Show More
The requested changes are too big and content was truncated. Show full diff
|
1 | NO CONTENT: new file 100644 | |
The requested commit or file is too big and content was truncated. Show full diff |
@@ -1,574 +1,573 b'' | |||
|
1 | 1 | # Copyright (C) 2011-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import itertools |
|
20 | 20 | import logging |
|
21 | 21 | import sys |
|
22 | 22 | import fnmatch |
|
23 | 23 | |
|
24 | 24 | import decorator |
|
25 | 25 | import typing |
|
26 | 26 | import venusian |
|
27 | 27 | from collections import OrderedDict |
|
28 | 28 | |
|
29 | 29 | from pyramid.exceptions import ConfigurationError |
|
30 | 30 | from pyramid.renderers import render |
|
31 | 31 | from pyramid.response import Response |
|
32 | 32 | from pyramid.httpexceptions import HTTPNotFound |
|
33 | 33 | |
|
34 | 34 | from rhodecode.api.exc import ( |
|
35 | 35 | JSONRPCBaseError, JSONRPCError, JSONRPCForbidden, JSONRPCValidationError) |
|
36 | 36 | from rhodecode.apps._base import TemplateArgs |
|
37 | 37 | from rhodecode.lib.auth import AuthUser |
|
38 | 38 | from rhodecode.lib.base import get_ip_addr, attach_context_attributes |
|
39 | 39 | from rhodecode.lib.exc_tracking import store_exception |
|
40 | 40 | from rhodecode.lib import ext_json |
|
41 | 41 | from rhodecode.lib.utils2 import safe_str |
|
42 | 42 | from rhodecode.lib.plugins.utils import get_plugin_settings |
|
43 | 43 | from rhodecode.model.db import User, UserApiKeys |
|
44 | 44 | |
|
45 | 45 | log = logging.getLogger(__name__) |
|
46 | 46 | |
|
47 | 47 | DEFAULT_RENDERER = 'jsonrpc_renderer' |
|
48 | 48 | DEFAULT_URL = '/_admin/apiv2' |
|
49 | 49 | |
|
50 | 50 | |
|
51 | 51 | def find_methods(jsonrpc_methods, pattern): |
|
52 | 52 | matches = OrderedDict() |
|
53 | 53 | if not isinstance(pattern, (list, tuple)): |
|
54 | 54 | pattern = [pattern] |
|
55 | 55 | |
|
56 | 56 | for single_pattern in pattern: |
|
57 | 57 | for method_name, method in jsonrpc_methods.items(): |
|
58 | 58 | if fnmatch.fnmatch(method_name, single_pattern): |
|
59 | 59 | matches[method_name] = method |
|
60 | 60 | return matches |
|
61 | 61 | |
|
62 | 62 | |
|
63 | 63 | class ExtJsonRenderer(object): |
|
64 | 64 | """ |
|
65 | 65 | Custom renderer that makes use of our ext_json lib |
|
66 | 66 | |
|
67 | 67 | """ |
|
68 | 68 | |
|
69 | 69 | def __init__(self): |
|
70 | 70 | self.serializer = ext_json.formatted_json |
|
71 | 71 | |
|
72 | 72 | def __call__(self, info): |
|
73 | 73 | """ Returns a plain JSON-encoded string with content-type |
|
74 | 74 | ``application/json``. The content-type may be overridden by |
|
75 | 75 | setting ``request.response.content_type``.""" |
|
76 | 76 | |
|
77 | 77 | def _render(value, system): |
|
78 | 78 | request = system.get('request') |
|
79 | 79 | if request is not None: |
|
80 | 80 | response = request.response |
|
81 | 81 | ct = response.content_type |
|
82 | 82 | if ct == response.default_content_type: |
|
83 | 83 | response.content_type = 'application/json' |
|
84 | 84 | |
|
85 | 85 | return self.serializer(value) |
|
86 | 86 | |
|
87 | 87 | return _render |
|
88 | 88 | |
|
89 | 89 | |
|
90 | 90 | def jsonrpc_response(request, result): |
|
91 | 91 | rpc_id = getattr(request, 'rpc_id', None) |
|
92 | 92 | |
|
93 | 93 | ret_value = '' |
|
94 | 94 | if rpc_id: |
|
95 | 95 | ret_value = {'id': rpc_id, 'result': result, 'error': None} |
|
96 | 96 | |
|
97 | 97 | # fetch deprecation warnings, and store it inside results |
|
98 | 98 | deprecation = getattr(request, 'rpc_deprecation', None) |
|
99 | 99 | if deprecation: |
|
100 | 100 | ret_value['DEPRECATION_WARNING'] = deprecation |
|
101 | 101 | |
|
102 | 102 | raw_body = render(DEFAULT_RENDERER, ret_value, request=request) |
|
103 | 103 | content_type = 'application/json' |
|
104 | 104 | content_type_header = 'Content-Type' |
|
105 | 105 | headers = { |
|
106 | 106 | content_type_header: content_type |
|
107 | 107 | } |
|
108 | 108 | return Response( |
|
109 | 109 | body=raw_body, |
|
110 | 110 | content_type=content_type, |
|
111 | 111 | headerlist=[(k, v) for k, v in headers.items()] |
|
112 | 112 | ) |
|
113 | 113 | |
|
114 | 114 | |
|
115 | 115 | def jsonrpc_error(request, message, retid=None, code: int | None = None, headers: dict | None = None): |
|
116 | 116 | """ |
|
117 | 117 | Generate a Response object with a JSON-RPC error body |
|
118 | 118 | """ |
|
119 | 119 | headers = headers or {} |
|
120 | 120 | content_type = 'application/json' |
|
121 | 121 | content_type_header = 'Content-Type' |
|
122 | 122 | if content_type_header not in headers: |
|
123 | 123 | headers[content_type_header] = content_type |
|
124 | 124 | |
|
125 | 125 | err_dict = {'id': retid, 'result': None, 'error': message} |
|
126 | 126 | raw_body = render(DEFAULT_RENDERER, err_dict, request=request) |
|
127 | 127 | |
|
128 | 128 | return Response( |
|
129 | 129 | body=raw_body, |
|
130 | 130 | status=code, |
|
131 | 131 | content_type=content_type, |
|
132 | 132 | headerlist=[(k, v) for k, v in headers.items()] |
|
133 | 133 | ) |
|
134 | 134 | |
|
135 | 135 | |
|
136 | 136 | def exception_view(exc, request): |
|
137 | 137 | rpc_id = getattr(request, 'rpc_id', None) |
|
138 | 138 | |
|
139 | 139 | if isinstance(exc, JSONRPCError): |
|
140 | 140 | fault_message = safe_str(exc) |
|
141 | 141 | log.debug('json-rpc error rpc_id:%s "%s"', rpc_id, fault_message) |
|
142 | 142 | elif isinstance(exc, JSONRPCValidationError): |
|
143 | 143 | colander_exc = exc.colander_exception |
|
144 | 144 | # TODO(marcink): think maybe of nicer way to serialize errors ? |
|
145 | 145 | fault_message = colander_exc.asdict() |
|
146 | 146 | log.debug('json-rpc colander error rpc_id:%s "%s"', rpc_id, fault_message) |
|
147 | 147 | elif isinstance(exc, JSONRPCForbidden): |
|
148 | 148 | fault_message = 'Access was denied to this resource.' |
|
149 | 149 | log.warning('json-rpc forbidden call rpc_id:%s "%s"', rpc_id, fault_message) |
|
150 | 150 | elif isinstance(exc, HTTPNotFound): |
|
151 | 151 | method = request.rpc_method |
|
152 | 152 | log.debug('json-rpc method `%s` not found in list of ' |
|
153 | 153 | 'api calls: %s, rpc_id:%s', |
|
154 | 154 | method, list(request.registry.jsonrpc_methods.keys()), rpc_id) |
|
155 | 155 | |
|
156 | 156 | similar = 'none' |
|
157 | 157 | try: |
|
158 | 158 | similar_paterns = [f'*{x}*' for x in method.split('_')] |
|
159 | 159 | similar_found = find_methods( |
|
160 | 160 | request.registry.jsonrpc_methods, similar_paterns) |
|
161 | 161 | similar = ', '.join(similar_found.keys()) or similar |
|
162 | 162 | except Exception: |
|
163 | 163 | # make the whole above block safe |
|
164 | 164 | pass |
|
165 | 165 | |
|
166 |
fault_message = "No such method: {}. Similar methods: {}" |
|
|
167 | method, similar) | |
|
166 | fault_message = f"No such method: {method}. Similar methods: {similar}" | |
|
168 | 167 | else: |
|
169 | 168 | fault_message = 'undefined error' |
|
170 | 169 | exc_info = exc.exc_info() |
|
171 | 170 | store_exception(id(exc_info), exc_info, prefix='rhodecode-api') |
|
172 | 171 | |
|
173 | 172 | statsd = request.registry.statsd |
|
174 | 173 | if statsd: |
|
175 | 174 | exc_type = f"{exc.__class__.__module__}.{exc.__class__.__name__}" |
|
176 | 175 | statsd.incr('rhodecode_exception_total', |
|
177 | 176 | tags=["exc_source:api", f"type:{exc_type}"]) |
|
178 | 177 | |
|
179 | 178 | return jsonrpc_error(request, fault_message, rpc_id) |
|
180 | 179 | |
|
181 | 180 | |
|
182 | 181 | def request_view(request): |
|
183 | 182 | """ |
|
184 | 183 | Main request handling method. It handles all logic to call a specific |
|
185 | 184 | exposed method |
|
186 | 185 | """ |
|
187 | 186 | # cython compatible inspect |
|
188 | 187 | from rhodecode.config.patches import inspect_getargspec |
|
189 | 188 | inspect = inspect_getargspec() |
|
190 | 189 | |
|
191 | 190 | # check if we can find this session using api_key, get_by_auth_token |
|
192 | 191 | # search not expired tokens only |
|
193 | 192 | try: |
|
194 | 193 | api_user = User.get_by_auth_token(request.rpc_api_key) |
|
195 | 194 | |
|
196 | 195 | if api_user is None: |
|
197 | 196 | return jsonrpc_error( |
|
198 | 197 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
199 | 198 | |
|
200 | 199 | if not api_user.active: |
|
201 | 200 | return jsonrpc_error( |
|
202 | 201 | request, retid=request.rpc_id, |
|
203 | 202 | message='Request from this user not allowed') |
|
204 | 203 | |
|
205 | 204 | # check if we are allowed to use this IP |
|
206 | 205 | auth_u = AuthUser( |
|
207 | 206 | api_user.user_id, request.rpc_api_key, ip_addr=request.rpc_ip_addr) |
|
208 | 207 | if not auth_u.ip_allowed: |
|
209 | 208 | return jsonrpc_error( |
|
210 | 209 | request, retid=request.rpc_id, |
|
211 | 210 | message='Request from IP:{} not allowed'.format( |
|
212 | 211 | request.rpc_ip_addr)) |
|
213 | 212 | else: |
|
214 | 213 | log.info('Access for IP:%s allowed', request.rpc_ip_addr) |
|
215 | 214 | |
|
216 | 215 | # register our auth-user |
|
217 | 216 | request.rpc_user = auth_u |
|
218 | 217 | request.environ['rc_auth_user_id'] = str(auth_u.user_id) |
|
219 | 218 | |
|
220 | 219 | # now check if token is valid for API |
|
221 | 220 | auth_token = request.rpc_api_key |
|
222 | 221 | token_match = api_user.authenticate_by_token( |
|
223 | 222 | auth_token, roles=[UserApiKeys.ROLE_API]) |
|
224 | 223 | invalid_token = not token_match |
|
225 | 224 | |
|
226 | 225 | log.debug('Checking if API KEY is valid with proper role') |
|
227 | 226 | if invalid_token: |
|
228 | 227 | return jsonrpc_error( |
|
229 | 228 | request, retid=request.rpc_id, |
|
230 | 229 | message='API KEY invalid or, has bad role for an API call') |
|
231 | 230 | |
|
232 | 231 | except Exception: |
|
233 | 232 | log.exception('Error on API AUTH') |
|
234 | 233 | return jsonrpc_error( |
|
235 | 234 | request, retid=request.rpc_id, message='Invalid API KEY') |
|
236 | 235 | |
|
237 | 236 | method = request.rpc_method |
|
238 | 237 | func = request.registry.jsonrpc_methods[method] |
|
239 | 238 | |
|
240 | 239 | # now that we have a method, add request._req_params to |
|
241 | 240 | # self.kargs and dispatch control to WGIController |
|
242 | 241 | |
|
243 | 242 | argspec = inspect.getargspec(func) |
|
244 | 243 | arglist = argspec[0] |
|
245 | 244 | defs = argspec[3] or [] |
|
246 | 245 | defaults = [type(a) for a in defs] |
|
247 | 246 | default_empty = type(NotImplemented) |
|
248 | 247 | |
|
249 | 248 | # kw arguments required by this method |
|
250 | 249 | func_kwargs = dict(itertools.zip_longest( |
|
251 | 250 | reversed(arglist), reversed(defaults), fillvalue=default_empty)) |
|
252 | 251 | |
|
253 | 252 | # This attribute will need to be first param of a method that uses |
|
254 | 253 | # api_key, which is translated to instance of user at that name |
|
255 | 254 | user_var = 'apiuser' |
|
256 | 255 | request_var = 'request' |
|
257 | 256 | |
|
258 | 257 | for arg in [user_var, request_var]: |
|
259 | 258 | if arg not in arglist: |
|
260 | 259 | return jsonrpc_error( |
|
261 | 260 | request, |
|
262 | 261 | retid=request.rpc_id, |
|
263 | 262 | message='This method [%s] does not support ' |
|
264 | 263 | 'required parameter `%s`' % (func.__name__, arg)) |
|
265 | 264 | |
|
266 | 265 | # get our arglist and check if we provided them as args |
|
267 | 266 | for arg, default in func_kwargs.items(): |
|
268 | 267 | if arg in [user_var, request_var]: |
|
269 | 268 | # user_var and request_var are pre-hardcoded parameters and we |
|
270 | 269 | # don't need to do any translation |
|
271 | 270 | continue |
|
272 | 271 | |
|
273 | 272 | # skip the required param check if it's default value is |
|
274 | 273 | # NotImplementedType (default_empty) |
|
275 | 274 | if default == default_empty and arg not in request.rpc_params: |
|
276 | 275 | return jsonrpc_error( |
|
277 | 276 | request, |
|
278 | 277 | retid=request.rpc_id, |
|
279 | 278 | message=('Missing non optional `%s` arg in JSON DATA' % arg) |
|
280 | 279 | ) |
|
281 | 280 | |
|
282 | 281 | # sanitize extra passed arguments |
|
283 | 282 | for k in list(request.rpc_params.keys()): |
|
284 | 283 | if k not in func_kwargs: |
|
285 | 284 | del request.rpc_params[k] |
|
286 | 285 | |
|
287 | 286 | call_params = request.rpc_params |
|
288 | 287 | call_params.update({ |
|
289 | 288 | 'request': request, |
|
290 | 289 | 'apiuser': auth_u |
|
291 | 290 | }) |
|
292 | 291 | |
|
293 | 292 | # register some common functions for usage |
|
294 | 293 | attach_context_attributes(TemplateArgs(), request, request.rpc_user.user_id) |
|
295 | 294 | |
|
296 | 295 | statsd = request.registry.statsd |
|
297 | 296 | |
|
298 | 297 | try: |
|
299 | 298 | ret_value = func(**call_params) |
|
300 | 299 | resp = jsonrpc_response(request, ret_value) |
|
301 | 300 | if statsd: |
|
302 | 301 | statsd.incr('rhodecode_api_call_success_total') |
|
303 | 302 | return resp |
|
304 | 303 | except JSONRPCBaseError: |
|
305 | 304 | raise |
|
306 | 305 | except Exception: |
|
307 | 306 | log.exception('Unhandled exception occurred on api call: %s', func) |
|
308 | 307 | exc_info = sys.exc_info() |
|
309 | 308 | exc_id, exc_type_name = store_exception( |
|
310 | 309 | id(exc_info), exc_info, prefix='rhodecode-api') |
|
311 | 310 | error_headers = { |
|
312 | 311 | 'RhodeCode-Exception-Id': str(exc_id), |
|
313 | 312 | 'RhodeCode-Exception-Type': str(exc_type_name) |
|
314 | 313 | } |
|
315 | 314 | err_resp = jsonrpc_error( |
|
316 | 315 | request, retid=request.rpc_id, message='Internal server error', |
|
317 | 316 | headers=error_headers) |
|
318 | 317 | if statsd: |
|
319 | 318 | statsd.incr('rhodecode_api_call_fail_total') |
|
320 | 319 | return err_resp |
|
321 | 320 | |
|
322 | 321 | |
|
323 | 322 | def setup_request(request): |
|
324 | 323 | """ |
|
325 | 324 | Parse a JSON-RPC request body. It's used inside the predicates method |
|
326 | 325 | to validate and bootstrap requests for usage in rpc calls. |
|
327 | 326 | |
|
328 | 327 | We need to raise JSONRPCError here if we want to return some errors back to |
|
329 | 328 | user. |
|
330 | 329 | """ |
|
331 | 330 | |
|
332 | 331 | log.debug('Executing setup request: %r', request) |
|
333 | 332 | request.rpc_ip_addr = get_ip_addr(request.environ) |
|
334 | 333 | # TODO(marcink): deprecate GET at some point |
|
335 | 334 | if request.method not in ['POST', 'GET']: |
|
336 | 335 | log.debug('unsupported request method "%s"', request.method) |
|
337 | 336 | raise JSONRPCError( |
|
338 | 337 | 'unsupported request method "%s". Please use POST' % request.method) |
|
339 | 338 | |
|
340 | 339 | if 'CONTENT_LENGTH' not in request.environ: |
|
341 | 340 | log.debug("No Content-Length") |
|
342 | 341 | raise JSONRPCError("Empty body, No Content-Length in request") |
|
343 | 342 | |
|
344 | 343 | else: |
|
345 | 344 | length = request.environ['CONTENT_LENGTH'] |
|
346 | 345 | log.debug('Content-Length: %s', length) |
|
347 | 346 | |
|
348 | 347 | if length == 0: |
|
349 | 348 | log.debug("Content-Length is 0") |
|
350 | 349 | raise JSONRPCError("Content-Length is 0") |
|
351 | 350 | |
|
352 | 351 | raw_body = request.body |
|
353 | 352 | log.debug("Loading JSON body now") |
|
354 | 353 | try: |
|
355 | 354 | json_body = ext_json.json.loads(raw_body) |
|
356 | 355 | except ValueError as e: |
|
357 | 356 | # catch JSON errors Here |
|
358 | 357 | raise JSONRPCError(f"JSON parse error ERR:{e} RAW:{raw_body!r}") |
|
359 | 358 | |
|
360 | 359 | request.rpc_id = json_body.get('id') |
|
361 | 360 | request.rpc_method = json_body.get('method') |
|
362 | 361 | |
|
363 | 362 | # check required base parameters |
|
364 | 363 | try: |
|
365 | 364 | api_key = json_body.get('api_key') |
|
366 | 365 | if not api_key: |
|
367 | 366 | api_key = json_body.get('auth_token') |
|
368 | 367 | |
|
369 | 368 | if not api_key: |
|
370 | 369 | raise KeyError('api_key or auth_token') |
|
371 | 370 | |
|
372 | 371 | # TODO(marcink): support passing in token in request header |
|
373 | 372 | |
|
374 | 373 | request.rpc_api_key = api_key |
|
375 | 374 | request.rpc_id = json_body['id'] |
|
376 | 375 | request.rpc_method = json_body['method'] |
|
377 | 376 | request.rpc_params = json_body['args'] \ |
|
378 | 377 | if isinstance(json_body['args'], dict) else {} |
|
379 | 378 | |
|
380 | 379 | log.debug('method: %s, params: %.10240r', request.rpc_method, request.rpc_params) |
|
381 | 380 | except KeyError as e: |
|
382 | 381 | raise JSONRPCError(f'Incorrect JSON data. Missing {e}') |
|
383 | 382 | |
|
384 | 383 | log.debug('setup complete, now handling method:%s rpcid:%s', |
|
385 | 384 | request.rpc_method, request.rpc_id, ) |
|
386 | 385 | |
|
387 | 386 | |
|
388 | 387 | class RoutePredicate(object): |
|
389 | 388 | def __init__(self, val, config): |
|
390 | 389 | self.val = val |
|
391 | 390 | |
|
392 | 391 | def text(self): |
|
393 | 392 | return f'jsonrpc route = {self.val}' |
|
394 | 393 | |
|
395 | 394 | phash = text |
|
396 | 395 | |
|
397 | 396 | def __call__(self, info, request): |
|
398 | 397 | if self.val: |
|
399 | 398 | # potentially setup and bootstrap our call |
|
400 | 399 | setup_request(request) |
|
401 | 400 | |
|
402 | 401 | # Always return True so that even if it isn't a valid RPC it |
|
