rhodecode-enterprise-ce Commit - r3159:358986ea

1

# -*- coding: utf-8 -*-

1

# -*- coding: utf-8 -*-

2

3

4

#

4

#

5

# This program is free software: you can redistribute it and/or modify

5

# This program is free software: you can redistribute it and/or modify

6

# it under the terms of the GNU Affero General Public License, version 3

6

# it under the terms of the GNU Affero General Public License, version 3

7

# (only), as published by the Free Software Foundation.

7

# (only), as published by the Free Software Foundation.

8

#

8

#

9

# This program is distributed in the hope that it will be useful,

9

# This program is distributed in the hope that it will be useful,

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

10

# but WITHOUT ANY WARRANTY; without even the implied warranty of

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

11

# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

12

# GNU General Public License for more details.

12

# GNU General Public License for more details.

13

#

13

#

14

# You should have received a copy of the GNU Affero General Public License

14

# You should have received a copy of the GNU Affero General Public License

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

15

# along with this program. If not, see <http://www.gnu.org/licenses/>.

16

#

16

#

17

# This program is dual-licensed. If you wish to learn more about the

17

# This program is dual-licensed. If you wish to learn more about the

18

# RhodeCode Enterprise Edition, including its added features, Support services,

18

# RhodeCode Enterprise Edition, including its added features, Support services,

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

19

# and proprietary license terms, please see https://rhodecode.com/licenses/

20

21

22

import pytest

22

import pytest

23

24

import rhodecode

24

import rhodecode

25

from rhodecode.model.db import Repository

25

from rhodecode.model.db import Repository

26

from rhodecode.model.meta import Session

26

from rhodecode.model.meta import Session

27

from rhodecode.model.repo import RepoModel

27

from rhodecode.model.repo import RepoModel

28

from rhodecode.model.repo_group import RepoGroupModel

28

from rhodecode.model.repo_group import RepoGroupModel

29

from rhodecode.model.settings import SettingsModel

29

from rhodecode.model.settings import SettingsModel

30

from rhodecode.tests import TestController

30

from rhodecode.tests import TestController

31

from rhodecode.tests.fixture import Fixture

31

from rhodecode.tests.fixture import Fixture

32

from rhodecode.lib import helpers as h

32

from rhodecode.lib import helpers as h

33

34

fixture = Fixture()

34

fixture = Fixture()

35

36

37

def route_path(name, **kwargs):

37

def route_path(name, **kwargs):

38

return {

38

return {

39

'home': '/',

39

'home': '/',

40

'repo_group_home': '/{repo_group_name}'

40

'repo_group_home': '/{repo_group_name}'

41

}[name].format(**kwargs)

41

}[name].format(**kwargs)

42

43

44

class TestHomeController(TestController):

44

class TestHomeController(TestController):

45

46

def test_index(self):

46

def test_index(self):

47

self.log_user()

47

self.log_user()

48

response = self.app.get(route_path('home'))

48

response = self.app.get(route_path('home'))

49

# if global permission is set

49

# if global permission is set

50

response.mustcontain('Add Repository')

50

response.mustcontain('Add Repository')

51

52

# search for objects inside the JavaScript JSON

52

# search for objects inside the JavaScript JSON

53

for repo in Repository.getAll():

53

for repo in Repository.getAll():

54

response.mustcontain('"name_raw": "%s"' % repo.repo_name)

54

response.mustcontain('"name_raw": "%s"' % repo.repo_name)

55

56

def test_index_contains_statics_with_ver(self):

56

def test_index_contains_statics_with_ver(self):

57

from rhodecode.lib.base import calculate_version_hash

57

from rhodecode.lib.base import calculate_version_hash

58

59

self.log_user()

59

self.log_user()

60

response = self.app.get(route_path('home'))

60

response = self.app.get(route_path('home'))

61

62

rhodecode_version_hash = calculate_version_hash(

62

rhodecode_version_hash = calculate_version_hash(

63

{'beaker.session.secret':'test-rc-uytcxaz'})

63

{'beaker.session.secret': 'test-rc-uytcxaz'})

64

response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))

64

response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))

65

response.mustcontain('~~rhodecode-componen~~ts.js?ver={0}'.format(

65

response.mustcontain('scripts.js?ver={0}'.format(rhodecode_version_hash))

66

rhodecode_version_hash))

66

response.mustcontain('hodecode-components.html?ver={0}'.format(rhodecode_version_hash))

67

68

def test_index_contains_backend_specific_details(self, backend):

68

def test_index_contains_backend_specific_details(self, backend):

69

self.log_user()

69

self.log_user()

70

response = self.app.get(route_path('home'))

70

response = self.app.get(route_path('home'))

71

tip = backend.repo.get_commit().raw_id

71

tip = backend.repo.get_commit().raw_id

72

73

# html in javascript variable:

73

# html in javascript variable:

74

response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))

