test_pagure_flask_ui_app_give_project.py 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2017 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. from __future__ import unicode_literals, absolute_import
  8. import unittest
  9. import shutil
  10. import sys
  11. import tempfile
  12. import os
  13. from mock import patch, MagicMock
  14. sys.path.insert(
  15. 0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")
  16. )
  17. import pagure
  18. import pagure.lib.query
  19. import tests
  20. class PagureFlaskGiveRepotests(tests.SimplePagureTest):
  21. """ Tests for give a project on pagure """
  22. def setUp(self):
  23. """ Set up the environnment, ran before every tests. """
  24. super(PagureFlaskGiveRepotests, self).setUp()
  25. pagure.config.config["VIRUS_SCAN_ATTACHMENTS"] = False
  26. pagure.config.config["UPLOAD_FOLDER_URL"] = "/releases/"
  27. pagure.config.config["UPLOAD_FOLDER_PATH"] = os.path.join(
  28. self.path, "releases"
  29. )
  30. tests.create_projects(self.session)
  31. tests.create_projects_git(os.path.join(self.path, "repos"), bare=True)
  32. self._check_user(user="pingou")
  33. def _check_user(self, user="pingou"):
  34. self.session.commit()
  35. project = pagure.lib.query.get_authorized_project(
  36. self.session, project_name="test"
  37. )
  38. self.assertEqual(project.user.user, user)
  39. def test_give_project_no_project(self):
  40. """ Test the give_project endpoint. """
  41. # No such project
  42. output = self.app.post("/test42/give")
  43. self.assertEqual(output.status_code, 404)
  44. def test_give_project_no_csrf(self):
  45. """ Test the give_project endpoint. """
  46. user = tests.FakeUser()
  47. user.username = "pingou"
  48. with tests.user_set(self.app.application, user):
  49. self._check_user()
  50. # Missing CSRF
  51. data = {"user": "foo"}
  52. output = self.app.post(
  53. "/test/give", data=data, follow_redirects=True
  54. )
  55. self.assertEqual(output.status_code, 200)
  56. self.assertIn(
  57. "<title>Overview - test - Pagure</title>",
  58. output.get_data(as_text=True),
  59. )
  60. self._check_user()
  61. def test_give_project_invalid_user(self):
  62. """ Test the give_project endpoint. """
  63. user = tests.FakeUser()
  64. user.username = "pingou"
  65. with tests.user_set(self.app.application, user):
  66. csrf_token = self.get_csrf()
  67. self._check_user()
  68. # Invalid user
  69. data = {"user": "foobar", "csrf_token": csrf_token}
  70. output = self.app.post(
  71. "/test/give", data=data, follow_redirects=True
  72. )
  73. self.assertEqual(output.status_code, 404)
  74. self.assertIn(
  75. "<p>No such user foobar found</p>",
  76. output.get_data(as_text=True),
  77. )
  78. self._check_user()
  79. def test_give_project_no_user(self):
  80. """ Test the give_project endpoint. """
  81. user = tests.FakeUser()
  82. user.username = "pingou"
  83. with tests.user_set(self.app.application, user):
  84. csrf_token = self.get_csrf()
  85. self._check_user()
  86. # No user
  87. data = {"csrf_token": csrf_token}
  88. output = self.app.post(
  89. "/test/give", data=data, follow_redirects=True
  90. )
  91. self.assertEqual(output.status_code, 404)
  92. self.assertIn(
  93. "<p>No user specified</p>", output.get_data(as_text=True)
  94. )
  95. self._check_user()
  96. def test_give_project_not_owner(self):
  97. """ Test the give_project endpoint. """
  98. user = tests.FakeUser()
  99. user.username = "foo"
  100. with tests.user_set(self.app.application, user):
  101. csrf_token = self.get_csrf()
  102. self._check_user()
  103. # User isn't the admin
  104. data = {"user": "foo", "csrf_token": csrf_token}
  105. output = self.app.post(
  106. "/test/give", data=data, follow_redirects=True
  107. )
  108. self.assertEqual(output.status_code, 403)
  109. self.assertIn(
  110. "<p>You are not allowed to change the settings for this "
  111. "project</p>",
  112. output.get_data(as_text=True),
  113. )
  114. self._check_user()
  115. def test_give_project_not_admin(self):