403 | 402 | # will fall through to the underlaying handlers like notfound_view |
|
404 | 403 | return True |
|
405 | 404 | |
|
406 | 405 | |
|
407 | 406 | class NotFoundPredicate(object): |
|
408 | 407 | def __init__(self, val, config): |
|
409 | 408 | self.val = val |
|
410 | 409 | self.methods = config.registry.jsonrpc_methods |
|
411 | 410 | |
|
412 | 411 | def text(self): |
|
413 | 412 | return f'jsonrpc method not found = {self.val}' |
|
414 | 413 | |
|
415 | 414 | phash = text |
|
416 | 415 | |
|
417 | 416 | def __call__(self, info, request): |
|
418 | 417 | return hasattr(request, 'rpc_method') |
|
419 | 418 | |
|
420 | 419 | |
|
421 | 420 | class MethodPredicate(object): |
|
422 | 421 | def __init__(self, val, config): |
|
423 | 422 | self.method = val |
|
424 | 423 | |
|
425 | 424 | def text(self): |
|
426 | 425 | return f'jsonrpc method = {self.method}' |
|
427 | 426 | |
|
428 | 427 | phash = text |
|
429 | 428 | |
|
430 | 429 | def __call__(self, context, request): |
|
431 | 430 | # we need to explicitly return False here, so pyramid doesn't try to |
|
432 | 431 | # execute our view directly. We need our main handler to execute things |
|
433 | 432 | return getattr(request, 'rpc_method') == self.method |
|
434 | 433 | |
|
435 | 434 | |
|
436 | 435 | def add_jsonrpc_method(config, view, **kwargs): |
|
437 | 436 | # pop the method name |
|
438 | 437 | method = kwargs.pop('method', None) |
|
439 | 438 | |
|
440 | 439 | if method is None: |
|
441 | 440 | raise ConfigurationError( |
|
442 | 441 | 'Cannot register a JSON-RPC method without specifying the "method"') |
|
443 | 442 | |
|
444 | 443 | # we define custom predicate, to enable to detect conflicting methods, |
|
445 | 444 | # those predicates are kind of "translation" from the decorator variables |
|
446 | 445 | # to internal predicates names |
|
447 | 446 | |
|
448 | 447 | kwargs['jsonrpc_method'] = method |
|
449 | 448 | |
|
450 | 449 | # register our view into global view store for validation |
|
451 | 450 | config.registry.jsonrpc_methods[method] = view |
|
452 | 451 | |
|
453 | 452 | # we're using our main request_view handler, here, so each method |
|
454 | 453 | # has a unified handler for itself |
|
455 | 454 | config.add_view(request_view, route_name='apiv2', **kwargs) |
|
456 | 455 | |
|
457 | 456 | |
|
458 | 457 | class jsonrpc_method(object): |
|
459 | 458 | """ |
|
460 | 459 | decorator that works similar to @add_view_config decorator, |
|
461 | 460 | but tailored for our JSON RPC |
|
462 | 461 | """ |
|
463 | 462 | |
|
464 | 463 | venusian = venusian # for testing injection |
|
465 | 464 | |
|
466 | 465 | def __init__(self, method=None, **kwargs): |
|
467 | 466 | self.method = method |
|
468 | 467 | self.kwargs = kwargs |
|
469 | 468 | |
|
470 | 469 | def __call__(self, wrapped): |
|
471 | 470 | kwargs = self.kwargs.copy() |
|
472 | 471 | kwargs['method'] = self.method or wrapped.__name__ |
|
473 | 472 | depth = kwargs.pop('_depth', 0) |
|
474 | 473 | |
|
475 | 474 | def callback(context, name, ob): |
|
476 | 475 | config = context.config.with_package(info.module) |
|
477 | 476 | config.add_jsonrpc_method(view=ob, **kwargs) |
|
478 | 477 | |
|
479 | 478 | info = venusian.attach(wrapped, callback, category='pyramid', |
|
480 | 479 | depth=depth + 1) |
|
481 | 480 | if info.scope == 'class': |
|
482 | 481 | # ensure that attr is set if decorating a class method |
|
483 | 482 | kwargs.setdefault('attr', wrapped.__name__) |
|
484 | 483 | |
|
485 | 484 | kwargs['_info'] = info.codeinfo # fbo action_method |
|
486 | 485 | return wrapped |
|
487 | 486 | |
|
488 | 487 | |
|
489 | 488 | class jsonrpc_deprecated_method(object): |
|
490 | 489 | """ |
|
491 | 490 | Marks method as deprecated, adds log.warning, and inject special key to |
|
492 | 491 | the request variable to mark method as deprecated. |
|
493 | 492 | Also injects special docstring that extract_docs will catch to mark |
|
494 | 493 | method as deprecated. |
|
495 | 494 | |
|
496 | 495 | :param use_method: specify which method should be used instead of |
|
497 | 496 | the decorated one |
|
498 | 497 | |
|
499 | 498 | Use like:: |
|
500 | 499 | |
|
501 | 500 | @jsonrpc_method() |
|
502 | 501 | @jsonrpc_deprecated_method(use_method='new_func', deprecated_at_version='3.0.0') |
|
503 | 502 | def old_func(request, apiuser, arg1, arg2): |
|
504 | 503 | ... |
|
505 | 504 | """ |
|
506 | 505 | |
|
507 | 506 | def __init__(self, use_method, deprecated_at_version): |
|
508 | 507 | self.use_method = use_method |
|
509 | 508 | self.deprecated_at_version = deprecated_at_version |
|
510 | 509 | self.deprecated_msg = '' |
|
511 | 510 | |
|
512 | 511 | def __call__(self, func): |
|
513 | 512 | self.deprecated_msg = 'Please use method `{method}` instead.'.format( |
|
514 | 513 | method=self.use_method) |
|
515 | 514 | |
|
516 | 515 | docstring = """\n |
|
517 | 516 | .. deprecated:: {version} |
|
518 | 517 | |
|
519 | 518 | {deprecation_message} |
|
520 | 519 | |
|
521 | 520 | {original_docstring} |
|
522 | 521 | """ |
|
523 | 522 | func.__doc__ = docstring.format( |
|
524 | 523 | version=self.deprecated_at_version, |
|
525 | 524 | deprecation_message=self.deprecated_msg, |
|
526 | 525 | original_docstring=func.__doc__) |
|
527 | 526 | return decorator.decorator(self.__wrapper, func) |
|
528 | 527 | |
|
529 | 528 | def __wrapper(self, func, *fargs, **fkwargs): |
|
530 | 529 | log.warning('DEPRECATED API CALL on function %s, please ' |
|
531 | 530 | 'use `%s` instead', func, self.use_method) |
|
532 | 531 | # alter function docstring to mark as deprecated, this is picked up |
|
533 | 532 | # via fabric file that generates API DOC. |
|
534 | 533 | result = func(*fargs, **fkwargs) |
|
535 | 534 | |
|
536 | 535 | request = fargs[0] |
|
537 | 536 | request.rpc_deprecation = 'DEPRECATED METHOD ' + self.deprecated_msg |
|
538 | 537 | return result |
|
539 | 538 | |
|
540 | 539 | |
|
541 | 540 | def add_api_methods(config): |
|
542 | 541 | from rhodecode.api.views import ( |
|
543 | 542 | deprecated_api, gist_api, pull_request_api, repo_api, repo_group_api, |
|
544 | 543 | server_api, search_api, testing_api, user_api, user_group_api) |
|
545 | 544 | |
|
546 | 545 | config.scan('rhodecode.api.views') |
|
547 | 546 | |
|
548 | 547 | |
|
549 | 548 | def includeme(config): |
|
550 | 549 | plugin_module = 'rhodecode.api' |
|
551 | 550 | plugin_settings = get_plugin_settings( |
|
552 | 551 | plugin_module, config.registry.settings) |
|
553 | 552 | |
|
554 | 553 | if not hasattr(config.registry, 'jsonrpc_methods'): |
|
555 | 554 | config.registry.jsonrpc_methods = OrderedDict() |
|
556 | 555 | |
|
557 | 556 | # match filter by given method only |
|
558 | 557 | config.add_view_predicate('jsonrpc_method', MethodPredicate) |
|
559 | 558 | config.add_view_predicate('jsonrpc_method_not_found', NotFoundPredicate) |
|
560 | 559 | |
|
561 | 560 | config.add_renderer(DEFAULT_RENDERER, ExtJsonRenderer()) |
|
562 | 561 | config.add_directive('add_jsonrpc_method', add_jsonrpc_method) |
|
563 | 562 | |
|
564 | 563 | config.add_route_predicate( |
|
565 | 564 | 'jsonrpc_call', RoutePredicate) |
|
566 | 565 | |
|
567 | 566 | config.add_route( |
|
568 | 567 | 'apiv2', plugin_settings.get('url', DEFAULT_URL), jsonrpc_call=True) |
|
569 | 568 | |
|
570 | 569 | # register some exception handling view |
|
571 | 570 | config.add_view(exception_view, context=JSONRPCBaseError) |
|
572 | 571 | config.add_notfound_view(exception_view, jsonrpc_method_not_found=True) |
|
573 | 572 | |
|
574 | 573 | add_api_methods(config) |
@@ -1,172 +1,156 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import os |
|
21 | 21 | import csv |
|
22 | 22 | import datetime |
|
23 | 23 | |
|
24 | 24 | import pytest |
|
25 | 25 | |
|
26 | 26 | from rhodecode.lib.str_utils import safe_str |
|
27 | 27 | from rhodecode.tests import * |
|
28 | from rhodecode.tests.routes import route_path | |
|
28 | 29 | from rhodecode.tests.fixture import FIXTURES |
|
29 | 30 | from rhodecode.model.db import UserLog |
|
30 | 31 | from rhodecode.model.meta import Session |
|
31 | 32 | |
|
32 | 33 | |
|
33 | def route_path(name, params=None, **kwargs): | |
|
34 | import urllib.request | |
|
35 | import urllib.parse | |
|
36 | import urllib.error | |
|
37 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
38 | ||
|
39 | base_url = { | |
|
40 | 'admin_home': ADMIN_PREFIX, | |
|
41 | 'admin_audit_logs': ADMIN_PREFIX + '/audit_logs', | |
|
42 | ||
|
43 | }[name].format(**kwargs) | |
|
44 | ||
|
45 | if params: | |
|
46 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
47 | return base_url | |
|
48 | ||
|
49 | ||
|
50 | 34 | @pytest.mark.usefixtures('app') |
|
51 | 35 | class TestAdminController(object): |
|
52 | 36 | |
|
53 | 37 | @pytest.fixture(scope='class', autouse=True) |
|
54 | 38 | def prepare(self, request, baseapp): |
|
55 | 39 | UserLog.query().delete() |
|
56 | 40 | Session().commit() |
|
57 | 41 | |
|
58 | 42 | def strptime(val): |
|
59 | 43 | fmt = '%Y-%m-%d %H:%M:%S' |
|
60 | 44 | if '.' not in val: |
|
61 | 45 | return datetime.datetime.strptime(val, fmt) |
|
62 | 46 | |
|
63 | 47 | nofrag, frag = val.split(".") |
|
64 | 48 | date = datetime.datetime.strptime(nofrag, fmt) |
|
65 | 49 | |
|
66 | 50 | frag = frag[:6] # truncate to microseconds |
|
67 | 51 | frag += (6 - len(frag)) * '0' # add 0s |
|
68 | 52 | return date.replace(microsecond=int(frag)) |
|
69 | 53 | |
|
70 | 54 | with open(os.path.join(FIXTURES, 'journal_dump.csv')) as f: |
|
71 | 55 | for row in csv.DictReader(f): |
|
72 | 56 | ul = UserLog() |
|
73 | 57 | for k, v in row.items(): |
|
74 | 58 | v = safe_str(v) |
|
75 | 59 | if k == 'action_date': |
|
76 | 60 | v = strptime(v) |
|
77 | 61 | if k in ['user_id', 'repository_id']: |
|
78 | 62 | # nullable due to FK problems |
|
79 | 63 | v = None |
|
80 | 64 | setattr(ul, k, v) |
|
81 | 65 | Session().add(ul) |
|
82 | 66 | Session().commit() |
|
83 | 67 | |
|
84 | 68 | @request.addfinalizer |
|
85 | 69 | def cleanup(): |
|
86 | 70 | UserLog.query().delete() |
|
87 | 71 | Session().commit() |
|
88 | 72 | |
|
89 | 73 | def test_index(self, autologin_user): |
|
90 | 74 | response = self.app.get(route_path('admin_audit_logs')) |
|
91 | 75 | response.mustcontain('Admin audit logs') |
|
92 | 76 | |
|
93 | 77 | def test_filter_all_entries(self, autologin_user): |
|
94 | 78 | response = self.app.get(route_path('admin_audit_logs')) |
|
95 | 79 | all_count = UserLog.query().count() |
|
96 | 80 | response.mustcontain('%s entries' % all_count) |
|
97 | 81 | |
|
98 | 82 | def test_filter_journal_filter_exact_match_on_repository(self, autologin_user): |
|
99 | 83 | response = self.app.get(route_path('admin_audit_logs', |
|
100 | 84 | params=dict(filter='repository:rhodecode'))) |
|
101 | 85 | response.mustcontain('3 entries') |
|
102 | 86 | |
|
103 | 87 | def test_filter_journal_filter_exact_match_on_repository_CamelCase(self, autologin_user): |
|
104 | 88 | response = self.app.get(route_path('admin_audit_logs', |
|
105 | 89 | params=dict(filter='repository:RhodeCode'))) |
|
106 | 90 | response.mustcontain('3 entries') |
|
107 | 91 | |
|
108 | 92 | def test_filter_journal_filter_wildcard_on_repository(self, autologin_user): |
|
109 | 93 | response = self.app.get(route_path('admin_audit_logs', |
|
110 | 94 | params=dict(filter='repository:*test*'))) |
|
111 | 95 | response.mustcontain('862 entries') |
|
112 | 96 | |
|
113 | 97 | def test_filter_journal_filter_prefix_on_repository(self, autologin_user): |
|
114 | 98 | response = self.app.get(route_path('admin_audit_logs', |
|
115 | 99 | params=dict(filter='repository:test*'))) |
|
116 | 100 | response.mustcontain('257 entries') |
|
117 | 101 | |
|
118 | 102 | def test_filter_journal_filter_prefix_on_repository_CamelCase(self, autologin_user): |
|
119 | 103 | response = self.app.get(route_path('admin_audit_logs', |
|
120 | 104 | params=dict(filter='repository:Test*'))) |
|
121 | 105 | response.mustcontain('257 entries') |
|
122 | 106 | |
|
123 | 107 | def test_filter_journal_filter_prefix_on_repository_and_user(self, autologin_user): |
|
124 | 108 | response = self.app.get(route_path('admin_audit_logs', |
|
125 | 109 | params=dict(filter='repository:test* AND username:demo'))) |
|
126 | 110 | response.mustcontain('130 entries') |
|
127 | 111 | |
|
128 | 112 | def test_filter_journal_filter_prefix_on_repository_or_target_repo(self, autologin_user): |
|
129 | 113 | response = self.app.get(route_path('admin_audit_logs', |
|
130 | 114 | params=dict(filter='repository:test* OR repository:rhodecode'))) |
|
131 | 115 | response.mustcontain('260 entries') # 257 + 3 |
|
132 | 116 | |
|
133 | 117 | def test_filter_journal_filter_exact_match_on_username(self, autologin_user): |
|
134 | 118 | response = self.app.get(route_path('admin_audit_logs', |
|
135 | 119 | params=dict(filter='username:demo'))) |
|
136 | 120 | response.mustcontain('1087 entries') |
|
137 | 121 | |
|
138 | 122 | def test_filter_journal_filter_exact_match_on_username_camelCase(self, autologin_user): |
|
139 | 123 | response = self.app.get(route_path('admin_audit_logs', |
|
140 | 124 | params=dict(filter='username:DemO'))) |
|
141 | 125 | response.mustcontain('1087 entries') |
|
142 | 126 | |
|
143 | 127 | def test_filter_journal_filter_wildcard_on_username(self, autologin_user): |
|
144 | 128 | response = self.app.get(route_path('admin_audit_logs', |
|
145 | 129 | params=dict(filter='username:*test*'))) |
|
146 | 130 | entries_count = UserLog.query().filter(UserLog.username.ilike('%test%')).count() |
|
147 | 131 | response.mustcontain('{} entries'.format(entries_count)) |
|
148 | 132 | |
|
149 | 133 | def test_filter_journal_filter_prefix_on_username(self, autologin_user): |
|
150 | 134 | response = self.app.get(route_path('admin_audit_logs', |
|
151 | 135 | params=dict(filter='username:demo*'))) |
|
152 | 136 | response.mustcontain('1101 entries') |
|
153 | 137 | |
|
154 | 138 | def test_filter_journal_filter_prefix_on_user_or_other_user(self, autologin_user): |
|
155 | 139 | response = self.app.get(route_path('admin_audit_logs', |
|
156 | 140 | params=dict(filter='username:demo OR username:volcan'))) |
|
157 | 141 | response.mustcontain('1095 entries') # 1087 + 8 |
|
158 | 142 | |
|
159 | 143 | def test_filter_journal_filter_wildcard_on_action(self, autologin_user): |
|
160 | 144 | response = self.app.get(route_path('admin_audit_logs', |
|
161 | 145 | params=dict(filter='action:*pull_request*'))) |
|
162 | 146 | response.mustcontain('187 entries') |
|
163 | 147 | |
|
164 | 148 | def test_filter_journal_filter_on_date(self, autologin_user): |
|
165 | 149 | response = self.app.get(route_path('admin_audit_logs', |
|
166 | 150 | params=dict(filter='date:20121010'))) |
|
167 | 151 | response.mustcontain('47 entries') |
|
168 | 152 | |
|
169 | 153 | def test_filter_journal_filter_on_date_2(self, autologin_user): |
|
170 | 154 | response = self.app.get(route_path('admin_audit_logs', |
|
171 | 155 | params=dict(filter='date:20121020'))) |
|
172 | 156 | response.mustcontain('17 entries') |
@@ -1,86 +1,69 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.tests import assert_session_flash |
|
23 | from rhodecode.tests.routes import route_path | |
|
23 | 24 | from rhodecode.model.settings import SettingsModel |
|
24 | 25 | |
|
25 | 26 | |
|
26 | def route_path(name, params=None, **kwargs): | |
|
27 | import urllib.request | |
|
28 | import urllib.parse | |
|
29 | import urllib.error | |
|
30 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
31 | ||
|
32 | base_url = { | |
|
33 | 'admin_defaults_repositories': | |
|
34 | ADMIN_PREFIX + '/defaults/repositories', | |
|
35 | 'admin_defaults_repositories_update': | |
|
36 | ADMIN_PREFIX + '/defaults/repositories/update', | |
|
37 | }[name].format(**kwargs) | |
|
38 | ||
|
39 | if params: | |
|
40 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
41 | return base_url | |
|
42 | ||
|
43 | ||
|
44 | 27 | @pytest.mark.usefixtures("app") |
|
45 | 28 | class TestDefaultsView(object): |
|
46 | 29 | |
|
47 | 30 | def test_index(self, autologin_user): |
|
48 | 31 | response = self.app.get(route_path('admin_defaults_repositories')) |
|
49 | 32 | response.mustcontain('default_repo_private') |
|
50 | 33 | response.mustcontain('default_repo_enable_statistics') |
|
51 | 34 | response.mustcontain('default_repo_enable_downloads') |
|
52 | 35 | response.mustcontain('default_repo_enable_locking') |
|
53 | 36 | |
|
54 | 37 | def test_update_params_true_hg(self, autologin_user, csrf_token): |
|
55 | 38 | params = { |
|
56 | 39 | 'default_repo_enable_locking': True, |
|
57 | 40 | 'default_repo_enable_downloads': True, |
|
58 | 41 | 'default_repo_enable_statistics': True, |
|
59 | 42 | 'default_repo_private': True, |
|
60 | 43 | 'default_repo_type': 'hg', |
|
61 | 44 | 'csrf_token': csrf_token, |
|
62 | 45 | } |
|
63 | 46 | response = self.app.post( |
|
64 | 47 | route_path('admin_defaults_repositories_update'), params=params) |
|
65 | 48 | assert_session_flash(response, 'Default settings updated successfully') |
|
66 | 49 | |
|
67 | 50 | defs = SettingsModel().get_default_repo_settings() |
|
68 | 51 | del params['csrf_token'] |
|
69 | 52 | assert params == defs |
|
70 | 53 | |
|
71 | 54 | def test_update_params_false_git(self, autologin_user, csrf_token): |
|
