test_pagure_flask_ui_app_browse.py 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2018 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. from __future__ import unicode_literals
  8. __requires__ = ['SQLAlchemy >= 0.8']
  9. import pkg_resources
  10. import unittest
  11. import sys
  12. import os
  13. from mock import patch, MagicMock
  14. sys.path.insert(0, os.path.join(os.path.dirname(
  15. os.path.abspath(__file__)), '..'))
  16. import pagure.lib
  17. import tests
  18. class PagureFlaskAppBrowsetests(tests.Modeltests):
  19. """ Tests for the browse pages of flask app controller of pagure """
  20. def setUp(self):
  21. """ Set up the environnment, ran before every tests. """
  22. super(PagureFlaskAppBrowsetests, self).setUp()
  23. tests.create_projects(self.session)
  24. # Add a 3rd project with a long description
  25. item = pagure.lib.model.Project(
  26. user_id=2, # foo
  27. name='test3',
  28. description='test project #3 with a very long description',
  29. hook_token='aaabbbeeefff',
  30. private=True,
  31. )
  32. self.session.add(item)
  33. self.session.commit()
  34. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  35. def test_browse_project_logged_in_private_project(self):
  36. """ Test the browse project endpoint when logged in with a private
  37. project. """
  38. user = tests.FakeUser(username='foo')
  39. with tests.user_set(self.app.application, user):
  40. output = self.app.get('/browse/projects/')
  41. self.assertEqual(output.status_code, 200)
  42. output_text = output.get_data(as_text=True)
  43. self.assertIn(
  44. '<title>Home - Pagure</title>\n',
  45. output_text)
  46. self.assertIn(
  47. '<h3 class="m-0 font-weight-bold">All Projects '
  48. '<span class="badge badge-secondary">4</span></h3>',
  49. output_text)
  50. self.assertIn(
  51. '<span title="Private Project" class="text-danger '
  52. 'fa fa-fw fa-lock"></span>',
  53. output_text)
  54. self.assertEqual(output_text.count('title="Private Project"'), 1)
  55. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  56. def test_browse_project_unauth_private_project(self):
  57. """ Test the browse project endpoint when logged out with a private
  58. project. """
  59. output = self.app.get('/browse/projects/')
  60. self.assertEqual(output.status_code, 200)
  61. output_text = output.get_data(as_text=True)
  62. self.assertIn(
  63. '<title>Home - Pagure</title>\n',
  64. output_text)
  65. self.assertIn(
  66. '<h3 class="m-0 font-weight-bold">All Projects '
  67. '<span class="badge badge-secondary">3</span></h3>',
  68. output_text)
  69. self.assertNotIn(
  70. '<span title="Private Project" class="text-danger '
  71. 'fa fa-fw fa-lock"></span>',
  72. output_text)
  73. self.assertEqual(output_text.count('title="Private Project"'), 0)
  74. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  75. def test_browse_project_logged_in_no_access_private_project(self):
  76. """ Test the browse project endpoint when logged in as an user that
  77. has no access to the private project. """
  78. user = tests.FakeUser(username='pingou')
  79. with tests.user_set(self.app.application, user):
  80. output = self.app.get('/browse/projects/')
  81. self.assertEqual(output.status_code, 200)
  82. output_text = output.get_data(as_text=True)
  83. self.assertIn(
  84. '<title>Home - Pagure</title>\n',
  85. output_text)
  86. self.assertIn(
  87. '<h3 class="m-0 font-weight-bold">All Projects '
  88. '<span class="badge badge-secondary">3</span></h3>',
  89. output_text)
  90. self.assertNotIn(
  91. '<span title="Private Project" class="text-danger '
  92. 'fa fa-fw fa-lock"></span>',
  93. output_text)
  94. self.assertEqual(output_text.count('title="Private Project"'), 0)
  95. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  96. def test_browse_project_logged_in_ticket_private_project(self):
  97. """ Test the browse project endpoint when logged in as an user that
  98. has no access to the private project. """
  99. # Add user 'pingou' with ticket access on repo
  100. repo = pagure.lib._get_project(self.session, 'test3')
  101. msg = pagure.lib.add_user_to_project(
  102. self.session,
  103. repo,
  104. new_user='pingou',
  105. user='foo',
  106. access='ticket',
  107. )
  108. self.assertEqual(msg, 'User added')
  109. self.session.commit()
  110. # Ticket access level isn't sufficient to access private projects
