test_pagure_flask_ui_clone.py 6.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2015-2018 - Copyright Red Hat Inc
  4. Authors:
  5. Patrick Uiterwijk <puiterwijk@redhat.com>
  6. """
  7. from __future__ import unicode_literals
  8. __requires__ = ['SQLAlchemy >= 0.8']
  9. import pkg_resources
  10. import datetime
  11. import unittest
  12. import shutil
  13. import sys
  14. import tempfile
  15. import os
  16. import six
  17. import json
  18. import pygit2
  19. from mock import patch, MagicMock
  20. sys.path.insert(0, os.path.join(os.path.dirname(
  21. os.path.abspath(__file__)), '..'))
  22. import pagure.lib
  23. import tests
  24. class PagureFlaskAppClonetests(tests.Modeltests):
  25. """ Tests for the clone bridging. """
  26. def setUp(self):
  27. super(PagureFlaskAppClonetests, self).setUp()
  28. tests.create_projects(self.session)
  29. tests.create_tokens(self.session)
  30. tests.create_tokens_acl(self.session)
  31. self.create_project_full('clonetest', {"create_readme": "y"})
  32. @patch.dict('pagure.config.config', {'ALLOW_HTTP_PULL_PUSH': False})
  33. def test_http_clone_disabled(self):
  34. """ Test that the HTTP clone endpoint gets correctly closed. """
  35. output = self.app.get('/clonetest.git/info/refs?service=git-upload-pack')
  36. self.assertEqual(output.status_code, 403)
  37. self.assertIn('not allowed', output.get_data(as_text=True))
  38. @patch.dict('pagure.config.config', {'ALLOW_HTTP_PULL_PUSH': True})
  39. def test_http_clone_invalid_service(self):
  40. """ Test that the HTTP endpoint refuses invalid services. """
  41. output = self.app.get('/clonetest.git/info/refs?service=myservice')
  42. self.assertEqual(output.status_code, 400)
  43. self.assertIn('Unknown service', output.get_data(as_text=True))
  44. @patch.dict('pagure.config.config', {'ALLOW_HTTP_PULL_PUSH': True})
  45. def test_http_clone_invalid_project(self):
  46. """ Test that the HTTP endpoint refuses invalid projects. """
  47. output = self.app.get('/nosuchrepo.git/info/refs?service=git-upload-pack')
  48. self.assertEqual(output.status_code, 404)
  49. self.assertIn('Project not found', output.get_data(as_text=True))
  50. @patch.dict('pagure.config.config', {'ALLOW_HTTP_PULL_PUSH': True})
  51. def test_http_clone_dumb(self):
  52. """ Test that the HTTP endpoint refuses dumb service request. """
  53. output = self.app.get('/clonetest.git/info/refs')
  54. self.assertEqual(output.status_code, 400)
  55. self.assertIn('Please switch', output.get_data(as_text=True))
  56. @patch.dict('pagure.config.config', {
  57. 'ALLOW_HTTP_PULL_PUSH': True,
  58. 'ALLOW_HTTP_PUSH': False,
  59. 'HTTP_REPO_ACCESS_GITOLITE': None,
  60. })
  61. def test_http_push_disabled(self):
  62. """ Test that the HTTP push gets refused. """
  63. output = self.app.get('/clonetest.git/info/refs?service=git-receive-pack')
  64. self.assertEqual(output.status_code, 403)
  65. self.assertIn('pushing disabled', output.get_data(as_text=True))
  66. output = self.app.post('/clonetest.git/git-receive-pack')
  67. self.assertEqual(output.status_code, 403)
  68. self.assertIn('pushing disabled', output.get_data(as_text=True))
  69. @patch.dict('pagure.config.config', {
  70. 'ALLOW_HTTP_PULL_PUSH': True,
  71. 'ALLOW_HTTP_PUSH': True,
  72. 'HTTP_REPO_ACCESS_GITOLITE': None,
  73. })
  74. def test_http_push_unauthed(self):
  75. """ Test that the HTTP push gets refused unauthed. """
  76. output = self.app.get('/clonetest.git/info/refs?service=git-receive-pack')