72 | 55 | params = { |
|
73 | 56 | 'default_repo_enable_locking': False, |
|
74 | 57 | 'default_repo_enable_downloads': False, |
|
75 | 58 | 'default_repo_enable_statistics': False, |
|
76 | 59 | 'default_repo_private': False, |
|
77 | 60 | 'default_repo_type': 'git', |
|
78 | 61 | 'csrf_token': csrf_token, |
|
79 | 62 | } |
|
80 | 63 | response = self.app.post( |
|
81 | 64 | route_path('admin_defaults_repositories_update'), params=params) |
|
82 | 65 | assert_session_flash(response, 'Default settings updated successfully') |
|
83 | 66 | |
|
84 | 67 | defs = SettingsModel().get_default_repo_settings() |
|
85 | 68 | del params['csrf_token'] |
|
86 | 69 | assert params == defs |
@@ -1,86 +1,67 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.tests import TestController |
|
23 | 23 | from rhodecode.tests.fixture import Fixture |
|
24 | from rhodecode.tests.routes import route_path | |
|
24 | 25 | |
|
25 | 26 | fixture = Fixture() |
|
26 | 27 | |
|
27 | 28 | |
|
28 | def route_path(name, params=None, **kwargs): | |
|
29 | import urllib.request | |
|
30 | import urllib.parse | |
|
31 | import urllib.error | |
|
32 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
33 | ||
|
34 | base_url = { | |
|
35 | 'admin_home': ADMIN_PREFIX, | |
|
36 | 'pullrequest_show': '/{repo_name}/pull-request/{pull_request_id}', | |
|
37 | 'pull_requests_global': ADMIN_PREFIX + '/pull-request/{pull_request_id}', | |
|
38 | 'pull_requests_global_0': ADMIN_PREFIX + '/pull_requests/{pull_request_id}', | |
|
39 | 'pull_requests_global_1': ADMIN_PREFIX + '/pull-requests/{pull_request_id}', | |
|
40 | ||
|
41 | }[name].format(**kwargs) | |
|
42 | ||
|
43 | if params: | |
|
44 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
45 | return base_url | |
|
46 | ||
|
47 | ||
|
48 | 29 | class TestAdminMainView(TestController): |
|
49 | 30 | |
|
50 | 31 | def test_access_admin_home(self): |
|
51 | 32 | self.log_user() |
|
52 | 33 | response = self.app.get(route_path('admin_home'), status=200) |
|
53 | 34 | response.mustcontain("Administration area") |
|
54 | 35 | |
|
55 | 36 | @pytest.mark.parametrize('view', [ |
|
56 | 37 | 'pull_requests_global', |
|
57 | 38 | ]) |
|
58 | 39 | def test_redirect_pull_request_view_global(self, view): |
|
59 | 40 | self.log_user() |
|
60 | 41 | self.app.get( |
|
61 | 42 | route_path(view, pull_request_id='xxxx'), |
|
62 | 43 | status=404) |
|
63 | 44 | |
|
64 | 45 | @pytest.mark.backends("git", "hg") |
|
65 | 46 | @pytest.mark.parametrize('view', [ |
|
66 | 47 | 'pull_requests_global', |
|
67 | 48 | 'pull_requests_global_0', |
|
68 | 49 | 'pull_requests_global_1', |
|
69 | 50 | ]) |
|
70 | 51 | def test_redirect_pull_request_view(self, view, pr_util): |
|
71 | 52 | self.log_user() |
|
72 | 53 | pull_request = pr_util.create_pull_request() |
|
73 | 54 | pull_request_id = pull_request.pull_request_id |
|
74 | 55 | repo_name = pull_request.target_repo.repo_name |
|
75 | 56 | |
|
76 | 57 | response = self.app.get( |
|
77 | 58 | route_path(view, pull_request_id=pull_request_id), |
|
78 | 59 | status=302) |
|
79 | 60 | assert response.location.endswith( |
|
80 | 61 | 'pull-request/{}'.format(pull_request_id)) |
|
81 | 62 | |
|
82 | 63 | redirect_url = route_path( |
|
83 | 64 | 'pullrequest_show', repo_name=repo_name, |
|
84 | 65 | pull_request_id=pull_request_id) |
|
85 | 66 | |
|
86 | 67 | assert redirect_url in response.location |
@@ -1,300 +1,253 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import mock |
|
21 | 21 | import pytest |
|
22 | 22 | from rhodecode.model.db import User, UserIpMap |
|
23 | 23 | from rhodecode.model.meta import Session |
|
24 | 24 | from rhodecode.model.permission import PermissionModel |
|
25 | 25 | from rhodecode.model.ssh_key import SshKeyModel |
|
26 | 26 | from rhodecode.tests import ( |
|
27 | 27 | TestController, clear_cache_regions, assert_session_flash) |
|
28 | ||
|
29 | ||
|
30 | def route_path(name, params=None, **kwargs): | |
|
31 | import urllib.request | |
|
32 | import urllib.parse | |
|
33 | import urllib.error | |
|
34 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
35 | ||
|
36 | base_url = { | |
|
37 | 'edit_user_ips': | |
|
38 | ADMIN_PREFIX + '/users/{user_id}/edit/ips', | |
|
39 | 'edit_user_ips_add': | |
|
40 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/new', | |
|
41 | 'edit_user_ips_delete': | |
|
42 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/delete', | |
|
43 | ||
|
44 | 'admin_permissions_application': | |
|
45 | ADMIN_PREFIX + '/permissions/application', | |
|
46 | 'admin_permissions_application_update': | |
|
47 | ADMIN_PREFIX + '/permissions/application/update', | |
|
48 | ||
|
49 | 'admin_permissions_global': | |
|
50 | ADMIN_PREFIX + '/permissions/global', | |
|
51 | 'admin_permissions_global_update': | |
|
52 | ADMIN_PREFIX + '/permissions/global/update', | |
|
53 | ||
|
54 | 'admin_permissions_object': | |
|
55 | ADMIN_PREFIX + '/permissions/object', | |
|
56 | 'admin_permissions_object_update': | |
|
57 | ADMIN_PREFIX + '/permissions/object/update', | |
|
58 | ||
|
59 | 'admin_permissions_ips': | |
|
60 | ADMIN_PREFIX + '/permissions/ips', | |
|
61 | 'admin_permissions_overview': | |
|
62 | ADMIN_PREFIX + '/permissions/overview', | |
|
63 | ||
|
64 | 'admin_permissions_ssh_keys': | |
|
65 | ADMIN_PREFIX + '/permissions/ssh_keys', | |
|
66 | 'admin_permissions_ssh_keys_data': | |
|
67 | ADMIN_PREFIX + '/permissions/ssh_keys/data', | |
|
68 | 'admin_permissions_ssh_keys_update': | |
|
69 | ADMIN_PREFIX + '/permissions/ssh_keys/update' | |
|
70 | ||
|
71 | }[name].format(**kwargs) | |
|
72 | ||
|
73 | if params: | |
|
74 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
75 | return base_url | |
|
28 | from rhodecode.tests.routes import route_path | |
|
76 | 29 | |
|
77 | 30 | |
|
78 | 31 | class TestAdminPermissionsController(TestController): |
|
79 | 32 | |
|
80 | 33 | @pytest.fixture(scope='class', autouse=True) |
|
81 | 34 | def prepare(self, request): |
|
82 | 35 | # cleanup and reset to default permissions after |
|
83 | 36 | @request.addfinalizer |
|
84 | 37 | def cleanup(): |
|
85 | 38 | PermissionModel().create_default_user_permissions( |
|
86 | 39 | User.get_default_user(), force=True) |
|
87 | 40 | |
|
88 | 41 | def test_index_application(self): |
|
89 | 42 | self.log_user() |
|
90 | 43 | self.app.get(route_path('admin_permissions_application')) |
|
91 | 44 | |
|
92 | 45 | @pytest.mark.parametrize( |
|
93 | 46 | 'anonymous, default_register, default_register_message, default_password_reset,' |
|
94 | 47 | 'default_extern_activate, expect_error, expect_form_error', [ |
|
95 | 48 | (True, 'hg.register.none', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
96 | 49 | False, False), |
|
97 | 50 | (True, 'hg.register.manual_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.auto', |
|
98 | 51 | False, False), |
|
99 | 52 | (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
100 | 53 | False, False), |
|
101 | 54 | (True, 'hg.register.auto_activate', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
102 | 55 | False, False), |
|
103 | 56 | (True, 'hg.register.XXX', '', 'hg.password_reset.enabled', 'hg.extern_activate.manual', |
|
104 | 57 | False, True), |
|
105 | 58 | (True, '', '', 'hg.password_reset.enabled', '', True, False), |
|
106 | 59 | ]) |
|
107 | 60 | def test_update_application_permissions( |
|
108 | 61 | self, anonymous, default_register, default_register_message, default_password_reset, |
|
109 | 62 | default_extern_activate, expect_error, expect_form_error): |
|
110 | 63 | |
|
111 | 64 | self.log_user() |
|
112 | 65 | |
|
113 | 66 | # TODO: anonymous access set here to False, breaks some other tests |
|
114 | 67 | params = { |
|
115 | 68 | 'csrf_token': self.csrf_token, |
|
116 | 69 | 'anonymous': anonymous, |
|
117 | 70 | 'default_register': default_register, |
|
118 | 71 | 'default_register_message': default_register_message, |
|
119 | 72 | 'default_password_reset': default_password_reset, |
|
120 | 73 | 'default_extern_activate': default_extern_activate, |
|
121 | 74 | } |
|
122 | 75 | response = self.app.post(route_path('admin_permissions_application_update'), |
|
123 | 76 | params=params) |
|
124 | 77 | if expect_form_error: |
|
125 | 78 | assert response.status_int == 200 |
|
126 | 79 | response.mustcontain('Value must be one of') |
|
127 | 80 | else: |
|
128 | 81 | if expect_error: |
|
129 | 82 | msg = 'Error occurred during update of permissions' |
|
130 | 83 | else: |
|
131 | 84 | msg = 'Application permissions updated successfully' |
|
132 | 85 | assert_session_flash(response, msg) |
|
133 | 86 | |
|
134 | 87 | def test_index_object(self): |
|
135 | 88 | self.log_user() |
|
136 | 89 | self.app.get(route_path('admin_permissions_object')) |
|
137 | 90 | |
|
138 | 91 | @pytest.mark.parametrize( |
|
139 | 92 | 'repo, repo_group, user_group, expect_error, expect_form_error', [ |
|
140 | 93 | ('repository.none', 'group.none', 'usergroup.none', False, False), |
|
141 | 94 | ('repository.read', 'group.read', 'usergroup.read', False, False), |
|
142 | 95 | ('repository.write', 'group.write', 'usergroup.write', |
|
143 | 96 | False, False), |
|
144 | 97 | ('repository.admin', 'group.admin', 'usergroup.admin', |
|
145 | 98 | False, False), |
|
146 | 99 | ('repository.XXX', 'group.admin', 'usergroup.admin', False, True), |
|
147 | 100 | ('', '', '', True, False), |
|
148 | 101 | ]) |
|
149 | 102 | def test_update_object_permissions(self, repo, repo_group, user_group, |
|
150 | 103 | expect_error, expect_form_error): |
|
151 | 104 | self.log_user() |
|
152 | 105 | |
|
153 | 106 | params = { |
|
154 | 107 | 'csrf_token': self.csrf_token, |
|
155 | 108 | 'default_repo_perm': repo, |
|
156 | 109 | 'overwrite_default_repo': False, |
|
157 | 110 | 'default_group_perm': repo_group, |
|
158 | 111 | 'overwrite_default_group': False, |
|
159 | 112 | 'default_user_group_perm': user_group, |
|
160 | 113 | 'overwrite_default_user_group': False, |
|
161 | 114 | } |
|
162 | 115 | response = self.app.post(route_path('admin_permissions_object_update'), |
|
163 | 116 | params=params) |
|
164 | 117 | if expect_form_error: |
|
165 | 118 | assert response.status_int == 200 |
|
166 | 119 | response.mustcontain('Value must be one of') |
|
167 | 120 | else: |
|
168 | 121 | if expect_error: |
|
169 | 122 | msg = 'Error occurred during update of permissions' |
|
170 | 123 | else: |
|
171 | 124 | msg = 'Object permissions updated successfully' |
|
172 | 125 | assert_session_flash(response, msg) |
|
173 | 126 | |
|
174 | 127 | def test_index_global(self): |
|
175 | 128 | self.log_user() |
|
176 | 129 | self.app.get(route_path('admin_permissions_global')) |
|
177 | 130 | |
|
178 | 131 | @pytest.mark.parametrize( |
|
179 | 132 | 'repo_create, repo_create_write, user_group_create, repo_group_create,' |
|
180 | 133 | 'fork_create, inherit_default_permissions, expect_error,' |
|
181 | 134 | 'expect_form_error', [ |
|
182 | 135 | ('hg.create.none', 'hg.create.write_on_repogroup.false', |
|
183 | 136 | 'hg.usergroup.create.false', 'hg.repogroup.create.false', |
|
184 | 137 | 'hg.fork.none', 'hg.inherit_default_perms.false', False, False), |
|
185 | 138 | ('hg.create.repository', 'hg.create.write_on_repogroup.true', |
|
186 | 139 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
187 | 140 | 'hg.fork.repository', 'hg.inherit_default_perms.false', |
|
188 | 141 | False, False), |
|
189 | 142 | ('hg.create.XXX', 'hg.create.write_on_repogroup.true', |
|
190 | 143 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
191 | 144 | 'hg.fork.repository', 'hg.inherit_default_perms.false', |
|
192 | 145 | False, True), |
|
193 | 146 | ('', '', '', '', '', '', True, False), |
|
194 | 147 | ]) |
|
195 | 148 | def test_update_global_permissions( |
|
196 | 149 | self, repo_create, repo_create_write, user_group_create, |
|
197 | 150 | repo_group_create, fork_create, inherit_default_permissions, |
|
198 | 151 | expect_error, expect_form_error): |
|
199 | 152 | self.log_user() |
|
200 | 153 | |
|
201 | 154 | params = { |
|
202 | 155 | 'csrf_token': self.csrf_token, |
|
203 | 156 | 'default_repo_create': repo_create, |
|
204 | 157 | 'default_repo_create_on_write': repo_create_write, |
|
205 | 158 | 'default_user_group_create': user_group_create, |
|
206 | 159 | 'default_repo_group_create': repo_group_create, |
|
207 | 160 | 'default_fork_create': fork_create, |
|
208 | 161 | 'default_inherit_default_permissions': inherit_default_permissions |
|
209 | 162 | } |
|
210 | 163 | response = self.app.post(route_path('admin_permissions_global_update'), |
|
211 | 164 | params=params) |
|
212 | 165 | if expect_form_error: |
|
213 | 166 | assert response.status_int == 200 |
|
214 | 167 | response.mustcontain('Value must be one of') |
|
215 | 168 | else: |
|
216 | 169 | if expect_error: |
|
217 | 170 | msg = 'Error occurred during update of permissions' |
|
218 | 171 | else: |
|
219 | 172 | msg = 'Global permissions updated successfully' |
|
220 | 173 | assert_session_flash(response, msg) |
|
221 | 174 | |
|
222 | 175 | def test_index_ips(self): |
|
223 | 176 | self.log_user() |
|
224 | 177 | response = self.app.get(route_path('admin_permissions_ips')) |
|
225 | 178 | response.mustcontain('All IP addresses are allowed') |
|
226 | 179 | |
|
227 | 180 | def test_add_delete_ips(self): |
|
228 | 181 | clear_cache_regions(['sql_cache_short']) |
|
229 | 182 | self.log_user() |
|
230 | 183 | |
|
231 | 184 | # ADD |
|
232 | 185 | default_user_id = User.get_default_user_id() |
|
233 | 186 | self.app.post( |
|
234 | 187 | route_path('edit_user_ips_add', user_id=default_user_id), |
|
235 | 188 | params={'new_ip': '0.0.0.0/24', 'csrf_token': self.csrf_token}) |
|
236 | 189 | |
|
237 | 190 | response = self.app.get(route_path('admin_permissions_ips')) |
|
238 | 191 | response.mustcontain('0.0.0.0/24') |
|
239 | 192 | response.mustcontain('0.0.0.0 - 0.0.0.255') |
|
240 | 193 | |
|
241 | 194 | # DELETE |
|
242 | 195 | default_user_id = User.get_default_user_id() |
|
243 | 196 | del_ip_id = UserIpMap.query().filter(UserIpMap.user_id == |
|
244 | 197 | default_user_id).first().ip_id |
|
245 | 198 | |
|
246 | 199 | response = self.app.post( |
|
247 | 200 | route_path('edit_user_ips_delete', user_id=default_user_id), |
|
248 | 201 | params={'del_ip_id': del_ip_id, 'csrf_token': self.csrf_token}) |
|
249 | 202 | |
|
250 | 203 | assert_session_flash(response, 'Removed ip address from user whitelist') |
|
251 | 204 | |
|
252 | 205 | clear_cache_regions(['sql_cache_short']) |
|
253 | 206 | response = self.app.get(route_path('admin_permissions_ips')) |
|
254 | 207 | response.mustcontain('All IP addresses are allowed') |
|
255 | 208 | response.mustcontain(no=['0.0.0.0/24']) |
|
256 | 209 | response.mustcontain(no=['0.0.0.0 - 0.0.0.255']) |
|
257 | 210 | |
|
258 | 211 | def test_index_overview(self): |
|
259 | 212 | self.log_user() |
|
260 | 213 | self.app.get(route_path('admin_permissions_overview')) |
|
261 | 214 | |
|
262 | 215 | def test_ssh_keys(self): |
|
263 | 216 | self.log_user() |
|
264 | 217 | self.app.get(route_path('admin_permissions_ssh_keys'), status=200) |
|
265 | 218 | |
|
266 | 219 | def test_ssh_keys_data(self, user_util, xhr_header): |
|
267 | 220 | self.log_user() |
|
268 | 221 | response = self.app.get(route_path('admin_permissions_ssh_keys_data'), |
|
269 | 222 | extra_environ=xhr_header) |
|
270 | 223 | assert response.json == {u'data': [], u'draw': None, |
|
271 | 224 | u'recordsFiltered': 0, u'recordsTotal': 0} |
|
272 | 225 | |
|
273 | 226 | dummy_user = user_util.create_user() |
|
274 | 227 | SshKeyModel().create(dummy_user, 'ab:cd:ef', 'KEYKEY', 'test_key') |
|
275 | 228 | Session().commit() |
|
276 | 229 | response = self.app.get(route_path('admin_permissions_ssh_keys_data'), |
|
277 | 230 | extra_environ=xhr_header) |
|
278 | 231 | assert response.json['data'][0]['fingerprint'] == 'ab:cd:ef' |
|
279 | 232 | |
|
280 | 233 | def test_ssh_keys_update(self): |
|
281 | 234 | self.log_user() |
|
282 | 235 | response = self.app.post( |
|
283 | 236 | route_path('admin_permissions_ssh_keys_update'), |
|
284 | 237 | dict(csrf_token=self.csrf_token), status=302) |
|
285 | 238 | |
|
286 | 239 | assert_session_flash( |
|
287 | 240 | response, 'Updated SSH keys file') |
|
288 | 241 | |
|
289 | 242 | def test_ssh_keys_update_disabled(self): |
|
290 | 243 | self.log_user() |
|
291 | 244 | |
|
292 | 245 | from rhodecode.apps.admin.views.permissions import AdminPermissionsView |
|
293 | 246 | with mock.patch.object(AdminPermissionsView, 'ssh_enabled', |
|
294 | 247 | return_value=False): |
|
295 | 248 | response = self.app.post( |
|
296 | 249 | route_path('admin_permissions_ssh_keys_update'), |
|
297 | 250 | dict(csrf_token=self.csrf_token), status=302) |
|
298 | 251 | |
|
299 | 252 | assert_session_flash( |
|
300 | 253 | response, 'SSH key support is disabled in .ini file') No newline at end of file |
@@ -1,515 +1,497 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import urllib.request |
|
21 | 21 | import urllib.parse |
|
22 | 22 | import urllib.error |
|
23 | 23 | |
|
24 | 24 | import mock |
|
25 | 25 | import pytest |
|
26 | 26 | |
|
27 | 27 | from rhodecode.apps._base import ADMIN_PREFIX |
|
28 | 28 | from rhodecode.lib import auth |
|
