test_pagure_flask_ui_app_browse.py 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2018 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. from __future__ import unicode_literals, absolute_import
  8. import unittest
  9. import sys
  10. import os
  11. from mock import patch, MagicMock
  12. sys.path.insert(
  13. 0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")
  14. )
  15. import pagure.lib.query
  16. import tests
  17. class PagureFlaskAppBrowsetests(tests.Modeltests):
  18. """Tests for the browse pages of flask app controller of pagure"""
  19. def setUp(self):
  20. """Set up the environnment, ran before every tests."""
  21. super(PagureFlaskAppBrowsetests, self).setUp()
  22. tests.create_projects(self.session)
  23. # Add a 3rd project with a long description
  24. item = pagure.lib.model.Project(
  25. user_id=2, # foo
  26. name="test3",
  27. description="test project #3 with a very long description",
  28. hook_token="aaabbbeeefff",
  29. private=True,
  30. )
  31. self.session.add(item)
  32. self.session.commit()
  33. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  34. def test_browse_project_logged_in_private_project(self):
  35. """Test the browse project endpoint when logged in with a private
  36. project."""
  37. user = tests.FakeUser(username="foo")
  38. with tests.user_set(self.app.application, user):
  39. output = self.app.get("/browse/projects/")
  40. self.assertEqual(output.status_code, 200)
  41. output_text = output.get_data(as_text=True)
  42. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  43. self.assertIn(
  44. '<h3 class="m-0 font-weight-bold">All Projects '
  45. '<span class="badge badge-secondary">4</span></h3>',
  46. output_text,
  47. )
  48. self.assertIn(
  49. '<span title="Private Project" class="text-danger '
  50. 'fa fa-fw fa-lock"></span>',
  51. output_text,
  52. )
  53. self.assertEqual(output_text.count('title="Private Project"'), 1)
  54. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  55. def test_browse_project_unauth_private_project(self):
  56. """Test the browse project endpoint when logged out with a private
  57. project."""
  58. output = self.app.get("/browse/projects/")
  59. self.assertEqual(output.status_code, 200)
  60. output_text = output.get_data(as_text=True)
  61. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  62. self.assertIn(
  63. '<h3 class="m-0 font-weight-bold">All Projects '
  64. '<span class="badge badge-secondary">3</span></h3>',
  65. output_text,
  66. )
  67. self.assertNotIn(
  68. '<span title="Private Project" class="text-danger '
  69. 'fa fa-fw fa-lock"></span>',
  70. output_text,
  71. )
  72. self.assertEqual(output_text.count('title="Private Project"'), 0)
  73. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  74. def test_browse_project_logged_in_no_access_private_project(self):
  75. """Test the browse project endpoint when logged in as an user that
  76. has no access to the private project."""
  77. user = tests.FakeUser(username="pingou")
  78. with tests.user_set(self.app.application, user):
  79. output = self.app.get("/browse/projects/")
  80. self.assertEqual(output.status_code, 200)
  81. output_text = output.get_data(as_text=True)
  82. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  83. self.assertIn(
  84. '<h3 class="m-0 font-weight-bold">All Projects '
  85. '<span class="badge badge-secondary">3</span></h3>',
  86. output_text,
  87. )
  88. self.assertNotIn(
  89. '<span title="Private Project" class="text-danger '
  90. 'fa fa-fw fa-lock"></span>',
  91. output_text,
  92. )
  93. self.assertEqual(output_text.count('title="Private Project"'), 0)
  94. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  95. def test_browse_project_logged_in_ticket_private_project(self):
  96. """Test the browse project endpoint when logged in as an user that
  97. has no access to the private project."""
  98. # Add user 'pingou' with ticket access on repo
  99. repo = pagure.lib.query._get_project(self.session, "test3")
  100. msg = pagure.lib.query.add_user_to_project(
  101. self.session, repo, new_user="pingou", user="foo", access="ticket"
  102. )
  103. self.assertEqual(msg, "User added")
  104. self.session.commit()
  105. # Ticket access level isn't sufficient to access private projects
  106. user = tests.FakeUser(username="pingou")
  107. with tests.user_set(self.app.application, user):
  108. output = self.app.get("/browse/projects/")
  109. self.assertEqual(output.status_code, 200)
  110. output_text = output.get_data(as_text=True)
  111. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  112. self.assertIn(
  113. '<h3 class="m-0 font-weight-bold">All Projects '
  114. '<span class="badge badge-secondary">3</span></h3>',
  115. output_text,
  116. )
  117. self.assertNotIn(
  118. '<span title="Private Project" class="text-danger '
  119. 'fa fa-fw fa-lock"></span>',
  120. output_text,
  121. )
  122. self.assertEqual(output_text.count('title="Private Project"'), 0)
  123. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  124. def test_browse_project_logged_in_commit_private_project(self):
  125. """Test the browse project endpoint when logged in as an user that
  126. has no access to the private project."""
