test_pagure_flask_ui_app_give_project.py 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2017 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. from __future__ import unicode_literals, absolute_import
  8. import unittest
  9. import shutil
  10. import sys
  11. import tempfile
  12. import os
  13. from mock import patch, MagicMock
  14. sys.path.insert(
  15. 0, os.path.join(os.path.dirname(os.path.abspath(__file__)), "..")
  16. )
  17. import pagure
  18. import pagure.lib.query
  19. import tests
  20. class PagureFlaskGiveRepotests(tests.SimplePagureTest):
  21. """Tests for give a project on pagure"""
  22. def setUp(self):
  23. """Set up the environnment, ran before every tests."""
  24. super(PagureFlaskGiveRepotests, self).setUp()
  25. pagure.config.config["VIRUS_SCAN_ATTACHMENTS"] = False
  26. pagure.config.config["UPLOAD_FOLDER_URL"] = "/releases/"
  27. pagure.config.config["UPLOAD_FOLDER_PATH"] = os.path.join(
  28. self.path, "releases"
  29. )
  30. tests.create_projects(self.session)
  31. tests.create_projects_git(os.path.join(self.path, "repos"), bare=True)
  32. self._check_user(user="pingou")
  33. def _check_user(self, user="pingou"):
  34. self.session.commit()
  35. project = pagure.lib.query.get_authorized_project(
  36. self.session, project_name="test"
  37. )
  38. self.assertEqual(project.user.user, user)
  39. def test_give_project_no_project(self):
  40. """Test the give_project endpoint."""
  41. # No such project
  42. output = self.app.post("/test42/give")
  43. self.assertEqual(output.status_code, 404)
  44. def test_give_project_no_csrf(self):
  45. """Test the give_project endpoint."""
  46. user = tests.FakeUser()
  47. user.username = "pingou"
  48. with tests.user_set(self.app.application, user):
  49. self._check_user()
  50. # Missing CSRF
  51. data = {"user": "foo"}
  52. output = self.app.post(
  53. "/test/give", data=data, follow_redirects=True
  54. )
  55. self.assertEqual(output.status_code, 200)
  56. self.assertIn(
  57. "<title>Overview - test - Pagure</title>",
  58. output.get_data(as_text=True),
  59. )
  60. self._check_user()
  61. def test_give_project_invalid_user(self):
  62. """Test the give_project endpoint."""
  63. user = tests.FakeUser()
  64. user.username = "pingou"
  65. with tests.user_set(self.app.application, user):
  66. csrf_token = self.get_csrf()
  67. self._check_user()
  68. # Invalid user
  69. data = {"user": "foobar", "csrf_token": csrf_token}
  70. output = self.app.post(
  71. "/test/give", data=data, follow_redirects=True
  72. )
  73. self.assertEqual(output.status_code, 404)
  74. self.assertIn(
  75. "<p>No such user foobar found</p>",
  76. output.get_data(as_text=True),
  77. )
  78. self._check_user()
  79. def test_give_project_no_user(self):
  80. """Test the give_project endpoint."""
  81. user = tests.FakeUser()
  82. user.username = "pingou"
  83. with tests.user_set(self.app.application, user):
  84. csrf_token = self.get_csrf()
  85. self._check_user()
  86. # No user
  87. data = {"csrf_token": csrf_token}
  88. output = self.app.post(
  89. "/test/give", data=data, follow_redirects=True
  90. )
  91. self.assertEqual(output.status_code, 404)
  92. self.assertIn(
  93. "<p>No user specified</p>", output.get_data(as_text=True)
  94. )
  95. self._check_user()
  96. def test_give_project_not_owner(self):
  97. """Test the give_project endpoint."""
  98. user = tests.FakeUser()
  99. user.username = "foo"
  100. with tests.user_set(self.app.application, user):
  101. csrf_token = self.get_csrf()
  102. self._check_user()
  103. # User isn't the admin
  104. data = {"user": "foo", "csrf_token": csrf_token}
  105. output = self.app.post(
  106. "/test/give", data=data, follow_redirects=True
  107. )
  108. self.assertEqual(output.status_code, 403)
  109. self.assertIn(
  110. "<p>You are not allowed to change the settings for this "
  111. "project</p>",
  112. output.get_data(as_text=True),
  113. )
  114. self._check_user()
  115. def test_give_project_not_admin(self):
  116. """Test the give_project endpoint."""
