/nodes/views/test_node_list.py b/api_tests/nodes/views/test_node_list.py
index bfc4dd36651..ce4070f462c 100644
--- a/api_tests/nodes/views/test_node_list.py
+++ b/api_tests/nodes/views/test_node_list.py
@@ -29,7 +29,6 @@ def user():
 def non_contrib():
     return AuthUserFactory()
 
-
 @pytest.mark.django_db
 class TestNodeList:
 
diff --git a/api_tests/nodes/views/test_node_relationship_institutions.py b/api_tests/nodes/views/test_node_relationship_institutions.py
index 52a083c5dfc..7cfdb4c32df 100644
--- a/api_tests/nodes/views/test_node_relationship_institutions.py
+++ b/api_tests/nodes/views/test_node_relationship_institutions.py
@@ -53,7 +53,7 @@ def read_contrib(self, read_contrib_institution):
     @pytest.fixture()
     def node(self, user, write_contrib, read_contrib):
         node = NodeFactory(creator=user)
-        node.add_contributor(write_contrib, permissions=[permissions.WRITE])
+        node.add_contributor(write_contrib, permissions=[permissions.READ, permissions.WRITE])
         node.add_contributor(read_contrib, permissions=[permissions.READ])
         node.save()
         return node
diff --git a/api_tests/nodes/views/test_node_wiki_list.py b/api_tests/nodes/views/test_node_wiki_list.py
index ae31fba6ce9..838012238dc 100644
--- a/api_tests/nodes/views/test_node_wiki_list.py
+++ b/api_tests/nodes/views/test_node_wiki_list.py
@@ -15,7 +15,6 @@
 def user():
     return AuthUserFactory()
 
-
 @pytest.mark.django_db
 class TestNodeWikiList:
 

From 9e44a6e4afb3d2b6541ac872cbfe5a951df7ec10 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Wed, 5 Jul 2017 11:15:26 -0400
Subject: [PATCH 135/163] switch to django Q, add trailing comma

---
 api_tests/preprints/views/test_preprint_detail.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/api_tests/preprints/views/test_preprint_detail.py b/api_tests/preprints/views/test_preprint_detail.py
index d382955c627..059e2e8394b 100644
--- a/api_tests/preprints/views/test_preprint_detail.py
+++ b/api_tests/preprints/views/test_preprint_detail.py
@@ -1,6 +1,6 @@
 import functools
 import mock
-from modularodm import Q
+from django import Q
 import pytest
 
 from api.base.settings.defaults import API_BASE
@@ -12,7 +12,7 @@
     AuthUserFactory, 
     ProjectFactory, 
     SubjectFactory, 
-    PreprintProviderFactory
+    PreprintProviderFactory,
 )
 from rest_framework import exceptions
 from tests.base import fake, capture_signals
@@ -330,15 +330,15 @@ def non_contrib(self):
 
     @pytest.fixture()
     def cc0_license(self):
-        return NodeLicense.find_one(Q('name', 'eq', 'CC0 1.0 Universal'))
+        return NodeLicense.objects.filter(name='CC0 1.0 Universal').first()
 
     @pytest.fixture()
     def mit_license(self):
-        return NodeLicense.find_one(Q('name', 'eq', 'MIT License'))
+        return NodeLicense.objects.filter(name='MIT License').first()
 
     @pytest.fixture()
     def no_license(self):
-        return NodeLicense.find_one(Q('name', 'eq', 'No license'))
+        return NodeLicense.objects.filter(name='MIT License').first()
 
     @pytest.fixture()
     def preprint_provider(self, cc0_license, no_license):

From 671fad0451ec32f10a1a3208b63594c9985704ca Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Thu, 15 Jun 2017 14:43:55 -0400
Subject: [PATCH 136/163] Add highlighted field, migration

[#OSF-8041]
---
 osf/migrations/0041_subject_highlighted.py | 20 ++++++++++++++++++++
 osf/models/subject.py                      |  4 +++-
 osf/models/validators.py                   |  4 ++++
 3 files changed, 27 insertions(+), 1 deletion(-)
 create mode 100644 osf/migrations/0041_subject_highlighted.py

diff --git a/osf/migrations/0041_subject_highlighted.py b/osf/migrations/0041_subject_highlighted.py
new file mode 100644
index 00000000000..335bbf44554
--- /dev/null
+++ b/osf/migrations/0041_subject_highlighted.py
@@ -0,0 +1,20 @@
+# -*- coding: utf-8 -*-
+# Generated by Django 1.11.2 on 2017-06-15 18:04
+from __future__ import unicode_literals
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('osf', '0040_merge_20170619_0922'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='subject',
+            name='highlighted',
+            field=models.BooleanField(db_index=True, default=False),
+        ),
+    ]
diff --git a/osf/models/subject.py b/osf/models/subject.py
index 3e90151b7bb..bb0911028b3 100644
--- a/osf/models/subject.py
+++ b/osf/models/subject.py
@@ -9,7 +9,7 @@
 from website.util import api_v2_url
 
 from osf.models.base import BaseModel, ObjectIDMixin
-from osf.models.validators import validate_subject_hierarchy_length, validate_subject_provider_mapping
+from osf.models.validators import validate_subject_hierarchy_length, validate_subject_provider_mapping, validate_subject_highlighted_count
 
 class SubjectQuerySet(IncludeQuerySet):
     def include_children(self):
@@ -24,6 +24,7 @@ class Subject(ObjectIDMixin, BaseModel, DirtyFieldsMixin):
     parent = models.ForeignKey('self', related_name='children', null=True, blank=True, on_delete=models.SET_NULL, validators=[validate_subject_hierarchy_length])
     bepress_subject = models.ForeignKey('self', related_name='aliases', null=True, blank=True, on_delete=models.deletion.CASCADE)
     provider = models.ForeignKey('PreprintProvider', related_name='subjects', on_delete=models.deletion.CASCADE)
+    highlighted = models.BooleanField(db_index=True, default=False)
 
     objects = SubjectQuerySet.as_manager()
 
@@ -67,6 +68,7 @@ def object_hierarchy(self):
     def save(self, *args, **kwargs):
         saved_fields = self.get_dirty_fields() or []
         validate_subject_provider_mapping(self.provider, self.bepress_subject)
+        validate_subject_highlighted_count(self.provider, bool('highlighted' in saved_fields and self.highlighted))
         if 'text' in saved_fields and self.pk and self.preprint_services.exists():
             raise ValidationError('Cannot edit a used Subject')
         return super(Subject, self).save()
diff --git a/osf/models/validators.py b/osf/models/validators.py
index 119d8ea211c..85f81ce7a21 100644
--- a/osf/models/validators.py
+++ b/osf/models/validators.py
@@ -92,6 +92,10 @@ def validate_email(value):
     if value.split('@')[1].lower() in settings.BLACKLISTED_DOMAINS:
         raise ValidationError('Invalid Email')
 
+def validate_subject_highlighted_count(provider, is_highlighted_addition):
+    if is_highlighted_addition and provider.subjects.filter(highlighted=True).count() >= 10:
+        raise DjangoValidationError('Too many highlighted subjects for PreprintProvider {}'.format(provider._id))
+
 def validate_subject_hierarchy_length(parent):
     from osf.models import Subject
     parent = Subject.objects.get(id=parent)

From 0742719c1fc2124f36610c6eb8605365708b3c97 Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Thu, 15 Jun 2017 14:44:46 -0400
Subject: [PATCH 137/163] Add `highlighted_subjects` to PrePriPro

---
 osf/models/preprint_provider.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/osf/models/preprint_provider.py b/osf/models/preprint_provider.py
index 5a14f7a8f2c..715a7f58371 100644
--- a/osf/models/preprint_provider.py
+++ b/osf/models/preprint_provider.py
@@ -45,6 +45,13 @@ class Meta:
     def __unicode__(self):
         return '{} with id {}'.format(self.name, self.id)
 
+    @property
+    def highlighted_subjects(self):
+        if self.subjects.filter(highlighted=True).exists():
+            return self.subjects.filter(highlighted=True).order_by('text')[:10]
+        else:
+            return sorted(self.top_level_subjects, key=lambda s: s.text)[:10]
+
     @property
     def top_level_subjects(self):
         if self.subjects.exists():

From 369b8bc778caa106aeb2043ca5c8fe8b4e78289b Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Thu, 15 Jun 2017 14:45:19 -0400
Subject: [PATCH 138/163] Add API route, view

---
 api/preprint_providers/urls.py  |  1 +
 api/preprint_providers/views.py | 19 +++++++++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/api/preprint_providers/urls.py b/api/preprint_providers/urls.py
index 69925d950f9..b6cf11cdda7 100644
--- a/api/preprint_providers/urls.py
+++ b/api/preprint_providers/urls.py
@@ -9,4 +9,5 @@
     url(r'^(?P<provider_id>\w+)/licenses/$', views.PreprintProviderLicenseList.as_view(), name=views.PreprintProviderLicenseList.view_name),
     url(r'^(?P<provider_id>\w+)/preprints/$', views.PreprintProviderPreprintList.as_view(), name=views.PreprintProviderPreprintList.view_name),
     url(r'^(?P<provider_id>\w+)/taxonomies/$', views.PreprintProviderTaxonomies.as_view(), name=views.PreprintProviderTaxonomies.view_name),
+    url(r'^(?P<provider_id>\w+)/taxonomies/highlighted/$', views.PreprintProviderHighlightedSubjectList.as_view(), name=views.PreprintProviderSubjectList.view_name),
 ]
diff --git a/api/preprint_providers/views.py b/api/preprint_providers/views.py
index e0cae47faef..21a18aadba6 100644
--- a/api/preprint_providers/views.py
+++ b/api/preprint_providers/views.py
@@ -261,6 +261,25 @@ def get_queryset(self):
         return provider.all_subjects
 
 
+class PreprintProviderHighlightedSubjectList(JSONAPIBaseView, generics.ListAPIView):
+    permission_classes = (
+        drf_permissions.IsAuthenticatedOrReadOnly,
+        base_permissions.TokenHasScope,
+    )
+
+    view_category = 'preprint_providers'
+    view_name = 'highlighted-taxonomy-list'
+
+    required_read_scopes = [CoreScopes.ALWAYS_PUBLIC]
+    required_write_scopes = [CoreScopes.NULL]
+
+    serializer_class = TaxonomySerializer
+
+    def get_queryset(self):
+        provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], display_name='PreprintProvider')
+        return provider.highlighted_subjects
+
+
 class PreprintProviderLicenseList(LicenseList):
     ordering = ()
     view_category = 'preprint_providers'

From 619d5a533b7450af2a0841573ddcbe7fb71af23d Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Mon, 19 Jun 2017 19:50:39 -0400
Subject: [PATCH 139/163] Create Admin forms/views for Subjects

