| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689 |
- # -*- coding: utf-8 -*-
- """
- (c) 2015-2016 - Copyright Red Hat Inc
- Authors:
- Pierre-Yves Chibon <pingou@pingoured.fr>
- """
- from __future__ import unicode_literals, absolute_import
- import unittest
- import shutil
- import sys
- import os
- import json
- from mock import patch
- sys.path.insert(
- 0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")
- )
- import pagure.config
- import tests
- class PagureFlaskGroupstests(tests.Modeltests):
- """ Tests for flask groups controller of pagure """
- def test_group_lists(self):
- """ Test the group_lists endpoint. """
- output = self.app.get("/groups")
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">0</span>',
- output.get_data(as_text=True),
- )
- def test_add_group(self):
- """ Test the add_group endpoint. """
- output = self.app.get("/group/add")
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/add")
- self.assertEqual(output.status_code, 403)
- user.username = "pingou"
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/add")
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<strong>Create new group</strong>",
- output.get_data(as_text=True),
- )
- self.assertNotIn(
- '<option value="admin">admin</option>',
- output.get_data(as_text=True),
- )
- csrf_token = (
- output.get_data(as_text=True)
- .split('name="csrf_token" type="hidden" value="')[1]
- .split('">')[0]
- )
- data = {}
- # Insufficient input
- output = self.app.post("/group/add", data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<strong>Create new group</strong>",
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count("This field is required."),
- 3,
- )
- data = {
- "group_name": "test_group",
- "display_name": "Test Group",
- "description": "This is a group for the tests",
- }
- # Missing CSRF
- output = self.app.post("/group/add", data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<strong>Create new group</strong>",
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count("This field is required."),
- 0,
- )
- data["csrf_token"] = csrf_token
- # All good
- output = self.app.post(
- "/group/add", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `pingou` added to " "the group `test_group`.",
- output.get_data(as_text=True),
- )
- self.assertIn(
- "Group `test_group` created.", output.get_data(as_text=True)
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">1</span>',
- output.get_data(as_text=True),
- )
- user = tests.FakeUser(
- username="pingou", groups=pagure.config.config["ADMIN_GROUP"]
- )
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/add")
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<strong>Create new group</strong>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<option value="admin">admin</option>',
- output.get_data(as_text=True),
- )
- data = {
- "group_name": "test_admin_group",
- "group_type": "admin",
- "display_name": "Test Admin Group",
- "description": "This is another group for the tests",
- "csrf_token": csrf_token,
- }
- # All good
- output = self.app.post(
- "/group/add", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `pingou` added to " "the group `test_admin_group`.",
- output.get_data(as_text=True),
- )
- self.assertIn(
- "Group `test_admin_group` " "created.",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">2</span>',
- output.get_data(as_text=True),
- )
- def test_edit_group(self):
- """ Test the edit_group endpoint. """
- output = self.app.get("/group/test_group/edit")
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/test_group/edit")
- self.assertEqual(output.status_code, 404)
- self.assertIn(
- "<p>Group not found</p>", output.get_data(as_text=True)
- )
- self.test_add_group()
- user.username = "foo"
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/foo/edit")
- self.assertEqual(output.status_code, 404)
- self.assertIn(
- "<p>Group not found</p>", output.get_data(as_text=True)
- )
- output = self.app.get("/group/test_group/edit")
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<title>Edit group: test_group - Pagure</title>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<form action="/group/test_group/edit" method="post">',
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<strong><label for="description">Description'
- "</label></strong>",
- output.get_data(as_text=True),
- )
- csrf_token = (
- output.get_data(as_text=True)
- .split('name="csrf_token" type="hidden" value="')[1]
- .split('">')[0]
- )
- # Missing CSRF
- data = {
- "group_name": "test_group",
- "display_name": "Test Group edited",
- "description": "This is a group for the tests edited",
- }
- output = self.app.post(