74

response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))

75

response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))

75

response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))

76

77

response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))

77

response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))

78

response.mustcontain("""Added a symlink""")

78

response.mustcontain("""Added a symlink""")

79

80

def test_index_with_anonymous_access_disabled(self):

80

def test_index_with_anonymous_access_disabled(self):

81

with fixture.anon_access(False):

81

with fixture.anon_access(False):

82

response = self.app.get(route_path('home'), status=302)

82

response = self.app.get(route_path('home'), status=302)

83

assert 'login' in response.location

83

assert 'login' in response.location

84

85

def test_index_page_on_groups(self, autologin_user, repo_group):

85

def test_index_page_on_groups(self, autologin_user, repo_group):

86

response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))

86

response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))

87

response.mustcontain("gr1/repo_in_group")

87

response.mustcontain("gr1/repo_in_group")

88

89

def test_index_page_on_group_with_trailing_slash(

89

def test_index_page_on_group_with_trailing_slash(

90

self, autologin_user, repo_group):

90

self, autologin_user, repo_group):

91

response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')

91

response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')

92

response.mustcontain("gr1/repo_in_group")

92

response.mustcontain("gr1/repo_in_group")

93

94

@pytest.fixture(scope='class')

94

@pytest.fixture(scope='class')

95

def repo_group(self, request):

95

def repo_group(self, request):

96

gr = fixture.create_repo_group('gr1')

96

gr = fixture.create_repo_group('gr1')

97

fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)

97

fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)

98

99

@request.addfinalizer

99

@request.addfinalizer

100

def cleanup():

100

def cleanup():

101

RepoModel().delete('gr1/repo_in_group')

101

RepoModel().delete('gr1/repo_in_group')

102

RepoGroupModel().delete(repo_group='gr1', force_delete=True)

102

RepoGroupModel().delete(repo_group='gr1', force_delete=True)

103

Session().commit()

103

Session().commit()

104

105

def test_index_with_name_with_tags(self, user_util, autologin_user):

105

def test_index_with_name_with_tags(self, user_util, autologin_user):

106

user = user_util.create_user()

106

user = user_util.create_user()

107

username = user.username

107

username = user.username

108

user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'

108

user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'

109

user.lastname = '#"><img src=x onerror=prompt(document.cookie);>'

109

user.lastname = '#"><img src=x onerror=prompt(document.cookie);>'

110

111

Session().add(user)

111

Session().add(user)

112

Session().commit()

112

Session().commit()

113

user_util.create_repo(owner=username)

113

user_util.create_repo(owner=username)

114

115

response = self.app.get(route_path('home'))

115

response = self.app.get(route_path('home'))

116

response.mustcontain(h.html_escape(user.first_name))

116

response.mustcontain(h.html_escape(user.first_name))

117

response.mustcontain(h.html_escape(user.last_name))

117

response.mustcontain(h.html_escape(user.last_name))

118

119

@pytest.mark.parametrize("name, state", [

119

@pytest.mark.parametrize("name, state", [

120

('Disabled', False),

120

('Disabled', False),

121

('Enabled', True),

121

('Enabled', True),

122

])

122

])

123

def test_index_show_version(self, autologin_user, name, state):

123

def test_index_show_version(self, autologin_user, name, state):

124

version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__

124

version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__

125

126

sett = SettingsModel().create_or_update_setting(

126

sett = SettingsModel().create_or_update_setting(

127

'show_version', state, 'bool')

127

'show_version', state, 'bool')

128

Session().add(sett)

128

Session().add(sett)

129

Session().commit()

129

Session().commit()

130

SettingsModel().invalidate_settings_cache()

130

SettingsModel().invalidate_settings_cache()

131

132

response = self.app.get(route_path('home'))

132

response = self.app.get(route_path('home'))

133

if state is True:

133

if state is True:

134

response.mustcontain(version_string)

134

response.mustcontain(version_string)

135

if state is False:

135

if state is False:

136

response.mustcontain(no=[version_string])

136

response.mustcontain(no=[version_string])

137

138

def test_logout_form_contains_csrf(self, autologin_user, csrf_token):

138

def test_logout_form_contains_csrf(self, autologin_user, csrf_token):

139

response = self.app.get(route_path('home'))

139

response = self.app.get(route_path('home'))

140

assert_response = response.assert_response()

140

assert_response = response.assert_response()

141

element = assert_response.get_element('.logout #csrf_token')

141

element = assert_response.get_element('.logout #csrf_token')

