test_pagure_flask_ui_groups.py 20 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498
  1. # -*- coding: utf-8 -*-
  2. """
  3. (c) 2015-2016 - Copyright Red Hat Inc
  4. Authors:
  5. Pierre-Yves Chibon <pingou@pingoured.fr>
  6. """
  7. from __future__ import unicode_literals
  8. __requires__ = ['SQLAlchemy >= 0.8']
  9. import pkg_resources
  10. import unittest
  11. import shutil
  12. import sys
  13. import os
  14. import json
  15. from mock import patch
  16. sys.path.insert(0, os.path.join(os.path.dirname(
  17. os.path.abspath(__file__)), '..'))
  18. import pagure.lib
  19. import tests
  20. class PagureFlaskGroupstests(tests.Modeltests):
  21. """ Tests for flask groups controller of pagure """
  22. def test_group_lists(self):
  23. """ Test the group_lists endpoint. """
  24. output = self.app.get('/groups')
  25. self.assertIn(
  26. '<h3 class="font-weight-bold">\n'
  27. ' Groups <span class="badge badge-secondary">0</span>',
  28. output.get_data(as_text=True))
  29. def test_add_group(self):
  30. """ Test the add_group endpoint. """
  31. output = self.app.get('/group/add')
  32. self.assertEqual(output.status_code, 302)
  33. user = tests.FakeUser()
  34. with tests.user_set(self.app.application, user):
  35. output = self.app.get('/group/add')
  36. self.assertEqual(output.status_code, 403)
  37. user.username = 'pingou'
  38. with tests.user_set(self.app.application, user):
  39. output = self.app.get('/group/add')
  40. self.assertEqual(output.status_code, 200)
  41. self.assertIn('<strong>Create new group</strong>', output.get_data(as_text=True))
  42. self.assertNotIn(
  43. '<option value="admin">admin</option>', output.get_data(as_text=True))
  44. csrf_token = output.get_data(as_text=True).split(
  45. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  46. data = {
  47. }
  48. # Insufficient input
  49. output = self.app.post('/group/add', data=data)
  50. self.assertEqual(output.status_code, 200)
  51. self.assertIn('<strong>Create new group</strong>', output.get_data(as_text=True))
  52. self.assertEqual(output.get_data(as_text=True).count(
  53. 'This field is required.'), 3)
  54. data = {
  55. 'group_name': 'test_group',
  56. 'display_name': 'Test Group',
  57. 'description': 'This is a group for the tests',
  58. }
  59. # Missing CSRF
  60. output = self.app.post('/group/add', data=data)
  61. self.assertEqual(output.status_code, 200)
  62. self.assertIn('<strong>Create new group</strong>', output.get_data(as_text=True))
  63. self.assertEqual(output.get_data(as_text=True).count(
  64. 'This field is required.'), 0)
  65. data['csrf_token'] = csrf_token
  66. # All good
  67. output = self.app.post(
  68. '/group/add', data=data, follow_redirects=True)
  69. self.assertEqual(output.status_code, 200)
  70. self.assertIn(
  71. 'User `pingou` added to '
  72. 'the group `test_group`.', output.get_data(as_text=True))
  73. self.assertIn(
  74. 'Group `test_group` created.',
  75. output.get_data(as_text=True))
  76. self.assertIn(
  77. '<h3 class="font-weight-bold">\n'
  78. ' Groups <span class="badge badge-secondary">1</span>',
  79. output.get_data(as_text=True))
  80. user = tests.FakeUser(
  81. username='pingou',
  82. groups=pagure.config.config['ADMIN_GROUP'])
  83. with tests.user_set(self.app.application, user):
  84. output = self.app.get('/group/add')
  85. self.assertEqual(output.status_code, 200)
  86. self.assertIn('<strong>Create new group</strong>', output.get_data(as_text=True))
  87. self.assertIn('<option value="admin">admin</option>', output.get_data(as_text=True))
  88. data = {
  89. 'group_name': 'test_admin_group',
  90. 'group_type': 'admin',
  91. 'display_name': 'Test Admin Group',
  92. 'description': 'This is another group for the tests',
  93. 'csrf_token': csrf_token,
  94. }
  95. # All good
  96. output = self.app.post(
  97. '/group/add', data=data, follow_redirects=True)
  98. self.assertEqual(output.status_code, 200)
  99. self.assertIn(
  100. 'User `pingou` added to '
  101. 'the group `test_admin_group`.', output.get_data(as_text=True))
  102. self.assertIn(
  103. 'Group `test_admin_group` '
  104. 'created.',output.get_data(as_text=True))
  105. self.assertIn(
  106. '<h3 class="font-weight-bold">\n'
  107. ' Groups <span class="badge badge-secondary">2</span>',
  108. output.get_data(as_text=True))
  109. def test_edit_group(self):
