123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507 |
- # -*- coding: utf-8 -*-
- """
- (c) 2015-2016 - Copyright Red Hat Inc
- Authors:
- Pierre-Yves Chibon <pingou@pingoured.fr>
- """
- __requires__ = ['SQLAlchemy >= 0.8']
- import pkg_resources
- import unittest
- import shutil
- import sys
- import os
- import json
- from mock import patch
- sys.path.insert(0, os.path.join(os.path.dirname(
- os.path.abspath(__file__)), '..'))
- import pagure.lib
- import tests
- class PagureFlaskGroupstests(tests.Modeltests):
- """ Tests for flask groups controller of pagure """
- def test_group_lists(self):
- """ Test the group_lists endpoint. """
- output = self.app.get('/groups')
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">0</span>',
- output.data)
- def test_add_group_index_auth(self):
- """ Test the presence of the add group button on the front page. """
- user = tests.FakeUser(username='foo')
- with tests.user_set(self.app.application, user):
- output = self.app.get('/')
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- 'title="Create New Group" aria-hidden="true">',
- output.data)
- @patch.dict('pagure.config.config', {'ENABLE_GROUP_MNGT': False})
- def test_not_add_group_index_auth(self):
- """ Test the presence of the add group button on the front page. """
- user = tests.FakeUser(username='foo')
- with tests.user_set(self.app.application, user):
- output = self.app.get('/')
- self.assertEqual(output.status_code, 200)
- self.assertNotIn(
- 'title="Create New Group" aria-hidden="true">',
- output.data)
- def test_add_group(self):
- """ Test the add_group endpoint. """
- output = self.app.get('/group/add')
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/add')
- self.assertEqual(output.status_code, 403)
- user.username = 'pingou'
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/add')
- self.assertEqual(output.status_code, 200)
- self.assertIn('<strong>Create new group</strong>', output.data)
- self.assertNotIn(
- '<option value="admin">admin</option>', output.data)
- csrf_token = output.data.split(
- 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
- data = {
- }
- # Insufficient input
- output = self.app.post('/group/add', data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn('<strong>Create new group</strong>', output.data)
- self.assertEqual(output.data.count(
- 'This field is required.'), 3)
- data = {
- 'group_name': 'test_group',
- 'display_name': 'Test Group',
- 'description': 'This is a group for the tests',
- }
- # Missing CSRF
- output = self.app.post('/group/add', data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn('<strong>Create new group</strong>', output.data)
- self.assertEqual(output.data.count(
- 'This field is required.'), 0)
- data['csrf_token'] = csrf_token
- # All good
- output = self.app.post(
- '/group/add', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `pingou` added to '
- 'the group `test_group`.', output.data)
- self.assertIn(
- '</button>\n Group `test_group` created.',
- output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">1</span>',
- output.data)
- user = tests.FakeUser(
- username='pingou',
- groups=pagure.config.config['ADMIN_GROUP'])
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/add')
- self.assertEqual(output.status_code, 200)
- self.assertIn('<strong>Create new group</strong>', output.data)
- self.assertIn('<option value="admin">admin</option>', output.data)
- data = {
- 'group_name': 'test_admin_group',
- 'group_type': 'admin',
- 'display_name': 'Test Admin Group',
- 'description': 'This is another group for the tests',
- 'csrf_token': csrf_token,
- }
- # All good
- output = self.app.post(
- '/group/add', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `pingou` added to '
- 'the group `test_admin_group`.', output.data)
- self.assertIn(
- '</button>\n Group `test_admin_group` '
- 'created.',output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">2</span>',
- output.data)
- def test_edit_group(self):
- """ Test the edit_group endpoint. """
- output = self.app.get('/group/test_group/edit')
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/test_group/edit')
- self.assertEqual(output.status_code, 404)
- self.assertIn('<p>Group not found</p>', output.data)
- self.test_add_group()
- user.username = 'foo'
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/foo/edit')
- self.assertEqual(output.status_code, 404)
- self.assertIn('<p>Group not found</p>', output.data)
- output = self.app.get('/group/test_group/edit')
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<title>Edit group: test_group - Pagure</title>',
- output.data)
- self.assertIn(
- '<form action="/group/test_group/edit" method="post">',
- output.data)
- self.assertIn(
- '<strong><label for="description">Description'
- '</label></strong>', output.data)
- csrf_token = output.data.split(
- 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
- # Missing CSRF
- data = {
- 'group_name': 'test_group',
- 'display_name': 'Test Group edited',
- 'description': 'This is a group for the tests edited',
- }
- output = self.app.post(
- '/group/test_group/edit', data=data, follow_redirects=True)
- #print output.data
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<title>Edit group: test_group - Pagure</title>',
- output.data)
- self.assertIn(
- '<form action="/group/test_group/edit" method="post">',
- output.data)
- self.assertIn(
- '<strong><label for="description">Description'
- '</label></strong>', output.data)
- # User not allowed
- data['csrf_token'] = csrf_token
- output = self.app.post(
- '/group/test_group/edit', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<title>Group test_group - Pagure</title>',
- output.data)
- self.assertIn(
- '</button>\n You are not '
- 'allowed to edit this group', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- ' Test Group', output.data)
- user.username = 'pingou'
- with tests.user_set(self.app.application, user):
- # Invalid repo
- output = self.app.post(
- '/group/bar/edit', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 404)
- self.assertIn('<p>Group not found</p>', output.data)