  111. user = tests.FakeUser(username='pingou')
  112. with tests.user_set(self.app.application, user):
  113. output = self.app.get('/browse/projects/')
  114. self.assertEqual(output.status_code, 200)
  115. output_text = output.get_data(as_text=True)
  116. self.assertIn(
  117. '<title>Home - Pagure</title>\n',
  118. output_text)
  119. self.assertIn(
  120. '<h3 class="m-0 font-weight-bold">All Projects '
  121. '<span class="badge badge-secondary">3</span></h3>',
  122. output_text)
  123. self.assertNotIn(
  124. '<span title="Private Project" class="text-danger '
  125. 'fa fa-fw fa-lock"></span>',
  126. output_text)
  127. self.assertEqual(output_text.count('title="Private Project"'), 0)
  128. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  129. def test_browse_project_logged_in_commit_private_project(self):
  130. """ Test the browse project endpoint when logged in as an user that
  131. has no access to the private project. """
  132. # Add user 'pingou' with commit access on repo
  133. repo = pagure.lib._get_project(self.session, 'test3')
  134. msg = pagure.lib.add_user_to_project(
  135. self.session,
  136. repo,
  137. new_user='pingou',
  138. user='foo',
  139. access='commit',
  140. )
  141. self.assertEqual(msg, 'User added')
  142. self.session.commit()
  143. user = tests.FakeUser(username='pingou')
  144. with tests.user_set(self.app.application, user):
  145. output = self.app.get('/browse/projects/')
  146. self.assertEqual(output.status_code, 200)
  147. output_text = output.get_data(as_text=True)
  148. self.assertIn(
  149. '<title>Home - Pagure</title>\n',
  150. output_text)
  151. self.assertIn(
  152. '<h3 class="m-0 font-weight-bold">All Projects '
  153. '<span class="badge badge-secondary">4</span></h3>',
  154. output_text)
  155. self.assertIn(
  156. '<span title="Private Project" class="text-danger '
  157. 'fa fa-fw fa-lock"></span>',
  158. output_text)
  159. self.assertEqual(output_text.count('title="Private Project"'), 1)
  160. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  161. def test_browse_project_logged_in_admin_private_project(self):
  162. """ Test the browse project endpoint when logged in as an user that
  163. has no access to the private project. """
  164. # Add user 'pingou' with admin access on repo
  165. repo = pagure.lib._get_project(self.session, 'test3')
  166. msg = pagure.lib.add_user_to_project(
  167. self.session,
  168. repo,
  169. new_user='pingou',
  170. user='foo',
  171. access='admin',
  172. )
  173. self.assertEqual(msg, 'User added')
  174. self.session.commit()
  175. user = tests.FakeUser(username='pingou')
  176. with tests.user_set(self.app.application, user):
  177. output = self.app.get('/browse/projects/')
  178. self.assertEqual(output.status_code, 200)
  179. output_text = output.get_data(as_text=True)
  180. self.assertIn(
  181. '<title>Home - Pagure</title>\n',
  182. output_text)
  183. self.assertIn(
  184. '<h3 class="m-0 font-weight-bold">All Projects '
  185. '<span class="badge badge-secondary">4</span></h3>',
  186. output_text)
  187. self.assertIn(
  188. '<span title="Private Project" class="text-danger '
  189. 'fa fa-fw fa-lock"></span>',
  190. output_text)
  191. self.assertEqual(output_text.count('title="Private Project"'), 1)
  192. class PagureFlaskAppBrowseGroupAdmintests(tests.Modeltests):
  193. """ Tests for the browse pages of flask app controller of pagure """
  194. def setUp(self):
  195. """ Set up the environnment, ran before every tests. """
  196. super(PagureFlaskAppBrowseGroupAdmintests, self).setUp()
  197. tests.create_projects(self.session)
  198. # Add a 3rd project with a long description
  199. item = pagure.lib.model.Project(
  200. user_id=2, # foo
  201. name='test3',
  202. description='test project #3 with a very long description',
  203. hook_token='aaabbbeeefff',
  204. private=True,
  205. )
  206. self.session.add(item)
  207. self.session.commit()
  208. # Create a group
  209. msg = pagure.lib.add_group(
  210. self.session,
  211. group_name='JL',
  212. display_name='Justice League',
  213. description='Nope, it\'s not JLA anymore',
  214. group_type='user',
  215. user='foo',
  216. is_admin=False,
  217. blacklist=pagure.config.config.get('BLACKLISTED_PROJECTS')
  218. )
  219. self.assertEqual(msg, 'User `foo` added to the group `JL`.')