  116. """ Test the give_project endpoint. """
  117. user = tests.FakeUser()
  118. user.username = "foo"
  119. with tests.user_set(self.app.application, user):
  120. csrf_token = self.get_csrf()
  121. self._check_user()
  122. # User isn't the admin
  123. data = {"user": "foo", "csrf_token": csrf_token}
  124. output = self.app.post(
  125. "/test/give", data=data, follow_redirects=True
  126. )
  127. self.assertEqual(output.status_code, 403)
  128. self.assertIn(
  129. "<p>You are not allowed to change the settings for this "
  130. "project</p>",
  131. output.get_data(as_text=True),
  132. )
  133. self._check_user()
  134. def test_give_project_not_owner_but_is_admin(self):
  135. """ Test the give_project endpoint. """
  136. project = pagure.lib.query.get_authorized_project(
  137. self.session, project_name="test"
  138. )
  139. msg = pagure.lib.query.add_user_to_project(
  140. self.session,
  141. project=project,
  142. new_user="foo",
  143. user="pingou",
  144. access="admin",
  145. )
  146. self.session.commit()
  147. self.assertEqual(msg, "User added")
  148. user = tests.FakeUser()
  149. user.username = "foo"
  150. with tests.user_set(self.app.application, user):
  151. csrf_token = self.get_csrf()
  152. self._check_user()
  153. # User isn't the owner
  154. data = {"user": "foo", "csrf_token": csrf_token}
  155. output = self.app.post(
  156. "/test/give", data=data, follow_redirects=True
  157. )
  158. self.assertEqual(output.status_code, 403)
  159. self.assertIn(
  160. "<p>You are not allowed to give this project</p>",
  161. output.get_data(as_text=True),
  162. )
  163. self._check_user()
  164. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  165. @patch("pagure.lib.git.generate_gitolite_acls", MagicMock())
  166. def test_give_project_not_owner_but_admin(self):
  167. """ Test the give_project endpoint.
  168. Test giving a project when the person giving the project is a pagure
  169. admin (instance wide admin) but not a project admin.
  170. """
  171. user = tests.FakeUser()
  172. user.username = "foo"
  173. user.cla_done = True
  174. user.groups = ["foo"]
  175. with tests.user_set(self.app.application, user):
  176. csrf_token = self.get_csrf()
  177. self._check_user()
  178. # User isn't the owner but is an instance admin
  179. data = {"user": "foo", "csrf_token": csrf_token}
  180. output = self.app.post(
  181. "/test/give", data=data, follow_redirects=True
  182. )
  183. self.assertEqual(output.status_code, 200)
  184. self.assertIn(
  185. "The project has been " "transferred to foo",
  186. output.get_data(as_text=True),
  187. )
  188. self._check_user("foo")
  189. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  190. @patch("pagure.lib.git.generate_gitolite_acls", MagicMock())
  191. def test_give_project(self):
  192. """ Test the give_project endpoint. """
  193. user = tests.FakeUser()
  194. user.username = "pingou"
  195. with tests.user_set(self.app.application, user):
  196. csrf_token = self.get_csrf()
  197. self._check_user()
  198. # All good
  199. data = {"user": "foo", "csrf_token": csrf_token}
  200. output = self.app.post(
  201. "/test/give", data=data, follow_redirects=True
  202. )
  203. self.assertEqual(output.status_code, 200)
  204. self.assertIn(
  205. "The project has been " "transferred to foo",
  206. output.get_data(as_text=True),
  207. )
  208. self._check_user("foo")
  209. # Make sure that the user giving the project is still an admin
  210. project = pagure.lib.query.get_authorized_project(
  211. self.session, project_name="test"
  212. )
  213. self.assertEqual(len(project.users), 1)
  214. self.assertEqual(project.users[0].user, "pingou")
  215. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  216. @patch("pagure.lib.git.generate_gitolite_acls", MagicMock())
  217. def test_give_project_already_user(self):
  218. """ Test the give_project endpoint when the new main_admin is already
  219. a committer on the project. """
  220. project = pagure.lib.query._get_project(self.session, "test")