29 | 29 | from rhodecode.lib.utils2 import safe_str |
|
30 | 30 | from rhodecode.lib import helpers as h |
|
31 | 31 | from rhodecode.model.db import ( |
|
32 | 32 | Repository, RepoGroup, UserRepoToPerm, User, Permission) |
|
33 | 33 | from rhodecode.model.meta import Session |
|
34 | 34 | from rhodecode.model.repo import RepoModel |
|
35 | 35 | from rhodecode.model.repo_group import RepoGroupModel |
|
36 | 36 | from rhodecode.model.user import UserModel |
|
37 | 37 | from rhodecode.tests import ( |
|
38 | 38 | login_user_session, assert_session_flash, TEST_USER_ADMIN_LOGIN, |
|
39 | 39 | TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
40 | 40 | from rhodecode.tests.fixture import Fixture, error_function |
|
41 |
from rhodecode.tests.utils import |
|
|
41 | from rhodecode.tests.utils import repo_on_filesystem | |
|
42 | from rhodecode.tests.routes import route_path | |
|
42 | 43 | |
|
43 | 44 | fixture = Fixture() |
|
44 | 45 | |
|
45 | 46 | |
|
46 | def route_path(name, params=None, **kwargs): | |
|
47 | import urllib.request | |
|
48 | import urllib.parse | |
|
49 | import urllib.error | |
|
50 | ||
|
51 | base_url = { | |
|
52 | 'repos': ADMIN_PREFIX + '/repos', | |
|
53 | 'repos_data': ADMIN_PREFIX + '/repos_data', | |
|
54 | 'repo_new': ADMIN_PREFIX + '/repos/new', | |
|
55 | 'repo_create': ADMIN_PREFIX + '/repos/create', | |
|
56 | ||
|
57 | 'repo_creating_check': '/{repo_name}/repo_creating_check', | |
|
58 | }[name].format(**kwargs) | |
|
59 | ||
|
60 | if params: | |
|
61 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
62 | return base_url | |
|
63 | ||
|
64 | ||
|
65 | 47 | def _get_permission_for_user(user, repo): |
|
66 | 48 | perm = UserRepoToPerm.query()\ |
|
67 | 49 | .filter(UserRepoToPerm.repository == |
|
68 | 50 | Repository.get_by_repo_name(repo))\ |
|
69 | 51 | .filter(UserRepoToPerm.user == User.get_by_username(user))\ |
|
70 | 52 | .all() |
|
71 | 53 | return perm |
|
72 | 54 | |
|
73 | 55 | |
|
74 | 56 | @pytest.mark.usefixtures("app") |
|
75 | 57 | class TestAdminRepos(object): |
|
76 | 58 | |
|
77 | 59 | def test_repo_list(self, autologin_user, user_util, xhr_header): |
|
78 | 60 | repo = user_util.create_repo() |
|
79 | 61 | repo_name = repo.repo_name |
|
80 | 62 | response = self.app.get( |
|
81 | 63 | route_path('repos_data'), status=200, |
|
82 | 64 | extra_environ=xhr_header) |
|
83 | 65 | |
|
84 | 66 | response.mustcontain(repo_name) |
|
85 | 67 | |
|
86 | 68 | def test_create_page_restricted_to_single_backend(self, autologin_user, backend): |
|
87 | 69 | with mock.patch('rhodecode.BACKENDS', {'git': 'git'}): |
|
88 | 70 | response = self.app.get(route_path('repo_new'), status=200) |
|
89 | 71 | assert_response = response.assert_response() |
|
90 | 72 | element = assert_response.get_element('[name=repo_type]') |
|
91 | 73 | assert element.get('value') == 'git' |
|
92 | 74 | |
|
93 | 75 | def test_create_page_non_restricted_backends(self, autologin_user, backend): |
|
94 | 76 | response = self.app.get(route_path('repo_new'), status=200) |
|
95 | 77 | assert_response = response.assert_response() |
|
96 | 78 | assert ['hg', 'git', 'svn'] == [x.get('value') for x in assert_response.get_elements('[name=repo_type]')] |
|
97 | 79 | |
|
98 | 80 | @pytest.mark.parametrize( |
|
99 | 81 | "suffix", ['', 'xxa'], ids=['', 'non-ascii']) |
|
100 | 82 | def test_create(self, autologin_user, backend, suffix, csrf_token): |
|
101 | 83 | repo_name_unicode = backend.new_repo_name(suffix=suffix) |
|
102 | 84 | repo_name = repo_name_unicode |
|
103 | 85 | |
|
104 | 86 | description_unicode = 'description for newly created repo' + suffix |
|
105 | 87 | description = description_unicode |
|
106 | 88 | |
|
107 | 89 | response = self.app.post( |
|
108 | 90 | route_path('repo_create'), |
|
109 | 91 | fixture._get_repo_create_params( |
|
110 | 92 | repo_private=False, |
|
111 | 93 | repo_name=repo_name, |
|
112 | 94 | repo_type=backend.alias, |
|
113 | 95 | repo_description=description, |
|
114 | 96 | csrf_token=csrf_token), |
|
115 | 97 | status=302) |
|
116 | 98 | |
|
117 | 99 | self.assert_repository_is_created_correctly( |
|
118 | 100 | repo_name, description, backend) |
|
119 | 101 | |
|
120 | 102 | def test_create_numeric_name(self, autologin_user, backend, csrf_token): |
|
121 | 103 | numeric_repo = '1234' |
|
122 | 104 | repo_name = numeric_repo |
|
123 | 105 | description = 'description for newly created repo' + numeric_repo |
|
124 | 106 | self.app.post( |
|
125 | 107 | route_path('repo_create'), |
|
126 | 108 | fixture._get_repo_create_params( |
|
127 | 109 | repo_private=False, |
|
128 | 110 | repo_name=repo_name, |
|
129 | 111 | repo_type=backend.alias, |
|
130 | 112 | repo_description=description, |
|
131 | 113 | csrf_token=csrf_token)) |
|
132 | 114 | |
|
133 | 115 | self.assert_repository_is_created_correctly( |
|
134 | 116 | repo_name, description, backend) |
|
135 | 117 | |
|
136 | 118 | @pytest.mark.parametrize("suffix", ['', '_ąćę'], ids=['', 'non-ascii']) |
|
137 | 119 | def test_create_in_group( |
|
138 | 120 | self, autologin_user, backend, suffix, csrf_token): |
|
139 | 121 | # create GROUP |
|
140 | 122 | group_name = f'sometest_{backend.alias}' |
|
141 | 123 | gr = RepoGroupModel().create(group_name=group_name, |
|
142 | 124 | group_description='test', |
|
143 | 125 | owner=TEST_USER_ADMIN_LOGIN) |
|
144 | 126 | Session().commit() |
|
145 | 127 | |
|
146 | 128 | repo_name = f'ingroup{suffix}' |
|
147 | 129 | repo_name_full = RepoGroup.url_sep().join([group_name, repo_name]) |
|
148 | 130 | description = 'description for newly created repo' |
|
149 | 131 | |
|
150 | 132 | self.app.post( |
|
151 | 133 | route_path('repo_create'), |
|
152 | 134 | fixture._get_repo_create_params( |
|
153 | 135 | repo_private=False, |
|
154 | 136 | repo_name=safe_str(repo_name), |
|
155 | 137 | repo_type=backend.alias, |
|
156 | 138 | repo_description=description, |
|
157 | 139 | repo_group=gr.group_id, |
|
158 | 140 | csrf_token=csrf_token)) |
|
159 | 141 | |
|
160 | 142 | # TODO: johbo: Cleanup work to fixture |
|
161 | 143 | try: |
|
162 | 144 | self.assert_repository_is_created_correctly( |
|
163 | 145 | repo_name_full, description, backend) |
|
164 | 146 | |
|
165 | 147 | new_repo = RepoModel().get_by_repo_name(repo_name_full) |
|
166 | 148 | inherited_perms = UserRepoToPerm.query().filter( |
|
167 | 149 | UserRepoToPerm.repository_id == new_repo.repo_id).all() |
|
168 | 150 | assert len(inherited_perms) == 1 |
|
169 | 151 | finally: |
|
170 | 152 | RepoModel().delete(repo_name_full) |
|
171 | 153 | RepoGroupModel().delete(group_name) |
|
172 | 154 | Session().commit() |
|
173 | 155 | |
|
174 | 156 | def test_create_in_group_numeric_name( |
|
175 | 157 | self, autologin_user, backend, csrf_token): |
|
176 | 158 | # create GROUP |
|
177 | 159 | group_name = 'sometest_%s' % backend.alias |
|
178 | 160 | gr = RepoGroupModel().create(group_name=group_name, |
|
179 | 161 | group_description='test', |
|
180 | 162 | owner=TEST_USER_ADMIN_LOGIN) |
|
181 | 163 | Session().commit() |
|
182 | 164 | |
|
183 | 165 | repo_name = '12345' |
|
184 | 166 | repo_name_full = RepoGroup.url_sep().join([group_name, repo_name]) |
|
185 | 167 | description = 'description for newly created repo' |
|
186 | 168 | self.app.post( |
|
187 | 169 | route_path('repo_create'), |
|
188 | 170 | fixture._get_repo_create_params( |
|
189 | 171 | repo_private=False, |
|
190 | 172 | repo_name=repo_name, |
|
191 | 173 | repo_type=backend.alias, |
|
192 | 174 | repo_description=description, |
|
193 | 175 | repo_group=gr.group_id, |
|
194 | 176 | csrf_token=csrf_token)) |
|
195 | 177 | |
|
196 | 178 | # TODO: johbo: Cleanup work to fixture |
|
197 | 179 | try: |
|
198 | 180 | self.assert_repository_is_created_correctly( |
|
199 | 181 | repo_name_full, description, backend) |
|
200 | 182 | |
|
201 | 183 | new_repo = RepoModel().get_by_repo_name(repo_name_full) |
|
202 | 184 | inherited_perms = UserRepoToPerm.query()\ |
|
203 | 185 | .filter(UserRepoToPerm.repository_id == new_repo.repo_id).all() |
|
204 | 186 | assert len(inherited_perms) == 1 |
|
205 | 187 | finally: |
|
206 | 188 | RepoModel().delete(repo_name_full) |
|
207 | 189 | RepoGroupModel().delete(group_name) |
|
208 | 190 | Session().commit() |
|
209 | 191 | |
|
210 | 192 | def test_create_in_group_without_needed_permissions(self, backend): |
|
211 | 193 | session = login_user_session( |
|
212 | 194 | self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
213 | 195 | csrf_token = auth.get_csrf_token(session) |
|
214 | 196 | # revoke |
|
215 | 197 | user_model = UserModel() |
|
216 | 198 | # disable fork and create on default user |
|
217 | 199 | user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository') |
|
218 | 200 | user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none') |
|
219 | 201 | user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository') |
|
220 | 202 | user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none') |
|
221 | 203 | |
|
222 | 204 | # disable on regular user |
|
223 | 205 | user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository') |
|
224 | 206 | user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none') |
|
225 | 207 | user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository') |
|
226 | 208 | user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none') |
|
227 | 209 | Session().commit() |
|
228 | 210 | |
|
229 | 211 | # create GROUP |
|
230 | 212 | group_name = 'reg_sometest_%s' % backend.alias |
|
231 | 213 | gr = RepoGroupModel().create(group_name=group_name, |
|
232 | 214 | group_description='test', |
|
233 | 215 | owner=TEST_USER_ADMIN_LOGIN) |
|
234 | 216 | Session().commit() |
|
235 | 217 | repo_group_id = gr.group_id |
|
236 | 218 | |
|
237 | 219 | group_name_allowed = 'reg_sometest_allowed_%s' % backend.alias |
|
238 | 220 | gr_allowed = RepoGroupModel().create( |
|
239 | 221 | group_name=group_name_allowed, |
|
240 | 222 | group_description='test', |
|
241 | 223 | owner=TEST_USER_REGULAR_LOGIN) |
|
242 | 224 | allowed_repo_group_id = gr_allowed.group_id |
|
243 | 225 | Session().commit() |
|
244 | 226 | |
|
245 | 227 | repo_name = 'ingroup' |
|
246 | 228 | description = 'description for newly created repo' |
|
247 | 229 | response = self.app.post( |
|
248 | 230 | route_path('repo_create'), |
|
249 | 231 | fixture._get_repo_create_params( |
|
250 | 232 | repo_private=False, |
|
251 | 233 | repo_name=repo_name, |
|
252 | 234 | repo_type=backend.alias, |
|
253 | 235 | repo_description=description, |
|
254 | 236 | repo_group=repo_group_id, |
|
255 | 237 | csrf_token=csrf_token)) |
|
256 | 238 | |
|
257 | 239 | response.mustcontain('Invalid value') |
|
258 | 240 | |
|
259 | 241 | # user is allowed to create in this group |
|
260 | 242 | repo_name = 'ingroup' |
|
261 | 243 | repo_name_full = RepoGroup.url_sep().join( |
|
262 | 244 | [group_name_allowed, repo_name]) |
|
263 | 245 | description = 'description for newly created repo' |
|
264 | 246 | response = self.app.post( |
|
265 | 247 | route_path('repo_create'), |
|
266 | 248 | fixture._get_repo_create_params( |
|
267 | 249 | repo_private=False, |
|
268 | 250 | repo_name=repo_name, |
|
269 | 251 | repo_type=backend.alias, |
|
270 | 252 | repo_description=description, |
|
271 | 253 | repo_group=allowed_repo_group_id, |
|
272 | 254 | csrf_token=csrf_token)) |
|
273 | 255 | |
|
274 | 256 | # TODO: johbo: Cleanup in pytest fixture |
|
275 | 257 | try: |
|
276 | 258 | self.assert_repository_is_created_correctly( |
|
277 | 259 | repo_name_full, description, backend) |
|
278 | 260 | |
|
279 | 261 | new_repo = RepoModel().get_by_repo_name(repo_name_full) |
|
280 | 262 | inherited_perms = UserRepoToPerm.query().filter( |
|
281 | 263 | UserRepoToPerm.repository_id == new_repo.repo_id).all() |
|
282 | 264 | assert len(inherited_perms) == 1 |
|
283 | 265 | |
|
284 | 266 | assert repo_on_filesystem(repo_name_full) |
|
285 | 267 | finally: |
|
286 | 268 | RepoModel().delete(repo_name_full) |
|
287 | 269 | RepoGroupModel().delete(group_name) |
|
288 | 270 | RepoGroupModel().delete(group_name_allowed) |
|
289 | 271 | Session().commit() |
|
290 | 272 | |
|
291 | 273 | def test_create_in_group_inherit_permissions(self, autologin_user, backend, |
|
292 | 274 | csrf_token): |
|
293 | 275 | # create GROUP |
|
294 | 276 | group_name = 'sometest_%s' % backend.alias |
|
295 | 277 | gr = RepoGroupModel().create(group_name=group_name, |
|
296 | 278 | group_description='test', |
|
297 | 279 | owner=TEST_USER_ADMIN_LOGIN) |
|
298 | 280 | perm = Permission.get_by_key('repository.write') |
|
299 | 281 | RepoGroupModel().grant_user_permission( |
|
300 | 282 | gr, TEST_USER_REGULAR_LOGIN, perm) |
|
301 | 283 | |
|
302 | 284 | # add repo permissions |
|
303 | 285 | Session().commit() |
|
304 | 286 | repo_group_id = gr.group_id |
|
305 | 287 | repo_name = 'ingroup_inherited_%s' % backend.alias |
|
306 | 288 | repo_name_full = RepoGroup.url_sep().join([group_name, repo_name]) |
|
307 | 289 | description = 'description for newly created repo' |
|
308 | 290 | self.app.post( |
|
309 | 291 | route_path('repo_create'), |
|
310 | 292 | fixture._get_repo_create_params( |
|
311 | 293 | repo_private=False, |
|
312 | 294 | repo_name=repo_name, |
|
313 | 295 | repo_type=backend.alias, |
|
314 | 296 | repo_description=description, |
|
315 | 297 | repo_group=repo_group_id, |
|
316 | 298 | repo_copy_permissions=True, |
|
317 | 299 | csrf_token=csrf_token)) |
|
318 | 300 | |
|
319 | 301 | # TODO: johbo: Cleanup to pytest fixture |
|
320 | 302 | try: |
|
321 | 303 | self.assert_repository_is_created_correctly( |
|
322 | 304 | repo_name_full, description, backend) |
|
323 | 305 | except Exception: |
|
324 | 306 | RepoGroupModel().delete(group_name) |
|
325 | 307 | Session().commit() |
|
326 | 308 | raise |
|
327 | 309 | |
|
328 | 310 | # check if inherited permissions are applied |
|
329 | 311 | new_repo = RepoModel().get_by_repo_name(repo_name_full) |
|
330 | 312 | inherited_perms = UserRepoToPerm.query().filter( |
|
331 | 313 | UserRepoToPerm.repository_id == new_repo.repo_id).all() |
|
332 | 314 | assert len(inherited_perms) == 2 |
|
333 | 315 | |
|
334 | 316 | assert TEST_USER_REGULAR_LOGIN in [ |
|
335 | 317 | x.user.username for x in inherited_perms] |
|
336 | 318 | assert 'repository.write' in [ |
|
337 | 319 | x.permission.permission_name for x in inherited_perms] |
|
338 | 320 | |
|
339 | 321 | RepoModel().delete(repo_name_full) |
|
340 | 322 | RepoGroupModel().delete(group_name) |
|
341 | 323 | Session().commit() |
|
342 | 324 | |
|
343 | 325 | @pytest.mark.xfail_backends( |
|
344 | 326 | "git", "hg", reason="Missing reposerver support") |
|
345 | 327 | def test_create_with_clone_uri(self, autologin_user, backend, reposerver, |
|
346 | 328 | csrf_token): |
|
347 | 329 | source_repo = backend.create_repo(number_of_commits=2) |
|
348 | 330 | source_repo_name = source_repo.repo_name |
|
349 | 331 | reposerver.serve(source_repo.scm_instance()) |
|
350 | 332 | |
|
351 | 333 | repo_name = backend.new_repo_name() |
|
352 | 334 | response = self.app.post( |
|
353 | 335 | route_path('repo_create'), |
|
354 | 336 | fixture._get_repo_create_params( |
|
355 | 337 | repo_private=False, |
|
356 | 338 | repo_name=repo_name, |
|
357 | 339 | repo_type=backend.alias, |
|
358 | 340 | repo_description='', |
|
359 | 341 | clone_uri=reposerver.url, |
|
360 | 342 | csrf_token=csrf_token), |
|
361 | 343 | status=302) |
|
362 | 344 | |
|
363 | 345 | # Should be redirected to the creating page |
|
364 | 346 | response.mustcontain('repo_creating') |
|
365 | 347 | |
|
366 | 348 | # Expecting that both repositories have same history |
|
367 | 349 | source_repo = RepoModel().get_by_repo_name(source_repo_name) |
|
368 | 350 | source_vcs = source_repo.scm_instance() |
|
369 | 351 | repo = RepoModel().get_by_repo_name(repo_name) |
|
370 | 352 | repo_vcs = repo.scm_instance() |
|
371 | 353 | assert source_vcs[0].message == repo_vcs[0].message |
|
372 | 354 | assert source_vcs.count() == repo_vcs.count() |
|
373 | 355 | assert source_vcs.commit_ids == repo_vcs.commit_ids |
|
374 | 356 | |
|
375 | 357 | @pytest.mark.xfail_backends("svn", reason="Depends on import support") |
|
376 | 358 | def test_create_remote_repo_wrong_clone_uri(self, autologin_user, backend, |
|
377 | 359 | csrf_token): |
|
378 | 360 | repo_name = backend.new_repo_name() |
|
379 | 361 | description = 'description for newly created repo' |
|
380 | 362 | response = self.app.post( |
|
381 | 363 | route_path('repo_create'), |
|
382 | 364 | fixture._get_repo_create_params( |
|
383 | 365 | repo_private=False, |
|
384 | 366 | repo_name=repo_name, |
|
385 | 367 | repo_type=backend.alias, |
|
386 | 368 | repo_description=description, |
|
387 | 369 | clone_uri='http://repo.invalid/repo', |
|
388 | 370 | csrf_token=csrf_token)) |
|
389 | 371 | response.mustcontain('invalid clone url') |
|
390 | 372 | |
|
391 | 373 | @pytest.mark.xfail_backends("svn", reason="Depends on import support") |
|
392 | 374 | def test_create_remote_repo_wrong_clone_uri_hg_svn( |
|
393 | 375 | self, autologin_user, backend, csrf_token): |
|
394 | 376 | repo_name = backend.new_repo_name() |
|
395 | 377 | description = 'description for newly created repo' |
|
396 | 378 | response = self.app.post( |