---
 admin/base/urls.py                    |  1 +
 admin/subjects/__init__.py            |  0
 admin/subjects/forms.py               |  9 ++++++
 admin/subjects/urls.py                | 11 +++++++
 admin/subjects/views.py               | 35 +++++++++++++++++++++++
 admin/templates/base.html             |  3 ++
 admin/templates/osf/subject_form.html | 25 ++++++++++++++++
 admin/templates/osf/subject_list.html | 41 +++++++++++++++++++++++++++
 8 files changed, 125 insertions(+)
 create mode 100644 admin/subjects/__init__.py
 create mode 100644 admin/subjects/forms.py
 create mode 100644 admin/subjects/urls.py
 create mode 100644 admin/subjects/views.py
 create mode 100644 admin/templates/osf/subject_form.html
 create mode 100644 admin/templates/osf/subject_list.html

diff --git a/admin/base/urls.py b/admin/base/urls.py
index b073e9aa6f2..7e92598f2bc 100644
--- a/admin/base/urls.py
+++ b/admin/base/urls.py
@@ -21,6 +21,7 @@
             url(r'^password/', include('password_reset.urls')),
             url(r'^nodes/', include('admin.nodes.urls', namespace='nodes')),
             url(r'^preprints/', include('admin.preprints.urls', namespace='preprints')),
+            url(r'^subjects/', include('admin.subjects.urls', namespace='subjects')),
             url(r'^users/', include('admin.users.urls', namespace='users')),
             url(r'^meetings/', include('admin.meetings.urls',
                                        namespace='meetings')),
diff --git a/admin/subjects/__init__.py b/admin/subjects/__init__.py
new file mode 100644
index 00000000000..e69de29bb2d
diff --git a/admin/subjects/forms.py b/admin/subjects/forms.py
new file mode 100644
index 00000000000..ac4ec7122bb
--- /dev/null
+++ b/admin/subjects/forms.py
@@ -0,0 +1,9 @@
+from django import forms
+
+from osf.models.subject import Subject
+
+
+class SubjectForm(forms.ModelForm):
+    class Meta:
+        model = Subject
+        fields = ['text', 'highlighted']
diff --git a/admin/subjects/urls.py b/admin/subjects/urls.py
new file mode 100644
index 00000000000..d6ea2c921bb
--- /dev/null
+++ b/admin/subjects/urls.py
@@ -0,0 +1,11 @@
+from __future__ import absolute_import
+
+from django.conf.urls import url
+
+from admin.subjects import views
+
+urlpatterns = [
+    url(r'^$', views.SubjectListView.as_view(), name='list'),
+    url(r'^(?P<pk>[0-9]+)/$', views.SubjectUpdateView.as_view(),
+        name='update'),
+]
diff --git a/admin/subjects/views.py b/admin/subjects/views.py
new file mode 100644
index 00000000000..906f1decc30
--- /dev/null
+++ b/admin/subjects/views.py
@@ -0,0 +1,35 @@
+from django.contrib.auth.mixins import PermissionRequiredMixin
+from django.core.urlresolvers import reverse_lazy
+from django.views.generic import ListView, UpdateView
+
+from admin.subjects.forms import SubjectForm
+from osf.models.subject import Subject
+from osf.models.preprint_provider import PreprintProvider
+
+
+class SubjectListView(PermissionRequiredMixin, ListView):
+    model = Subject
+    permission_required = 'osf.view_subject'
+    paginate_by = 100
+    raise_exception = True
+
+    def get_queryset(self):
+        request = self.request.GET
+        qs = super(SubjectListView, self).get_queryset().order_by('text')
+        if PreprintProvider.objects.filter(_id=request.get('provider_id')).exists():
+            qs = qs.filter(provider___id=request.get('provider_id'))
+        return qs
+
+    def get_context_data(self, **kwargs):
+        context = super(SubjectListView, self).get_context_data(**kwargs)
+        context['filterable_provider_ids'] = dict({'': '---'}, **dict(PreprintProvider.objects.values_list('_id', 'name')))
+        return context
+
+class SubjectUpdateView(PermissionRequiredMixin, UpdateView):
+    form_class = SubjectForm
+    model = SubjectForm.Meta.model
+    permission_required = 'osf.edit_subject'
+    raise_exception = True
+
+    def get_success_url(self, *args, **kwargs):
+        return reverse_lazy('subjects:list')
diff --git a/admin/templates/base.html b/admin/templates/base.html
index c9c3a21bc6c..708deaacfda 100644
--- a/admin/templates/base.html
+++ b/admin/templates/base.html
@@ -171,6 +171,9 @@
           {% if perms.osf.view_metrics %}
             <li><a href="{% url 'metrics:metrics' %}"><i class='fa fa-link'></i> <span>OSF Metrics</span></a></li>
           {% endif %}
+          {% if perms.osf.view_subjects%}
+            <li><a href="{% url 'subjects:list' %}"><i class='fa fa-link'></i> <span>OSF Subjects</span></a></li>
+          {% endif %}
           </ul><!-- /.sidebar-menu -->
         </section>
         <!-- /.sidebar -->
diff --git a/admin/templates/osf/subject_form.html b/admin/templates/osf/subject_form.html
new file mode 100644
index 00000000000..5f9d2566290
--- /dev/null
+++ b/admin/templates/osf/subject_form.html
@@ -0,0 +1,25 @@
+{% extends 'base.html' %}
+
+{% block content %}
+  <h3>Subject:</h3>
+  <dl>
+    <dt>ID</dt> <dd>{{object.id}}</dd>
+    <dt>Text</dt> <dd>{{object.text}}</dd>
+    <dt>Provider</dt> <dd>{{object.provider.name}}</dd>
+    <dt>Highlighted</dt> <dd>{{object.highlighted}}</dd>
+    <dt>Hierarchy</dt> 
+    <dd>
+      {% for s in object.object_hierarchy %}
+        {{s.text}}
+        {% if not forloop.last %}
+         - 
+        {% endif %}
+      {% endfor %}
+    </dd>
+  </dl>
+  <form method="post" action="{% url 'subjects:update' object.id %}">
+    {% csrf_token %}
+    {{form.as_p}}
+    <input class="btn btn-success" type="submit" value="Submit" />
+  </form>
+{% endblock %}
diff --git a/admin/templates/osf/subject_list.html b/admin/templates/osf/subject_list.html
new file mode 100644
index 00000000000..28faa410b69
--- /dev/null
+++ b/admin/templates/osf/subject_list.html
@@ -0,0 +1,41 @@
+{% extends 'base.html' %}
+
+{% block content %}
+    <form method="GET">
+      Filter: <select name="provider_id" onchange="filterSubjects(this.value)">
+        {% for id, name in filterable_provider_ids.items %}
+          <option value={{id}}>{{name}}</option>
+        {% endfor %}
+      </select>
+    </form>
+
+    <table style="width:100%">
+      <tr>
+        <td> ID </td>
+        <td> Text </td>
+        <td> Provider </td>
+        <td> Level </td>
+        <td> Highlighted </td>
+        <td> Edit </td>
+      </tr>
+    {% for obj in object_list %}
+      <tr>
+        <td> {{obj.id}} </td>
+        <td> {{obj.text}} </td>
+        <td> {{obj.provider.name}} </td>
+        <td> {{obj.hierarchy|length}} </td>
+        <td> {{obj.highlighted}} </td>
+        <td> <a href="{% url 'subjects:update' obj.id %}"><button> Edit </button></a> </td>
+      </tr>
+    {% endfor %}
+    </table>
+    {% include "util/pagination.html" with items=page_obj status=status %}
+{% endblock %}
+
+{% block bottom_js %}
+  <script>
+    function filterSubjects(provider_id) {
+      document.location.search = "?provider_id=" + provider_id;
+    }
+  </script>
+{% endblock %}

From f9445fbcf6ac94bfae53c95796bc7865d0e34d2c Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Tue, 20 Jun 2017 13:52:34 -0400
Subject: [PATCH 140/163] Add tests

---
 .../views/test_preprint_provider_subjects_list.py | 15 +++++++++++++++
 tests/test_preprints.py                           | 14 ++++++++++++++
 tests/test_subjects.py                            |  6 ++++++
 3 files changed, 35 insertions(+)

diff --git a/api_tests/preprint_providers/views/test_preprint_provider_subjects_list.py b/api_tests/preprint_providers/views/test_preprint_provider_subjects_list.py
index 81fe6825e3a..173e136a9c2 100644
--- a/api_tests/preprint_providers/views/test_preprint_provider_subjects_list.py
+++ b/api_tests/preprint_providers/views/test_preprint_provider_subjects_list.py
@@ -237,3 +237,18 @@ def test_mapped_subjects_filter_wrong_provider(self):
         assert_equal(res_2.status_code, 200)
         assert_equal(res_1.json['links']['meta']['total'], 0)
         assert_equal(res_2.json['links']['meta']['total'], 0)
+
+class TestPreprintProviderHighlightedSubjects(ApiTestCase):
+    def setUp(self):
+        super(TestPreprintProviderHighlightedSubjects, self).setUp()
+        self.provider = PreprintProviderFactory()
+        self.subj_a = SubjectFactory(provider=self.provider, text='A')
+        self.subj_aa = SubjectFactory(provider=self.provider, text='AA', parent=self.subj_a, highlighted=True)
+        self.url = '/{}preprint_providers/{}/taxonomies/highlighted/'.format(API_BASE, self.provider._id)
+
+    def test_mapped_subjects_filter_wrong_provider(self):
+        res = self.app.get(self.url)
+
+        assert res.status_code == 200
+        assert len(res.json['data']) == 1
+        assert res.json['data'][0]['id'] == self.subj_aa._id
diff --git a/tests/test_preprints.py b/tests/test_preprints.py
index 92bf2d73458..3e18d3a778f 100644
--- a/tests/test_preprints.py
+++ b/tests/test_preprints.py
@@ -290,6 +290,20 @@ def test_all_subjects(self):
 
         assert set(self.provider.all_subjects) == set([subj_a, subj_b, subj_aa, subj_ab, subj_ba, subj_bb, subj_aaa])
 
+    def test_highlighted_subjects(self):
+        subj_a = SubjectFactory(provider=self.provider, text='A')
+        subj_b = SubjectFactory(provider=self.provider, text='B')
+        subj_aa = SubjectFactory(provider=self.provider, text='AA', parent=subj_a)
+        subj_ab = SubjectFactory(provider=self.provider, text='AB', parent=subj_a)
+        subj_ba = SubjectFactory(provider=self.provider, text='BA', parent=subj_b)
+        subj_bb = SubjectFactory(provider=self.provider, text='BB', parent=subj_b)
+        subj_aaa = SubjectFactory(provider=self.provider, text='AAA', parent=subj_aa)
+
+        assert set(self.provider.highlighted_subjects) == set([subj_a, subj_b])
+        subj_aaa.highlighted = True
+        subj_aaa.save()
+        assert set(self.provider.highlighted_subjects) == set([subj_aaa])
+
 class TestPreprintIdentifiers(OsfTestCase):
     def setUp(self):
         super(TestPreprintIdentifiers, self).setUp()
diff --git a/tests/test_subjects.py b/tests/test_subjects.py
index bd9970d149d..c619ce4a090 100644
--- a/tests/test_subjects.py
+++ b/tests/test_subjects.py
@@ -148,6 +148,12 @@ def test_delete_used_subject(self):
         with assert_raises(ValidationError):
             self.subject.delete()
 