  221. pagure.lib.query.add_user_to_project(
  222. self.session,
  223. project,
  224. new_user="foo",
  225. user="pingou",
  226. access="commit",
  227. )
  228. self.session.commit()
  229. user = tests.FakeUser()
  230. user.username = "pingou"
  231. with tests.user_set(self.app.application, user):
  232. csrf_token = self.get_csrf()
  233. self._check_user()
  234. # All good
  235. data = {"user": "foo", "csrf_token": csrf_token}
  236. output = self.app.post(
  237. "/test/give", data=data, follow_redirects=True
  238. )
  239. self.assertEqual(output.status_code, 200)
  240. self.assertIn(
  241. "The project has been " "transferred to foo",
  242. output.get_data(as_text=True),
  243. )
  244. self._check_user("foo")
  245. # Make sure that the user giving the project is still an admin
  246. project = pagure.lib.query.get_authorized_project(
  247. self.session, project_name="test"
  248. )
  249. self.assertEqual(len(project.users), 1)
  250. self.assertEqual(project.users[0].user, "pingou")
  251. @patch.dict(
  252. "pagure.config.config", {"REQUIRED_GROUPS": {"*": ["packager"]}}
  253. )
  254. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  255. @patch("pagure.lib.git.generate_gitolite_acls", MagicMock())
  256. def test_give_project_not_in_required_group(self):
  257. """ Test the give_project endpoint. """
  258. user = tests.FakeUser()
  259. user.username = "pingou"
  260. with tests.user_set(self.app.application, user):
  261. csrf_token = self.get_csrf()
  262. self._check_user()
  263. # User not a packager
  264. data = {"user": "foo", "csrf_token": csrf_token}
  265. output = self.app.post(
  266. "/test/give", data=data, follow_redirects=True
  267. )
  268. self.assertEqual(output.status_code, 200)
  269. self.assertIn(
  270. "</i> This user must be in one of the following groups to "
  271. "be allowed to be added to this project: packager</div>",
  272. output.get_data(as_text=True),
  273. )
  274. self._check_user(user="pingou")
  275. @patch.dict(
  276. "pagure.config.config", {"REQUIRED_GROUPS": {"*": ["packager"]}}
  277. )
  278. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  279. @patch("pagure.lib.git.generate_gitolite_acls", MagicMock())
  280. def test_give_project_in_required_group(self):
  281. """ Test the give_project endpoint. """
  282. # Create the packager group
  283. msg = pagure.lib.query.add_group(
  284. self.session,
  285. group_name="packager",
  286. display_name="packager group",
  287. description=None,
  288. group_type="user",
  289. user="pingou",
  290. is_admin=False,
  291. blacklist=[],
  292. )
  293. self.session.commit()
  294. self.assertEqual(msg, "User `pingou` added to the group `packager`.")
  295. # Add foo to the packager group
  296. group = pagure.lib.query.search_groups(
  297. self.session, group_name="packager"
  298. )
  299. msg = pagure.lib.query.add_user_to_group(
  300. self.session,
  301. username="foo",
  302. group=group,
  303. user="pingou",
  304. is_admin=False,
  305. )
  306. self.session.commit()
  307. self.assertEqual(msg, "User `foo` added to the group `packager`.")
  308. # pingou transferts test to foo
  309. user = tests.FakeUser()
  310. user.username = "pingou"
  311. with tests.user_set(self.app.application, user):
  312. csrf_token = self.get_csrf()
  313. self._check_user()
  314. # User not a packager
  315. data = {"user": "foo", "csrf_token": csrf_token}
  316. output = self.app.post(
  317. "/test/give", data=data, follow_redirects=True
  318. )
  319. self.assertEqual(output.status_code, 200)
  320. self.assertIn(
  321. "</i> The project has been transferred to foo</div>",
  322. output.get_data(as_text=True),
  323. )
  324. self._check_user("foo")
  325. # Make sure that the user giving the project is still an admin
  326. project = pagure.lib.query.get_authorized_project(
  327. self.session, project_name="test"
  328. )
  329. self.assertEqual(len(project.users), 1)
  330. self.assertEqual(project.users[0].user, "pingou")
  331. if __name__ == "__main__":
  332. unittest.main(verbosity=2)