  117. user = tests.FakeUser()
  118. user.username = "foo"
  119. with tests.user_set(self.app.application, user):
  120. csrf_token = self.get_csrf()
  121. self._check_user()
  122. # User isn't the admin
  123. data = {"user": "foo", "csrf_token": csrf_token}
  124. output = self.app.post(
  125. "/test/give", data=data, follow_redirects=True
  126. )
  127. self.assertEqual(output.status_code, 403)
  128. self.assertIn(
  129. "<p>You are not allowed to change the settings for this "
  130. "project</p>",
  131. output.get_data(as_text=True),
  132. )
  133. self._check_user()
  134. def test_give_project_not_owner_but_is_admin(self):
  135. """Test the give_project endpoint."""
  136. project = pagure.lib.query.get_authorized_project(
  137. self.session, project_name="test"
  138. )
  139. msg = pagure.lib.query.add_user_to_project(
  140. self.session,
  141. project=project,
  142. new_user="foo",
  143. user="pingou",
  144. access="admin",
  145. )
  146. self.session.commit()
  147. self.assertEqual(msg, "User added")
  148. user = tests.FakeUser()
  149. user.username = "foo"
  150. with tests.user_set(self.app.application, user):
  151. csrf_token = self.get_csrf()
  152. self._check_user()
  153. # User isn't the owner
  154. data = {"user": "foo", "csrf_token": csrf_token}
  155. output = self.app.post(
  156. "/test/give", data=data, follow_redirects=True
  157. )
  158. self.assertEqual(output.status_code, 403)
  159. self.assertIn(
  160. "<p>You are not allowed to give this project</p>",
  161. output.get_data(as_text=True),
  162. )
  163. self._check_user()
  164. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  165. def test_give_project_not_owner_but_admin(self):
  166. """Test the give_project endpoint.
  167. Test giving a project when the person giving the project is a pagure
  168. admin (instance wide admin) but not a project admin.
  169. """
  170. user = tests.FakeUser()
  171. user.username = "foo"
  172. user.cla_done = True
  173. user.groups = ["foo"]
  174. with tests.user_set(self.app.application, user):
  175. csrf_token = self.get_csrf()
  176. self._check_user()
  177. # User isn't the owner but is an instance admin
  178. data = {"user": "foo", "csrf_token": csrf_token}
  179. output = self.app.post(
  180. "/test/give", data=data, follow_redirects=True
  181. )
  182. self.assertEqual(output.status_code, 200)
  183. self.assertIn(
  184. "The project has been " "transferred to foo",
  185. output.get_data(as_text=True),
  186. )
  187. self._check_user("foo")
  188. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  189. def test_give_project(self):
  190. """Test the give_project endpoint."""
  191. user = tests.FakeUser()
  192. user.username = "pingou"
  193. with tests.user_set(self.app.application, user):
  194. csrf_token = self.get_csrf()
  195. self._check_user()
  196. # All good
  197. data = {"user": "foo", "csrf_token": csrf_token}
  198. output = self.app.post(
  199. "/test/give", data=data, follow_redirects=True
  200. )
  201. self.assertEqual(output.status_code, 200)
  202. self.assertIn(
  203. "The project has been " "transferred to foo",
  204. output.get_data(as_text=True),
  205. )
  206. self._check_user("foo")
  207. # Make sure that the user giving the project is still an admin
  208. project = pagure.lib.query.get_authorized_project(
  209. self.session, project_name="test"
  210. )
  211. self.assertEqual(len(project.users), 1)
  212. self.assertEqual(project.users[0].user, "pingou")
  213. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  214. def test_give_project_already_user(self):
  215. """Test the give_project endpoint when the new main_admin is already
  216. a committer on the project."""