+    def test_max_highlighted_count(self):
+        highlights = [SubjectFactory(provider=self.subject.provider, highlighted=True) for _ in range(10)]
+        with assert_raises(ValidationError):
+            self.subject.highlighted=True
+            self.subject.save()
+
 class TestSubjectProperties(OsfTestCase):
     def test_bepress_text(self):
         osf_provider = PreprintProviderFactory(_id='osf')

From 1f5a1df1066837a43452d875f7802fd9f15c7073 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 6 Jul 2017 11:24:03 -0400
Subject: [PATCH 141/163] Remove non-existant js module from  webpack config

---
 webpack.common.config.js | 1 -
 1 file changed, 1 deletion(-)

diff --git a/webpack.common.config.js b/webpack.common.config.js
index 6ed556c8390..a9fe9c53e54 100644
--- a/webpack.common.config.js
+++ b/webpack.common.config.js
@@ -31,7 +31,6 @@ var entry = {
     'project-dashboard': staticPath('js/pages/project-dashboard-page.js'),
     'project-base-page': staticPath('js/pages/project-base-page.js'),
     'project-settings-page': staticPath('js/pages/project-settings-page.js'),
-    'component-settings-page': staticPath('js/pages/component-settings-page.js'),
     'project-registrations-page': staticPath('js/pages/project-registrations-page.js'),
     'registration-retraction-page': staticPath('js/pages/registration-retraction-page.js'),
     'registration-edit-page': staticPath('js/pages/registration-edit-page.js'),

From 778e7eeb13926e7d8e5ed21bbbcc686bcb4b0bf4 Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Thu, 6 Jul 2017 11:19:46 -0400
Subject: [PATCH 142/163] Ensure QS returned for filtering     -add index    
 -disambiguate var name     -update migration

---
 admin/subjects/views.py                                    | 6 +++---
 api/preprint_providers/urls.py                             | 2 +-
 api/preprint_providers/views.py                            | 2 +-
 ...1_subject_highlighted.py => 0041_auto_20170706_1024.py} | 7 ++++++-
 osf/models/subject.py                                      | 2 +-
 5 files changed, 12 insertions(+), 7 deletions(-)
 rename osf/migrations/{0041_subject_highlighted.py => 0041_auto_20170706_1024.py} (65%)

diff --git a/admin/subjects/views.py b/admin/subjects/views.py
index 906f1decc30..4b3464713e1 100644
--- a/admin/subjects/views.py
+++ b/admin/subjects/views.py
@@ -14,10 +14,10 @@ class SubjectListView(PermissionRequiredMixin, ListView):
     raise_exception = True
 
     def get_queryset(self):
-        request = self.request.GET
+        req_obj = self.request.GET
         qs = super(SubjectListView, self).get_queryset().order_by('text')
-        if PreprintProvider.objects.filter(_id=request.get('provider_id')).exists():
-            qs = qs.filter(provider___id=request.get('provider_id'))
+        if PreprintProvider.objects.filter(_id=req_obj.get('provider_id')).exists():
+            qs = qs.filter(provider___id=req_obj.get('provider_id'))
         return qs
 
     def get_context_data(self, **kwargs):
diff --git a/api/preprint_providers/urls.py b/api/preprint_providers/urls.py
index b6cf11cdda7..e40166cc7c4 100644
--- a/api/preprint_providers/urls.py
+++ b/api/preprint_providers/urls.py
@@ -9,5 +9,5 @@
     url(r'^(?P<provider_id>\w+)/licenses/$', views.PreprintProviderLicenseList.as_view(), name=views.PreprintProviderLicenseList.view_name),
     url(r'^(?P<provider_id>\w+)/preprints/$', views.PreprintProviderPreprintList.as_view(), name=views.PreprintProviderPreprintList.view_name),
     url(r'^(?P<provider_id>\w+)/taxonomies/$', views.PreprintProviderTaxonomies.as_view(), name=views.PreprintProviderTaxonomies.view_name),
-    url(r'^(?P<provider_id>\w+)/taxonomies/highlighted/$', views.PreprintProviderHighlightedSubjectList.as_view(), name=views.PreprintProviderSubjectList.view_name),
+    url(r'^(?P<provider_id>\w+)/taxonomies/highlighted/$', views.PreprintProviderHighlightedSubjectList.as_view(), name=views.PreprintProviderHighlightedSubjectList.view_name),
 ]
diff --git a/api/preprint_providers/views.py b/api/preprint_providers/views.py
index 21a18aadba6..ae48a71ad03 100644
--- a/api/preprint_providers/views.py
+++ b/api/preprint_providers/views.py
@@ -277,7 +277,7 @@ class PreprintProviderHighlightedSubjectList(JSONAPIBaseView, generics.ListAPIVi
 
     def get_queryset(self):
         provider = get_object_or_error(PreprintProvider, self.kwargs['provider_id'], display_name='PreprintProvider')
-        return provider.highlighted_subjects
+        return Subject.objects.filter(id__in=[s.id for s in provider.highlighted_subjects]).order_by('text')
 
 
 class PreprintProviderLicenseList(LicenseList):
diff --git a/osf/migrations/0041_subject_highlighted.py b/osf/migrations/0041_auto_20170706_1024.py
similarity index 65%
rename from osf/migrations/0041_subject_highlighted.py
rename to osf/migrations/0041_auto_20170706_1024.py
index 335bbf44554..2f91b8f1c2a 100644
--- a/osf/migrations/0041_subject_highlighted.py
+++ b/osf/migrations/0041_auto_20170706_1024.py
@@ -1,5 +1,5 @@
 # -*- coding: utf-8 -*-
-# Generated by Django 1.11.2 on 2017-06-15 18:04
+# Generated by Django 1.11.2 on 2017-07-06 15:24
 from __future__ import unicode_literals
 
 from django.db import migrations, models
@@ -17,4 +17,9 @@ class Migration(migrations.Migration):
             name='highlighted',
             field=models.BooleanField(db_index=True, default=False),
         ),
+        migrations.AlterField(
+            model_name='subject',
+            name='text',
+            field=models.CharField(db_index=True, max_length=256),
+        ),
     ]
diff --git a/osf/models/subject.py b/osf/models/subject.py
index bb0911028b3..3fae80cda6c 100644
--- a/osf/models/subject.py
+++ b/osf/models/subject.py
@@ -20,7 +20,7 @@ def include_children(self):
 class Subject(ObjectIDMixin, BaseModel, DirtyFieldsMixin):
     """A subject discipline that may be attached to a preprint."""
 
-    text = models.CharField(null=False, max_length=256)  # max length on prod: 73
+    text = models.CharField(null=False, max_length=256, db_index=True)  # max length on prod: 73
     parent = models.ForeignKey('self', related_name='children', null=True, blank=True, on_delete=models.SET_NULL, validators=[validate_subject_hierarchy_length])
     bepress_subject = models.ForeignKey('self', related_name='aliases', null=True, blank=True, on_delete=models.deletion.CASCADE)
     provider = models.ForeignKey('PreprintProvider', related_name='subjects', on_delete=models.deletion.CASCADE)

From f641cbe44478d0302f6354735710a59b3e3400a9 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Thu, 6 Jul 2017 11:46:47 -0400
Subject: [PATCH 143/163] Fix comparison

---
 website/static/js/search.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/search.js b/website/static/js/search.js
index 8d9e61130f5..8942fe9b9d0 100644
--- a/website/static/js/search.js
+++ b/website/static/js/search.js
@@ -420,7 +420,7 @@ var ViewModel = function(params) {
                 }
                 if (result.category === 'registration') {
                     result.dateRegistered = new $osf.FormattableDate(result.date_registered);
-                } else if (result.category == 'preprint') {
+                } else if (result.category === 'preprint') {
                     result.preprintUrl = result.preprint_url;
                 }
             });

From 8f188f6cf810b9e582bfc3dc79e123ed87aa738d Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Thu, 6 Jul 2017 12:15:07 -0400
Subject: [PATCH 144/163] Rework prod colorize special casing exclusions

---
 admin/templates/base.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/templates/base.html b/admin/templates/base.html
index 5bd768052c1..fe2522c1d7d 100644
--- a/admin/templates/base.html
+++ b/admin/templates/base.html
@@ -210,7 +210,7 @@ <h1>
   </body>
 </html>
 
-{% if not osf_settings.DEV_MODE %}
+{% if 'test' not in request.META.HTTP_HOST and 'staging' not in request.META.HTTP_HOST and 'localhost' not in request.META.HTTP_HOST %}
   <style>
     .navbar { background-color: #bc493c !important;}
     .logo { background-color: #a53e35 !important;}

From 2e22a3a7e10e51ec5ca8682722975dd5e614edf2 Mon Sep 17 00:00:00 2001
From: Baylee Swenson <baylee@cos.io>
Date: Thu, 6 Jul 2017 15:09:20 -0400
Subject: [PATCH 145/163] Fixed citations for unregistered contributors

---
 osf/models/node.py      |  2 +-
 osf/models/user.py      |  9 ++++----
 osf_tests/test_node.py  |  2 +-
 osf_tests/test_user.py  | 47 +++++++++++++++++++++++++++++++++-----
 tests/test_citations.py | 50 ++++++++++++++++++++++++++++-------------
 5 files changed, 82 insertions(+), 28 deletions(-)

diff --git a/osf/models/node.py b/osf/models/node.py
index 72d47b55019..370397cbf19 100644
--- a/osf/models/node.py
+++ b/osf/models/node.py
@@ -638,7 +638,7 @@ def csl(self):  # formats node information into CSL format for citation parsing
             'id': self._id,
             'title': sanitize.unescape_entities(self.title),
             'author': [
-                contributor.csl_name  # method in auth/model.py which parses the names of authors
+                contributor.csl_name(self._id)  # method in auth/model.py which parses the names of authors
                 for contributor in self.visible_contributors
             ],
             'publisher': 'Open Science Framework',
diff --git a/osf/models/user.py b/osf/models/user.py
index 1a1529790d1..ffd8cf54c63 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -470,15 +470,16 @@ def system_tags(self):
     def csl_given_name(self):
         return utils.generate_csl_given_name(self.given_name, self.middle_names, self.suffix)
 