|
397 | 379 | route_path('repo_create'), |
|
398 | 380 | fixture._get_repo_create_params( |
|
399 | 381 | repo_private=False, |
|
400 | 382 | repo_name=repo_name, |
|
401 | 383 | repo_type=backend.alias, |
|
402 | 384 | repo_description=description, |
|
403 | 385 | clone_uri='svn+http://svn.invalid/repo', |
|
404 | 386 | csrf_token=csrf_token)) |
|
405 | 387 | response.mustcontain('invalid clone url') |
|
406 | 388 | |
|
407 | 389 | def test_create_with_git_suffix( |
|
408 | 390 | self, autologin_user, backend, csrf_token): |
|
409 | 391 | repo_name = backend.new_repo_name() + ".git" |
|
410 | 392 | description = 'description for newly created repo' |
|
411 | 393 | response = self.app.post( |
|
412 | 394 | route_path('repo_create'), |
|
413 | 395 | fixture._get_repo_create_params( |
|
414 | 396 | repo_private=False, |
|
415 | 397 | repo_name=repo_name, |
|
416 | 398 | repo_type=backend.alias, |
|
417 | 399 | repo_description=description, |
|
418 | 400 | csrf_token=csrf_token)) |
|
419 | 401 | response.mustcontain('Repository name cannot end with .git') |
|
420 | 402 | |
|
421 | 403 | def test_default_user_cannot_access_private_repo_in_a_group( |
|
422 | 404 | self, autologin_user, user_util, backend): |
|
423 | 405 | |
|
424 | 406 | group = user_util.create_repo_group() |
|
425 | 407 | |
|
426 | 408 | repo = backend.create_repo( |
|
427 | 409 | repo_private=True, repo_group=group, repo_copy_permissions=True) |
|
428 | 410 | |
|
429 | 411 | permissions = _get_permission_for_user( |
|
430 | 412 | user='default', repo=repo.repo_name) |
|
431 | 413 | assert len(permissions) == 1 |
|
432 | 414 | assert permissions[0].permission.permission_name == 'repository.none' |
|
433 | 415 | assert permissions[0].repository.private is True |
|
434 | 416 | |
|
435 | 417 | def test_create_on_top_level_without_permissions(self, backend): |
|
436 | 418 | session = login_user_session( |
|
437 | 419 | self.app, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
438 | 420 | csrf_token = auth.get_csrf_token(session) |
|
439 | 421 | |
|
440 | 422 | # revoke |
|
441 | 423 | user_model = UserModel() |
|
442 | 424 | # disable fork and create on default user |
|
443 | 425 | user_model.revoke_perm(User.DEFAULT_USER, 'hg.create.repository') |
|
444 | 426 | user_model.grant_perm(User.DEFAULT_USER, 'hg.create.none') |
|
445 | 427 | user_model.revoke_perm(User.DEFAULT_USER, 'hg.fork.repository') |
|
446 | 428 | user_model.grant_perm(User.DEFAULT_USER, 'hg.fork.none') |
|
447 | 429 | |
|
448 | 430 | # disable on regular user |
|
449 | 431 | user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.repository') |
|
450 | 432 | user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.create.none') |
|
451 | 433 | user_model.revoke_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.repository') |
|
452 | 434 | user_model.grant_perm(TEST_USER_REGULAR_LOGIN, 'hg.fork.none') |
|
453 | 435 | Session().commit() |
|
454 | 436 | |
|
455 | 437 | repo_name = backend.new_repo_name() |
|
456 | 438 | description = 'description for newly created repo' |
|
457 | 439 | response = self.app.post( |
|
458 | 440 | route_path('repo_create'), |
|
459 | 441 | fixture._get_repo_create_params( |
|
460 | 442 | repo_private=False, |
|
461 | 443 | repo_name=repo_name, |
|
462 | 444 | repo_type=backend.alias, |
|
463 | 445 | repo_description=description, |
|
464 | 446 | csrf_token=csrf_token)) |
|
465 | 447 | |
|
466 | 448 | response.mustcontain( |
|
467 | 449 | u"You do not have the permission to store repositories in " |
|
468 | 450 | u"the root location.") |
|
469 | 451 | |
|
470 | 452 | @mock.patch.object(RepoModel, '_create_filesystem_repo', error_function) |
|
471 | 453 | def test_create_repo_when_filesystem_op_fails( |
|
472 | 454 | self, autologin_user, backend, csrf_token): |
|
473 | 455 | repo_name = backend.new_repo_name() |
|
474 | 456 | description = 'description for newly created repo' |
|
475 | 457 | |
|
476 | 458 | response = self.app.post( |
|
477 | 459 | route_path('repo_create'), |
|
478 | 460 | fixture._get_repo_create_params( |
|
479 | 461 | repo_private=False, |
|
480 | 462 | repo_name=repo_name, |
|
481 | 463 | repo_type=backend.alias, |
|
482 | 464 | repo_description=description, |
|
483 | 465 | csrf_token=csrf_token)) |
|
484 | 466 | |
|
485 | 467 | assert_session_flash( |
|
486 | 468 | response, 'Error creating repository %s' % repo_name) |
|
487 | 469 | # repo must not be in db |
|
488 | 470 | assert backend.repo is None |
|
489 | 471 | # repo must not be in filesystem ! |
|
490 | 472 | assert not repo_on_filesystem(repo_name) |
|
491 | 473 | |
|
492 | 474 | def assert_repository_is_created_correctly(self, repo_name, description, backend): |
|
493 | 475 | url_quoted_repo_name = urllib.parse.quote(repo_name) |
|
494 | 476 | |
|
495 | 477 | # run the check page that triggers the flash message |
|
496 | 478 | response = self.app.get( |
|
497 | 479 | route_path('repo_creating_check', repo_name=repo_name)) |
|
498 | 480 | assert response.json == {'result': True} |
|
499 | 481 | |
|
500 | 482 | flash_msg = 'Created repository <a href="/{}">{}</a>'.format(url_quoted_repo_name, repo_name) |
|
501 | 483 | assert_session_flash(response, flash_msg) |
|
502 | 484 | |
|
503 | 485 | # test if the repo was created in the database |
|
504 | 486 | new_repo = RepoModel().get_by_repo_name(repo_name) |
|
505 | 487 | |
|
506 | 488 | assert new_repo.repo_name == repo_name |
|
507 | 489 | assert new_repo.description == description |
|
508 | 490 | |
|
509 | 491 | # test if the repository is visible in the list ? |
|
510 | 492 | response = self.app.get( |
|
511 | 493 | h.route_path('repo_summary', repo_name=repo_name)) |
|
512 | 494 | response.mustcontain(repo_name) |
|
513 | 495 | response.mustcontain(backend.alias) |
|
514 | 496 | |
|
515 | 497 | assert repo_on_filesystem(repo_name) |
@@ -1,195 +1,179 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import os |
|
21 | 21 | import pytest |
|
22 | 22 | |
|
23 | 23 | from rhodecode.apps._base import ADMIN_PREFIX |
|
24 | 24 | from rhodecode.lib import helpers as h |
|
25 | 25 | from rhodecode.model.db import Repository, UserRepoToPerm, User, RepoGroup |
|
26 | 26 | from rhodecode.model.meta import Session |
|
27 | 27 | from rhodecode.model.repo_group import RepoGroupModel |
|
28 | 28 | from rhodecode.tests import ( |
|
29 | 29 | assert_session_flash, TEST_USER_REGULAR_LOGIN, TESTS_TMP_PATH) |
|
30 | 30 | from rhodecode.tests.fixture import Fixture |
|
31 | ||
|
32 | fixture = Fixture() | |
|
31 | from rhodecode.tests.routes import route_path | |
|
33 | 32 | |
|
34 | 33 | |
|
35 | def route_path(name, params=None, **kwargs): | |
|
36 | import urllib.request | |
|
37 | import urllib.parse | |
|
38 | import urllib.error | |
|
39 | ||
|
40 | base_url = { | |
|
41 | 'repo_groups': ADMIN_PREFIX + '/repo_groups', | |
|
42 | 'repo_groups_data': ADMIN_PREFIX + '/repo_groups_data', | |
|
43 | 'repo_group_new': ADMIN_PREFIX + '/repo_group/new', | |
|
44 | 'repo_group_create': ADMIN_PREFIX + '/repo_group/create', | |
|
45 | ||
|
46 | }[name].format(**kwargs) | |
|
47 | ||
|
48 | if params: | |
|
49 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
50 | return base_url | |
|
34 | fixture = Fixture() | |
|
51 | 35 | |
|
52 | 36 | |
|
53 | 37 | def _get_permission_for_user(user, repo): |
|
54 | 38 | perm = UserRepoToPerm.query()\ |
|
55 | 39 | .filter(UserRepoToPerm.repository == |
|
56 | 40 | Repository.get_by_repo_name(repo))\ |
|
57 | 41 | .filter(UserRepoToPerm.user == User.get_by_username(user))\ |
|
58 | 42 | .all() |
|
59 | 43 | return perm |
|
60 | 44 | |
|
61 | 45 | |
|
62 | 46 | @pytest.mark.usefixtures("app") |
|
63 | 47 | class TestAdminRepositoryGroups(object): |
|
64 | 48 | |
|
65 | 49 | def test_show_repo_groups(self, autologin_user): |
|
66 | 50 | self.app.get(route_path('repo_groups')) |
|
67 | 51 | |
|
68 | 52 | def test_show_repo_groups_data(self, autologin_user, xhr_header): |
|
69 | 53 | response = self.app.get(route_path( |
|
70 | 54 | 'repo_groups_data'), extra_environ=xhr_header) |
|
71 | 55 | |
|
72 | 56 | all_repo_groups = RepoGroup.query().count() |
|
73 | 57 | assert response.json['recordsTotal'] == all_repo_groups |
|
74 | 58 | |
|
75 | 59 | def test_show_repo_groups_data_filtered(self, autologin_user, xhr_header): |
|
76 | 60 | response = self.app.get(route_path( |
|
77 | 61 | 'repo_groups_data', params={'search[value]': 'empty_search'}), |
|
78 | 62 | extra_environ=xhr_header) |
|
79 | 63 | |
|
80 | 64 | all_repo_groups = RepoGroup.query().count() |
|
81 | 65 | assert response.json['recordsTotal'] == all_repo_groups |
|
82 | 66 | assert response.json['recordsFiltered'] == 0 |
|
83 | 67 | |
|
84 | 68 | def test_show_repo_groups_after_creating_group(self, autologin_user, xhr_header): |
|
85 | 69 | fixture.create_repo_group('test_repo_group') |
|
86 | 70 | response = self.app.get(route_path( |
|
87 | 71 | 'repo_groups_data'), extra_environ=xhr_header) |
|
88 | 72 | response.mustcontain('<a href=\\"/{}/_edit\\" title=\\"Edit\\">Edit</a>'.format('test_repo_group')) |
|
89 | 73 | fixture.destroy_repo_group('test_repo_group') |
|
90 | 74 | |
|
91 | 75 | def test_new(self, autologin_user): |
|
92 | 76 | self.app.get(route_path('repo_group_new')) |
|
93 | 77 | |
|
94 | 78 | def test_new_with_parent_group(self, autologin_user, user_util): |
|
95 | 79 | gr = user_util.create_repo_group() |
|
96 | 80 | |
|
97 | 81 | self.app.get(route_path('repo_group_new'), |
|
98 | 82 | params=dict(parent_group=gr.group_name)) |
|
99 | 83 | |
|
100 | 84 | def test_new_by_regular_user_no_permission(self, autologin_regular_user): |
|
101 | 85 | self.app.get(route_path('repo_group_new'), status=403) |
|
102 | 86 | |
|
103 | 87 | @pytest.mark.parametrize('repo_group_name', [ |
|
104 | 88 | 'git_repo', |
|
105 | 89 | 'git_repo_ąć', |
|
106 | 90 | 'hg_repo', |
|
107 | 91 | '12345', |
|
108 | 92 | 'hg_repo_ąć', |
|
109 | 93 | ]) |
|
110 | 94 | def test_create(self, autologin_user, repo_group_name, csrf_token): |
|
111 | 95 | repo_group_name_non_ascii = repo_group_name |
|
112 | 96 | description = 'description for newly created repo group' |
|
113 | 97 | |
|
114 | 98 | response = self.app.post( |
|
115 | 99 | route_path('repo_group_create'), |
|
116 | 100 | fixture._get_group_create_params( |
|
117 | 101 | group_name=repo_group_name, |
|
118 | 102 | group_description=description, |
|
119 | 103 | csrf_token=csrf_token)) |
|
120 | 104 | |
|
121 | 105 | # run the check page that triggers the flash message |
|
122 | 106 | repo_gr_url = h.route_path( |
|
123 | 107 | 'repo_group_home', repo_group_name=repo_group_name) |
|
124 | 108 | |
|
125 | 109 | assert_session_flash( |
|
126 | 110 | response, |
|
127 | 111 | 'Created repository group <a href="%s">%s</a>' % ( |
|
128 | 112 | repo_gr_url, repo_group_name_non_ascii)) |
|
129 | 113 | |
|
130 | 114 | # # test if the repo group was created in the database |
|
131 | 115 | new_repo_group = RepoGroupModel()._get_repo_group( |
|
132 | 116 | repo_group_name_non_ascii) |
|
133 | 117 | assert new_repo_group is not None |
|
134 | 118 | |
|
135 | 119 | assert new_repo_group.group_name == repo_group_name_non_ascii |
|
136 | 120 | assert new_repo_group.group_description == description |
|
137 | 121 | |
|
138 | 122 | # test if the repository is visible in the list ? |
|
139 | 123 | response = self.app.get(repo_gr_url) |
|
140 | 124 | response.mustcontain(repo_group_name) |
|
141 | 125 | |
|
142 | 126 | # test if the repository group was created on filesystem |
|
143 | 127 | is_on_filesystem = os.path.isdir( |
|
144 | 128 | os.path.join(TESTS_TMP_PATH, repo_group_name)) |
|
145 | 129 | if not is_on_filesystem: |
|
146 | 130 | self.fail('no repo group %s in filesystem' % repo_group_name) |
|
147 | 131 | |
|
148 | 132 | RepoGroupModel().delete(repo_group_name_non_ascii) |
|
149 | 133 | Session().commit() |
|
150 | 134 | |
|
151 | 135 | @pytest.mark.parametrize('repo_group_name', [ |
|
152 | 136 | 'git_repo', |
|
153 | 137 | 'git_repo_ąć', |
|
154 | 138 | 'hg_repo', |
|
155 | 139 | '12345', |
|
156 | 140 | 'hg_repo_ąć', |
|
157 | 141 | ]) |
|
158 | 142 | def test_create_subgroup(self, autologin_user, user_util, repo_group_name, csrf_token): |
|
159 | 143 | parent_group = user_util.create_repo_group() |
|
160 | 144 | parent_group_name = parent_group.group_name |
|
161 | 145 | |
|
162 | 146 | expected_group_name = '{}/{}'.format( |
|
163 | 147 | parent_group_name, repo_group_name) |
|
164 | 148 | expected_group_name_non_ascii = expected_group_name |
|
165 | 149 | |
|
166 | 150 | try: |
|
167 | 151 | response = self.app.post( |
|
168 | 152 | route_path('repo_group_create'), |
|
169 | 153 | fixture._get_group_create_params( |
|
170 | 154 | group_name=repo_group_name, |
|
171 | 155 | group_parent_id=parent_group.group_id, |
|
172 | 156 | group_description='Test desciption', |
|
173 | 157 | csrf_token=csrf_token)) |
|
174 | 158 | |
|
175 | 159 | assert_session_flash( |
|
176 | 160 | response, |
|
177 | 161 | u'Created repository group <a href="%s">%s</a>' % ( |
|
178 | 162 | h.route_path('repo_group_home', |
|
179 | 163 | repo_group_name=expected_group_name), |
|
180 | 164 | expected_group_name_non_ascii)) |
|
181 | 165 | finally: |
|
182 | 166 | RepoGroupModel().delete(expected_group_name_non_ascii) |
|
183 | 167 | Session().commit() |
|
184 | 168 | |
|
185 | 169 | def test_user_with_creation_permissions_cannot_create_subgroups( |
|
186 | 170 | self, autologin_regular_user, user_util): |
|
187 | 171 | |
|
188 | 172 | user_util.grant_user_permission( |
|
189 | 173 | TEST_USER_REGULAR_LOGIN, 'hg.repogroup.create.true') |
|
190 | 174 | parent_group = user_util.create_repo_group() |
|
191 | 175 | parent_group_id = parent_group.group_id |
|
192 | 176 | self.app.get( |
|
193 | 177 | route_path('repo_group_new', |
|
194 | 178 | params=dict(parent_group=parent_group_id), ), |
|
195 | 179 | status=403) |
@@ -1,768 +1,695 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import mock |
|
21 | 21 | import pytest |
|
22 | 22 | |
|
23 | 23 | import rhodecode |
|
24 | 24 | from rhodecode.apps._base import ADMIN_PREFIX |
|
25 | 25 | from rhodecode.lib.hash_utils import md5_safe |
|
26 | 26 | from rhodecode.model.db import RhodeCodeUi |
|
27 | 27 | from rhodecode.model.meta import Session |
|
28 | 28 | from rhodecode.model.settings import SettingsModel, IssueTrackerSettingsModel |
|
29 | 29 | from rhodecode.tests import assert_session_flash |
|
30 | from rhodecode.tests.routes import route_path | |
|
30 | 31 | |
|
31 | 32 | |
|
32 | 33 | UPDATE_DATA_QUALNAME = 'rhodecode.model.update.UpdateModel.get_update_data' |
|
33 | 34 | |
|
34 | 35 | |
|
35 | def route_path(name, params=None, **kwargs): | |
|
36 | import urllib.request | |
|
37 | import urllib.parse | |
|
38 | import urllib.error | |
|
39 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
40 | ||
|
41 | base_url = { | |
|
42 | ||
|
43 | 'admin_settings': | |
|
44 | ADMIN_PREFIX +'/settings', | |
|
45 | 'admin_settings_update': | |
|
46 | ADMIN_PREFIX + '/settings/update', | |
|
47 | 'admin_settings_global': | |
|
48 | ADMIN_PREFIX + '/settings/global', | |
|
49 | 'admin_settings_global_update': | |
|
50 | ADMIN_PREFIX + '/settings/global/update', | |
|
51 | 'admin_settings_vcs': | |
|
52 | ADMIN_PREFIX + '/settings/vcs', | |
|
53 | 'admin_settings_vcs_update': | |
|
54 | ADMIN_PREFIX + '/settings/vcs/update', | |
|
55 | 'admin_settings_vcs_svn_pattern_delete': | |
|
56 | ADMIN_PREFIX + '/settings/vcs/svn_pattern_delete', | |
|
57 | 'admin_settings_mapping': | |
|
58 | ADMIN_PREFIX + '/settings/mapping', | |
|
59 | 'admin_settings_mapping_update': | |
|
60 | ADMIN_PREFIX + '/settings/mapping/update', | |
|
61 | 'admin_settings_visual': | |
|
62 | ADMIN_PREFIX + '/settings/visual', | |
|
63 | 'admin_settings_visual_update': | |
|
64 | ADMIN_PREFIX + '/settings/visual/update', | |
|
65 | 'admin_settings_issuetracker': | |
|
66 | ADMIN_PREFIX + '/settings/issue-tracker', | |
|
67 | 'admin_settings_issuetracker_update': | |
|
68 | ADMIN_PREFIX + '/settings/issue-tracker/update', | |
|
69 | 'admin_settings_issuetracker_test': | |
|
70 | ADMIN_PREFIX + '/settings/issue-tracker/test', | |
|
71 | 'admin_settings_issuetracker_delete': | |
|
72 | ADMIN_PREFIX + '/settings/issue-tracker/delete', | |
|
73 | 'admin_settings_email': | |
|
74 | ADMIN_PREFIX + '/settings/email', | |
|
75 | 'admin_settings_email_update': | |
|
76 | ADMIN_PREFIX + '/settings/email/update', | |
|
77 | 'admin_settings_hooks': | |
|
78 | ADMIN_PREFIX + '/settings/hooks', | |
|
79 | 'admin_settings_hooks_update': | |
|
80 | ADMIN_PREFIX + '/settings/hooks/update', | |
|
81 | 'admin_settings_hooks_delete': | |
|
82 | ADMIN_PREFIX + '/settings/hooks/delete', | |
|
83 | 'admin_settings_search': | |
|
84 | ADMIN_PREFIX + '/settings/search', | |
|
85 | 'admin_settings_labs': | |
|
86 | ADMIN_PREFIX + '/settings/labs', | |
|
87 | 'admin_settings_labs_update': | |
|
88 | ADMIN_PREFIX + '/settings/labs/update', | |
|
89 | ||
|
90 | 'admin_settings_sessions': | |
|
91 | ADMIN_PREFIX + '/settings/sessions', | |
|
92 | 'admin_settings_sessions_cleanup': | |
|
93 | ADMIN_PREFIX + '/settings/sessions/cleanup', | |
|
94 | 'admin_settings_system': | |
|
95 | ADMIN_PREFIX + '/settings/system', | |
|