  110. """ Test the edit_group endpoint. """
  111. output = self.app.get('/group/test_group/edit')
  112. self.assertEqual(output.status_code, 302)
  113. user = tests.FakeUser()
  114. with tests.user_set(self.app.application, user):
  115. output = self.app.get('/group/test_group/edit')
  116. self.assertEqual(output.status_code, 404)
  117. self.assertIn('<p>Group not found</p>', output.get_data(as_text=True))
  118. self.test_add_group()
  119. user.username = 'foo'
  120. with tests.user_set(self.app.application, user):
  121. output = self.app.get('/group/foo/edit')
  122. self.assertEqual(output.status_code, 404)
  123. self.assertIn('<p>Group not found</p>', output.get_data(as_text=True))
  124. output = self.app.get('/group/test_group/edit')
  125. self.assertEqual(output.status_code, 200)
  126. self.assertIn(
  127. '<title>Edit group: test_group - Pagure</title>',
  128. output.get_data(as_text=True))
  129. self.assertIn(
  130. '<form action="/group/test_group/edit" method="post">',
  131. output.get_data(as_text=True))
  132. self.assertIn(
  133. '<strong><label for="description">Description'
  134. '</label></strong>', output.get_data(as_text=True))
  135. csrf_token = output.get_data(as_text=True).split(
  136. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  137. # Missing CSRF
  138. data = {
  139. 'group_name': 'test_group',
  140. 'display_name': 'Test Group edited',
  141. 'description': 'This is a group for the tests edited',
  142. }
  143. output = self.app.post(
  144. '/group/test_group/edit', data=data, follow_redirects=True)
  145. self.assertEqual(output.status_code, 200)
  146. self.assertIn(
  147. '<title>Edit group: test_group - Pagure</title>',
  148. output.get_data(as_text=True))
  149. self.assertIn(
  150. '<form action="/group/test_group/edit" method="post">',
  151. output.get_data(as_text=True))
  152. self.assertIn(
  153. '<strong><label for="description">Description'
  154. '</label></strong>', output.get_data(as_text=True))
  155. # User not allowed
  156. data['csrf_token'] = csrf_token
  157. output = self.app.post(
  158. '/group/test_group/edit', data=data, follow_redirects=True)
  159. self.assertEqual(output.status_code, 200)
  160. self.assertIn(
  161. '<title>Group test_group - Pagure</title>',
  162. output.get_data(as_text=True))
  163. self.assertIn(
  164. 'You are not '
  165. 'allowed to edit this group', output.get_data(as_text=True))
  166. self.assertIn(
  167. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  168. output.get_data(as_text=True))
  169. user.username = 'pingou'
  170. with tests.user_set(self.app.application, user):
  171. # Invalid repo
  172. output = self.app.post(
  173. '/group/bar/edit', data=data, follow_redirects=True)
  174. self.assertEqual(output.status_code, 404)
  175. self.assertIn('<p>Group not found</p>', output.get_data(as_text=True))
  176. output = self.app.post(
  177. '/group/test_group/edit', data=data, follow_redirects=True)
  178. self.assertEqual(output.status_code, 200)
  179. self.assertIn(
  180. '<title>Group test_group - Pagure</title>', output.get_data(as_text=True))
  181. self.assertIn(
  182. '<h3 class="mb-0 font-weight-bold">Test Group edited</h3>',
  183. output.get_data(as_text=True))
  184. self.assertIn(
  185. 'Group &#34;Test Group edited&#34; (test_group) edited',
  186. output.get_data(as_text=True))
  187. def test_group_delete(self):
  188. """ Test the group_delete endpoint. """
  189. output = self.app.post('/group/foo/delete')
  190. self.assertEqual(output.status_code, 302)
  191. user = tests.FakeUser()
  192. with tests.user_set(self.app.application, user):
  193. output = self.app.post('/group/foo/delete', follow_redirects=True)
  194. self.assertEqual(output.status_code, 200)
  195. self.assertIn(
  196. '<p>No groups have been created on this pagure instance '
  197. 'yet</p>', output.get_data(as_text=True))
  198. self.assertIn(
  199. '<h3 class="font-weight-bold">\n'
  200. ' Groups <span class="badge badge-secondary">0</span>',
  201. output.get_data(as_text=True))
  202. self.test_add_group()
  203. with tests.user_set(self.app.application, user):
  204. output = self.app.post('/group/foo/delete', follow_redirects=True)
  205. self.assertEqual(output.status_code, 200)
  206. self.assertIn(
  207. '<h3 class="font-weight-bold">\n'
  208. ' Groups <span class="badge badge-secondary">1</span>',