  220. # Add the group to project we just created, test3
  221. # Add it with admin ACL
  222. project = pagure.lib._get_project(self.session, 'test3')
  223. msg = pagure.lib.add_group_to_project(
  224. self.session,
  225. project=project,
  226. new_group='JL',
  227. user='foo',
  228. access='admin'
  229. )
  230. self.session.commit()
  231. self.assertEqual(msg, 'Group added')
  232. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  233. def test_browse_project_user_not_in_group(self):
  234. """ Test the browse project endpoint when logged in as an user that
  235. has no access to the private project via a group as admin. """
  236. user = tests.FakeUser(username='pingou')
  237. with tests.user_set(self.app.application, user):
  238. output = self.app.get('/browse/projects/')
  239. self.assertEqual(output.status_code, 200)
  240. output_text = output.get_data(as_text=True)
  241. self.assertIn(
  242. '<title>Home - Pagure</title>\n',
  243. output_text)
  244. self.assertIn(
  245. '<h3 class="m-0 font-weight-bold">All Projects '
  246. '<span class="badge badge-secondary">3</span></h3>',
  247. output_text)
  248. self.assertNotIn(
  249. '<span title="Private project" class="text-danger '
  250. 'fa fa-fw fa-lock"></span>',
  251. output_text)
  252. self.assertEqual(output_text.count('title="Private project"'), 0)
  253. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  254. def test_browse_project_user_in_group(self):
  255. """ Test the browse project endpoint when logged in as an user that
  256. has no access to the private project via a group as admin. """
  257. group = pagure.lib.search_groups(
  258. self.session, group_name='JL')
  259. pagure.lib.add_user_to_group(
  260. session=self.session,
  261. username='pingou',
  262. group=group,
  263. user='foo',
  264. is_admin=False,
  265. )
  266. self.session.commit()
  267. user = tests.FakeUser(username='pingou')
  268. with tests.user_set(self.app.application, user):
  269. output = self.app.get('/browse/projects/')
  270. self.assertEqual(output.status_code, 200)
  271. output_text = output.get_data(as_text=True)
  272. self.assertIn(
  273. '<title>Home - Pagure</title>\n',
  274. output_text)
  275. self.assertIn(
  276. '<h3 class="m-0 font-weight-bold">All Projects '
  277. '<span class="badge badge-secondary">4</span></h3>',
  278. output_text)
  279. self.assertIn(
  280. '<span title="Private Project" class="text-danger '
  281. 'fa fa-fw fa-lock"></span>',
  282. output_text)
  283. self.assertEqual(output_text.count('title="Private Project"'), 1)
  284. class PagureFlaskAppBrowseGroupCommittests(tests.Modeltests):
  285. """ Tests for the browse pages of flask app controller of pagure """
  286. def setUp(self):
  287. """ Set up the environnment, ran before every tests. """
  288. super(PagureFlaskAppBrowseGroupCommittests, self).setUp()
  289. tests.create_projects(self.session)
  290. # Add a 3rd project with a long description
  291. item = pagure.lib.model.Project(
  292. user_id=2, # foo
  293. name='test3',
  294. description='test project #3 with a very long description',
  295. hook_token='aaabbbeeefff',
  296. private=True,
  297. )
  298. self.session.add(item)
  299. self.session.commit()
  300. # Create a group
  301. msg = pagure.lib.add_group(
  302. self.session,
  303. group_name='JL',
  304. display_name='Justice League',
  305. description='Nope, it\'s not JLA anymore',
  306. group_type='user',
  307. user='foo',
  308. is_admin=False,
  309. blacklist=pagure.config.config.get('BLACKLISTED_PROJECTS')
  310. )
  311. self.assertEqual(msg, 'User `foo` added to the group `JL`.')
  312. # Add the group to project we just created, test3
  313. # Add it with commit ACL
  314. project = pagure.lib._get_project(self.session, 'test3')
  315. msg = pagure.lib.add_group_to_project(
  316. self.session,
  317. project=project,
  318. new_group='JL',
  319. user='foo',
  320. access='commit'
  321. )
  322. self.session.commit()
  323. self.assertEqual(msg, 'Group added')
  324. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  325. def test_browse_project_user_not_in_group(self):
  326. """ Test the browse project endpoint when logged in as an user that
  327. has no access to the private project via a group as admin. """
  328. user = tests.FakeUser(username='pingou')
  329. with tests.user_set(self.app.application, user):
  330. output = self.app.get('/browse/projects/')
  331. self.assertEqual(output.status_code, 200)
  332. output_text = output.get_data(as_text=True)
  333. self.assertIn(
  334. '<title>Home - Pagure</title>\n',
  335. output_text)
  336. self.assertIn(
  337. '<h3 class="m-0 font-weight-bold">All Projects '
  338. '<span class="badge badge-secondary">3</span></h3>',
  339. output_text)
  340. self.assertNotIn(
  341. '<span title="Private project" class="text-danger '
  342. 'fa fa-fw fa-lock"></span>',
  343. output_text)
  344. self.assertEqual(output_text.count('title="Private project"'), 0)