96 | 'admin_settings_system_update': | |
|
97 | ADMIN_PREFIX + '/settings/system/updates', | |
|
98 | 'admin_settings_open_source': | |
|
99 | ADMIN_PREFIX + '/settings/open_source', | |
|
100 | ||
|
101 | ||
|
102 | }[name].format(**kwargs) | |
|
103 | ||
|
104 | if params: | |
|
105 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
106 | return base_url | |
|
107 | ||
|
108 | ||
|
109 | 36 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
110 | 37 | class TestAdminSettingsController(object): |
|
111 | 38 | |
|
112 | 39 | @pytest.mark.parametrize('urlname', [ |
|
113 | 40 | 'admin_settings_vcs', |
|
114 | 41 | 'admin_settings_mapping', |
|
115 | 42 | 'admin_settings_global', |
|
116 | 43 | 'admin_settings_visual', |
|
117 | 44 | 'admin_settings_email', |
|
118 | 45 | 'admin_settings_hooks', |
|
119 | 46 | 'admin_settings_search', |
|
120 | 47 | ]) |
|
121 | 48 | def test_simple_get(self, urlname): |
|
122 | 49 | self.app.get(route_path(urlname)) |
|
123 | 50 | |
|
124 | 51 | def test_create_custom_hook(self, csrf_token): |
|
125 | 52 | response = self.app.post( |
|
126 | 53 | route_path('admin_settings_hooks_update'), |
|
127 | 54 | params={ |
|
128 | 55 | 'new_hook_ui_key': 'test_hooks_1', |
|
129 | 56 | 'new_hook_ui_value': 'cd /tmp', |
|
130 | 57 | 'csrf_token': csrf_token}) |
|
131 | 58 | |
|
132 | 59 | response = response.follow() |
|
133 | 60 | response.mustcontain('test_hooks_1') |
|
134 | 61 | response.mustcontain('cd /tmp') |
|
135 | 62 | |
|
136 | 63 | def test_create_custom_hook_delete(self, csrf_token): |
|
137 | 64 | response = self.app.post( |
|
138 | 65 | route_path('admin_settings_hooks_update'), |
|
139 | 66 | params={ |
|
140 | 67 | 'new_hook_ui_key': 'test_hooks_2', |
|
141 | 68 | 'new_hook_ui_value': 'cd /tmp2', |
|
142 | 69 | 'csrf_token': csrf_token}) |
|
143 | 70 | |
|
144 | 71 | response = response.follow() |
|
145 | 72 | response.mustcontain('test_hooks_2') |
|
146 | 73 | response.mustcontain('cd /tmp2') |
|
147 | 74 | |
|
148 | 75 | hook_id = SettingsModel().get_ui_by_key('test_hooks_2').ui_id |
|
149 | 76 | |
|
150 | 77 | # delete |
|
151 | 78 | self.app.post( |
|
152 | 79 | route_path('admin_settings_hooks_delete'), |
|
153 | 80 | params={'hook_id': hook_id, 'csrf_token': csrf_token}) |
|
154 | 81 | response = self.app.get(route_path('admin_settings_hooks')) |
|
155 | 82 | response.mustcontain(no=['test_hooks_2']) |
|
156 | 83 | response.mustcontain(no=['cd /tmp2']) |
|
157 | 84 | |
|
158 | 85 | |
|
159 | 86 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
160 | 87 | class TestAdminSettingsGlobal(object): |
|
161 | 88 | |
|
162 | 89 | def test_pre_post_code_code_active(self, csrf_token): |
|
163 | 90 | pre_code = 'rc-pre-code-187652122' |
|
164 | 91 | post_code = 'rc-postcode-98165231' |
|
165 | 92 | |
|
166 | 93 | response = self.post_and_verify_settings({ |
|
167 | 94 | 'rhodecode_pre_code': pre_code, |
|
168 | 95 | 'rhodecode_post_code': post_code, |
|
169 | 96 | 'csrf_token': csrf_token, |
|
170 | 97 | }) |
|
171 | 98 | |
|
172 | 99 | response = response.follow() |
|
173 | 100 | response.mustcontain(pre_code, post_code) |
|
174 | 101 | |
|
175 | 102 | def test_pre_post_code_code_inactive(self, csrf_token): |
|
176 | 103 | pre_code = 'rc-pre-code-187652122' |
|
177 | 104 | post_code = 'rc-postcode-98165231' |
|
178 | 105 | response = self.post_and_verify_settings({ |
|
179 | 106 | 'rhodecode_pre_code': '', |
|
180 | 107 | 'rhodecode_post_code': '', |
|
181 | 108 | 'csrf_token': csrf_token, |
|
182 | 109 | }) |
|
183 | 110 | |
|
184 | 111 | response = response.follow() |
|
185 | 112 | response.mustcontain(no=[pre_code, post_code]) |
|
186 | 113 | |
|
187 | 114 | def test_captcha_activate(self, csrf_token): |
|
188 | 115 | self.post_and_verify_settings({ |
|
189 | 116 | 'rhodecode_captcha_private_key': '1234567890', |
|
190 | 117 | 'rhodecode_captcha_public_key': '1234567890', |
|
191 | 118 | 'csrf_token': csrf_token, |
|
192 | 119 | }) |
|
193 | 120 | |
|
194 | 121 | response = self.app.get(ADMIN_PREFIX + '/register') |
|
195 | 122 | response.mustcontain('captcha') |
|
196 | 123 | |
|
197 | 124 | def test_captcha_deactivate(self, csrf_token): |
|
198 | 125 | self.post_and_verify_settings({ |
|
199 | 126 | 'rhodecode_captcha_private_key': '', |
|
200 | 127 | 'rhodecode_captcha_public_key': '1234567890', |
|
201 | 128 | 'csrf_token': csrf_token, |
|
202 | 129 | }) |
|
203 | 130 | |
|
204 | 131 | response = self.app.get(ADMIN_PREFIX + '/register') |
|
205 | 132 | response.mustcontain(no=['captcha']) |
|
206 | 133 | |
|
207 | 134 | def test_title_change(self, csrf_token): |
|
208 | 135 | old_title = 'RhodeCode' |
|
209 | 136 | |
|
210 | 137 | for new_title in ['Changed', 'Żółwik', old_title]: |
|
211 | 138 | response = self.post_and_verify_settings({ |
|
212 | 139 | 'rhodecode_title': new_title, |
|
213 | 140 | 'csrf_token': csrf_token, |
|
214 | 141 | }) |
|
215 | 142 | |
|
216 | 143 | response = response.follow() |
|
217 | 144 | response.mustcontain(new_title) |
|
218 | 145 | |
|
219 | 146 | def post_and_verify_settings(self, settings): |
|
220 | 147 | old_title = 'RhodeCode' |
|
221 | 148 | old_realm = 'RhodeCode authentication' |
|
222 | 149 | params = { |
|
223 | 150 | 'rhodecode_title': old_title, |
|
224 | 151 | 'rhodecode_realm': old_realm, |
|
225 | 152 | 'rhodecode_pre_code': '', |
|
226 | 153 | 'rhodecode_post_code': '', |
|
227 | 154 | 'rhodecode_captcha_private_key': '', |
|
228 | 155 | 'rhodecode_captcha_public_key': '', |
|
229 | 156 | 'rhodecode_create_personal_repo_group': False, |
|
230 | 157 | 'rhodecode_personal_repo_group_pattern': '${username}', |
|
231 | 158 | } |
|
232 | 159 | params.update(settings) |
|
233 | 160 | response = self.app.post( |
|
234 | 161 | route_path('admin_settings_global_update'), params=params) |
|
235 | 162 | |
|
236 | 163 | assert_session_flash(response, 'Updated application settings') |
|
237 | 164 | |
|
238 | 165 | app_settings = SettingsModel().get_all_settings() |
|
239 | 166 | del settings['csrf_token'] |
|
240 | 167 | for key, value in settings.items(): |
|
241 | 168 | assert app_settings[key] == value |
|
242 | 169 | |
|
243 | 170 | return response |
|
244 | 171 | |
|
245 | 172 | |
|
246 | 173 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
247 | 174 | class TestAdminSettingsVcs(object): |
|
248 | 175 | |
|
249 | 176 | def test_contains_svn_default_patterns(self): |
|
250 | 177 | response = self.app.get(route_path('admin_settings_vcs')) |
|
251 | 178 | expected_patterns = [ |
|
252 | 179 | '/trunk', |
|
253 | 180 | '/branches/*', |
|
254 | 181 | '/tags/*', |
|
255 | 182 | ] |
|
256 | 183 | for pattern in expected_patterns: |
|
257 | 184 | response.mustcontain(pattern) |
|
258 | 185 | |
|
259 | 186 | def test_add_new_svn_branch_and_tag_pattern( |
|
260 | 187 | self, backend_svn, form_defaults, disable_sql_cache, |
|
261 | 188 | csrf_token): |
|
262 | 189 | form_defaults.update({ |
|
263 | 190 | 'new_svn_branch': '/exp/branches/*', |
|
264 | 191 | 'new_svn_tag': '/important_tags/*', |
|
265 | 192 | 'csrf_token': csrf_token, |
|
266 | 193 | }) |
|
267 | 194 | |
|
268 | 195 | response = self.app.post( |
|
269 | 196 | route_path('admin_settings_vcs_update'), |
|
270 | 197 | params=form_defaults, status=302) |
|
271 | 198 | response = response.follow() |
|
272 | 199 | |
|
273 | 200 | # Expect to find the new values on the page |
|
274 | 201 | response.mustcontain('/exp/branches/*') |
|
275 | 202 | response.mustcontain('/important_tags/*') |
|
276 | 203 | |
|
277 | 204 | # Expect that those patterns are used to match branches and tags now |
|
278 | 205 | repo = backend_svn['svn-simple-layout'].scm_instance() |
|
279 | 206 | assert 'exp/branches/exp-sphinx-docs' in repo.branches |
|
280 | 207 | assert 'important_tags/v0.5' in repo.tags |
|
281 | 208 | |
|
282 | 209 | def test_add_same_svn_value_twice_shows_an_error_message( |
|
283 | 210 | self, form_defaults, csrf_token, settings_util): |
|
284 | 211 | settings_util.create_rhodecode_ui('vcs_svn_branch', '/test') |
|
285 | 212 | settings_util.create_rhodecode_ui('vcs_svn_tag', '/test') |
|
286 | 213 | |
|
287 | 214 | response = self.app.post( |
|
288 | 215 | route_path('admin_settings_vcs_update'), |
|
289 | 216 | params={ |
|
290 | 217 | 'paths_root_path': form_defaults['paths_root_path'], |
|
291 | 218 | 'new_svn_branch': '/test', |
|
292 | 219 | 'new_svn_tag': '/test', |
|
293 | 220 | 'csrf_token': csrf_token, |
|
294 | 221 | }, |
|
295 | 222 | status=200) |
|
296 | 223 | |
|
297 | 224 | response.mustcontain("Pattern already exists") |
|
298 | 225 | response.mustcontain("Some form inputs contain invalid data.") |
|
299 | 226 | |
|
300 | 227 | @pytest.mark.parametrize('section', [ |
|
301 | 228 | 'vcs_svn_branch', |
|
302 | 229 | 'vcs_svn_tag', |
|
303 | 230 | ]) |
|
304 | 231 | def test_delete_svn_patterns( |
|
305 | 232 | self, section, csrf_token, settings_util): |
|
306 | 233 | setting = settings_util.create_rhodecode_ui( |
|
307 | 234 | section, '/test_delete', cleanup=False) |
|
308 | 235 | |
|
309 | 236 | self.app.post( |
|
310 | 237 | route_path('admin_settings_vcs_svn_pattern_delete'), |
|
311 | 238 | params={ |
|
312 | 239 | 'delete_svn_pattern': setting.ui_id, |
|
313 | 240 | 'csrf_token': csrf_token}, |
|
314 | 241 | headers={'X-REQUESTED-WITH': 'XMLHttpRequest'}) |
|
315 | 242 | |
|
316 | 243 | @pytest.mark.parametrize('section', [ |
|
317 | 244 | 'vcs_svn_branch', |
|
318 | 245 | 'vcs_svn_tag', |
|
319 | 246 | ]) |
|
320 | 247 | def test_delete_svn_patterns_raises_404_when_no_xhr( |
|
321 | 248 | self, section, csrf_token, settings_util): |
|
322 | 249 | setting = settings_util.create_rhodecode_ui(section, '/test_delete') |
|
323 | 250 | |
|
324 | 251 | self.app.post( |
|
325 | 252 | route_path('admin_settings_vcs_svn_pattern_delete'), |
|
326 | 253 | params={ |
|
327 | 254 | 'delete_svn_pattern': setting.ui_id, |
|
328 | 255 | 'csrf_token': csrf_token}, |
|
329 | 256 | status=404) |
|
330 | 257 | |
|
331 | 258 | def test_extensions_hgsubversion(self, form_defaults, csrf_token): |
|
332 | 259 | form_defaults.update({ |
|
333 | 260 | 'csrf_token': csrf_token, |
|
334 | 261 | 'extensions_hgsubversion': 'True', |
|
335 | 262 | }) |
|
336 | 263 | response = self.app.post( |
|
337 | 264 | route_path('admin_settings_vcs_update'), |
|
338 | 265 | params=form_defaults, |
|
339 | 266 | status=302) |
|
340 | 267 | |
|
341 | 268 | response = response.follow() |
|
342 | 269 | extensions_input = ( |
|
343 | 270 | '<input id="extensions_hgsubversion" ' |
|
344 | 271 | 'name="extensions_hgsubversion" type="checkbox" ' |
|
345 | 272 | 'value="True" checked="checked" />') |
|
346 | 273 | response.mustcontain(extensions_input) |
|
347 | 274 | |
|
348 | 275 | def test_extensions_hgevolve(self, form_defaults, csrf_token): |
|
349 | 276 | form_defaults.update({ |
|
350 | 277 | 'csrf_token': csrf_token, |
|
351 | 278 | 'extensions_evolve': 'True', |
|
352 | 279 | }) |
|
353 | 280 | response = self.app.post( |
|
354 | 281 | route_path('admin_settings_vcs_update'), |
|
355 | 282 | params=form_defaults, |
|
356 | 283 | status=302) |
|
357 | 284 | |
|
358 | 285 | response = response.follow() |
|
359 | 286 | extensions_input = ( |
|
360 | 287 | '<input id="extensions_evolve" ' |
|
361 | 288 | 'name="extensions_evolve" type="checkbox" ' |
|
362 | 289 | 'value="True" checked="checked" />') |
|
363 | 290 | response.mustcontain(extensions_input) |
|
364 | 291 | |
|
365 | 292 | def test_has_a_section_for_pull_request_settings(self): |
|
366 | 293 | response = self.app.get(route_path('admin_settings_vcs')) |
|
367 | 294 | response.mustcontain('Pull Request Settings') |
|
368 | 295 | |
|
369 | 296 | def test_has_an_input_for_invalidation_of_inline_comments(self): |
|
370 | 297 | response = self.app.get(route_path('admin_settings_vcs')) |
|
371 | 298 | assert_response = response.assert_response() |
|
372 | 299 | assert_response.one_element_exists( |
|
373 | 300 | '[name=rhodecode_use_outdated_comments]') |
|
374 | 301 | |
|
375 | 302 | @pytest.mark.parametrize('new_value', [True, False]) |
|
376 | 303 | def test_allows_to_change_invalidation_of_inline_comments( |
|
377 | 304 | self, form_defaults, csrf_token, new_value): |
|
378 | 305 | setting_key = 'use_outdated_comments' |
|
379 | 306 | setting = SettingsModel().create_or_update_setting( |
|
380 | 307 | setting_key, not new_value, 'bool') |
|
381 | 308 | Session().add(setting) |
|
382 | 309 | Session().commit() |
|
383 | 310 | |
|
384 | 311 | form_defaults.update({ |
|
385 | 312 | 'csrf_token': csrf_token, |
|
386 | 313 | 'rhodecode_use_outdated_comments': str(new_value), |
|
387 | 314 | }) |
|
388 | 315 | response = self.app.post( |
|
389 | 316 | route_path('admin_settings_vcs_update'), |
|
390 | 317 | params=form_defaults, |
|
391 | 318 | status=302) |
|
392 | 319 | response = response.follow() |
|
393 | 320 | setting = SettingsModel().get_setting_by_name(setting_key) |
|
394 | 321 | assert setting.app_settings_value is new_value |
|
395 | 322 | |
|
396 | 323 | @pytest.mark.parametrize('new_value', [True, False]) |
|
397 | 324 | def test_allows_to_change_hg_rebase_merge_strategy( |
|
398 | 325 | self, form_defaults, csrf_token, new_value): |
|
399 | 326 | setting_key = 'hg_use_rebase_for_merging' |
|
400 | 327 | |
|
401 | 328 | form_defaults.update({ |
|
402 | 329 | 'csrf_token': csrf_token, |
|
403 | 330 | 'rhodecode_' + setting_key: str(new_value), |
|
404 | 331 | }) |
|
405 | 332 | |
|
406 | 333 | with mock.patch.dict( |
|
407 | 334 | rhodecode.CONFIG, {'labs_settings_active': 'true'}): |
|
408 | 335 | self.app.post( |
|
409 | 336 | route_path('admin_settings_vcs_update'), |
|
410 | 337 | params=form_defaults, |
|
411 | 338 | status=302) |
|
412 | 339 | |
|
413 | 340 | setting = SettingsModel().get_setting_by_name(setting_key) |
|
414 | 341 | assert setting.app_settings_value is new_value |
|
415 | 342 | |
|
416 | 343 | @pytest.fixture() |
|
417 | 344 | def disable_sql_cache(self, request): |
|
418 | 345 | # patch _do_orm_execute so it returns None similar like if we don't use a cached query |
|
419 | 346 | patcher = mock.patch( |
|
420 | 347 | 'rhodecode.lib.caching_query.ORMCache._do_orm_execute', return_value=None) |
|
421 | 348 | request.addfinalizer(patcher.stop) |
|
422 | 349 | patcher.start() |
|
423 | 350 | |
|
424 | 351 | @pytest.fixture() |
|
425 | 352 | def form_defaults(self): |
|
426 | 353 | from rhodecode.apps.admin.views.settings import AdminSettingsView |
|
427 | 354 | return AdminSettingsView._form_defaults() |
|
428 | 355 | |
|
429 | 356 | # TODO: johbo: What we really want is to checkpoint before a test run and |
|
430 | 357 | # reset the session afterwards. |
|
431 | 358 | @pytest.fixture(scope='class', autouse=True) |
|
432 | 359 | def cleanup_settings(self, request, baseapp): |
|
433 | 360 | ui_id = RhodeCodeUi.ui_id |
|
434 | 361 | original_ids = [r.ui_id for r in RhodeCodeUi.query().with_entities(ui_id)] |
|
435 | 362 | |
|
436 | 363 | @request.addfinalizer |
|
437 | 364 | def cleanup(): |
|
438 | 365 | RhodeCodeUi.query().filter( |
|
439 | 366 | ui_id.notin_(original_ids)).delete(False) |
|
440 | 367 | |
|
441 | 368 | |
|
442 | 369 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
443 | 370 | class TestLabsSettings(object): |
|
444 | 371 | def test_get_settings_page_disabled(self): |
|
445 | 372 | with mock.patch.dict( |
|
446 | 373 | rhodecode.CONFIG, {'labs_settings_active': 'false'}): |
|
447 | 374 | |
|
448 | 375 | response = self.app.get( |
|
449 | 376 | route_path('admin_settings_labs'), status=302) |
|
450 | 377 | |
|
451 | 378 | assert response.location.endswith(route_path('admin_settings')) |
|
452 | 379 | |
|
453 | 380 | def test_get_settings_page_enabled(self): |
|
454 | 381 | from rhodecode.apps.admin.views import settings |
|
455 | 382 | lab_settings = [ |
|
456 | 383 | settings.LabSetting( |
|
457 | 384 | key='rhodecode_bool', |
|
458 | 385 | type='bool', |
|
459 | 386 | group='bool group', |
|
460 | 387 | label='bool label', |
|
461 | 388 | help='bool help' |
|
462 | 389 | ), |
|
463 | 390 | settings.LabSetting( |
|
464 | 391 | key='rhodecode_text', |
|
465 | 392 | type='unicode', |
|
466 | 393 | group='text group', |
|
467 | 394 | label='text label', |
|
468 | 395 | help='text help' |
|
469 | 396 | ), |
|
470 | 397 | ] |
|
471 | 398 | with mock.patch.dict(rhodecode.CONFIG, |
|
472 | 399 | {'labs_settings_active': 'true'}): |
|
473 | 400 | with mock.patch.object(settings, '_LAB_SETTINGS', lab_settings): |
|
474 | 401 | response = self.app.get(route_path('admin_settings_labs')) |
|
475 | 402 | |
|
476 | 403 | assert '<label>bool group:</label>' in response |
|
477 | 404 | assert '<label for="rhodecode_bool">bool label</label>' in response |
|
478 | 405 | assert '<p class="help-block">bool help</p>' in response |
|
479 | 406 | assert 'name="rhodecode_bool" type="checkbox"' in response |
|
480 | 407 | |
|
481 | 408 | assert '<label>text group:</label>' in response |
|
482 | 409 | assert '<label for="rhodecode_text">text label</label>' in response |
|
483 | 410 | assert '<p class="help-block">text help</p>' in response |
|
484 | 411 | assert 'name="rhodecode_text" size="60" type="text"' in response |
|
485 | 412 | |
|
486 | 413 | |
|
487 | 414 | @pytest.mark.usefixtures('app') |
|