  77. self.assertEqual(output.status_code, 403)
  78. self.assertIn('Unauthenticated push', output.get_data(as_text=True))
  79. @patch.dict('pagure.config.config', {'ALLOW_HTTP_PULL_PUSH': True})
  80. def test_http_clone_private_project_unauthed(self):
  81. """ Test that the HTTP endpoint enforced project.private. """
  82. project = pagure.lib._get_project(self.session, 'clonetest')
  83. project.private = True
  84. self.session.add(project)
  85. self.session.commit()
  86. output = self.app.get('/clonetest.git/info/refs?service=git-upload-pack')
  87. self.assertEqual(output.status_code, 404)
  88. self.assertIn('Project not found', output.get_data(as_text=True))
  89. @patch.dict('pagure.config.config', {
  90. 'ALLOW_HTTP_PULL_PUSH': True,
  91. 'ALLOW_HTTP_PUSH': False,
  92. 'HTTP_REPO_ACCESS_GITOLITE': None,
  93. })
  94. def test_http_clone(self):
  95. """ Test that HTTP cloning gives reasonable output. """
  96. # Unfortunately, actually testing a git clone would need the app to
  97. # run on a TCP port, which the test environment doesn't do.
  98. output = self.app.get('/clonetest.git/info/refs?service=git-upload-pack')
  99. self.assertEqual(output.status_code, 200)
  100. output_text = output.get_data(as_text=True)
  101. self.assertIn("# service=git-upload-pack", output_text)
  102. self.assertIn(" refs/heads/master\n0000", output_text)
  103. output = self.app.post(
  104. '/clonetest.git/git-upload-pack',
  105. headers={'Content-Type': 'application/x-git-upload-pack-request'},
  106. )
  107. # Git 2.17 returns 415, older return 200
  108. # Either means we didn't fully crash when returning the response
  109. self.assertIn(output.status_code, (200, 415))
  110. @patch.dict('pagure.config.config', {
  111. 'ALLOW_HTTP_PULL_PUSH': True,
  112. 'ALLOW_HTTP_PUSH': False,
  113. 'HTTP_REPO_ACCESS_GITOLITE': None,
  114. })
  115. def test_http_clone_private(self):
  116. """ Test that HTTP cloning gives reasonable output with project.private. """
  117. # Unfortunately, actually testing a git clone would need the app to
  118. # run on a TCP port, which the test environment doesn't do.
  119. project = pagure.lib._get_project(self.session, 'clonetest')
  120. project.private = True
  121. self.session.add(project)
  122. self.session.commit()
  123. output = self.app.get('/clonetest.git/info/refs?service=git-upload-pack')
  124. self.assertEqual(output.status_code, 404)
  125. self.assertIn('Project not found', output.get_data(as_text=True))
  126. output = self.app.get(
  127. '/clonetest.git/info/refs?service=git-upload-pack',
  128. environ_overrides={'REMOTE_USER': 'pingou'},
  129. )
  130. self.assertEqual(output.status_code, 200)
  131. output_text = output.get_data(as_text=True)
  132. self.assertIn("# service=git-upload-pack", output_text)
  133. self.assertIn(" refs/heads/master\n0000", output_text)
  134. @patch.dict('pagure.config.config', {
  135. 'ALLOW_HTTP_PULL_PUSH': True,
  136. 'ALLOW_HTTP_PUSH': True,
  137. 'HTTP_REPO_ACCESS_GITOLITE': None,
  138. })
  139. def test_http_push(self):
  140. """ Test that the HTTP push gets accepted. """
  141. output = self.app.get(
  142. '/clonetest.git/info/refs?service=git-receive-pack',
  143. environ_overrides={'REMOTE_USER': 'pingou'},
  144. )
  145. self.assertEqual(output.status_code, 200)
  146. output_text = output.get_data(as_text=True)
  147. self.assertIn("# service=git-receive-pack", output_text)
  148. self.assertIn(" refs/heads/master\x00", output_text)