- "/group/test_group/edit", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<title>Edit group: test_group - Pagure</title>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<form action="/group/test_group/edit" method="post">',
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<strong><label for="description">Description'
- "</label></strong>",
- output.get_data(as_text=True),
- )
- # User not allowed
- data["csrf_token"] = csrf_token
- output = self.app.post(
- "/group/test_group/edit", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<title>Group test_group - Pagure</title>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- "You are not " "allowed to edit this group",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- user.username = "pingou"
- with tests.user_set(self.app.application, user):
- # Invalid repo
- output = self.app.post(
- "/group/bar/edit", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 404)
- self.assertIn(
- "<p>Group not found</p>", output.get_data(as_text=True)
- )
- output = self.app.post(
- "/group/test_group/edit", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<title>Group test_group - Pagure</title>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group edited</h3>',
- output.get_data(as_text=True),
- )
- self.assertIn(
- "Group "Test Group edited" (test_group) edited",
- output.get_data(as_text=True),
- )
- def test_give_group(self):
- """ Test the give_group endpoint. """
- output = self.app.post("/group/test_group/give")
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post("/group/test_group/give")
- self.assertEqual(output.status_code, 404)
- self.assertIn(
- "<p>Group not found</p>", output.get_data(as_text=True)
- )
- self.test_add_group()
- user.username = "foo"
- with tests.user_set(self.app.application, user):
- output = self.app.post("/group/foo/give")
- self.assertEqual(output.status_code, 404)
- self.assertIn(
- "<p>Group not found</p>", output.get_data(as_text=True)
- )
- output = self.app.post("/group/test_group/give")
- self.assertEqual(output.status_code, 403)
- csrf_token = self.get_csrf()
- user.username = "pingou"
- with tests.user_set(self.app.application, user):
- # Missing CSRF
- data = {"username": "invalid"}
- output = self.app.post(
- "/group/test_group/give", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- output_text = output.get_data(as_text=True)
- self.assertIn(
- "<title>Group test_group - Pagure</title>", output_text
- )
- self.assertIn(
- 'administered by <a href="/user/pingou">pingou</a>',
- output_text,
- )
- # User not found
- data["csrf_token"] = csrf_token
- output = self.app.post(
- "/group/test_group/give", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- output_text = output.get_data(as_text=True)
- self.assertIn(
- "<title>Group test_group - Pagure</title>", output_text
- )
- self.assertIn(
- "</i> No user invalid found to give this group to</div>",
- output_text,
- )
- self.assertIn(
- 'administered by <a href="/user/pingou">pingou</a>',
- output_text,
- )
- # Working
- data["username"] = "foo"
- output = self.app.post(
- "/group/test_group/give", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- output_text = output.get_data(as_text=True)
- self.assertIn(
- "<title>Group test_group - Pagure</title>", output_text
- )
- self.assertIn("</i> Group given</div>", output_text)
- self.assertIn(
- 'administered by <a href="/user/foo">foo</a>', output_text
- )
- def test_group_delete(self):
- """ Test the group_delete endpoint. """
- output = self.app.post("/group/foo/delete")
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post("/group/foo/delete", follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "<p>No groups have been created on this pagure instance "
- "yet</p>",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">0</span>',
- output.get_data(as_text=True),
- )
- self.test_add_group()
- with tests.user_set(self.app.application, user):
- output = self.app.post("/group/foo/delete", follow_redirects=True)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">1</span>',
- output.get_data(as_text=True),
- )
- output = self.app.get("/new/")
- csrf_token = (
- output.get_data(as_text=True)
- .split('name="csrf_token" type="hidden" value="')[1]
- .split('">')[0]
- )
- user.username = "foo"
- with tests.user_set(self.app.application, user):
- data = {"csrf_token": csrf_token}
- output = self.app.post(
- "/group/bar/delete", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "No group `bar` found", output.get_data(as_text=True)
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">1</span>',
- output.get_data(as_text=True),
- )
- output = self.app.post(
- "/group/test_group/delete", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "You are not allowed to " "delete the group test_group",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">1</span>',
- output.get_data(as_text=True),