- output = self.app.post(
- '/group/test_group/edit', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<title>Group test_group - Pagure</title>', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- ' Test Group', output.data)
- self.assertIn(
- 'Group "Test Group edited" (test_group) edited',
- output.data)
- def test_group_delete(self):
- """ Test the group_delete endpoint. """
- output = self.app.post('/group/foo/delete')
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post('/group/foo/delete', follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<p>No groups have been created on this pagure instance '
- 'yet</p>', output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">0</span>',
- output.data)
- self.test_add_group()
- with tests.user_set(self.app.application, user):
- output = self.app.post('/group/foo/delete', follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">1</span>',
- output.data)
- output = self.app.get('/new/')
- csrf_token = output.data.split(
- 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
- user.username = 'foo'
- with tests.user_set(self.app.application, user):
- data = {
- 'csrf_token': csrf_token,
- }
- output = self.app.post(
- '/group/bar/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n No group `bar` found',
- output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">1</span>',
- output.data)
- output = self.app.post(
- '/group/test_group/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n You are not allowed to '
- 'delete the group test_group', output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">1</span>',
- output.data)
- user.username = 'bar'
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- '/group/test_group/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 404)
- user.username = 'pingou'
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- '/group/test_group/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n Group `test_group` has '
- 'been deleted', output.data)
- self.assertIn(
- '<h2 class="m-b-1">\n'
- ' Groups <span class="label label-default">0</span>',
- output.data)
- def test_view_group(self):
- """ Test the view_group endpoint. """
- output = self.app.get('/group/foo')
- self.assertEqual(output.status_code, 404)
- self.test_add_group()
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get('/group/test_group')
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- output = self.app.get('/group/test_admin_group')
- self.assertEqual(output.status_code, 404)
- user = tests.FakeUser(
- username='pingou',
- groups=pagure.config.config['ADMIN_GROUP'])
- with tests.user_set(self.app.application, user):
- # Admin can see group of type admins
- output = self.app.get('/group/test_admin_group')
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Admin Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- csrf_token = output.data.split(
- 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
- # No CSRF
- data = {
- 'user': 'bar'
- }
- output = self.app.post('/group/test_admin_group', data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Admin Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- # Invalid user
- data = {
- 'user': 'bar',
- 'csrf_token': csrf_token,
- }
- output = self.app.post(
- '/group/test_admin_group', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n No user `bar` found',
- output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Admin Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- # All good
- data = {
- 'user': 'foo',
- 'csrf_token': csrf_token,
- }
- output = self.app.post('/group/test_admin_group', data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `foo` added to the '
- 'group `test_admin_group`.', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Admin Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 2)
- def test_group_user_delete(self):
- """ Test the group_user_delete endpoint. """
- output = self.app.post('/group/foo/bar/delete')
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- '/group/foo/bar/delete', follow_redirects=True)
- self.assertEqual(output.status_code, 404)
- self.test_add_group()
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- '/group/test_group/bar/delete', follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- output = self.app.get('/new/')
- csrf_token = output.data.split(
- 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
- data = {'csrf_token': csrf_token}
- output = self.app.post(
- '/group/test_group/bar/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n No user `bar` found',
- output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- output = self.app.post(
- '/group/test_group/foo/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n Could not find user '
- 'username', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- user.username = 'pingou'
- with tests.user_set(self.app.application, user):
- # User not in the group
- output = self.app.post(
- '/group/test_group/foo/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `foo` could not be '
- 'found in the group `test_group`', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- # Cannot delete creator
- output = self.app.post(
- '/group/test_group/foo/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `foo` could not be '
- 'found in the group `test_group`', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- # Add user foo
- data = {
- 'user': 'foo',
- 'csrf_token': csrf_token,
- }
- output = self.app.post('/group/test_group', data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `foo` added to the '
- 'group `test_group`.', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 2)
- output = self.app.post(
- '/group/test_group/foo/delete', data=data, follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '</button>\n User `foo` removed from '
- 'the group `test_group`', output.data)
- self.assertIn(
- '<span class="oi" data-glyph="people"></span> '
- 'Test Group', output.data)
- self.assertEqual(output.data.count('<a href="/user/'), 1)
- if __name__ == '__main__':
- unittest.main(verbosity=2)
|