-    @property
-    def csl_name(self):
-        if self.family_name and self.given_name:
+    def csl_name(self, node_id):
+        if self.is_registered:
+            """If the user is registered, use the family/given names """
             return {
                 'family': self.family_name,
                 'given': self.csl_given_name,
             }
         else:
-            parsed = utils.impute_names(self.fullname)
+            """ If the user isn't registered, use the unregistered contributor name instead """
+            parsed = utils.impute_names(self.get_unclaimed_record(node_id)['name'])
             given_name = parsed['given']
             middle_names = parsed['middle']
             family_name = parsed['family']
diff --git a/osf_tests/test_node.py b/osf_tests/test_node.py
index ae8e17cfebd..63c307285b6 100644
--- a/osf_tests/test_node.py
+++ b/osf_tests/test_node.py
@@ -3173,7 +3173,7 @@ def test_non_visible_contributors_arent_included_in_csl(self):
         node.save()
         assert len(node.csl['author']) == 2
         expected_authors = [
-            contrib.csl_name for contrib in [node.creator, visible]
+            contrib.csl_name(node._id) for contrib in [node.creator, visible]
         ]
 
         assert node.csl['author'] == expected_authors
diff --git a/osf_tests/test_user.py b/osf_tests/test_user.py
index 361b781d808..081cd4b2cb5 100644
--- a/osf_tests/test_user.py
+++ b/osf_tests/test_user.py
@@ -980,17 +980,52 @@ def test_system_tags_property(self, user):
 
 class TestCitationProperties:
 
-    def test_user_csl(self, user):
-        # Convert a User instance to csl's name-variable schema
+    @pytest.fixture()
+    def referrer(self):
+        return UserFactory()
+
+    @pytest.fixture()
+    def email(self):
+        return fake.email()
+
+    @pytest.fixture()
+    def unreg_user(self, referrer, project, email):
+        user = UnregUserFactory()
+        given_name = 'Fredd Merkury'
+        user.add_unclaimed_record(node=project,
+            given_name=given_name, referrer=referrer,
+            email=email)
+        user.save()
+        return user
+
+    @pytest.fixture()
+    def project(self, referrer):
+        return NodeFactory(creator=referrer)
+
+    def test_registered_user_csl(self, user):
+        # Tests the csl name for a registered user
+        if user.is_registered:
+            assert bool(
+                user.csl_name(user._id) ==
+                {
+                    'given': user.given_name,
+                    'family': user.family_name,
+                }
+            )
+
+    def test_unregistered_user_csl(self, unreg_user, project):
+        # Tests the csl name for an unregistered user
+        name = unreg_user.unclaimed_records[project._primary_key]['name'].split(' ')
+        family_name = name[-1]
+        given_name = ' '.join(name[:-1])
         assert bool(
-            user.csl_name ==
+            unreg_user.csl_name(project._id) ==
             {
-                'given': user.given_name,
-                'family': user.family_name,
+                'given': given_name,
+                'family': family_name,
             }
         )
 
-
 # copied from tests/test_models.py
 class TestMergingUsers:
 
diff --git a/tests/test_citations.py b/tests/test_citations.py
index 1ab9850596c..1fc3c2a2e4d 100644
--- a/tests/test_citations.py
+++ b/tests/test_citations.py
@@ -4,7 +4,7 @@
 from nose.tools import *  # noqa
 
 from framework.auth.core import Auth
-from osf_tests.factories import AuthUserFactory, ProjectFactory, UserFactory
+from osf_tests.factories import AuthUserFactory, ProjectFactory, UserFactory, NodeFactory, fake, UnregUserFactory
 from scripts import parse_citation_styles
 from tests.base import OsfTestCase
 from osf.models import OSFUser as User, AbstractNode as Node
@@ -89,28 +89,46 @@ def test_non_visible_contributors_arent_included_in_csl(self):
         node.save()
         assert_equal(len(node.csl['author']), 2)
         expected_authors = [
-            contrib.csl_name for contrib in [node.creator, visible]
+            contrib.csl_name(node._id) for contrib in [node.creator, visible]
         ]
 
         assert_equal(node.csl['author'], expected_authors)
 
 class CitationsUserTestCase(OsfTestCase):
-    def setUp(self):
-        super(CitationsUserTestCase, self).setUp()
-        self.user = UserFactory()
-
-    def tearDown(self):
-        super(CitationsUserTestCase, self).tearDown()
-        User.remove()
 
-    def test_user_csl(self):
-        # Convert a User instance to csl's name-variable schema
-        assert_equal(
-            self.user.csl_name,
+    def test_registered_user_csl(self):
+        # Tests the csl name for a registered user
+        user = User.create_confirmed(
+            username=fake.email(), password='foobar', fullname=fake.name()
+        )
+        if user.is_registered:
+            assert bool(
+                user.csl_name(user._id) ==
+                {
+                    'given': user.given_name,
+                    'family': user.family_name,
+                }
+            )
+
+    def test_unregistered_user_csl(self):
+        # Tests the csl name for an unregistered user
+        referrer = UserFactory()
+        project = NodeFactory(creator=referrer)
+        user = UnregUserFactory()
+        given_name = 'Fredd Merkury'
+        user.add_unclaimed_record(node=project,
+            given_name=given_name, referrer=referrer,
+            email=fake.email())
+        user.save()
+        name = user.unclaimed_records[project._primary_key]['name'].split(' ')
+        family_name = name[-1]
+        given_name = ' '.join(name[:-1])
+        assert bool(
+            user.csl_name(project._id) ==
             {
-                'given': self.user.given_name,
-                'family': self.user.family_name,
-            },
+                'given': given_name,
+                'family': family_name,
+            }
         )
 
 

From 20ee572e63122016e0c38705bb856e57e3ac7039 Mon Sep 17 00:00:00 2001
From: Steven Loria <sloria1@gmail.com>
Date: Fri, 7 Jul 2017 09:32:30 -0400
Subject: [PATCH 146/163] Revert "Revert "[HOLD] SHARE subject serialization
 [OSF-7788]""

---
 api/preprints/serializers.py   |  5 +++--
 osf/models/preprint_service.py |  9 +++++----
 tests/test_preprints.py        | 28 ++++++++++++++++++----------
 website/preprints/tasks.py     | 26 ++++++++++++++++++--------
 website/util/share.py          | 17 +++++++++++++++++
 5 files changed, 61 insertions(+), 24 deletions(-)

diff --git a/api/preprints/serializers.py b/api/preprints/serializers.py
index 63c4560b79f..99c9137899c 100644
--- a/api/preprints/serializers.py
+++ b/api/preprints/serializers.py
@@ -209,7 +209,7 @@ def update(self, preprint, validated_data):
 
     def set_field(self, func, val, auth, save=False):
         try:
-            func(val, auth, save=save)
+            func(val, auth)
         except PermissionsError as e:
             raise exceptions.PermissionDenied(detail=e.message)
         except ValueError as e:
@@ -246,7 +246,8 @@ def create(self, validated_data):
             raise Conflict('Only one preprint per provider can be submitted for a node. Check `meta[existing_resource_id]`.', meta={'existing_resource_id': conflict._id})
 
         preprint = PreprintService(node=node, provider=provider)
-        self.set_field(preprint.set_primary_file, primary_file, auth, save=True)
+        self.set_field(preprint.set_primary_file, primary_file, auth)
+        preprint.save()
         preprint.node._has_abandoned_preprint = True
         preprint.node.save()
 
diff --git a/osf/models/preprint_service.py b/osf/models/preprint_service.py
index 5c33f3382f4..4035ecf1305 100644
--- a/osf/models/preprint_service.py
+++ b/osf/models/preprint_service.py
@@ -115,10 +115,11 @@ def get_subjects(self):
                 ret.append(subj_hierarchy)
         return ret
 
-    def set_subjects(self, preprint_subjects, auth, save=False):
+    def set_subjects(self, preprint_subjects, auth):
         if not self.node.has_permission(auth.user, ADMIN):
             raise PermissionsError('Only admins can change a preprint\'s subjects.')
 
+        old_subjects = list(self.subjects.values_list('id', flat=True))
         self.subjects.clear()
         for subj_list in preprint_subjects:
             subj_hierarchy = []
@@ -129,8 +130,7 @@ def set_subjects(self, preprint_subjects, auth, save=False):
                 for s_id in subj_hierarchy:
                     self.subjects.add(Subject.load(s_id))
 
-        if save:
-            self.save()
+        self.save(old_subjects=old_subjects)
 
     def set_primary_file(self, preprint_file, auth, save=False):
         if not self.node.has_permission(auth.user, ADMIN):
@@ -226,8 +226,9 @@ def set_identifier_values(self, doi, ark, save=False):
     def save(self, *args, **kwargs):
         first_save = not bool(self.pk)
         saved_fields = self.get_dirty_fields() or []
+        old_subjects = kwargs.pop('old_subjects', [])
         ret = super(PreprintService, self).save(*args, **kwargs)
 
         if (not first_save and 'is_published' in saved_fields) or self.is_published:
-            enqueue_task(on_preprint_updated.s(self._id))
+            enqueue_task(on_preprint_updated.s(self._id, old_subjects))
         return ret
diff --git a/tests/test_preprints.py b/tests/test_preprints.py
index 3e18d3a778f..9fb3c6da209 100644
--- a/tests/test_preprints.py
+++ b/tests/test_preprints.py
@@ -85,7 +85,7 @@ def test_is_preprint_property_new_file_to_published(self):
         with assert_raises(ValueError):
             self.preprint.set_published(True, auth=self.auth, save=True)
         self.preprint.provider = PreprintProviderFactory()
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth, save=True)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth)
         self.project.reload()
         assert_false(self.project.is_preprint)
         self.preprint.set_published(True, auth=self.auth, save=True)
@@ -100,7 +100,7 @@ def test_project_made_public(self):
         with assert_raises(ValueError):
             self.preprint.set_published(True, auth=self.auth, save=True)
         self.preprint.provider = PreprintProviderFactory()
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth, save=True)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth)
         self.project.reload()
         assert_false(self.project.is_public)
         self.preprint.set_published(True, auth=self.auth, save=True)
@@ -160,7 +160,7 @@ def setUp(self):
     def test_nonadmin_cannot_set_subjects(self):
         initial_subjects = list(self.preprint.subjects.all())
         with assert_raises(PermissionsError):
-            self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.write_contrib), save=True)
+            self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.write_contrib))
 
         self.preprint.reload()
         assert_equal(initial_subjects, list(self.preprint.subjects.all()))
@@ -191,7 +191,7 @@ def test_nonadmin_cannot_publish(self):
 
     def test_admin_can_set_subjects(self):
         initial_subjects = list(self.preprint.subjects.all())
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.user), save=True)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.user))
 
         self.preprint.reload()
         assert_not_equal(initial_subjects, list(self.preprint.subjects.all()))
@@ -355,7 +355,7 @@ def setUp(self):
             self.preprint.node.creator.suffix = ''
         self.preprint.node.creator.save()
 