  345. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  346. def test_browse_project_user_in_group(self):
  347. """ Test the browse project endpoint when logged in as an user that
  348. has no access to the private project via a group as admin. """
  349. group = pagure.lib.search_groups(
  350. self.session, group_name='JL')
  351. pagure.lib.add_user_to_group(
  352. session=self.session,
  353. username='pingou',
  354. group=group,
  355. user='foo',
  356. is_admin=False,
  357. )
  358. self.session.commit()
  359. user = tests.FakeUser(username='pingou')
  360. with tests.user_set(self.app.application, user):
  361. output = self.app.get('/browse/projects/')
  362. self.assertEqual(output.status_code, 200)
  363. output_text = output.get_data(as_text=True)
  364. self.assertIn(
  365. '<title>Home - Pagure</title>\n',
  366. output_text)
  367. self.assertIn(
  368. '<h3 class="m-0 font-weight-bold">All Projects '
  369. '<span class="badge badge-secondary">4</span></h3>',
  370. output_text)
  371. self.assertIn(
  372. '<span title="Private Project" class="text-danger '
  373. 'fa fa-fw fa-lock"></span>',
  374. output_text)
  375. self.assertEqual(output_text.count('title="Private Project"'), 1)
  376. class PagureFlaskAppBrowseGroupTickettests(tests.Modeltests):
  377. """ Tests for the browse pages of flask app controller of pagure """
  378. def setUp(self):
  379. """ Set up the environnment, ran before every tests. """
  380. super(PagureFlaskAppBrowseGroupTickettests, self).setUp()
  381. tests.create_projects(self.session)
  382. # Add a 3rd project with a long description
  383. item = pagure.lib.model.Project(
  384. user_id=2, # foo
  385. name='test3',
  386. description='test project #3 with a very long description',
  387. hook_token='aaabbbeeefff',
  388. private=True,
  389. )
  390. self.session.add(item)
  391. self.session.commit()
  392. # Create a group
  393. msg = pagure.lib.add_group(
  394. self.session,
  395. group_name='JL',
  396. display_name='Justice League',
  397. description='Nope, it\'s not JLA anymore',
  398. group_type='user',
  399. user='foo',
  400. is_admin=False,
  401. blacklist=pagure.config.config.get('BLACKLISTED_PROJECTS')
  402. )
  403. self.assertEqual(msg, 'User `foo` added to the group `JL`.')
  404. # Add the group to project we just created, test3
  405. # Add it with ticket ACL
  406. project = pagure.lib._get_project(self.session, 'test3')
  407. msg = pagure.lib.add_group_to_project(
  408. self.session,
  409. project=project,
  410. new_group='JL',
  411. user='foo',
  412. access='ticket'
  413. )
  414. self.session.commit()
  415. self.assertEqual(msg, 'Group added')
  416. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  417. def test_browse_project_user_not_in_group(self):
  418. """ Test the browse project endpoint when logged in as an user that
  419. has no access to the private project via a group as admin. """
  420. user = tests.FakeUser(username='pingou')
  421. with tests.user_set(self.app.application, user):
  422. output = self.app.get('/browse/projects/')
  423. self.assertEqual(output.status_code, 200)
  424. output_text = output.get_data(as_text=True)
  425. self.assertIn(
  426. '<title>Home - Pagure</title>\n',
  427. output_text)
  428. self.assertIn(
  429. '<h3 class="m-0 font-weight-bold">All Projects '
  430. '<span class="badge badge-secondary">3</span></h3>',
  431. output_text)
  432. self.assertNotIn(
  433. '<span title="Private Project" class="text-danger '
  434. 'fa fa-fw fa-lock"></span>',
  435. output_text)
  436. self.assertEqual(output_text.count('title="Private Project"'), 0)
  437. @patch.dict('pagure.config.config', {'PRIVATE_PROJECTS': True})
  438. def test_browse_project_user_in_group(self):
  439. """ Test the browse project endpoint when logged in as an user that
  440. has no access to the private project via a group as admin. """
  441. group = pagure.lib.search_groups(
  442. self.session, group_name='JL')
  443. pagure.lib.add_user_to_group(
  444. session=self.session,
  445. username='pingou',
  446. group=group,
  447. user='foo',
  448. is_admin=False,
  449. )
  450. self.session.commit()
  451. # Ticket ACL isn't enough to grant you access
  452. user = tests.FakeUser(username='pingou')
  453. with tests.user_set(self.app.application, user):
  454. output = self.app.get('/browse/projects/')
  455. self.assertEqual(output.status_code, 200)
  456. output_text = output.get_data(as_text=True)
  457. self.assertIn(
  458. '<title>Home - Pagure</title>\n',
  459. output_text)
  460. self.assertIn(
  461. '<h3 class="m-0 font-weight-bold">All Projects '
  462. '<span class="badge badge-secondary">3</span></h3>',
  463. output_text)
  464. self.assertNotIn(
  465. '<span title="Private Project" class="text-danger '
  466. 'fa fa-fw fa-lock"></span>',
  467. output_text)
  468. self.assertEqual(output_text.count('title="Private Project"'), 0)
  469. if __name__ == '__main__':
  470. unittest.main(verbosity=2)