- )
- user.username = "bar"
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- "/group/test_group/delete", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 404)
- user.username = "pingou"
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- "/group/test_group/delete", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "Group `test_group` has " "been deleted",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="font-weight-bold">\n'
- ' Groups <span class="badge badge-secondary">0</span>',
- output.get_data(as_text=True),
- )
- def test_view_group(self):
- """ Test the view_group endpoint. """
- output = self.app.get("/group/foo")
- self.assertEqual(output.status_code, 404)
- self.test_add_group()
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.get("/group/test_group")
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- output = self.app.get("/group/test_admin_group")
- self.assertEqual(output.status_code, 404)
- user = tests.FakeUser(
- username="pingou", groups=pagure.config.config["ADMIN_GROUP"]
- )
- with tests.user_set(self.app.application, user):
- # Admin can see group of type admins
- output = self.app.get("/group/test_admin_group")
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- csrf_token = (
- output.get_data(as_text=True)
- .split('name="csrf_token" type="hidden" value="')[1]
- .split('">')[0]
- )
- # No CSRF
- data = {"user": "bar"}
- output = self.app.post("/group/test_admin_group", data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- # Invalid user
- data = {"user": "bar", "csrf_token": csrf_token}
- output = self.app.post(
- "/group/test_admin_group", data=data, follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn("No user `bar` found", output.get_data(as_text=True))
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- # All good
- data = {"user": "foo", "csrf_token": csrf_token}
- output = self.app.post("/group/test_admin_group", data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `foo` added to the " "group `test_admin_group`.",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 3
- )
- def test_group_user_delete(self):
- """ Test the group_user_delete endpoint. """
- output = self.app.post("/group/foo/bar/delete")
- self.assertEqual(output.status_code, 302)
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- "/group/foo/bar/delete", follow_redirects=True
- )
- self.assertEqual(output.status_code, 404)
- self.test_add_group()
- user = tests.FakeUser()
- with tests.user_set(self.app.application, user):
- output = self.app.post(
- "/group/test_group/bar/delete", follow_redirects=True
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- output = self.app.get("/new/")
- csrf_token = (
- output.get_data(as_text=True)
- .split('name="csrf_token" type="hidden" value="')[1]
- .split('">')[0]
- )
- data = {"csrf_token": csrf_token}
- output = self.app.post(
- "/group/test_group/bar/delete",
- data=data,
- follow_redirects=True,
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn("No user `bar` found", output.get_data(as_text=True))
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- output = self.app.post(
- "/group/test_group/foo/delete",
- data=data,
- follow_redirects=True,
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "Could not find user " "username",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- user.username = "pingou"
- with tests.user_set(self.app.application, user):
- # User not in the group
- output = self.app.post(
- "/group/test_group/foo/delete",
- data=data,
- follow_redirects=True,
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `foo` could not be " "found in the group `test_group`",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- # Cannot delete creator
- output = self.app.post(
- "/group/test_group/foo/delete",
- data=data,
- follow_redirects=True,
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `foo` could not be " "found in the group `test_group`",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- # Add user foo
- data = {"user": "foo", "csrf_token": csrf_token}
- output = self.app.post("/group/test_group", data=data)
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `foo` added to the " "group `test_group`.",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 3
- )
- output = self.app.post(
- "/group/test_group/foo/delete",
- data=data,
- follow_redirects=True,
- )
- self.assertEqual(output.status_code, 200)
- self.assertIn(
- "User `foo` removed from " "the group `test_group`",
- output.get_data(as_text=True),
- )
- self.assertIn(
- '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
- output.get_data(as_text=True),
- )
- self.assertEqual(
- output.get_data(as_text=True).count('<a href="/user/'), 2
- )
- if __name__ == "__main__":
- unittest.main(verbosity=2)
|