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.preprint.node.creator), save=False)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.preprint.node.creator))
 
     def tearDown(self):
         handlers.celery_before_request()
@@ -381,8 +381,16 @@ def test_format_preprint(self):
 
         subjects = [nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'subject']
         through_subjects = [nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'throughsubjects']
-        assert sorted(subject['@id'] for subject in subjects) == sorted(tt['subject']['@id'] for tt in through_subjects)
-        assert sorted(subject['name'] for subject in subjects) == [s.bepress_text for h in self.preprint.subject_hierarchy for s in h]
+        s_ids = [s['@id'] for s in subjects]
+        ts_ids = [ts['subject']['@id'] for ts in through_subjects]
+        cs_ids = [i for i in set(s.get('central_synonym', {}).get('@id') for s in subjects) if i]
+        for ts in ts_ids:
+            assert ts in s_ids
+            assert ts not in cs_ids  # Only aliased subjects are connected to self.preprint
+        for s in subjects:
+            subject = Subject.objects.get(text=s['name'])
+            assert s['uri'].endswith('v2/taxonomies/{}/'.format(subject._id))  # This cannot change
+        assert set(subject['name'] for subject in subjects) == set([s.text for s in self.preprint.subjects.all()] + [s.bepress_subject.text for s in self.preprint.subjects.filter(bepress_subject__isnull=False)])
 
         people = sorted([nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'person'], key=lambda x: x['given_name'])
         expected_people = sorted([{
@@ -458,7 +466,7 @@ def test_format_preprint_nones(self):
         self.preprint.node.tags = []
         self.preprint.date_published = None
         self.preprint.node.preprint_article_doi = None
-        self.preprint.set_subjects([], auth=Auth(self.preprint.node.creator), save=False)
+        self.preprint.set_subjects([], auth=Auth(self.preprint.node.creator))
 
         res = format_preprint(self.preprint)
 
@@ -609,12 +617,12 @@ def test_save_published_called(self, mock_on_preprint_updated):
     @mock.patch('website.preprints.tasks.on_preprint_updated.s')
     def test_save_published_subject_change_called(self, mock_on_preprint_updated):
         self.preprint.is_published = True
-        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth, save=True)
+        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth)
         assert mock_on_preprint_updated.called
 
     @mock.patch('website.preprints.tasks.on_preprint_updated.s')
     def test_save_unpublished_subject_change_not_called(self, mock_on_preprint_updated):
-        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth, save=True)
+        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth)
         assert not mock_on_preprint_updated.called
 
     @mock.patch('website.preprints.tasks.requests')
diff --git a/website/preprints/tasks.py b/website/preprints/tasks.py
index d3671fa36f1..6722d32394c 100644
--- a/website/preprints/tasks.py
+++ b/website/preprints/tasks.py
@@ -8,7 +8,7 @@
 from framework import sentry
 
 from website import settings
-from website.util.share import GraphNode, format_contributor
+from website.util.share import GraphNode, format_contributor, format_subject
 
 from website.identifiers.utils import request_identifiers_from_ezid, get_ezid_client, build_ezid_metadata, parse_identifiers
 
@@ -16,12 +16,13 @@
 
 
 @celery_app.task(ignore_results=True)
-def on_preprint_updated(preprint_id, update_share=True):
+def on_preprint_updated(preprint_id, update_share=True, old_subjects=None):
     # WARNING: Only perform Read-Only operations in an asynchronous task, until Repeatable Read/Serializable
     # transactions are implemented in View and Task application layers.
     from osf.models import PreprintService
     preprint = PreprintService.load(preprint_id)
-
+    if old_subjects is None:
+        old_subjects = []
     if preprint.node:
         status = 'public' if preprint.node.is_public else 'unavailable'
         try:
@@ -39,14 +40,18 @@ def on_preprint_updated(preprint_id, update_share=True):
                 'attributes': {
                     'tasks': [],
                     'raw': None,
-                    'data': {'@graph': format_preprint(preprint)}
+                    'data': {'@graph': format_preprint(preprint, old_subjects)}
                 }
             }
         }, headers={'Authorization': 'Bearer {}'.format(preprint.provider.access_token), 'Content-Type': 'application/vnd.api+json'})
         logger.debug(resp.content)
         resp.raise_for_status()
 
-def format_preprint(preprint):
+def format_preprint(preprint, old_subjects=None):
+    if old_subjects is None:
+        old_subjects = []
+    from osf.models import Subject
+    old_subjects = [Subject.objects.get(id=s) for s in old_subjects]
     preprint_graph = GraphNode('preprint', **{
         'title': preprint.node.title,
         'description': preprint.node.description or '',
@@ -83,10 +88,15 @@ def format_preprint(preprint):
         for tag in preprint.node.tags.values_list('name', flat=True) if tag
     ]
 
-    preprint_graph.attrs['subjects'] = [
-        GraphNode('throughsubjects', creative_work=preprint_graph, subject=GraphNode('subject', name=subject))
-        for subject in set(s.bepress_text for s in preprint.subjects.all())
+    current_subjects = [
+        GraphNode('throughsubjects', creative_work=preprint_graph, subject=format_subject(s))
+        for s in preprint.subjects.all()
+    ]
+    deleted_subjects = [
+        GraphNode('throughsubjects', creative_work=preprint_graph, is_deleted=True, subject=format_subject(s))
+        for s in old_subjects if not preprint.subjects.filter(id=s.id).exists()
     ]
+    preprint_graph.attrs['subjects'] = current_subjects + deleted_subjects
 
     to_visit.extend(format_contributor(preprint_graph, user, preprint.node.get_visible(user), i) for i, user in enumerate(preprint.node.contributors))
     to_visit.extend(GraphNode('AgentWorkRelation', creative_work=preprint_graph, agent=GraphNode('institution', name=institution))
diff --git a/website/util/share.py b/website/util/share.py
index ee56315b8a5..1ecb39b7759 100644
--- a/website/util/share.py
+++ b/website/util/share.py
@@ -67,3 +67,20 @@ def format_contributor(preprint, user, bibliographic, index):
         creative_work=preprint,
         cited_as=user.fullname,
     )
+
+def format_subject(subject, context=None):
+    if context is None:
+        context = {}
+    if subject is None:
+        return None
+    if subject.id in context:
+        return context[subject.id]
+    context[subject.id] = GraphNode(
+        'subject',
+        name=subject.text,
+        is_deleted=False,
+        uri=subject.absolute_api_v2_url,
+    )
+    context[subject.id].attrs['parent'] = format_subject(subject.parent, context)
+    context[subject.id].attrs['central_synonym'] = format_subject(subject.bepress_subject, context)
+    return context[subject.id]

From 28335e1457f50ff7e8fd949aefa066af40054cf3 Mon Sep 17 00:00:00 2001
From: Baylee Swenson <baylee@cos.io>
Date: Fri, 7 Jul 2017 10:31:37 -0400
Subject: [PATCH 147/163] Fixed csl test

---
 osf/models/user.py | 9 +++++++--
 tests/test_auth.py | 2 +-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/osf/models/user.py b/osf/models/user.py
index ffd8cf54c63..53180a06c63 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -472,14 +472,19 @@ def csl_given_name(self):
 
     def csl_name(self, node_id):
         if self.is_registered:
-            """If the user is registered, use the family/given names """
+            name = self.fullname
+        else:
+            name = self.get_unclaimed_record(node_id)['name']
+
+        if self.is_registered and self.family_name and self.given_name:
+            """If the user is registered and has a family and given name, use those"""
             return {
                 'family': self.family_name,
                 'given': self.csl_given_name,
             }
         else:
             """ If the user isn't registered, use the unregistered contributor name instead """
-            parsed = utils.impute_names(self.get_unclaimed_record(node_id)['name'])
+            parsed = utils.impute_names(name)
             given_name = parsed['given']
             middle_names = parsed['middle']
             family_name = parsed['family']
diff --git a/tests/test_auth.py b/tests/test_auth.py
index ec8557dbaf6..36148e27fb5 100644
--- a/tests/test_auth.py
+++ b/tests/test_auth.py
@@ -49,7 +49,7 @@ def test_citation_with_only_fullname(self):
         user.middle_names = ''
         user.suffix = ''
         user.save()
-        resp = user.csl_name
+        resp = user.csl_name(user._id)
         family_name = resp['family']
         given_name = resp['given']
         assert_equal(family_name, 'King')

From 4f9bb99bb1deb552c1a9d8cd5fae9fafd3c0cc07 Mon Sep 17 00:00:00 2001
From: Alex Schiller <alexschiller@gmail.com>
Date: Fri, 7 Jul 2017 10:58:13 -0400
Subject: [PATCH 148/163] Improved check for prod admin

---
 admin/templates/base.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin/templates/base.html b/admin/templates/base.html
index fe2522c1d7d..6fda28044a5 100644
--- a/admin/templates/base.html
+++ b/admin/templates/base.html
@@ -210,7 +210,7 @@ <h1>
   </body>
 </html>
 
-{% if 'test' not in request.META.HTTP_HOST and 'staging' not in request.META.HTTP_HOST and 'localhost' not in request.META.HTTP_HOST %}
+{% if 'admin.osf.io' in request.META.HTTP_HOST and not '-admin.osf.io' in request.META.HTTP_HOST %}
   <style>
     .navbar { background-color: #bc493c !important;}
     .logo { background-color: #a53e35 !important;}

From bd0fd784553784d2fbc2a62af3552bdc368acf8c Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Fri, 7 Jul 2017 11:38:30 -0400
Subject: [PATCH 149/163] Update osf user model to store ssrn

---
 osf/models/user.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/osf/models/user.py b/osf/models/user.py
index 1a1529790d1..8e7e8573707 100644
--- a/osf/models/user.py
+++ b/osf/models/user.py
@@ -151,7 +151,8 @@ class OSFUser(DirtyFieldsMixin, GuidMixin, BaseModel, AbstractBaseUser, Permissi
         'researchGate': u'https://researchgate.net/profile/{}',
         'academiaInstitution': u'https://{}',
         'academiaProfileID': u'.academia.edu/{}',
-        'baiduScholar': u'http://xueshu.baidu.com/scholarID/{}'
+        'baiduScholar': u'http://xueshu.baidu.com/scholarID/{}',
+        'ssrn': u'http://papers.ssrn.com/sol3/cf_dev/AbsByAuth.cfm?per_id={}'
     }
 
     # The primary email address for the account.

From cfd9b3d474cd06e6a31e16e792d46c4c275b320a Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Fri, 7 Jul 2017 15:20:51 -0400
Subject: [PATCH 150/163] fix import Q

---
 api_tests/preprints/views/test_preprint_detail.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api_tests/preprints/views/test_preprint_detail.py b/api_tests/preprints/views/test_preprint_detail.py
index 059e2e8394b..234e2d604be 100644
--- a/api_tests/preprints/views/test_preprint_detail.py
+++ b/api_tests/preprints/views/test_preprint_detail.py
@@ -1,6 +1,6 @@
 import functools
 import mock
-from django import Q
+from django.db.models import Q
 import pytest
 
 from api.base.settings.defaults import API_BASE

From 8ea8bfa6f3632c65501e3520c098667305c2def5 Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Sat, 8 Jul 2017 13:34:07 -0400
Subject: [PATCH 151/163] Use 'primary' to not show menu on linked nodes

