##// END OF EJS Templates
deps: bumped jinja2==3.1.3 for security fix
deps: bumped jinja2==3.1.3 for security fix

File last commit:

r5608:6d33e504 default
r5627:4bd8cc5f default
Show More
test_vcs_operations_bad_client.py
89 lines | 3.5 KiB | text/x-python | PythonLexer
/ rhodecode / tests / vcs_operations / test_vcs_operations_bad_client.py
core: updated copyright to 2024
r5608 # Copyright (C) 2010-2024 RhodeCode GmbH
tests: fixed test suite for celery adoption
r5607 #
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License, version 3
# (only), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
# This program is dual-licensed. If you wish to learn more about the
# RhodeCode Enterprise Edition, including its added features, Support services,
# and proprietary license terms, please see https://rhodecode.com/licenses/
"""
Test suite for making push/pull operations, on specially modified INI files
"""
import pytest
from rhodecode.model.meta import Session
from rhodecode.model.settings import SettingsModel
from rhodecode.tests import GIT_REPO, HG_REPO
from rhodecode.tests.vcs_operations import Command, _add_files_and_push
@pytest.fixture()
def bad_client_setter_factory(request):
def _factory(client_type, client_str_val):
# set allowed clients
setting = SettingsModel().create_or_update_setting(name=f"{client_type}_allowed_clients", val=client_str_val)
Session().add(setting)
Session().commit()
@request.addfinalizer
def cleanup():
setting2 = SettingsModel().create_or_update_setting(name=f"{client_type}_allowed_clients", val="*")
Session().add(setting2)
Session().commit()
return _factory
@pytest.mark.usefixtures(
"init_pyramid_app",
"repo_group_repos",
"disable_anonymous_user",
"disable_locking",
)
class TestVCSOperationsOnUsingBadClient(object):
def test_push_with_bad_client_repo_by_other_user_hg(self, rcstack, tmpdir):
clone_url = rcstack.repo_clone_url(HG_REPO)
stdout, stderr = Command(tmpdir.strpath).execute("hg clone", clone_url, tmpdir.strpath)
# set allowed clients
setting = SettingsModel().create_or_update_setting(name=f"hg_allowed_clients", val="0.0.0")
Session().add(setting)
Session().commit()
# push fails repo is locked by other user !
push_url = rcstack.repo_clone_url(HG_REPO)
stdout, stderr = _add_files_and_push("hg", tmpdir.strpath, clone_url=push_url)
msg = "Your hg client (ver=mercurial/proto-1.0 (Mercurial 6.7.4)) is forbidden by security rules"
assert msg in stderr
def test_push_with_bad_client_repo_by_other_user_git(self, rcstack, tmpdir):
clone_url = rcstack.repo_clone_url(GIT_REPO)
stdout, stderr = Command(tmpdir.strpath).execute("git clone", clone_url, tmpdir.strpath)
# set allowed clients
setting = SettingsModel().create_or_update_setting(name=f"git_allowed_clients", val="0.0.0")
Session().add(setting)
Session().commit()
# push fails repo is locked by other user!
push_url = rcstack.repo_clone_url(GIT_REPO)
stdout, stderr = _add_files_and_push("git", tmpdir.strpath, clone_url=push_url)
err = "Your git client (ver=git/2.45.2) is forbidden by security rules"
assert err in stderr
@pytest.mark.xfail(reason="Lack of proper SVN support of cloning")
def test_push_with_bad_client_repo_by_other_user_svn(self, rcstack, tmpdir):
raise NotImplementedError("lacks svn support")