488 | 415 | class TestOpenSourceLicenses(object): |
|
489 | 416 | |
|
490 | 417 | def test_records_are_displayed(self, autologin_user): |
|
491 | 418 | sample_licenses = [ |
|
492 | 419 | { |
|
493 | 420 | "license": [ |
|
494 | 421 | { |
|
495 | 422 | "fullName": "BSD 4-clause \"Original\" or \"Old\" License", |
|
496 | 423 | "shortName": "bsdOriginal", |
|
497 | 424 | "spdxId": "BSD-4-Clause", |
|
498 | 425 | "url": "http://spdx.org/licenses/BSD-4-Clause.html" |
|
499 | 426 | } |
|
500 | 427 | ], |
|
501 | 428 | "name": "python2.7-coverage-3.7.1" |
|
502 | 429 | }, |
|
503 | 430 | { |
|
504 | 431 | "license": [ |
|
505 | 432 | { |
|
506 | 433 | "fullName": "MIT License", |
|
507 | 434 | "shortName": "mit", |
|
508 | 435 | "spdxId": "MIT", |
|
509 | 436 | "url": "http://spdx.org/licenses/MIT.html" |
|
510 | 437 | } |
|
511 | 438 | ], |
|
512 | 439 | "name": "python2.7-bootstrapped-pip-9.0.1" |
|
513 | 440 | }, |
|
514 | 441 | ] |
|
515 | 442 | read_licenses_patch = mock.patch( |
|
516 | 443 | 'rhodecode.apps.admin.views.open_source_licenses.read_opensource_licenses', |
|
517 | 444 | return_value=sample_licenses) |
|
518 | 445 | with read_licenses_patch: |
|
519 | 446 | response = self.app.get( |
|
520 | 447 | route_path('admin_settings_open_source'), status=200) |
|
521 | 448 | |
|
522 | 449 | assert_response = response.assert_response() |
|
523 | 450 | assert_response.element_contains( |
|
524 | 451 | '.panel-heading', 'Licenses of Third Party Packages') |
|
525 | 452 | for license_data in sample_licenses: |
|
526 | 453 | response.mustcontain(license_data["license"][0]["spdxId"]) |
|
527 | 454 | assert_response.element_contains('.panel-body', license_data["name"]) |
|
528 | 455 | |
|
529 | 456 | def test_records_can_be_read(self, autologin_user): |
|
530 | 457 | response = self.app.get( |
|
531 | 458 | route_path('admin_settings_open_source'), status=200) |
|
532 | 459 | assert_response = response.assert_response() |
|
533 | 460 | assert_response.element_contains( |
|
534 | 461 | '.panel-heading', 'Licenses of Third Party Packages') |
|
535 | 462 | |
|
536 | 463 | def test_forbidden_when_normal_user(self, autologin_regular_user): |
|
537 | 464 | self.app.get( |
|
538 | 465 | route_path('admin_settings_open_source'), status=404) |
|
539 | 466 | |
|
540 | 467 | |
|
541 | 468 | @pytest.mark.usefixtures('app') |
|
542 | 469 | class TestUserSessions(object): |
|
543 | 470 | |
|
544 | 471 | def test_forbidden_when_normal_user(self, autologin_regular_user): |
|
545 | 472 | self.app.get(route_path('admin_settings_sessions'), status=404) |
|
546 | 473 | |
|
547 | 474 | def test_show_sessions_page(self, autologin_user): |
|
548 | 475 | response = self.app.get(route_path('admin_settings_sessions'), status=200) |
|
549 | 476 | response.mustcontain('file') |
|
550 | 477 | |
|
551 | 478 | def test_cleanup_old_sessions(self, autologin_user, csrf_token): |
|
552 | 479 | |
|
553 | 480 | post_data = { |
|
554 | 481 | 'csrf_token': csrf_token, |
|
555 | 482 | 'expire_days': '60' |
|
556 | 483 | } |
|
557 | 484 | response = self.app.post( |
|
558 | 485 | route_path('admin_settings_sessions_cleanup'), params=post_data, |
|
559 | 486 | status=302) |
|
560 | 487 | assert_session_flash(response, 'Cleaned up old sessions') |
|
561 | 488 | |
|
562 | 489 | |
|
563 | 490 | @pytest.mark.usefixtures('app') |
|
564 | 491 | class TestAdminSystemInfo(object): |
|
565 | 492 | |
|
566 | 493 | def test_forbidden_when_normal_user(self, autologin_regular_user): |
|
567 | 494 | self.app.get(route_path('admin_settings_system'), status=404) |
|
568 | 495 | |
|
569 | 496 | def test_system_info_page(self, autologin_user): |
|
570 | 497 | response = self.app.get(route_path('admin_settings_system')) |
|
571 | 498 | response.mustcontain('RhodeCode Community Edition, version {}'.format( |
|
572 | 499 | rhodecode.__version__)) |
|
573 | 500 | |
|
574 | 501 | def test_system_update_new_version(self, autologin_user): |
|
575 | 502 | update_data = { |
|
576 | 503 | 'versions': [ |
|
577 | 504 | { |
|
578 | 505 | 'version': '100.3.1415926535', |
|
579 | 506 | 'general': 'The latest version we are ever going to ship' |
|
580 | 507 | }, |
|
581 | 508 | { |
|
582 | 509 | 'version': '0.0.0', |
|
583 | 510 | 'general': 'The first version we ever shipped' |
|
584 | 511 | } |
|
585 | 512 | ] |
|
586 | 513 | } |
|
587 | 514 | with mock.patch(UPDATE_DATA_QUALNAME, return_value=update_data): |
|
588 | 515 | response = self.app.get(route_path('admin_settings_system_update')) |
|
589 | 516 | response.mustcontain('A <b>new version</b> is available') |
|
590 | 517 | |
|
591 | 518 | def test_system_update_nothing_new(self, autologin_user): |
|
592 | 519 | update_data = { |
|
593 | 520 | 'versions': [ |
|
594 | 521 | { |
|
595 | 522 | 'version': '0.0.0', |
|
596 | 523 | 'general': 'The first version we ever shipped' |
|
597 | 524 | } |
|
598 | 525 | ] |
|
599 | 526 | } |
|
600 | 527 | with mock.patch(UPDATE_DATA_QUALNAME, return_value=update_data): |
|
601 | 528 | response = self.app.get(route_path('admin_settings_system_update')) |
|
602 | 529 | response.mustcontain( |
|
603 | 530 | 'This instance is already running the <b>latest</b> stable version') |
|
604 | 531 | |
|
605 | 532 | def test_system_update_bad_response(self, autologin_user): |
|
606 | 533 | with mock.patch(UPDATE_DATA_QUALNAME, side_effect=ValueError('foo')): |
|
607 | 534 | response = self.app.get(route_path('admin_settings_system_update')) |
|
608 | 535 | response.mustcontain( |
|
609 | 536 | 'Bad data sent from update server') |
|
610 | 537 | |
|
611 | 538 | |
|
612 | 539 | @pytest.mark.usefixtures("app") |
|
613 | 540 | class TestAdminSettingsIssueTracker(object): |
|
614 | 541 | RC_PREFIX = 'rhodecode_' |
|
615 | 542 | SHORT_PATTERN_KEY = 'issuetracker_pat_' |
|
616 | 543 | PATTERN_KEY = RC_PREFIX + SHORT_PATTERN_KEY |
|
617 | 544 | DESC_KEY = RC_PREFIX + 'issuetracker_desc_' |
|
618 | 545 | |
|
619 | 546 | def test_issuetracker_index(self, autologin_user): |
|
620 | 547 | response = self.app.get(route_path('admin_settings_issuetracker')) |
|
621 | 548 | assert response.status_code == 200 |
|
622 | 549 | |
|
623 | 550 | def test_add_empty_issuetracker_pattern( |
|
624 | 551 | self, request, autologin_user, csrf_token): |
|
625 | 552 | post_url = route_path('admin_settings_issuetracker_update') |
|
626 | 553 | post_data = { |
|
627 | 554 | 'csrf_token': csrf_token |
|
628 | 555 | } |
|
629 | 556 | self.app.post(post_url, post_data, status=302) |
|
630 | 557 | |
|
631 | 558 | def test_add_issuetracker_pattern( |
|
632 | 559 | self, request, autologin_user, csrf_token): |
|
633 | 560 | pattern = 'issuetracker_pat' |
|
634 | 561 | another_pattern = pattern+'1' |
|
635 | 562 | post_url = route_path('admin_settings_issuetracker_update') |
|
636 | 563 | post_data = { |
|
637 | 564 | 'new_pattern_pattern_0': pattern, |
|
638 | 565 | 'new_pattern_url_0': 'http://url', |
|
639 | 566 | 'new_pattern_prefix_0': 'prefix', |
|
640 | 567 | 'new_pattern_description_0': 'description', |
|
641 | 568 | 'new_pattern_pattern_1': another_pattern, |
|
642 | 569 | 'new_pattern_url_1': 'https://url1', |
|
643 | 570 | 'new_pattern_prefix_1': 'prefix1', |
|
644 | 571 | 'new_pattern_description_1': 'description1', |
|
645 | 572 | 'csrf_token': csrf_token |
|
646 | 573 | } |
|
647 | 574 | self.app.post(post_url, post_data, status=302) |
|
648 | 575 | settings = SettingsModel().get_all_settings() |
|
649 | 576 | self.uid = md5_safe(pattern) |
|
650 | 577 | assert settings[self.PATTERN_KEY+self.uid] == pattern |
|
651 | 578 | self.another_uid = md5_safe(another_pattern) |
|
652 | 579 | assert settings[self.PATTERN_KEY+self.another_uid] == another_pattern |
|
653 | 580 | |
|
654 | 581 | @request.addfinalizer |
|
655 | 582 | def cleanup(): |
|
656 | 583 | defaults = SettingsModel().get_all_settings() |
|
657 | 584 | |
|
658 | 585 | entries = [name for name in defaults if ( |
|
659 | 586 | (self.uid in name) or (self.another_uid in name))] |
|
660 | 587 | start = len(self.RC_PREFIX) |
|
661 | 588 | for del_key in entries: |
|
662 | 589 | # TODO: anderson: get_by_name needs name without prefix |
|
663 | 590 | entry = SettingsModel().get_setting_by_name(del_key[start:]) |
|
664 | 591 | Session().delete(entry) |
|
665 | 592 | |
|
666 | 593 | Session().commit() |
|
667 | 594 | |
|
668 | 595 | def test_edit_issuetracker_pattern( |
|
669 | 596 | self, autologin_user, backend, csrf_token, request): |
|
670 | 597 | |
|
671 | 598 | old_pattern = 'issuetracker_pat1' |
|
672 | 599 | old_uid = md5_safe(old_pattern) |
|
673 | 600 | |
|
674 | 601 | post_url = route_path('admin_settings_issuetracker_update') |
|
675 | 602 | post_data = { |
|
676 | 603 | 'new_pattern_pattern_0': old_pattern, |
|
677 | 604 | 'new_pattern_url_0': 'http://url', |
|
678 | 605 | 'new_pattern_prefix_0': 'prefix', |
|
679 | 606 | 'new_pattern_description_0': 'description', |
|
680 | 607 | |
|
681 | 608 | 'csrf_token': csrf_token |
|
682 | 609 | } |
|
683 | 610 | self.app.post(post_url, post_data, status=302) |
|
684 | 611 | |
|
685 | 612 | new_pattern = 'issuetracker_pat1_edited' |
|
686 | 613 | self.new_uid = md5_safe(new_pattern) |
|
687 | 614 | |
|
688 | 615 | post_url = route_path('admin_settings_issuetracker_update') |
|
689 | 616 | post_data = { |
|
690 | 617 | 'new_pattern_pattern_{}'.format(old_uid): new_pattern, |
|
691 | 618 | 'new_pattern_url_{}'.format(old_uid): 'https://url_edited', |
|
692 | 619 | 'new_pattern_prefix_{}'.format(old_uid): 'prefix_edited', |
|
693 | 620 | 'new_pattern_description_{}'.format(old_uid): 'description_edited', |
|
694 | 621 | 'uid': old_uid, |
|
695 | 622 | 'csrf_token': csrf_token |
|
696 | 623 | } |
|
697 | 624 | self.app.post(post_url, post_data, status=302) |
|
698 | 625 | |
|
699 | 626 | settings = SettingsModel().get_all_settings() |
|
700 | 627 | assert settings[self.PATTERN_KEY+self.new_uid] == new_pattern |
|
701 | 628 | assert settings[self.DESC_KEY + self.new_uid] == 'description_edited' |
|
702 | 629 | assert self.PATTERN_KEY+old_uid not in settings |
|
703 | 630 | |
|
704 | 631 | @request.addfinalizer |
|
705 | 632 | def cleanup(): |
|
706 | 633 | IssueTrackerSettingsModel().delete_entries(old_uid) |
|
707 | 634 | IssueTrackerSettingsModel().delete_entries(self.new_uid) |
|
708 | 635 | |
|
709 | 636 | def test_replace_issuetracker_pattern_description( |
|
710 | 637 | self, autologin_user, csrf_token, request, settings_util): |
|
711 | 638 | prefix = 'issuetracker' |
|
712 | 639 | pattern = 'issuetracker_pat' |
|
713 | 640 | self.uid = md5_safe(pattern) |
|
714 | 641 | pattern_key = '_'.join([prefix, 'pat', self.uid]) |
|
715 | 642 | rc_pattern_key = '_'.join(['rhodecode', pattern_key]) |
|
716 | 643 | desc_key = '_'.join([prefix, 'desc', self.uid]) |
|
717 | 644 | rc_desc_key = '_'.join(['rhodecode', desc_key]) |
|
718 | 645 | new_description = 'new_description' |
|
719 | 646 | |
|
720 | 647 | settings_util.create_rhodecode_setting( |
|
721 | 648 | pattern_key, pattern, 'unicode', cleanup=False) |
|
722 | 649 | settings_util.create_rhodecode_setting( |
|
723 | 650 | desc_key, 'old description', 'unicode', cleanup=False) |
|
724 | 651 | |
|
725 | 652 | post_url = route_path('admin_settings_issuetracker_update') |
|
726 | 653 | post_data = { |
|
727 | 654 | 'new_pattern_pattern_0': pattern, |
|
728 | 655 | 'new_pattern_url_0': 'https://url', |
|
729 | 656 | 'new_pattern_prefix_0': 'prefix', |
|
730 | 657 | 'new_pattern_description_0': new_description, |
|
731 | 658 | 'uid': self.uid, |
|
732 | 659 | 'csrf_token': csrf_token |
|
733 | 660 | } |
|
734 | 661 | self.app.post(post_url, post_data, status=302) |
|
735 | 662 | settings = SettingsModel().get_all_settings() |
|
736 | 663 | assert settings[rc_pattern_key] == pattern |
|
737 | 664 | assert settings[rc_desc_key] == new_description |
|
738 | 665 | |
|
739 | 666 | @request.addfinalizer |
|
740 | 667 | def cleanup(): |
|
741 | 668 | IssueTrackerSettingsModel().delete_entries(self.uid) |
|
742 | 669 | |
|
743 | 670 | def test_delete_issuetracker_pattern( |
|
744 | 671 | self, autologin_user, backend, csrf_token, settings_util, xhr_header): |
|
745 | 672 | |
|
746 | 673 | old_pattern = 'issuetracker_pat_deleted' |
|
747 | 674 | old_uid = md5_safe(old_pattern) |
|
748 | 675 | |
|
749 | 676 | post_url = route_path('admin_settings_issuetracker_update') |
|
750 | 677 | post_data = { |
|
751 | 678 | 'new_pattern_pattern_0': old_pattern, |
|
752 | 679 | 'new_pattern_url_0': 'http://url', |
|
753 | 680 | 'new_pattern_prefix_0': 'prefix', |
|
754 | 681 | 'new_pattern_description_0': 'description', |
|
755 | 682 | |
|
756 | 683 | 'csrf_token': csrf_token |
|
757 | 684 | } |
|
758 | 685 | self.app.post(post_url, post_data, status=302) |
|
759 | 686 | |
|
760 | 687 | post_url = route_path('admin_settings_issuetracker_delete') |
|
761 | 688 | post_data = { |
|
762 | 689 | 'uid': old_uid, |
|
763 | 690 | 'csrf_token': csrf_token |
|
764 | 691 | } |
|
765 | 692 | self.app.post(post_url, post_data, extra_environ=xhr_header, status=200) |
|
766 | 693 | settings = SettingsModel().get_all_settings() |
|
767 | 694 | assert self.PATTERN_KEY+old_uid not in settings |
|
768 | 695 | assert self.DESC_KEY + old_uid not in settings |
@@ -1,171 +1,152 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.model.db import UserGroup, User |
|
23 | 23 | from rhodecode.model.meta import Session |
|
24 | 24 | |
|
25 | 25 | from rhodecode.tests import ( |
|
26 |
TestController, |
|
|
26 | TestController, assert_session_flash) | |
|
27 | 27 | from rhodecode.tests.fixture import Fixture |
|
28 | from rhodecode.tests.routes import route_path | |
|
28 | 29 | |
|
29 | 30 | fixture = Fixture() |
|
30 | 31 | |
|
31 | 32 | |
|
32 | def route_path(name, params=None, **kwargs): | |
|
33 | import urllib.request | |
|
34 | import urllib.parse | |
|
35 | import urllib.error | |
|
36 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
37 | ||
|
38 | base_url = { | |
|
39 | 'user_groups': ADMIN_PREFIX + '/user_groups', | |
|
40 | 'user_groups_data': ADMIN_PREFIX + '/user_groups_data', | |
|
41 | 'user_group_members_data': ADMIN_PREFIX + '/user_groups/{user_group_id}/members', | |
|
42 | 'user_groups_new': ADMIN_PREFIX + '/user_groups/new', | |
|
43 | 'user_groups_create': ADMIN_PREFIX + '/user_groups/create', | |
|
44 | 'edit_user_group': ADMIN_PREFIX + '/user_groups/{user_group_id}/edit', | |
|
45 | }[name].format(**kwargs) | |
|
46 | ||
|
47 | if params: | |
|
48 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
49 | return base_url | |
|
50 | ||
|
51 | ||
|
52 | 33 | class TestAdminUserGroupsView(TestController): |
|
53 | 34 | |
|
54 | 35 | def test_show_users(self): |
|
55 | 36 | self.log_user() |
|
56 | 37 | self.app.get(route_path('user_groups')) |
|
57 | 38 | |
|
58 | 39 | def test_show_user_groups_data(self, xhr_header): |
|
59 | 40 | self.log_user() |
|
60 | 41 | response = self.app.get(route_path( |
|
61 | 42 | 'user_groups_data'), extra_environ=xhr_header) |
|
62 | 43 | |
|
63 | 44 | all_user_groups = UserGroup.query().count() |
|
64 | 45 | assert response.json['recordsTotal'] == all_user_groups |
|
65 | 46 | |
|
66 | 47 | def test_show_user_groups_data_filtered(self, xhr_header): |
|
67 | 48 | self.log_user() |
|
68 | 49 | response = self.app.get(route_path( |
|
69 | 50 | 'user_groups_data', params={'search[value]': 'empty_search'}), |
|
70 | 51 | extra_environ=xhr_header) |
|
71 | 52 | |
|
72 | 53 | all_user_groups = UserGroup.query().count() |
|
73 | 54 | assert response.json['recordsTotal'] == all_user_groups |
|
74 | 55 | assert response.json['recordsFiltered'] == 0 |
|
75 | 56 | |
|
76 | 57 | def test_usergroup_escape(self, user_util, xhr_header): |
|
77 | 58 | self.log_user() |
|
78 | 59 | |
|
79 | 60 | xss_img = '<img src="/image1" onload="alert(\'Hello, World!\');">' |
|
80 | 61 | user = user_util.create_user() |
|
81 | 62 | user.name = xss_img |
|
82 | 63 | user.lastname = xss_img |
|
83 | 64 | Session().add(user) |
|
84 | 65 | Session().commit() |
|
85 | 66 | |
|
86 | 67 | user_group = user_util.create_user_group() |
|
87 | 68 | |
|
88 | 69 | user_group.users_group_name = xss_img |
|
89 | 70 | user_group.user_group_description = '<strong onload="alert();">DESC</strong>' |
|
90 | 71 | |
|
91 | 72 | response = self.app.get( |
|
92 | 73 | route_path('user_groups_data'), extra_environ=xhr_header) |
|
93 | 74 | |
|
94 | 75 | response.mustcontain( |
|
95 | 76 | '<strong onload="alert();">DESC</strong>') |
|
96 | 77 | response.mustcontain( |
|
97 | 78 | '<img src="/image1" onload="' |
|
98 | 79 | 'alert('Hello, World!');">') |
|
99 | 80 | |
|
100 | 81 | def test_edit_user_group_autocomplete_empty_members(self, xhr_header, user_util): |
|
101 | 82 | self.log_user() |
|
102 | 83 | ug = user_util.create_user_group() |
|
103 | 84 | response = self.app.get( |
|
104 | 85 | route_path('user_group_members_data', user_group_id=ug.users_group_id), |
|
105 | 86 | extra_environ=xhr_header) |
|
106 | 87 | |
|
107 | 88 | assert response.json == {'members': []} |
|
108 | 89 | |
|
109 | 90 | def test_edit_user_group_autocomplete_members(self, xhr_header, user_util): |
|
110 | 91 | self.log_user() |
|
111 | 92 | members = [u.user_id for u in User.get_all()] |
|
112 | 93 | ug = user_util.create_user_group(members=members) |
|