  209. output.get_data(as_text=True))
  210. output = self.app.get('/new/')
  211. csrf_token = output.get_data(as_text=True).split(
  212. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  213. user.username = 'foo'
  214. with tests.user_set(self.app.application, user):
  215. data = {
  216. 'csrf_token': csrf_token,
  217. }
  218. output = self.app.post(
  219. '/group/bar/delete', data=data, follow_redirects=True)
  220. self.assertEqual(output.status_code, 200)
  221. self.assertIn(
  222. 'No group `bar` found',
  223. output.get_data(as_text=True))
  224. self.assertIn(
  225. '<h3 class="font-weight-bold">\n'
  226. ' Groups <span class="badge badge-secondary">1</span>',
  227. output.get_data(as_text=True))
  228. output = self.app.post(
  229. '/group/test_group/delete', data=data, follow_redirects=True)
  230. self.assertEqual(output.status_code, 200)
  231. self.assertIn(
  232. 'You are not allowed to '
  233. 'delete the group test_group', output.get_data(as_text=True))
  234. self.assertIn(
  235. '<h3 class="font-weight-bold">\n'
  236. ' Groups <span class="badge badge-secondary">1</span>',
  237. output.get_data(as_text=True))
  238. user.username = 'bar'
  239. with tests.user_set(self.app.application, user):
  240. output = self.app.post(
  241. '/group/test_group/delete', data=data, follow_redirects=True)
  242. self.assertEqual(output.status_code, 404)
  243. user.username = 'pingou'
  244. with tests.user_set(self.app.application, user):
  245. output = self.app.post(
  246. '/group/test_group/delete', data=data, follow_redirects=True)
  247. self.assertEqual(output.status_code, 200)
  248. self.assertIn(
  249. 'Group `test_group` has '
  250. 'been deleted', output.get_data(as_text=True))
  251. self.assertIn(
  252. '<h3 class="font-weight-bold">\n'
  253. ' Groups <span class="badge badge-secondary">0</span>',
  254. output.get_data(as_text=True))
  255. def test_view_group(self):
  256. """ Test the view_group endpoint. """
  257. output = self.app.get('/group/foo')
  258. self.assertEqual(output.status_code, 404)
  259. self.test_add_group()
  260. user = tests.FakeUser()
  261. with tests.user_set(self.app.application, user):
  262. output = self.app.get('/group/test_group')
  263. self.assertEqual(output.status_code, 200)
  264. self.assertIn(
  265. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  266. output.get_data(as_text=True))
  267. output = self.app.get('/group/test_admin_group')
  268. self.assertEqual(output.status_code, 404)
  269. user = tests.FakeUser(
  270. username='pingou',
  271. groups=pagure.config.config['ADMIN_GROUP'])
  272. with tests.user_set(self.app.application, user):
  273. # Admin can see group of type admins
  274. output = self.app.get('/group/test_admin_group')
  275. self.assertEqual(output.status_code, 200)
  276. self.assertIn(
  277. '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
  278. output.get_data(as_text=True))
  279. self.assertEqual(
  280. output.get_data(as_text=True).count('<a href="/user/'), 2)
  281. csrf_token = output.get_data(as_text=True).split(
  282. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  283. # No CSRF
  284. data = {
  285. 'user': 'bar'
  286. }
  287. output = self.app.post('/group/test_admin_group', data=data)
  288. self.assertEqual(output.status_code, 200)
  289. self.assertIn(
  290. '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
  291. output.get_data(as_text=True))
  292. self.assertEqual(
  293. output.get_data(as_text=True).count('<a href="/user/'), 2)
  294. # Invalid user
  295. data = {
  296. 'user': 'bar',
  297. 'csrf_token': csrf_token,
  298. }
  299. output = self.app.post(
  300. '/group/test_admin_group', data=data, follow_redirects=True)
  301. self.assertEqual(output.status_code, 200)
  302. self.assertIn(
  303. 'No user `bar` found',
  304. output.get_data(as_text=True))
  305. self.assertIn(
  306. '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
  307. output.get_data(as_text=True))
  308. self.assertEqual(
  309. output.get_data(as_text=True).count('<a href="/user/'), 2)
  310. # All good
  311. data = {
  312. 'user': 'foo',
  313. 'csrf_token': csrf_token,
  314. }
  315. output = self.app.post('/group/test_admin_group', data=data)
  316. self.assertEqual(output.status_code, 200)
  317. self.assertIn(
  318. 'User `foo` added to the '
  319. 'group `test_admin_group`.', output.get_data(as_text=True))