  127. # Add user 'pingou' with commit access on repo
  128. repo = pagure.lib.query._get_project(self.session, "test3")
  129. msg = pagure.lib.query.add_user_to_project(
  130. self.session, repo, new_user="pingou", user="foo", access="commit"
  131. )
  132. self.assertEqual(msg, "User added")
  133. self.session.commit()
  134. user = tests.FakeUser(username="pingou")
  135. with tests.user_set(self.app.application, user):
  136. output = self.app.get("/browse/projects/")
  137. self.assertEqual(output.status_code, 200)
  138. output_text = output.get_data(as_text=True)
  139. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  140. self.assertIn(
  141. '<h3 class="m-0 font-weight-bold">All Projects '
  142. '<span class="badge badge-secondary">4</span></h3>',
  143. output_text,
  144. )
  145. self.assertIn(
  146. '<span title="Private Project" class="text-danger '
  147. 'fa fa-fw fa-lock"></span>',
  148. output_text,
  149. )
  150. self.assertEqual(output_text.count('title="Private Project"'), 1)
  151. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  152. def test_browse_project_logged_in_admin_private_project(self):
  153. """Test the browse project endpoint when logged in as an user that
  154. has no access to the private project."""
  155. # Add user 'pingou' with admin access on repo
  156. repo = pagure.lib.query._get_project(self.session, "test3")
  157. msg = pagure.lib.query.add_user_to_project(
  158. self.session, repo, new_user="pingou", user="foo", access="admin"
  159. )
  160. self.assertEqual(msg, "User added")
  161. self.session.commit()
  162. user = tests.FakeUser(username="pingou")
  163. with tests.user_set(self.app.application, user):
  164. output = self.app.get("/browse/projects/")
  165. self.assertEqual(output.status_code, 200)
  166. output_text = output.get_data(as_text=True)
  167. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  168. self.assertIn(
  169. '<h3 class="m-0 font-weight-bold">All Projects '
  170. '<span class="badge badge-secondary">4</span></h3>',
  171. output_text,
  172. )
  173. self.assertIn(
  174. '<span title="Private Project" class="text-danger '
  175. 'fa fa-fw fa-lock"></span>',
  176. output_text,
  177. )
  178. self.assertEqual(output_text.count('title="Private Project"'), 1)
  179. class PagureFlaskAppBrowseGroupAdmintests(tests.Modeltests):
  180. """Tests for the browse pages of flask app controller of pagure"""
  181. def setUp(self):
  182. """Set up the environnment, ran before every tests."""
  183. super(PagureFlaskAppBrowseGroupAdmintests, self).setUp()
  184. tests.create_projects(self.session)
  185. # Add a 3rd project with a long description
  186. item = pagure.lib.model.Project(
  187. user_id=2, # foo
  188. name="test3",
  189. description="test project #3 with a very long description",
  190. hook_token="aaabbbeeefff",
  191. private=True,
  192. )
  193. self.session.add(item)
  194. self.session.commit()
  195. # Create a group
  196. msg = pagure.lib.query.add_group(
  197. self.session,
  198. group_name="JL",
  199. display_name="Justice League",
  200. description="Nope, it's not JLA anymore",
  201. group_type="user",
  202. user="foo",
  203. is_admin=False,
  204. blacklist=pagure.config.config.get("BLACKLISTED_PROJECTS"),
  205. )
  206. self.assertEqual(msg, "User `foo` added to the group `JL`.")
  207. # Add the group to project we just created, test3
  208. # Add it with admin ACL
  209. project = pagure.lib.query._get_project(self.session, "test3")
  210. msg = pagure.lib.query.add_group_to_project(
  211. self.session,
  212. project=project,
  213. new_group="JL",
  214. user="foo",
  215. access="admin",
  216. )
  217. self.session.commit()
  218. self.assertEqual(msg, "Group added")
  219. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  220. def test_browse_project_user_not_in_group(self):
  221. """Test the browse project endpoint when logged in as an user that
  222. has no access to the private project via a group as admin."""
