test_pagure_flask_ui_groups.py 16 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2015-2016 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. __requires__ = ['SQLAlchemy >= 0.8']
  8. import pkg_resources
  9. import unittest
  10. import shutil
  11. import sys
  12. import os
  13. import json
  14. from mock import patch
  15. sys.path.insert(0, os.path.join(os.path.dirname(
  16. os.path.abspath(__file__)), '..'))
  17. import pagure.lib
  18. import tests
  19. class PagureFlaskGroupstests(tests.Modeltests):
  20. """ Tests for flask groups controller of pagure """
  21. def setUp(self):
  22. """ Set up the environnment, ran before every tests. """
  23. super(PagureFlaskGroupstests, self).setUp()
  24. pagure.APP.config['TESTING'] = True
  25. pagure.SESSION = self.session
  26. pagure.ui.SESSION = self.session
  27. pagure.ui.groups.SESSION = self.session
  28. pagure.ui.repo.SESSION = self.session
  29. pagure.ui.filters.SESSION = self.session
  30. pagure.APP.config['GIT_FOLDER'] = tests.HERE
  31. pagure.APP.config['FORK_FOLDER'] = os.path.join(
  32. tests.HERE, 'forks')
  33. pagure.APP.config['TICKETS_FOLDER'] = os.path.join(
  34. tests.HERE, 'tickets')
  35. pagure.APP.config['DOCS_FOLDER'] = os.path.join(
  36. tests.HERE, 'docs')
  37. pagure.APP.config['REQUESTS_FOLDER'] = os.path.join(
  38. tests.HERE, 'requests')
  39. self.app = pagure.APP.test_client()
  40. def test_group_lists(self):
  41. """ Test the group_lists endpoint. """
  42. output = self.app.get('/groups')
  43. self.assertIn(
  44. '<h2 class="m-b-1">\n'
  45. ' Groups <span class="label label-default">0</span>',
  46. output.data)
  47. def test_add_group(self):
  48. """ Test the add_group endpoint. """
  49. output = self.app.get('/group/add')
  50. self.assertEqual(output.status_code, 302)
  51. user = tests.FakeUser()
  52. with tests.user_set(pagure.APP, user):
  53. output = self.app.get('/group/add')
  54. self.assertEqual(output.status_code, 403)
  55. user.username = 'pingou'
  56. with tests.user_set(pagure.APP, user):
  57. output = self.app.get('/group/add')
  58. self.assertEqual(output.status_code, 200)
  59. self.assertIn('<h2>Create group</h2>', output.data)
  60. self.assertNotIn(
  61. '<option value="admin">admin</option>', output.data)
  62. csrf_token = output.data.split(
  63. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  64. data = {
  65. }
  66. # Insufficient input
  67. output = self.app.post('/group/add', data=data)
  68. self.assertEqual(output.status_code, 200)
  69. self.assertIn('<h2>Create group</h2>', output.data)
  70. self.assertEqual(output.data.count(
  71. 'This field is required.'), 1)
  72. data = {
  73. 'group_name': 'test_group',
  74. }
  75. # Missing CSRF
  76. output = self.app.post('/group/add', data=data)
  77. self.assertEqual(output.status_code, 200)
  78. self.assertIn('<h2>Create group</h2>', output.data)
  79. self.assertEqual(output.data.count(
  80. 'This field is required.'), 0)
  81. data['csrf_token'] = csrf_token
  82. # All good
  83. output = self.app.post(
  84. '/group/add', data=data, follow_redirects=True)
  85. self.assertEqual(output.status_code, 200)
  86. self.assertIn(
  87. '</button>\n User `pingou` added to '
  88. 'the group `test_group`.', output.data)
  89. self.assertIn(
  90. '</button>\n Group `test_group` created.',
  91. output.data)
  92. self.assertIn(
  93. '<h2 class="m-b-1">\n'
  94. ' Groups <span class="label label-default">1</span>',
  95. output.data)
  96. user = tests.FakeUser(
  97. username='pingou',
  98. groups=pagure.APP.config['ADMIN_GROUP'])
  99. with tests.user_set(pagure.APP, user):
  100. output = self.app.get('/group/add')
  101. self.assertEqual(output.status_code, 200)
  102. self.assertIn('<h2>Create group</h2>', output.data)
  103. self.assertIn('<option value="admin">admin</option>', output.data)
  104. data = {
  105. 'group_name': 'test_admin_group',
  106. 'group_type': 'admin',
  107. 'csrf_token': csrf_token,
  108. }
  109. # All good
  110. output = self.app.post(
  111. '/group/add', data=data, follow_redirects=True)
  112. self.assertEqual(output.status_code, 200)
  113. self.assertIn(
  114. '</button>\n User `pingou` added to '
  115. 'the group `test_admin_group`.', output.data)
  116. self.assertIn(
  117. '</button>\n Group `test_admin_group` '
  118. 'created.',output.data)
  119. self.assertIn(
  120. '<h2 class="m-b-1">\n'
  121. ' Groups <span class="label label-default">2</span>',
  122. output.data)
  123. def test_group_delete(self):
  124. """ Test the group_delete endpoint. """