---
 website/templates/util/render_node.mako | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 0fea67134f2..8e23e3201aa 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -57,7 +57,7 @@
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                % if summary['node_type'] == 'component' and summary['logged_in'] and summary['is_contributor']:
+                % if summary['primary'] and summary['logged_in'] and summary['is_contributor']:
                     <div class="dropdown pull-right" id="componentQuickActions">
                         <button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
                             <span class="glyphicon glyphicon-option-horizontal"></span>

From 0c2220e0469880804f10d70f68f98cada69d2f50 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Mon, 10 Jul 2017 09:42:25 -0400
Subject: [PATCH 152/163] fix node license error

---
 api_tests/preprints/views/test_preprint_detail.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api_tests/preprints/views/test_preprint_detail.py b/api_tests/preprints/views/test_preprint_detail.py
index 234e2d604be..055a0e0b899 100644
--- a/api_tests/preprints/views/test_preprint_detail.py
+++ b/api_tests/preprints/views/test_preprint_detail.py
@@ -338,7 +338,7 @@ def mit_license(self):
 
     @pytest.fixture()
     def no_license(self):
-        return NodeLicense.objects.filter(name='MIT License').first()
+        return NodeLicense.objects.filter(name='No license').first()
 
     @pytest.fixture()
     def preprint_provider(self, cc0_license, no_license):

From 32539411755dde612a5e7484efe4d408878c55af Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 10 Jul 2017 10:28:04 -0400
Subject: [PATCH 153/163] Add user search view tests

---
 osf_tests/test_search_views.py | 74 ++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)

diff --git a/osf_tests/test_search_views.py b/osf_tests/test_search_views.py
index 19bd2224d90..9b1e76f9b9e 100644
--- a/osf_tests/test_search_views.py
+++ b/osf_tests/test_search_views.py
@@ -95,6 +95,80 @@ def test_search_projects(self):
         res = self.app.get(url, {'q': self.project.title})
         assert_equal(res.status_code, 200)
 
+    def test_search_user(self):
+
+        url = '/api/v1/search/user/'
+
+        res = self.app.get(url, {'q': 'Umwali'})
+        assert_equal(res.status_code, 200)
+        assert_false(res.json['results'])
+
+        user_one = factories.AuthUserFactory(fullname='Joe Umwali')
+        user_two = factories.AuthUserFactory(fullname='Joan Uwase')
+
+        res = self.app.get(url, {'q': 'Umwali'})
+
+        assert_equal(res.status_code, 200)
+        assert_equal(len(res.json['results']), 1)
+        assert_false(res.json['results'][0]['social'])
+
+        user_one.social = {
+            'github': user_one.given_name,
+            'twitter': user_one.given_name,
+            'ssrn': user_one.given_name
+        }
+        user_one.save()
+
+        res = self.app.get(url, {'q': 'Umwali'})
+
+        assert_equal(res.status_code, 200)
+        assert_equal(len(res.json['results']), 1)
+        assert_not_in('Joan', res.body)
+        assert_true(res.json['results'][0]['social'])
+        assert_equal(res.json['results'][0]['names']['fullname'], user_one.fullname)
+        assert_equal(res.json['results'][0]['social']['github'], 'http://github.com/{}'.format(user_one.given_name))
+        assert_equal(res.json['results'][0]['social']['twitter'], 'http://twitter.com/{}'.format(user_one.given_name))
+        assert_equal(res.json['results'][0]['social']['ssrn'], 'http://papers.ssrn.com/sol3/cf_dev/AbsByAuth.cfm?per_id={}'.format(user_one.given_name))
+
+        user_two.social = {
+            'profileWebsites': ['http://me.com/{}'.format(user_two.given_name)],
+            'orcid': user_two.given_name,
+            'linkedIn': user_two.given_name,
+            'scholar': user_two.given_name,
+            'impactStory': user_two.given_name,
+            'baiduScholar': user_two.given_name
+        }
+        user_two.save()
+
+        user_three = factories.AuthUserFactory(fullname='Janet Umwali')
+        user_three.social = {
+            'github': user_three.given_name,
+            'ssrn': user_three.given_name
+        }
+        user_three.save()
+
+        res = self.app.get(url, {'q': 'Umwali'})
+
+        assert_equal(res.status_code, 200)
+        assert_equal(len(res.json['results']), 2)
+        assert_true(res.json['results'][0]['social'])
+        assert_true(res.json['results'][1]['social'])
+        assert_not_equal(res.json['results'][0]['social']['ssrn'], res.json['results'][1]['social']['ssrn'])
+        assert_not_equal(res.json['results'][0]['social']['github'], res.json['results'][1]['social']['github'])
+
+        res = self.app.get(url, {'q': 'Uwase'})
+
+        assert_equal(res.status_code, 200)
+        assert_equal(len(res.json['results']), 1)
+        assert_true(res.json['results'][0]['social'])
+        assert_raises(KeyError, lambda: res.json['results'][0]['social']['ssrn'])
+        assert_equal(res.json['results'][0]['social']['profileWebsites'][0], 'http://me.com/{}'.format(user_two.given_name))
+        assert_equal(res.json['results'][0]['social']['impactStory'], 'https://impactstory.org/u/{}'.format(user_two.given_name))
+        assert_equal(res.json['results'][0]['social']['orcid'], 'http://orcid.org/{}'.format(user_two.given_name))
+        assert_equal(res.json['results'][0]['social']['baiduScholar'], 'http://xueshu.baidu.com/scholarID/{}'.format(user_two.given_name))
+        assert_equal(res.json['results'][0]['social']['linkedIn'], 'https://www.linkedin.com/{}'.format(user_two.given_name))
+        assert_equal(res.json['results'][0]['social']['scholar'], 'http://scholar.google.com/citations?user={}'.format(user_two.given_name))
+
 
 class TestODMTitleSearch(OsfTestCase):
     """ Docs from original method:

From 207fc442dc277f1b2a207b85563b2b533344c4df Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 10 Jul 2017 11:28:15 -0400
Subject: [PATCH 154/163] Allow delete when editing old comments

---
 website/static/js/comment.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/static/js/comment.js b/website/static/js/comment.js
index 8126d4fd9fd..1a2e2724404 100644
--- a/website/static/js/comment.js
+++ b/website/static/js/comment.js
@@ -150,7 +150,7 @@ var convertMentionMarkdownToHtml = function(commentContent) {
 
             content = content.replace(
                 match[0],
-                '<span class="atwho-inserted" contenteditable="false" data-atwho-guid="' +
+                '<span class="atwho-inserted" contenteditable="true" data-atwho-guid="' +
                     guid + '" data-atwho-at-query="' + atwho + '">' +
                     atwho + mention + '</span>'
             );

From 4c84f5a59b4c81eac7ff7e9ac28421d7af2b8d51 Mon Sep 17 00:00:00 2001
From: Casey Rollins <case.rollins@gmail.com>
Date: Mon, 10 Jul 2017 11:57:13 -0400
Subject: [PATCH 155/163] Change label/url allow_null to allow_blank.

---
 api/nodes/serializers.py                  | 4 ++--
 api_tests/nodes/views/test_node_addons.py | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/api/nodes/serializers.py b/api/nodes/serializers.py
index e37c47e9071..a28aa4e2193 100644
--- a/api/nodes/serializers.py
+++ b/api/nodes/serializers.py
@@ -514,8 +514,8 @@ class Meta:
     folder_path = ser.CharField(required=False, allow_null=True)
 
     # Forward-specific
-    label = ser.CharField(required=False, allow_null=True)
-    url = ser.CharField(required=False, allow_null=True)
+    label = ser.CharField(required=False, allow_blank=True)
+    url = ser.CharField(required=False, allow_blank=True)
 
     links = LinksField({
         'self': 'get_absolute_url',
diff --git a/api_tests/nodes/views/test_node_addons.py b/api_tests/nodes/views/test_node_addons.py
index 944c286b4f9..05e86464b33 100644
--- a/api_tests/nodes/views/test_node_addons.py
+++ b/api_tests/nodes/views/test_node_addons.py
@@ -1020,8 +1020,8 @@ def test_settings_detail_PUT_none_and_enabled_clears_settings(self):
                 'id': self.short_name,
                 'type': 'node_addons',
                 'attributes': {
-                    'url': None,
-                    'label': None
+                    'url': '',
+                    'label': ''
                     }
                 }
             }, auth=self.user.auth)
@@ -1037,14 +1037,14 @@ def test_settings_detail_PUT_only_label_and_enabled_clears_settings(self):
                 'id': self.short_name,
                 'type': 'node_addons',
                 'attributes': {
-                    'url': None,
+                    'url': '',
                     'label': 'A Link'
                     }
                 }
             }, auth=self.user.auth,
             expect_errors=True)
-
         assert_equal(res.status_code, 400)
+        assert_equal(res.json['errors'][0]['detail'], 'Cannot set label without url')
 
     def test_settings_detail_PUT_only_url_sets_settings(self):
         self.node_settings.reset()

From 43ddc8ae2bbdb09565a94e35b0eda9c3b7f42c3a Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 10 Jul 2017 13:09:03 -0400
Subject: [PATCH 156/163] Use simpler assertion for keyerror

---
 osf_tests/test_search_views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/osf_tests/test_search_views.py b/osf_tests/test_search_views.py
index 9b1e76f9b9e..436bcda62d2 100644
--- a/osf_tests/test_search_views.py
+++ b/osf_tests/test_search_views.py
@@ -161,7 +161,7 @@ def test_search_user(self):
         assert_equal(res.status_code, 200)
         assert_equal(len(res.json['results']), 1)
         assert_true(res.json['results'][0]['social'])
-        assert_raises(KeyError, lambda: res.json['results'][0]['social']['ssrn'])
+        assert_not_in('ssrn', res.json['results'][0]['social'])
         assert_equal(res.json['results'][0]['social']['profileWebsites'][0], 'http://me.com/{}'.format(user_two.given_name))
         assert_equal(res.json['results'][0]['social']['impactStory'], 'https://impactstory.org/u/{}'.format(user_two.given_name))
         assert_equal(res.json['results'][0]['social']['orcid'], 'http://orcid.org/{}'.format(user_two.given_name))

From 362eb7536dda266b38f6e290f3d2163d284aa16f Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Mon, 10 Jul 2017 15:00:46 -0400
Subject: [PATCH 157/163] Use newer prereg eligible journals url

---
 website/templates/prereg_landing_info.mako | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/website/templates/prereg_landing_info.mako b/website/templates/prereg_landing_info.mako
index 30ea9e70fd8..7d71e710b8b 100644
--- a/website/templates/prereg_landing_info.mako
+++ b/website/templates/prereg_landing_info.mako
@@ -11,7 +11,7 @@
 <%def name="steps()">
   <ol>
     <li>Specify all your study and analysis decisions prior to investigating your data</li>
-    <li>Publish your study in an <a target='_blank' href='https://cos.io/preregjournals'>eligible journal</a></li>
+    <li>Publish your study in an <a target='_blank' href='https://cos.io/our-services/prereg-more-information/'>eligible journal</a></li>
     <li>Receive $1,000</li>
   </ol>
 </%def>