142

assert element.value == csrf_token

142

assert element.value == csrf_token

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

             # -*- coding: utf-8 -*-
             # Copyright (C) 2010-2018 RhodeCode GmbH
             #
             # This program is free software: you can redistribute it and/or modify
             # it under the terms of the GNU Affero General Public License, version 3
             # (only), as published by the Free Software Foundation.
             #
             # This program is distributed in the hope that it will be useful,
             # but WITHOUT ANY WARRANTY; without even the implied warranty of
             # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
             # GNU General Public License for more details.
             #
             # You should have received a copy of the GNU Affero General Public License
             # along with this program.  If not, see <http://www.gnu.org/licenses/>.
             #
             # This program is dual-licensed. If you wish to learn more about the
             # RhodeCode Enterprise Edition, including its added features, Support services,
             # and proprietary license terms, please see https://rhodecode.com/licenses/
             import pytest
             import rhodecode
             from rhodecode.model.db import Repository
             from rhodecode.model.meta import Session
             from rhodecode.model.repo import RepoModel
             from rhodecode.model.repo_group import RepoGroupModel
             from rhodecode.model.settings import SettingsModel
             from rhodecode.tests import TestController
             from rhodecode.tests.fixture import Fixture
             from rhodecode.lib import helpers as h
             fixture = Fixture()
             def route_path(name, **kwargs):
                 return {
                     'home': '/',
                     'repo_group_home': '/{repo_group_name}'
                 }[name].format(**kwargs)
             class TestHomeController(TestController):
                 def test_index(self):
                     self.log_user()
                     response = self.app.get(route_path('home'))
                     # if global permission is set
                     response.mustcontain('Add Repository')
                     # search for objects inside the JavaScript JSON
                     for repo in Repository.getAll():
                         response.mustcontain('"name_raw": "%s"' % repo.repo_name)
                 def test_index_contains_statics_with_ver(self):
                     from rhodecode.lib.base import calculate_version_hash
                     self.log_user()
                     response = self.app.get(route_path('home'))
                     rhodecode_version_hash = calculate_version_hash(
-                        {'beaker.session.secret':'test-rc-uytcxaz'})
+                        {'beaker.session.secret': 'test-rc-uytcxaz'})
                     response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))
-                    response.mustcontain('rhodecode-components.js?ver={0}'.format(
+                    response.mustcontain('scripts.js?ver={0}'.format(rhodecode_version_hash))
-                        rhodecode_version_hash))
+                    response.mustcontain('hodecode-components.html?ver={0}'.format(rhodecode_version_hash))
                 def test_index_contains_backend_specific_details(self, backend):
                     self.log_user()
                     response = self.app.get(route_path('home'))
                     tip = backend.repo.get_commit().raw_id
                     # html in javascript variable:
                     response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, ))
                     response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, ))
                     response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip))
                     response.mustcontain("""Added a symlink""")
                 def test_index_with_anonymous_access_disabled(self):
                     with fixture.anon_access(False):
                         response = self.app.get(route_path('home'), status=302)
                         assert 'login' in response.location
                 def test_index_page_on_groups(self, autologin_user, repo_group):
                     response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))
                     response.mustcontain("gr1/repo_in_group")
                 def test_index_page_on_group_with_trailing_slash(
                         self, autologin_user, repo_group):
                     response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')
                     response.mustcontain("gr1/repo_in_group")
                 @pytest.fixture(scope='class')
                 def repo_group(self, request):
                     gr = fixture.create_repo_group('gr1')
                     fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)
                     @request.addfinalizer
                     def cleanup():
                         RepoModel().delete('gr1/repo_in_group')
                         RepoGroupModel().delete(repo_group='gr1', force_delete=True)
                         Session().commit()
                 def test_index_with_name_with_tags(self, user_util, autologin_user):
                     user = user_util.create_user()
                     username = user.username
                     user.name = '<img src="/image1" onload="alert(\'Hello, World!\');">'
                     user.lastname = '#"><img src=x onerror=prompt(document.cookie);>'
                     Session().add(user)
                     Session().commit()
                     user_util.create_repo(owner=username)
                     response = self.app.get(route_path('home'))
                     response.mustcontain(h.html_escape(user.first_name))
                     response.mustcontain(h.html_escape(user.last_name))
                 @pytest.mark.parametrize("name, state", [
                     ('Disabled', False),
                     ('Enabled', True),
                 ])
                 def test_index_show_version(self, autologin_user, name, state):
                     version_string = 'RhodeCode Enterprise %s' % rhodecode.__version__
                     sett = SettingsModel().create_or_update_setting(
                         'show_version', state, 'bool')
                     Session().add(sett)
                     Session().commit()
                     SettingsModel().invalidate_settings_cache()
                     response = self.app.get(route_path('home'))
                     if state is True:
                         response.mustcontain(version_string)
                     if state is False:
                         response.mustcontain(no=[version_string])
                 def test_logout_form_contains_csrf(self, autologin_user, csrf_token):
                     response = self.app.get(route_path('home'))
                     assert_response = response.assert_response()
                     element = assert_response.get_element('.logout #csrf_token')
                     assert element.value == csrf_token