  125. output = self.app.post('/group/foo/delete')
  126. self.assertEqual(output.status_code, 302)
  127. user = tests.FakeUser()
  128. with tests.user_set(pagure.APP, user):
  129. output = self.app.post('/group/foo/delete', follow_redirects=True)
  130. self.assertEqual(output.status_code, 200)
  131. self.assertIn(
  132. '<p>No groups have been created on this pagure instance '
  133. 'yet</p>', output.data)
  134. self.assertIn(
  135. '<h2 class="m-b-1">\n'
  136. ' Groups <span class="label label-default">0</span>',
  137. output.data)
  138. self.test_add_group()
  139. with tests.user_set(pagure.APP, user):
  140. output = self.app.post('/group/foo/delete', follow_redirects=True)
  141. self.assertEqual(output.status_code, 200)
  142. self.assertIn(
  143. '<h2 class="m-b-1">\n'
  144. ' Groups <span class="label label-default">1</span>',
  145. output.data)
  146. csrf_token = output.data.split(
  147. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  148. user.username = 'foo'
  149. with tests.user_set(pagure.APP, user):
  150. data = {
  151. 'csrf_token': csrf_token,
  152. }
  153. output = self.app.post(
  154. '/group/bar/delete', data=data, follow_redirects=True)
  155. self.assertEqual(output.status_code, 200)
  156. self.assertIn(
  157. '</button>\n No group `bar` found',
  158. output.data)
  159. self.assertIn(
  160. '<h2 class="m-b-1">\n'
  161. ' Groups <span class="label label-default">1</span>',
  162. output.data)
  163. output = self.app.post(
  164. '/group/test_group/delete', data=data, follow_redirects=True)
  165. self.assertEqual(output.status_code, 200)
  166. self.assertIn(
  167. '</button>\n You are not allowed to '
  168. 'delete the group test_group', output.data)
  169. self.assertIn(
  170. '<h2 class="m-b-1">\n'
  171. ' Groups <span class="label label-default">1</span>',
  172. output.data)
  173. user.username = 'bar'
  174. with tests.user_set(pagure.APP, user):
  175. output = self.app.post(
  176. '/group/test_group/delete', data=data, follow_redirects=True)
  177. self.assertEqual(output.status_code, 404)
  178. user.username = 'pingou'
  179. with tests.user_set(pagure.APP, user):
  180. output = self.app.post(
  181. '/group/test_group/delete', data=data, follow_redirects=True)
  182. self.assertEqual(output.status_code, 200)
  183. self.assertIn(
  184. '</button>\n Group `test_group` has '
  185. 'been deleted', output.data)
  186. self.assertIn(
  187. '<h2 class="m-b-1">\n'
  188. ' Groups <span class="label label-default">0</span>',
  189. output.data)
  190. def test_view_group(self):
  191. """ Test the view_group endpoint. """
  192. output = self.app.get('/group/foo')
  193. self.assertEqual(output.status_code, 404)
  194. self.test_add_group()
  195. user = tests.FakeUser()
  196. with tests.user_set(pagure.APP, user):
  197. output = self.app.get('/group/test_group')
  198. self.assertEqual(output.status_code, 200)
  199. self.assertIn(
  200. '<span class="oi" data-glyph="people"></span> &nbsp;'
  201. 'test_group', output.data)
  202. output = self.app.get('/group/test_admin_group')
  203. self.assertEqual(output.status_code, 404)
  204. user = tests.FakeUser(
  205. username='pingou',
  206. groups=pagure.APP.config['ADMIN_GROUP'])
  207. with tests.user_set(pagure.APP, user):
  208. # Admin can see group of type admins
  209. output = self.app.get('/group/test_admin_group')
  210. self.assertEqual(output.status_code, 200)
  211. self.assertIn(
  212. '<span class="oi" data-glyph="people"></span> &nbsp;'
  213. 'test_admin_group', output.data)
  214. self.assertEqual(output.data.count('<a href="/user/'), 1)
  215. csrf_token = output.data.split(
  216. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  217. # No CSRF
  218. data = {
  219. 'user': 'bar'
  220. }
  221. output = self.app.post('/group/test_admin_group', data=data)
  222. self.assertEqual(output.status_code, 200)
  223. self.assertIn(
  224. '<span class="oi" data-glyph="people"></span> &nbsp;'
  225. 'test_admin_group', output.data)
  226. self.assertEqual(output.data.count('<a href="/user/'), 1)
  227. # Invalid user
  228. data = {
  229. 'user': 'bar',
  230. 'csrf_token': csrf_token,
  231. }
  232. output = self.app.post(
  233. '/group/test_admin_group', data=data, follow_redirects=True)
  234. self.assertEqual(output.status_code, 200)
  235. self.assertIn(
  236. '</button>\n No user `bar` found',
  237. output.data)
  238. self.assertIn(
  239. '<span class="oi" data-glyph="people"></span> &nbsp;'
  240. 'test_admin_group', output.data)