From 5a58a4e865f5a9fc905fe4f5a4ea1b712f953328 Mon Sep 17 00:00:00 2001
From: Steven Loria <sloria1@gmail.com>
Date: Mon, 10 Jul 2017 17:27:27 -0400
Subject: [PATCH 158/163] Make email_read public but dev-only

Lookit needs this
---
 framework/auth/oauth_scopes.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/framework/auth/oauth_scopes.py b/framework/auth/oauth_scopes.py
index 182921ee4d3..ec9597c4ac2 100644
--- a/framework/auth/oauth_scopes.py
+++ b/framework/auth/oauth_scopes.py
@@ -206,13 +206,13 @@ class ComposedScopes(object):
     'osf.users.profile_read': scope(parts_=frozenset(ComposedScopes.USERS_READ),
                                 description='Read your profile data',
                                 is_public=True),
-    'osf.users.email_read': scope(parts_=frozenset(ComposedScopes.USERS_EMAIL),
-                                description='Read your primary email address.',
-                                is_public=False),
 }
 
 if settings.DEV_MODE:
     public_scopes.update({
+        'osf.users.email_read': scope(parts_=frozenset(ComposedScopes.USERS_EMAIL),
+                                    description='Read your primary email address.',
+                                    is_public=True),
         'osf.users.profile_write': scope(parts_=frozenset(ComposedScopes.USERS_WRITE),
                                      description='Read and edit your profile data',
                                      is_public=True),

From 77396c8315cd8c20c8be6f47257880e643c11219 Mon Sep 17 00:00:00 2001
From: Rheisen Dennis <dennis.rheisen@gmail.com>
Date: Tue, 11 Jul 2017 10:14:39 -0400
Subject: [PATCH 159/163] fix broken admin app routes (flagged spam, known
 spam, known ham) & add test cases

---
 admin/nodes/views.py            |  2 +-
 admin_tests/nodes/test_views.py | 30 ++++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+), 1 deletion(-)

diff --git a/admin/nodes/views.py b/admin/nodes/views.py
index 891939ec60d..549fa9d018c 100644
--- a/admin/nodes/views.py
+++ b/admin/nodes/views.py
@@ -244,7 +244,7 @@ def get_queryset(self):
         query = (
             Q('spam_status', 'eq', self.SPAM_STATE)
         )
-        return Node.find(query).sort(self.ordering)
+        return Node.find(query).order_by(self.ordering)
 
     def get_context_data(self, **kwargs):
         query_set = kwargs.pop('object_list', self.object_list)
diff --git a/admin_tests/nodes/test_views.py b/admin_tests/nodes/test_views.py
index 6d50082db2e..8ffbefc9af2 100644
--- a/admin_tests/nodes/test_views.py
+++ b/admin_tests/nodes/test_views.py
@@ -7,6 +7,9 @@
     NodeView,
     NodeReindexShare,
     NodeReindexElastic,
+    NodeFlaggedSpamList,
+    NodeKnownSpamList,
+    NodeKnownHamList,
 )
 from admin_tests.utilities import setup_log_view, setup_view
 
@@ -22,6 +25,33 @@
 
 class TestNodeView(AdminTestCase):
 
+    def test_get_flagged_spam(self):
+        user = AuthUserFactory()
+        user.is_superuser = True
+        user.save()
+        request = RequestFactory().get(reverse('nodes:flagged-spam'))
+        request.user = user
+        response = NodeFlaggedSpamList.as_view()(request)
+        nt.assert_equal(response.status_code, 200)
+
+    def test_get_known_spam(self):
+        user = AuthUserFactory()
+        user.is_superuser = True
+        user.save()
+        request = RequestFactory().get(reverse('nodes:known-spam'))
+        request.user = user
+        response = NodeKnownSpamList.as_view()(request)
+        nt.assert_equal(response.status_code, 200)
+
+    def test_get_known_ham(self):
+        user = AuthUserFactory()
+        user.is_superuser = True
+        user.save()
+        request = RequestFactory().get(reverse('nodes:known-ham'))
+        request.user = user
+        response = NodeKnownHamList.as_view()(request)
+        nt.assert_equal(response.status_code, 200)
+
     def test_no_guid(self):
         request = RequestFactory().get('/fake_path')
         view = NodeView()

From 3600e1350d64cc84f1b6b3d128403101f822e2b0 Mon Sep 17 00:00:00 2001
From: John Tordoff <Johnetordoff@users.noreply.github.com>
Date: Tue, 11 Jul 2017 15:31:09 -0400
Subject: [PATCH 160/163] Revert "Revert "[OSF-7636] Add ability to inherit
 tags from parent node""

---
 website/static/js/addProjectPlugin.js | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/website/static/js/addProjectPlugin.js b/website/static/js/addProjectPlugin.js
index 35423286444..dcdff58855f 100644
--- a/website/static/js/addProjectPlugin.js
+++ b/website/static/js/addProjectPlugin.js
@@ -41,6 +41,7 @@ var AddProject = {
         self.newProjectCategory = m.prop(self.defaultCat);
         self.newProjectTemplate = m.prop('');
         self.newProjectInheritContribs = m.prop(false);
+        self.newProjectInheritTags = m.prop(false);
         self.institutions = options.institutions || window.contextVars.currentUser.institutions || [];
         self.checkedInstitutions = {};
         self.institutions.map(
@@ -102,6 +103,10 @@ var AddProject = {
                     }
                 };
 
+            if(self.newProjectInheritTags()){
+                data.data.attributes.tags = window.contextVars.node.tags;
+            }
+
             if (self.newProjectTemplate()) {
                 data.data.attributes.template_from = self.newProjectTemplate();
             }
@@ -233,6 +238,17 @@ var AddProject = {
                                 }), ' Add contributors from ', m('b', options.parentTitle),
                                 m('br'),
                                 m('i', ' Admins of ', m('b', options.parentTitle), ' will have read access to this component.')
+                            ),
+                            m('br'),
+                            m('label.f-w-md',
+
+                                m('input', {
+                                    type: 'checkbox',
+                                    name: 'inherit_tags',
+                                    onchange : function() {
+                                        ctrl.newProjectInheritTags(this.checked);
+                                    }
+                                }), ' Add tags from ', m('b', options.parentTitle)
                             )
                         ]) : '',
                         ctrl.options.parentID !== null ? m('.span', [

From e587654cd41457dc5ef9733840c8035bb43cd8bc Mon Sep 17 00:00:00 2001
From: "Brian J. Geiger" <bgeiger@pobox.com>
Date: Wed, 12 Jul 2017 17:26:15 -0400
Subject: [PATCH 161/163] Revert "SHARE subject serialization [OSF-8227]"

---
 api/preprints/serializers.py   |  5 ++---
 osf/models/preprint_service.py |  9 ++++-----
 tests/test_preprints.py        | 28 ++++++++++------------------
 website/preprints/tasks.py     | 26 ++++++++------------------
 website/util/share.py          | 17 -----------------
 5 files changed, 24 insertions(+), 61 deletions(-)

diff --git a/api/preprints/serializers.py b/api/preprints/serializers.py
index 99c9137899c..63c4560b79f 100644
--- a/api/preprints/serializers.py
+++ b/api/preprints/serializers.py
@@ -209,7 +209,7 @@ def update(self, preprint, validated_data):
 
     def set_field(self, func, val, auth, save=False):
         try:
-            func(val, auth)
+            func(val, auth, save=save)
         except PermissionsError as e:
             raise exceptions.PermissionDenied(detail=e.message)
         except ValueError as e:
@@ -246,8 +246,7 @@ def create(self, validated_data):
             raise Conflict('Only one preprint per provider can be submitted for a node. Check `meta[existing_resource_id]`.', meta={'existing_resource_id': conflict._id})
 
         preprint = PreprintService(node=node, provider=provider)
-        self.set_field(preprint.set_primary_file, primary_file, auth)
-        preprint.save()
+        self.set_field(preprint.set_primary_file, primary_file, auth, save=True)
         preprint.node._has_abandoned_preprint = True
         preprint.node.save()
 
diff --git a/osf/models/preprint_service.py b/osf/models/preprint_service.py
index 4035ecf1305..5c33f3382f4 100644
--- a/osf/models/preprint_service.py
+++ b/osf/models/preprint_service.py
@@ -115,11 +115,10 @@ def get_subjects(self):
                 ret.append(subj_hierarchy)
         return ret
 
-    def set_subjects(self, preprint_subjects, auth):
+    def set_subjects(self, preprint_subjects, auth, save=False):
         if not self.node.has_permission(auth.user, ADMIN):
             raise PermissionsError('Only admins can change a preprint\'s subjects.')
 
-        old_subjects = list(self.subjects.values_list('id', flat=True))
         self.subjects.clear()
         for subj_list in preprint_subjects:
             subj_hierarchy = []
@@ -130,7 +129,8 @@ def set_subjects(self, preprint_subjects, auth):
                 for s_id in subj_hierarchy:
                     self.subjects.add(Subject.load(s_id))
 
-        self.save(old_subjects=old_subjects)
+        if save:
+            self.save()
 
     def set_primary_file(self, preprint_file, auth, save=False):
         if not self.node.has_permission(auth.user, ADMIN):
@@ -226,9 +226,8 @@ def set_identifier_values(self, doi, ark, save=False):
     def save(self, *args, **kwargs):
         first_save = not bool(self.pk)
         saved_fields = self.get_dirty_fields() or []
-        old_subjects = kwargs.pop('old_subjects', [])
         ret = super(PreprintService, self).save(*args, **kwargs)
 
         if (not first_save and 'is_published' in saved_fields) or self.is_published:
-            enqueue_task(on_preprint_updated.s(self._id, old_subjects))
+            enqueue_task(on_preprint_updated.s(self._id))
         return ret
diff --git a/tests/test_preprints.py b/tests/test_preprints.py
index 9fb3c6da209..3e18d3a778f 100644
--- a/tests/test_preprints.py
+++ b/tests/test_preprints.py
@@ -85,7 +85,7 @@ def test_is_preprint_property_new_file_to_published(self):
         with assert_raises(ValueError):
             self.preprint.set_published(True, auth=self.auth, save=True)
         self.preprint.provider = PreprintProviderFactory()
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth, save=True)
         self.project.reload()
         assert_false(self.project.is_preprint)
         self.preprint.set_published(True, auth=self.auth, save=True)
@@ -100,7 +100,7 @@ def test_project_made_public(self):
         with assert_raises(ValueError):
             self.preprint.set_published(True, auth=self.auth, save=True)
         self.preprint.provider = PreprintProviderFactory()
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth)
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=self.auth, save=True)
         self.project.reload()
         assert_false(self.project.is_public)
         self.preprint.set_published(True, auth=self.auth, save=True)
@@ -160,7 +160,7 @@ def setUp(self):
     def test_nonadmin_cannot_set_subjects(self):
         initial_subjects = list(self.preprint.subjects.all())
         with assert_raises(PermissionsError):
-            self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.write_contrib))
+            self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.write_contrib), save=True)
 
         self.preprint.reload()
         assert_equal(initial_subjects, list(self.preprint.subjects.all()))
@@ -191,7 +191,7 @@ def test_nonadmin_cannot_publish(self):
 
     def test_admin_can_set_subjects(self):
         initial_subjects = list(self.preprint.subjects.all())
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.user))
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.user), save=True)
 
         self.preprint.reload()
         assert_not_equal(initial_subjects, list(self.preprint.subjects.all()))
@@ -355,7 +355,7 @@ def setUp(self):
             self.preprint.node.creator.suffix = ''
         self.preprint.node.creator.save()
 