  223. user = tests.FakeUser(username="pingou")
  224. with tests.user_set(self.app.application, user):
  225. output = self.app.get("/browse/projects/")
  226. self.assertEqual(output.status_code, 200)
  227. output_text = output.get_data(as_text=True)
  228. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  229. self.assertIn(
  230. '<h3 class="m-0 font-weight-bold">All Projects '
  231. '<span class="badge badge-secondary">3</span></h3>',
  232. output_text,
  233. )
  234. self.assertNotIn(
  235. '<span title="Private project" class="text-danger '
  236. 'fa fa-fw fa-lock"></span>',
  237. output_text,
  238. )
  239. self.assertEqual(output_text.count('title="Private project"'), 0)
  240. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  241. def test_browse_project_user_in_group(self):
  242. """Test the browse project endpoint when logged in as an user that
  243. has no access to the private project via a group as admin."""
  244. group = pagure.lib.query.search_groups(self.session, group_name="JL")
  245. pagure.lib.query.add_user_to_group(
  246. session=self.session,
  247. username="pingou",
  248. group=group,
  249. user="foo",
  250. is_admin=False,
  251. )
  252. self.session.commit()
  253. user = tests.FakeUser(username="pingou")
  254. with tests.user_set(self.app.application, user):
  255. output = self.app.get("/browse/projects/")
  256. self.assertEqual(output.status_code, 200)
  257. output_text = output.get_data(as_text=True)
  258. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  259. self.assertIn(
  260. '<h3 class="m-0 font-weight-bold">All Projects '
  261. '<span class="badge badge-secondary">4</span></h3>',
  262. output_text,
  263. )
  264. self.assertIn(
  265. '<span title="Private Project" class="text-danger '
  266. 'fa fa-fw fa-lock"></span>',
  267. output_text,
  268. )
  269. self.assertEqual(output_text.count('title="Private Project"'), 1)
  270. class PagureFlaskAppBrowseGroupCommittests(tests.Modeltests):
  271. """Tests for the browse pages of flask app controller of pagure"""
  272. def setUp(self):
  273. """Set up the environnment, ran before every tests."""
  274. super(PagureFlaskAppBrowseGroupCommittests, self).setUp()
  275. tests.create_projects(self.session)
  276. # Add a 3rd project with a long description
  277. item = pagure.lib.model.Project(
  278. user_id=2, # foo
  279. name="test3",
  280. description="test project #3 with a very long description",
  281. hook_token="aaabbbeeefff",
  282. private=True,
  283. )
  284. self.session.add(item)
  285. self.session.commit()
  286. # Create a group
  287. msg = pagure.lib.query.add_group(
  288. self.session,
  289. group_name="JL",
  290. display_name="Justice League",
  291. description="Nope, it's not JLA anymore",
  292. group_type="user",
  293. user="foo",
  294. is_admin=False,
  295. blacklist=pagure.config.config.get("BLACKLISTED_PROJECTS"),
  296. )
  297. self.assertEqual(msg, "User `foo` added to the group `JL`.")
  298. # Add the group to project we just created, test3
  299. # Add it with commit ACL
  300. project = pagure.lib.query._get_project(self.session, "test3")
  301. msg = pagure.lib.query.add_group_to_project(
  302. self.session,
  303. project=project,
  304. new_group="JL",
  305. user="foo",
  306. access="commit",
  307. )
  308. self.session.commit()
  309. self.assertEqual(msg, "Group added")
  310. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  311. def test_browse_project_user_not_in_group(self):
  312. """Test the browse project endpoint when logged in as an user that
  313. has no access to the private project via a group as admin."""
  314. user = tests.FakeUser(username="pingou")
  315. with tests.user_set(self.app.application, user):
  316. output = self.app.get("/browse/projects/")
  317. self.assertEqual(output.status_code, 200)
  318. output_text = output.get_data(as_text=True)
  319. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  320. self.assertIn(
  321. '<h3 class="m-0 font-weight-bold">All Projects '
  322. '<span class="badge badge-secondary">3</span></h3>',
  323. output_text,
  324. )
  325. self.assertNotIn(
  326. '<span title="Private project" class="text-danger '
  327. 'fa fa-fw fa-lock"></span>',
  328. output_text,
  329. )
  330. self.assertEqual(output_text.count('title="Private project"'), 0)
  331. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  332. def test_browse_project_user_in_group(self):
  333. """Test the browse project endpoint when logged in as an user that
  334. has no access to the private project via a group as admin."""