  241. self.assertEqual(output.data.count('<a href="/user/'), 1)
  242. # All good
  243. data = {
  244. 'user': 'foo',
  245. 'csrf_token': csrf_token,
  246. }
  247. output = self.app.post('/group/test_admin_group', data=data)
  248. self.assertEqual(output.status_code, 200)
  249. self.assertIn(
  250. '</button>\n User `foo` added to the '
  251. 'group `test_admin_group`.', output.data)
  252. self.assertIn(
  253. '<span class="oi" data-glyph="people"></span> &nbsp;'
  254. 'test_admin_group', output.data)
  255. self.assertEqual(output.data.count('<a href="/user/'), 2)
  256. def test_group_user_delete(self):
  257. """ Test the group_user_delete endpoint. """
  258. output = self.app.post('/group/foo/bar/delete')
  259. self.assertEqual(output.status_code, 302)
  260. user = tests.FakeUser()
  261. with tests.user_set(pagure.APP, user):
  262. output = self.app.post(
  263. '/group/foo/bar/delete', follow_redirects=True)
  264. self.assertEqual(output.status_code, 404)
  265. self.test_add_group()
  266. user = tests.FakeUser()
  267. with tests.user_set(pagure.APP, user):
  268. output = self.app.post(
  269. '/group/test_group/bar/delete', follow_redirects=True)
  270. self.assertEqual(output.status_code, 200)
  271. self.assertIn(
  272. '<span class="oi" data-glyph="people"></span> &nbsp;'
  273. 'test_group', output.data)
  274. self.assertEqual(output.data.count('<a href="/user/'), 1)
  275. output = self.app.get('/new/')
  276. csrf_token = output.data.split(
  277. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  278. data = {'csrf_token': csrf_token}
  279. output = self.app.post(
  280. '/group/test_group/bar/delete', data=data, follow_redirects=True)
  281. self.assertEqual(output.status_code, 200)
  282. self.assertIn(
  283. '</button>\n No user `bar` found',
  284. output.data)
  285. self.assertIn(
  286. '<span class="oi" data-glyph="people"></span> &nbsp;'
  287. 'test_group', output.data)
  288. self.assertEqual(output.data.count('<a href="/user/'), 1)
  289. output = self.app.post(
  290. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  291. self.assertEqual(output.status_code, 200)
  292. self.assertIn(
  293. '</button>\n Could not find user '
  294. 'username', output.data)
  295. self.assertIn(
  296. '<span class="oi" data-glyph="people"></span> &nbsp;'
  297. 'test_group', output.data)
  298. self.assertEqual(output.data.count('<a href="/user/'), 1)
  299. user.username = 'pingou'
  300. with tests.user_set(pagure.APP, user):
  301. # User not in the group
  302. output = self.app.post(
  303. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  304. self.assertEqual(output.status_code, 200)
  305. self.assertIn(
  306. '</button>\n User `foo` could not be '
  307. 'found in the group `test_group`', output.data)
  308. self.assertIn(
  309. '<span class="oi" data-glyph="people"></span> &nbsp;'
  310. 'test_group', output.data)
  311. self.assertEqual(output.data.count('<a href="/user/'), 1)
  312. # Cannot delete creator
  313. output = self.app.post(
  314. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  315. self.assertEqual(output.status_code, 200)
  316. self.assertIn(
  317. '</button>\n User `foo` could not be '
  318. 'found in the group `test_group`', output.data)
  319. self.assertIn(
  320. '<span class="oi" data-glyph="people"></span> &nbsp;'
  321. 'test_group', output.data)
  322. self.assertEqual(output.data.count('<a href="/user/'), 1)
  323. # Add user foo
  324. data = {
  325. 'user': 'foo',
  326. 'csrf_token': csrf_token,
  327. }
  328. output = self.app.post('/group/test_group', data=data)
  329. self.assertEqual(output.status_code, 200)
  330. self.assertIn(
  331. '</button>\n User `foo` added to the '
  332. 'group `test_group`.', output.data)
  333. self.assertIn(
  334. '<span class="oi" data-glyph="people"></span> &nbsp;'
  335. 'test_group', output.data)
  336. self.assertEqual(output.data.count('<a href="/user/'), 2)
  337. output = self.app.post(
  338. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  339. self.assertEqual(output.status_code, 200)
  340. self.assertIn(
  341. '</button>\n User `foo` removed from '
  342. 'the group `test_group`', output.data)
  343. self.assertIn(
  344. '<span class="oi" data-glyph="people"></span> &nbsp;'
  345. 'test_group', output.data)
  346. self.assertEqual(output.data.count('<a href="/user/'), 1)
  347. if __name__ == '__main__':
  348. SUITE = unittest.TestLoader().loadTestsFromTestCase(
  349. PagureFlaskGroupstests)
  350. unittest.TextTestRunner(verbosity=2).run(SUITE)