  320. self.assertIn(
  321. '<h3 class="mb-0 font-weight-bold">Test Admin Group</h3>',
  322. output.get_data(as_text=True))
  323. self.assertEqual(
  324. output.get_data(as_text=True).count('<a href="/user/'), 3)
  325. def test_group_user_delete(self):
  326. """ Test the group_user_delete endpoint. """
  327. output = self.app.post('/group/foo/bar/delete')
  328. self.assertEqual(output.status_code, 302)
  329. user = tests.FakeUser()
  330. with tests.user_set(self.app.application, user):
  331. output = self.app.post(
  332. '/group/foo/bar/delete', follow_redirects=True)
  333. self.assertEqual(output.status_code, 404)
  334. self.test_add_group()
  335. user = tests.FakeUser()
  336. with tests.user_set(self.app.application, user):
  337. output = self.app.post(
  338. '/group/test_group/bar/delete', follow_redirects=True)
  339. self.assertEqual(output.status_code, 200)
  340. self.assertIn(
  341. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  342. output.get_data(as_text=True))
  343. self.assertEqual(
  344. output.get_data(as_text=True).count('<a href="/user/'), 2)
  345. output = self.app.get('/new/')
  346. csrf_token = output.get_data(as_text=True).split(
  347. 'name="csrf_token" type="hidden" value="')[1].split('">')[0]
  348. data = {'csrf_token': csrf_token}
  349. output = self.app.post(
  350. '/group/test_group/bar/delete', data=data, follow_redirects=True)
  351. self.assertEqual(output.status_code, 200)
  352. self.assertIn(
  353. 'No user `bar` found',
  354. output.get_data(as_text=True))
  355. self.assertIn(
  356. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  357. output.get_data(as_text=True))
  358. self.assertEqual(
  359. output.get_data(as_text=True).count('<a href="/user/'), 2)
  360. output = self.app.post(
  361. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  362. self.assertEqual(output.status_code, 200)
  363. self.assertIn(
  364. 'Could not find user '
  365. 'username', output.get_data(as_text=True))
  366. self.assertIn(
  367. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  368. output.get_data(as_text=True))
  369. self.assertEqual(
  370. output.get_data(as_text=True).count('<a href="/user/'), 2)
  371. user.username = 'pingou'
  372. with tests.user_set(self.app.application, user):
  373. # User not in the group
  374. output = self.app.post(
  375. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  376. self.assertEqual(output.status_code, 200)
  377. self.assertIn(
  378. 'User `foo` could not be '
  379. 'found in the group `test_group`', output.get_data(as_text=True))
  380. self.assertIn(
  381. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  382. output.get_data(as_text=True))
  383. self.assertEqual(
  384. output.get_data(as_text=True).count('<a href="/user/'), 2)
  385. # Cannot delete creator
  386. output = self.app.post(
  387. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  388. self.assertEqual(output.status_code, 200)
  389. self.assertIn(
  390. 'User `foo` could not be '
  391. 'found in the group `test_group`', output.get_data(as_text=True))
  392. self.assertIn(
  393. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  394. output.get_data(as_text=True))
  395. self.assertEqual(
  396. output.get_data(as_text=True).count('<a href="/user/'), 2)
  397. # Add user foo
  398. data = {
  399. 'user': 'foo',
  400. 'csrf_token': csrf_token,
  401. }
  402. output = self.app.post('/group/test_group', data=data)
  403. self.assertEqual(output.status_code, 200)
  404. self.assertIn(
  405. 'User `foo` added to the '
  406. 'group `test_group`.', output.get_data(as_text=True))
  407. self.assertIn(
  408. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  409. output.get_data(as_text=True))
  410. self.assertEqual(
  411. output.get_data(as_text=True).count('<a href="/user/'), 3)
  412. output = self.app.post(
  413. '/group/test_group/foo/delete', data=data, follow_redirects=True)
  414. self.assertEqual(output.status_code, 200)
  415. self.assertIn(
  416. 'User `foo` removed from '
  417. 'the group `test_group`', output.get_data(as_text=True))
  418. self.assertIn(
  419. '<h3 class="mb-0 font-weight-bold">Test Group</h3>',
  420. output.get_data(as_text=True))
  421. self.assertEqual(
  422. output.get_data(as_text=True).count('<a href="/user/'), 2)
  423. if __name__ == '__main__':
  424. unittest.main(verbosity=2)