-        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.preprint.node.creator))
+        self.preprint.set_subjects([[SubjectFactory()._id]], auth=Auth(self.preprint.node.creator), save=False)
 
     def tearDown(self):
         handlers.celery_before_request()
@@ -381,16 +381,8 @@ def test_format_preprint(self):
 
         subjects = [nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'subject']
         through_subjects = [nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'throughsubjects']
-        s_ids = [s['@id'] for s in subjects]
-        ts_ids = [ts['subject']['@id'] for ts in through_subjects]
-        cs_ids = [i for i in set(s.get('central_synonym', {}).get('@id') for s in subjects) if i]
-        for ts in ts_ids:
-            assert ts in s_ids
-            assert ts not in cs_ids  # Only aliased subjects are connected to self.preprint
-        for s in subjects:
-            subject = Subject.objects.get(text=s['name'])
-            assert s['uri'].endswith('v2/taxonomies/{}/'.format(subject._id))  # This cannot change
-        assert set(subject['name'] for subject in subjects) == set([s.text for s in self.preprint.subjects.all()] + [s.bepress_subject.text for s in self.preprint.subjects.filter(bepress_subject__isnull=False)])
+        assert sorted(subject['@id'] for subject in subjects) == sorted(tt['subject']['@id'] for tt in through_subjects)
+        assert sorted(subject['name'] for subject in subjects) == [s.bepress_text for h in self.preprint.subject_hierarchy for s in h]
 
         people = sorted([nodes.pop(k) for k, v in nodes.items() if v['@type'] == 'person'], key=lambda x: x['given_name'])
         expected_people = sorted([{
@@ -466,7 +458,7 @@ def test_format_preprint_nones(self):
         self.preprint.node.tags = []
         self.preprint.date_published = None
         self.preprint.node.preprint_article_doi = None
-        self.preprint.set_subjects([], auth=Auth(self.preprint.node.creator))
+        self.preprint.set_subjects([], auth=Auth(self.preprint.node.creator), save=False)
 
         res = format_preprint(self.preprint)
 
@@ -617,12 +609,12 @@ def test_save_published_called(self, mock_on_preprint_updated):
     @mock.patch('website.preprints.tasks.on_preprint_updated.s')
     def test_save_published_subject_change_called(self, mock_on_preprint_updated):
         self.preprint.is_published = True
-        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth)
+        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth, save=True)
         assert mock_on_preprint_updated.called
 
     @mock.patch('website.preprints.tasks.on_preprint_updated.s')
     def test_save_unpublished_subject_change_not_called(self, mock_on_preprint_updated):
-        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth)
+        self.preprint.set_subjects([[self.subject_two._id]], auth=self.auth, save=True)
         assert not mock_on_preprint_updated.called
 
     @mock.patch('website.preprints.tasks.requests')
diff --git a/website/preprints/tasks.py b/website/preprints/tasks.py
index 6722d32394c..d3671fa36f1 100644
--- a/website/preprints/tasks.py
+++ b/website/preprints/tasks.py
@@ -8,7 +8,7 @@
 from framework import sentry
 
 from website import settings
-from website.util.share import GraphNode, format_contributor, format_subject
+from website.util.share import GraphNode, format_contributor
 
 from website.identifiers.utils import request_identifiers_from_ezid, get_ezid_client, build_ezid_metadata, parse_identifiers
 
@@ -16,13 +16,12 @@
 
 
 @celery_app.task(ignore_results=True)
-def on_preprint_updated(preprint_id, update_share=True, old_subjects=None):
+def on_preprint_updated(preprint_id, update_share=True):
     # WARNING: Only perform Read-Only operations in an asynchronous task, until Repeatable Read/Serializable
     # transactions are implemented in View and Task application layers.
     from osf.models import PreprintService
     preprint = PreprintService.load(preprint_id)
-    if old_subjects is None:
-        old_subjects = []
+
     if preprint.node:
         status = 'public' if preprint.node.is_public else 'unavailable'
         try:
@@ -40,18 +39,14 @@ def on_preprint_updated(preprint_id, update_share=True, old_subjects=None):
                 'attributes': {
                     'tasks': [],
                     'raw': None,
-                    'data': {'@graph': format_preprint(preprint, old_subjects)}
+                    'data': {'@graph': format_preprint(preprint)}
                 }
             }
         }, headers={'Authorization': 'Bearer {}'.format(preprint.provider.access_token), 'Content-Type': 'application/vnd.api+json'})
         logger.debug(resp.content)
         resp.raise_for_status()
 
-def format_preprint(preprint, old_subjects=None):
-    if old_subjects is None:
-        old_subjects = []
-    from osf.models import Subject
-    old_subjects = [Subject.objects.get(id=s) for s in old_subjects]
+def format_preprint(preprint):
     preprint_graph = GraphNode('preprint', **{
         'title': preprint.node.title,
         'description': preprint.node.description or '',
@@ -88,15 +83,10 @@ def format_preprint(preprint, old_subjects=None):
         for tag in preprint.node.tags.values_list('name', flat=True) if tag
     ]
 
-    current_subjects = [
-        GraphNode('throughsubjects', creative_work=preprint_graph, subject=format_subject(s))
-        for s in preprint.subjects.all()
-    ]
-    deleted_subjects = [
-        GraphNode('throughsubjects', creative_work=preprint_graph, is_deleted=True, subject=format_subject(s))
-        for s in old_subjects if not preprint.subjects.filter(id=s.id).exists()
+    preprint_graph.attrs['subjects'] = [
+        GraphNode('throughsubjects', creative_work=preprint_graph, subject=GraphNode('subject', name=subject))
+        for subject in set(s.bepress_text for s in preprint.subjects.all())
     ]
-    preprint_graph.attrs['subjects'] = current_subjects + deleted_subjects
 
     to_visit.extend(format_contributor(preprint_graph, user, preprint.node.get_visible(user), i) for i, user in enumerate(preprint.node.contributors))
     to_visit.extend(GraphNode('AgentWorkRelation', creative_work=preprint_graph, agent=GraphNode('institution', name=institution))
diff --git a/website/util/share.py b/website/util/share.py
index 1ecb39b7759..ee56315b8a5 100644
--- a/website/util/share.py
+++ b/website/util/share.py
@@ -67,20 +67,3 @@ def format_contributor(preprint, user, bibliographic, index):
         creative_work=preprint,
         cited_as=user.fullname,
     )
-
-def format_subject(subject, context=None):
-    if context is None:
-        context = {}
-    if subject is None:
-        return None
-    if subject.id in context:
-        return context[subject.id]
-    context[subject.id] = GraphNode(
-        'subject',
-        name=subject.text,
-        is_deleted=False,
-        uri=subject.absolute_api_v2_url,
-    )
-    context[subject.id].attrs['parent'] = format_subject(subject.parent, context)
-    context[subject.id].attrs['central_synonym'] = format_subject(subject.bepress_subject, context)
-    return context[subject.id]

From e639ae8e21a31acd2a4b7fc3d247ed10fc0274da Mon Sep 17 00:00:00 2001
From: Matt Frazier <maf7sm@virginia.edu>
Date: Thu, 13 Jul 2017 09:53:14 -0400
Subject: [PATCH 162/163] Remove assertion

---
 osf/management/commands/populate_custom_taxonomies.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/osf/management/commands/populate_custom_taxonomies.py b/osf/management/commands/populate_custom_taxonomies.py
index 351e3e6c039..0691facb7e1 100644
--- a/osf/management/commands/populate_custom_taxonomies.py
+++ b/osf/management/commands/populate_custom_taxonomies.py
@@ -16,8 +16,7 @@
 
 def validate_input(custom_provider, data):
     logger.info('Validating data')
-    assert data.get('include'), 'Must specify Subjects to recursively include with `include`.'
-    includes = data.get('include')
+    includes = data.get('include', [])
     excludes = data.get('exclude', [])
     customs = data.get('custom', {})
     merges = data.get('merge', {})

From 90f9cb7f6b5c1f50fc1028aeee20048ce5be7d5b Mon Sep 17 00:00:00 2001
From: Fabrice Mizero <fabmizz@gmail.com>
Date: Thu, 13 Jul 2017 11:16:18 -0400
Subject: [PATCH 163/163] Do not show menu on regs at all

---
 website/templates/util/render_node.mako | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

diff --git a/website/templates/util/render_node.mako b/website/templates/util/render_node.mako
index 8e23e3201aa..4fc2cb72c0b 100644
--- a/website/templates/util/render_node.mako
+++ b/website/templates/util/render_node.mako
@@ -57,22 +57,20 @@
                     <i class="fa fa-times remove-pointer" data-id="${summary['id']}" data-toggle="tooltip" title="Remove link"></i>
                     <i class="fa fa-code-fork" onclick="NodeActions.forkPointer('${summary['id']}', '${summary['primary_id']}');" data-toggle="tooltip" title="Fork this ${summary['node_type']} into ${node['node_type']} ${node['title']}"></i>
                 % endif
-                % if summary['primary'] and summary['logged_in'] and summary['is_contributor']:
+                % if summary['primary'] and summary['logged_in'] and summary['is_contributor'] and not summary['is_registration']:
                     <div class="dropdown pull-right" id="componentQuickActions">
                         <button class="btn btn-default dropdown-toggle" type="button" data-toggle="dropdown">
                             <span class="glyphicon glyphicon-option-horizontal"></span>
                         </button>
                         <ul class="dropdown-menu dropdown-menu-right">
                             <li><a tabindex="-1" href="${domain}${summary['id']}/contributors/">Manage Contributors</a></li>
-                            % if not node['is_registration']:
-                                <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
-                                % if summary['is_admin']:
-                                <li>
-                                    <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
-                                        Delete
-                                    </a>
-                                </li>
-                                % endif
+                            <li><a tabindex="-1" href="${domain}${summary['id']}/settings/">Settings</a></li>
+                            % if summary['is_admin']:
+                            <li>
+                                <a tabindex="-1" onclick="ComponentActions.deleteNode(${summary['childExists'] | sjson, n}, '${summary['node_type']}', ${summary['isPreprint'] | sjson, n},'${summary['api_url']}')" type="button">
+                                    Delete
+                                </a>
+                            </li>
                             % endif
                         </ul>
                   </div>