  335. group = pagure.lib.query.search_groups(self.session, group_name="JL")
  336. pagure.lib.query.add_user_to_group(
  337. session=self.session,
  338. username="pingou",
  339. group=group,
  340. user="foo",
  341. is_admin=False,
  342. )
  343. self.session.commit()
  344. user = tests.FakeUser(username="pingou")
  345. with tests.user_set(self.app.application, user):
  346. output = self.app.get("/browse/projects/")
  347. self.assertEqual(output.status_code, 200)
  348. output_text = output.get_data(as_text=True)
  349. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  350. self.assertIn(
  351. '<h3 class="m-0 font-weight-bold">All Projects '
  352. '<span class="badge badge-secondary">4</span></h3>',
  353. output_text,
  354. )
  355. self.assertIn(
  356. '<span title="Private Project" class="text-danger '
  357. 'fa fa-fw fa-lock"></span>',
  358. output_text,
  359. )
  360. self.assertEqual(output_text.count('title="Private Project"'), 1)
  361. class PagureFlaskAppBrowseGroupTickettests(tests.Modeltests):
  362. """Tests for the browse pages of flask app controller of pagure"""
  363. def setUp(self):
  364. """Set up the environnment, ran before every tests."""
  365. super(PagureFlaskAppBrowseGroupTickettests, self).setUp()
  366. tests.create_projects(self.session)
  367. # Add a 3rd project with a long description
  368. item = pagure.lib.model.Project(
  369. user_id=2, # foo
  370. name="test3",
  371. description="test project #3 with a very long description",
  372. hook_token="aaabbbeeefff",
  373. private=True,
  374. )
  375. self.session.add(item)
  376. self.session.commit()
  377. # Create a group
  378. msg = pagure.lib.query.add_group(
  379. self.session,
  380. group_name="JL",
  381. display_name="Justice League",
  382. description="Nope, it's not JLA anymore",
  383. group_type="user",
  384. user="foo",
  385. is_admin=False,
  386. blacklist=pagure.config.config.get("BLACKLISTED_PROJECTS"),
  387. )
  388. self.assertEqual(msg, "User `foo` added to the group `JL`.")
  389. # Add the group to project we just created, test3
  390. # Add it with ticket ACL
  391. project = pagure.lib.query._get_project(self.session, "test3")
  392. msg = pagure.lib.query.add_group_to_project(
  393. self.session,
  394. project=project,
  395. new_group="JL",
  396. user="foo",
  397. access="ticket",
  398. )
  399. self.session.commit()
  400. self.assertEqual(msg, "Group added")
  401. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  402. def test_browse_project_user_not_in_group(self):
  403. """Test the browse project endpoint when logged in as an user that
  404. has no access to the private project via a group as admin."""
  405. user = tests.FakeUser(username="pingou")
  406. with tests.user_set(self.app.application, user):
  407. output = self.app.get("/browse/projects/")
  408. self.assertEqual(output.status_code, 200)
  409. output_text = output.get_data(as_text=True)
  410. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  411. self.assertIn(
  412. '<h3 class="m-0 font-weight-bold">All Projects '
  413. '<span class="badge badge-secondary">3</span></h3>',
  414. output_text,
  415. )
  416. self.assertNotIn(
  417. '<span title="Private Project" class="text-danger '
  418. 'fa fa-fw fa-lock"></span>',
  419. output_text,
  420. )
  421. self.assertEqual(output_text.count('title="Private Project"'), 0)
  422. @patch.dict("pagure.config.config", {"PRIVATE_PROJECTS": True})
  423. def test_browse_project_user_in_group(self):
  424. """Test the browse project endpoint when logged in as an user that
  425. has no access to the private project via a group as admin."""
  426. group = pagure.lib.query.search_groups(self.session, group_name="JL")
  427. pagure.lib.query.add_user_to_group(
  428. session=self.session,
  429. username="pingou",
  430. group=group,
  431. user="foo",
  432. is_admin=False,
  433. )
  434. self.session.commit()
  435. # Ticket ACL isn't enough to grant you access
  436. user = tests.FakeUser(username="pingou")
  437. with tests.user_set(self.app.application, user):
  438. output = self.app.get("/browse/projects/")
  439. self.assertEqual(output.status_code, 200)
  440. output_text = output.get_data(as_text=True)
  441. self.assertIn("<title>Home - Pagure</title>\n", output_text)
  442. self.assertIn(
  443. '<h3 class="m-0 font-weight-bold">All Projects '
  444. '<span class="badge badge-secondary">3</span></h3>',
  445. output_text,
  446. )
  447. self.assertNotIn(
  448. '<span title="Private Project" class="text-danger '
  449. 'fa fa-fw fa-lock"></span>',
  450. output_text,
  451. )
  452. self.assertEqual(output_text.count('title="Private Project"'), 0)
  453. if __name__ == "__main__":
  454. unittest.main(verbosity=2)