  217. project = pagure.lib.query._get_project(self.session, "test")
  218. pagure.lib.query.add_user_to_project(
  219. self.session,
  220. project,
  221. new_user="foo",
  222. user="pingou",
  223. access="commit",
  224. )
  225. self.session.commit()
  226. user = tests.FakeUser()
  227. user.username = "pingou"
  228. with tests.user_set(self.app.application, user):
  229. csrf_token = self.get_csrf()
  230. self._check_user()
  231. # All good
  232. data = {"user": "foo", "csrf_token": csrf_token}
  233. output = self.app.post(
  234. "/test/give", data=data, follow_redirects=True
  235. )
  236. self.assertEqual(output.status_code, 200)
  237. self.assertIn(
  238. "The project has been " "transferred to foo",
  239. output.get_data(as_text=True),
  240. )
  241. self._check_user("foo")
  242. # Make sure that the user giving the project is still an admin
  243. project = pagure.lib.query.get_authorized_project(
  244. self.session, project_name="test"
  245. )
  246. self.assertEqual(len(project.users), 1)
  247. self.assertEqual(project.users[0].user, "pingou")
  248. @patch.dict(
  249. "pagure.config.config", {"REQUIRED_GROUPS": {"*": ["packager"]}}
  250. )
  251. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  252. def test_give_project_not_in_required_group(self):
  253. """Test the give_project endpoint."""
  254. user = tests.FakeUser()
  255. user.username = "pingou"
  256. with tests.user_set(self.app.application, user):
  257. csrf_token = self.get_csrf()
  258. self._check_user()
  259. # User not a packager
  260. data = {"user": "foo", "csrf_token": csrf_token}
  261. output = self.app.post(
  262. "/test/give", data=data, follow_redirects=True
  263. )
  264. self.assertEqual(output.status_code, 200)
  265. self.assertIn(
  266. "</i> This user must be in one of the following groups to "
  267. "be allowed to be added to this project: packager</div>",
  268. output.get_data(as_text=True),
  269. )
  270. self._check_user(user="pingou")
  271. @patch.dict(
  272. "pagure.config.config", {"REQUIRED_GROUPS": {"*": ["packager"]}}
  273. )
  274. @patch.dict("pagure.config.config", {"PAGURE_ADMIN_USERS": "foo"})
  275. def test_give_project_in_required_group(self):
  276. """Test the give_project endpoint."""
  277. # Create the packager group
  278. msg = pagure.lib.query.add_group(
  279. self.session,
  280. group_name="packager",
  281. display_name="packager group",
  282. description=None,
  283. group_type="user",
  284. user="pingou",
  285. is_admin=False,
  286. blacklist=[],
  287. )
  288. self.session.commit()
  289. self.assertEqual(msg, "User `pingou` added to the group `packager`.")
  290. # Add foo to the packager group
  291. group = pagure.lib.query.search_groups(
  292. self.session, group_name="packager"
  293. )
  294. msg = pagure.lib.query.add_user_to_group(
  295. self.session,
  296. username="foo",
  297. group=group,
  298. user="pingou",
  299. is_admin=False,
  300. )
  301. self.session.commit()
  302. self.assertEqual(msg, "User `foo` added to the group `packager`.")
  303. # pingou transferts test to foo
  304. user = tests.FakeUser()
  305. user.username = "pingou"
  306. with tests.user_set(self.app.application, user):
  307. csrf_token = self.get_csrf()
  308. self._check_user()
  309. # User not a packager
  310. data = {"user": "foo", "csrf_token": csrf_token}
  311. output = self.app.post(
  312. "/test/give", data=data, follow_redirects=True
  313. )
  314. self.assertEqual(output.status_code, 200)
  315. self.assertIn(
  316. "</i> The project has been transferred to foo</div>",
  317. output.get_data(as_text=True),
  318. )
  319. self._check_user("foo")
  320. # Make sure that the user giving the project is still an admin
  321. project = pagure.lib.query.get_authorized_project(
  322. self.session, project_name="test"
  323. )
  324. self.assertEqual(len(project.users), 1)
  325. self.assertEqual(project.users[0].user, "pingou")
  326. if __name__ == "__main__":
  327. unittest.main(verbosity=2)