113 | 94 | response = self.app.get( |
|
114 | 95 | route_path('user_group_members_data', |
|
115 | 96 | user_group_id=ug.users_group_id), |
|
116 | 97 | extra_environ=xhr_header) |
|
117 | 98 | |
|
118 | 99 | assert len(response.json['members']) == len(members) |
|
119 | 100 | |
|
120 | 101 | def test_creation_page(self): |
|
121 | 102 | self.log_user() |
|
122 | 103 | self.app.get(route_path('user_groups_new'), status=200) |
|
123 | 104 | |
|
124 | 105 | def test_create(self): |
|
125 | 106 | from rhodecode.lib import helpers as h |
|
126 | 107 | |
|
127 | 108 | self.log_user() |
|
128 | 109 | users_group_name = 'test_user_group' |
|
129 | 110 | response = self.app.post(route_path('user_groups_create'), { |
|
130 | 111 | 'users_group_name': users_group_name, |
|
131 | 112 | 'user_group_description': 'DESC', |
|
132 | 113 | 'active': True, |
|
133 | 114 | 'csrf_token': self.csrf_token}) |
|
134 | 115 | |
|
135 | 116 | user_group_id = UserGroup.get_by_group_name( |
|
136 | 117 | users_group_name).users_group_id |
|
137 | 118 | |
|
138 | 119 | user_group_link = h.link_to( |
|
139 | 120 | users_group_name, |
|
140 | 121 | route_path('edit_user_group', user_group_id=user_group_id)) |
|
141 | 122 | |
|
142 | 123 | assert_session_flash( |
|
143 | 124 | response, |
|
144 | 125 | 'Created user group %s' % user_group_link) |
|
145 | 126 | |
|
146 | 127 | fixture.destroy_user_group(users_group_name) |
|
147 | 128 | |
|
148 | 129 | def test_create_with_empty_name(self): |
|
149 | 130 | self.log_user() |
|
150 | 131 | |
|
151 | 132 | response = self.app.post(route_path('user_groups_create'), { |
|
152 | 133 | 'users_group_name': '', |
|
153 | 134 | 'user_group_description': 'DESC', |
|
154 | 135 | 'active': True, |
|
155 | 136 | 'csrf_token': self.csrf_token}, status=200) |
|
156 | 137 | |
|
157 | 138 | response.mustcontain('Please enter a value') |
|
158 | 139 | |
|
159 | 140 | def test_create_duplicate(self, user_util): |
|
160 | 141 | self.log_user() |
|
161 | 142 | |
|
162 | 143 | user_group = user_util.create_user_group() |
|
163 | 144 | duplicate_name = user_group.users_group_name |
|
164 | 145 | response = self.app.post(route_path('user_groups_create'), { |
|
165 | 146 | 'users_group_name': duplicate_name, |
|
166 | 147 | 'user_group_description': 'DESC', |
|
167 | 148 | 'active': True, |
|
168 | 149 | 'csrf_token': self.csrf_token}, status=200) |
|
169 | 150 | |
|
170 | 151 | response.mustcontain( |
|
171 | 152 | 'User group `{}` already exists'.format(duplicate_name)) |
@@ -1,795 +1,727 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | from sqlalchemy.orm.exc import NoResultFound |
|
22 | 22 | |
|
23 | 23 | from rhodecode.lib import auth |
|
24 | 24 | from rhodecode.lib import helpers as h |
|
25 | 25 | from rhodecode.model.db import User, UserApiKeys, UserEmailMap, Repository |
|
26 | 26 | from rhodecode.model.meta import Session |
|
27 | 27 | from rhodecode.model.user import UserModel |
|
28 | 28 | |
|
29 | 29 | from rhodecode.tests import ( |
|
30 | 30 | TestController, TEST_USER_REGULAR_LOGIN, assert_session_flash) |
|
31 | 31 | from rhodecode.tests.fixture import Fixture |
|
32 | from rhodecode.tests.routes import route_path | |
|
32 | 33 | |
|
33 | 34 | fixture = Fixture() |
|
34 | 35 | |
|
35 | 36 | |
|
36 | def route_path(name, params=None, **kwargs): | |
|
37 | import urllib.request | |
|
38 | import urllib.parse | |
|
39 | import urllib.error | |
|
40 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
41 | ||
|
42 | base_url = { | |
|
43 | 'users': | |
|
44 | ADMIN_PREFIX + '/users', | |
|
45 | 'users_data': | |
|
46 | ADMIN_PREFIX + '/users_data', | |
|
47 | 'users_create': | |
|
48 | ADMIN_PREFIX + '/users/create', | |
|
49 | 'users_new': | |
|
50 | ADMIN_PREFIX + '/users/new', | |
|
51 | 'user_edit': | |
|
52 | ADMIN_PREFIX + '/users/{user_id}/edit', | |
|
53 | 'user_edit_advanced': | |
|
54 | ADMIN_PREFIX + '/users/{user_id}/edit/advanced', | |
|
55 | 'user_edit_global_perms': | |
|
56 | ADMIN_PREFIX + '/users/{user_id}/edit/global_permissions', | |
|
57 | 'user_edit_global_perms_update': | |
|
58 | ADMIN_PREFIX + '/users/{user_id}/edit/global_permissions/update', | |
|
59 | 'user_update': | |
|
60 | ADMIN_PREFIX + '/users/{user_id}/update', | |
|
61 | 'user_delete': | |
|
62 | ADMIN_PREFIX + '/users/{user_id}/delete', | |
|
63 | 'user_create_personal_repo_group': | |
|
64 | ADMIN_PREFIX + '/users/{user_id}/create_repo_group', | |
|
65 | ||
|
66 | 'edit_user_auth_tokens': | |
|
67 | ADMIN_PREFIX + '/users/{user_id}/edit/auth_tokens', | |
|
68 | 'edit_user_auth_tokens_add': | |
|
69 | ADMIN_PREFIX + '/users/{user_id}/edit/auth_tokens/new', | |
|
70 | 'edit_user_auth_tokens_delete': | |
|
71 | ADMIN_PREFIX + '/users/{user_id}/edit/auth_tokens/delete', | |
|
72 | ||
|
73 | 'edit_user_emails': | |
|
74 | ADMIN_PREFIX + '/users/{user_id}/edit/emails', | |
|
75 | 'edit_user_emails_add': | |
|
76 | ADMIN_PREFIX + '/users/{user_id}/edit/emails/new', | |
|
77 | 'edit_user_emails_delete': | |
|
78 | ADMIN_PREFIX + '/users/{user_id}/edit/emails/delete', | |
|
79 | ||
|
80 | 'edit_user_ips': | |
|
81 | ADMIN_PREFIX + '/users/{user_id}/edit/ips', | |
|
82 | 'edit_user_ips_add': | |
|
83 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/new', | |
|
84 | 'edit_user_ips_delete': | |
|
85 | ADMIN_PREFIX + '/users/{user_id}/edit/ips/delete', | |
|
86 | ||
|
87 | 'edit_user_perms_summary': | |
|
88 | ADMIN_PREFIX + '/users/{user_id}/edit/permissions_summary', | |
|
89 | 'edit_user_perms_summary_json': | |
|
90 | ADMIN_PREFIX + '/users/{user_id}/edit/permissions_summary/json', | |
|
91 | ||
|
92 | 'edit_user_audit_logs': | |
|
93 | ADMIN_PREFIX + '/users/{user_id}/edit/audit', | |
|
94 | ||
|
95 | 'edit_user_audit_logs_download': | |
|
96 | ADMIN_PREFIX + '/users/{user_id}/edit/audit/download', | |
|
97 | ||
|
98 | }[name].format(**kwargs) | |
|
99 | ||
|
100 | if params: | |
|
101 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
102 | return base_url | |
|
103 | ||
|
104 | ||
|
105 | 37 | class TestAdminUsersView(TestController): |
|
106 | 38 | |
|
107 | 39 | def test_show_users(self): |
|
108 | 40 | self.log_user() |
|
109 | 41 | self.app.get(route_path('users')) |
|
110 | 42 | |
|
111 | 43 | def test_show_users_data(self, xhr_header): |
|
112 | 44 | self.log_user() |
|
113 | 45 | response = self.app.get(route_path( |
|
114 | 46 | 'users_data'), extra_environ=xhr_header) |
|
115 | 47 | |
|
116 | 48 | all_users = User.query().filter( |
|
117 | 49 | User.username != User.DEFAULT_USER).count() |
|
118 | 50 | assert response.json['recordsTotal'] == all_users |
|
119 | 51 | |
|
120 | 52 | def test_show_users_data_filtered(self, xhr_header): |
|
121 | 53 | self.log_user() |
|
122 | 54 | response = self.app.get(route_path( |
|
123 | 55 | 'users_data', params={'search[value]': 'empty_search'}), |
|
124 | 56 | extra_environ=xhr_header) |
|
125 | 57 | |
|
126 | 58 | all_users = User.query().filter( |
|
127 | 59 | User.username != User.DEFAULT_USER).count() |
|
128 | 60 | assert response.json['recordsTotal'] == all_users |
|
129 | 61 | assert response.json['recordsFiltered'] == 0 |
|
130 | 62 | |
|
131 | 63 | def test_auth_tokens_default_user(self): |
|
132 | 64 | self.log_user() |
|
133 | 65 | user = User.get_default_user() |
|
134 | 66 | response = self.app.get( |
|
135 | 67 | route_path('edit_user_auth_tokens', user_id=user.user_id), |
|
136 | 68 | status=302) |
|
137 | 69 | |
|
138 | 70 | def test_auth_tokens(self): |
|
139 | 71 | self.log_user() |
|
140 | 72 | |
|
141 | 73 | user = User.get_by_username(TEST_USER_REGULAR_LOGIN) |
|
142 | 74 | user_id = user.user_id |
|
143 | 75 | auth_tokens = user.auth_tokens |
|
144 | 76 | response = self.app.get( |
|
145 | 77 | route_path('edit_user_auth_tokens', user_id=user_id)) |
|
146 | 78 | for token in auth_tokens: |
|
147 | 79 | response.mustcontain(token[:4]) |
|
148 | 80 | response.mustcontain('never') |
|
149 | 81 | |
|
150 | 82 | @pytest.mark.parametrize("desc, lifetime", [ |
|
151 | 83 | ('forever', -1), |
|
152 | 84 | ('5mins', 60*5), |
|
153 | 85 | ('30days', 60*60*24*30), |
|
154 | 86 | ]) |
|
155 | 87 | def test_add_auth_token(self, desc, lifetime, user_util): |
|
156 | 88 | self.log_user() |
|
157 | 89 | user = user_util.create_user() |
|
158 | 90 | user_id = user.user_id |
|
159 | 91 | |
|
160 | 92 | response = self.app.post( |
|
161 | 93 | route_path('edit_user_auth_tokens_add', user_id=user_id), |
|
162 | 94 | {'description': desc, 'lifetime': lifetime, |
|
163 | 95 | 'csrf_token': self.csrf_token}) |
|
164 | 96 | assert_session_flash(response, 'Auth token successfully created') |
|
165 | 97 | |
|
166 | 98 | response = response.follow() |
|
167 | 99 | user = User.get(user_id) |
|
168 | 100 | for auth_token in user.auth_tokens: |
|
169 | 101 | response.mustcontain(auth_token[:4]) |
|
170 | 102 | |
|
171 | 103 | def test_delete_auth_token(self, user_util): |
|
172 | 104 | self.log_user() |
|
173 | 105 | user = user_util.create_user() |
|
174 | 106 | user_id = user.user_id |
|
175 | 107 | keys = user.auth_tokens |
|
176 | 108 | assert 2 == len(keys) |
|
177 | 109 | |
|
178 | 110 | response = self.app.post( |
|
179 | 111 | route_path('edit_user_auth_tokens_add', user_id=user_id), |
|
180 | 112 | {'description': 'desc', 'lifetime': -1, |
|
181 | 113 | 'csrf_token': self.csrf_token}) |
|
182 | 114 | assert_session_flash(response, 'Auth token successfully created') |
|
183 | 115 | response.follow() |
|
184 | 116 | |
|
185 | 117 | # now delete our key |
|
186 | 118 | keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all() |
|
187 | 119 | assert 3 == len(keys) |
|
188 | 120 | |
|
189 | 121 | response = self.app.post( |
|
190 | 122 | route_path('edit_user_auth_tokens_delete', user_id=user_id), |
|
191 | 123 | {'del_auth_token': keys[0].user_api_key_id, |
|
192 | 124 | 'csrf_token': self.csrf_token}) |
|
193 | 125 | |
|
194 | 126 | assert_session_flash(response, 'Auth token successfully deleted') |
|
195 | 127 | keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all() |
|
196 | 128 | assert 2 == len(keys) |
|
197 | 129 | |
|
198 | 130 | def test_ips(self): |
|
199 | 131 | self.log_user() |
|
200 | 132 | user = User.get_by_username(TEST_USER_REGULAR_LOGIN) |
|
201 | 133 | response = self.app.get(route_path('edit_user_ips', user_id=user.user_id)) |
|
202 | 134 | response.mustcontain('All IP addresses are allowed') |
|
203 | 135 | |
|
204 | 136 | @pytest.mark.parametrize("test_name, ip, ip_range, failure", [ |
|
205 | 137 | ('127/24', '127.0.0.1/24', '127.0.0.0 - 127.0.0.255', False), |
|
206 | 138 | ('10/32', '10.0.0.10/32', '10.0.0.10 - 10.0.0.10', False), |
|
207 | 139 | ('0/16', '0.0.0.0/16', '0.0.0.0 - 0.0.255.255', False), |
|
208 | 140 | ('0/8', '0.0.0.0/8', '0.0.0.0 - 0.255.255.255', False), |
|
209 | 141 | ('127_bad_mask', '127.0.0.1/99', '127.0.0.1 - 127.0.0.1', True), |
|
210 | 142 | ('127_bad_ip', 'foobar', 'foobar', True), |
|
211 | 143 | ]) |
|
212 | 144 | def test_ips_add(self, user_util, test_name, ip, ip_range, failure): |
|
213 | 145 | self.log_user() |
|
214 | 146 | user = user_util.create_user(username=test_name) |
|
215 | 147 | user_id = user.user_id |
|
216 | 148 | |
|
217 | 149 | response = self.app.post( |
|
218 | 150 | route_path('edit_user_ips_add', user_id=user_id), |
|
219 | 151 | params={'new_ip': ip, 'csrf_token': self.csrf_token}) |
|
220 | 152 | |
|
221 | 153 | if failure: |
|
222 | 154 | assert_session_flash( |
|
223 | 155 | response, 'Please enter a valid IPv4 or IpV6 address') |
|
224 | 156 | response = self.app.get(route_path('edit_user_ips', user_id=user_id)) |
|
225 | 157 | |
|
226 | 158 | response.mustcontain(no=[ip]) |
|
227 | 159 | response.mustcontain(no=[ip_range]) |
|
228 | 160 | |
|
229 | 161 | else: |
|
230 | 162 | response = self.app.get(route_path('edit_user_ips', user_id=user_id)) |
|
231 | 163 | response.mustcontain(ip) |
|
232 | 164 | response.mustcontain(ip_range) |
|
233 | 165 | |
|
234 | 166 | def test_ips_delete(self, user_util): |
|
235 | 167 | self.log_user() |
|
236 | 168 | user = user_util.create_user() |
|
237 | 169 | user_id = user.user_id |
|
238 | 170 | ip = '127.0.0.1/32' |
|
239 | 171 | ip_range = '127.0.0.1 - 127.0.0.1' |
|
240 | 172 | new_ip = UserModel().add_extra_ip(user_id, ip) |
|
241 | 173 | Session().commit() |
|
242 | 174 | new_ip_id = new_ip.ip_id |
|
243 | 175 | |
|
244 | 176 | response = self.app.get(route_path('edit_user_ips', user_id=user_id)) |
|
245 | 177 | response.mustcontain(ip) |
|
246 | 178 | response.mustcontain(ip_range) |
|
247 | 179 | |
|
248 | 180 | self.app.post( |
|
249 | 181 | route_path('edit_user_ips_delete', user_id=user_id), |
|
250 | 182 | params={'del_ip_id': new_ip_id, 'csrf_token': self.csrf_token}) |
|
251 | 183 | |
|
252 | 184 | response = self.app.get(route_path('edit_user_ips', user_id=user_id)) |
|
253 | 185 | response.mustcontain('All IP addresses are allowed') |
|
254 | 186 | response.mustcontain(no=[ip]) |
|
255 | 187 | response.mustcontain(no=[ip_range]) |
|
256 | 188 | |
|
257 | 189 | def test_emails(self): |
|
258 | 190 | self.log_user() |
|
259 | 191 | user = User.get_by_username(TEST_USER_REGULAR_LOGIN) |
|
260 | 192 | response = self.app.get( |
|
261 | 193 | route_path('edit_user_emails', user_id=user.user_id)) |
|
262 | 194 | response.mustcontain('No additional emails specified') |
|
263 | 195 | |
|
264 | 196 | def test_emails_add(self, user_util): |
|
265 | 197 | self.log_user() |
|
266 | 198 | user = user_util.create_user() |
|
267 | 199 | user_id = user.user_id |
|
268 | 200 | |
|
269 | 201 | self.app.post( |
|
270 | 202 | route_path('edit_user_emails_add', user_id=user_id), |
|
271 | 203 | params={'new_email': 'example@rhodecode.com', |
|
272 | 204 | 'csrf_token': self.csrf_token}) |
|
273 | 205 | |
|
274 | 206 | response = self.app.get( |
|
275 | 207 | route_path('edit_user_emails', user_id=user_id)) |
|
276 | 208 | response.mustcontain('example@rhodecode.com') |
|
277 | 209 | |
|
278 | 210 | def test_emails_add_existing_email(self, user_util, user_regular): |
|
279 | 211 | existing_email = user_regular.email |
|
280 | 212 | |
|
281 | 213 | self.log_user() |
|
282 | 214 | user = user_util.create_user() |
|
283 | 215 | user_id = user.user_id |
|
284 | 216 | |
|
285 | 217 | response = self.app.post( |
|
286 | 218 | route_path('edit_user_emails_add', user_id=user_id), |
|
287 | 219 | params={'new_email': existing_email, |
|
288 | 220 | 'csrf_token': self.csrf_token}) |
|
289 | 221 | assert_session_flash( |
|
290 | 222 | response, 'This e-mail address is already taken') |
|
291 | 223 | |
|
292 | 224 | response = self.app.get( |
|
293 | 225 | route_path('edit_user_emails', user_id=user_id)) |
|
294 | 226 | response.mustcontain(no=[existing_email]) |
|
295 | 227 | |
|
296 | 228 | def test_emails_delete(self, user_util): |
|
297 | 229 | self.log_user() |
|
298 | 230 | user = user_util.create_user() |
|
299 | 231 | user_id = user.user_id |
|
300 | 232 | |
|
301 | 233 | self.app.post( |
|
302 | 234 | route_path('edit_user_emails_add', user_id=user_id), |
|
303 | 235 | params={'new_email': 'example@rhodecode.com', |
|
304 | 236 | 'csrf_token': self.csrf_token}) |
|
305 | 237 | |
|
306 | 238 | response = self.app.get( |
|
307 | 239 | route_path('edit_user_emails', user_id=user_id)) |
|
308 | 240 | response.mustcontain('example@rhodecode.com') |
|
309 | 241 | |
|
310 | 242 | user_email = UserEmailMap.query()\ |
|
311 | 243 | .filter(UserEmailMap.email == 'example@rhodecode.com') \ |
|
312 | 244 | .filter(UserEmailMap.user_id == user_id)\ |
|
313 | 245 | .one() |
|
314 | 246 | |
|
315 | 247 | del_email_id = user_email.email_id |
|
316 | 248 | self.app.post( |
|
317 | 249 | route_path('edit_user_emails_delete', user_id=user_id), |
|
318 | 250 | params={'del_email_id': del_email_id, |
|
319 | 251 | 'csrf_token': self.csrf_token}) |
|
320 | 252 | |
|
321 | 253 | response = self.app.get( |
|
322 | 254 | route_path('edit_user_emails', user_id=user_id)) |
|
323 | 255 | response.mustcontain(no=['example@rhodecode.com']) |
|
324 | 256 | |
|
325 | 257 | def test_create(self, request, xhr_header): |
|
326 | 258 | self.log_user() |
|
327 | 259 | username = 'newtestuser' |
|
328 | 260 | password = 'test12' |
|
329 | 261 | password_confirmation = password |
|
330 | 262 | name = 'name' |
|
331 | 263 | lastname = 'lastname' |
|
332 | 264 | email = 'mail@mail.com' |
|
333 | 265 | |
|
334 | 266 | self.app.get(route_path('users_new')) |
|
335 | 267 | |
|
336 | 268 | response = self.app.post(route_path('users_create'), params={ |
|
337 | 269 | 'username': username, |
|
338 | 270 | 'password': password, |
|
339 | 271 | 'description': 'mr CTO', |
|
340 | 272 | 'password_confirmation': password_confirmation, |
|
341 | 273 | 'firstname': name, |
|
342 | 274 | 'active': True, |
|
343 | 275 | 'lastname': lastname, |
|
344 | 276 | 'extern_name': 'rhodecode', |
|
345 | 277 | 'extern_type': 'rhodecode', |
|
346 | 278 | 'email': email, |
|
347 | 279 | 'csrf_token': self.csrf_token, |
|
348 | 280 | }) |
|
349 | 281 | user_link = h.link_to( |
|
350 | 282 | username, |
|
351 | 283 | route_path( |
|
352 | 284 | 'user_edit', user_id=User.get_by_username(username).user_id)) |
|
353 | 285 | assert_session_flash(response, 'Created user %s' % (user_link,)) |
|
354 | 286 | |
|
355 | 287 | @request.addfinalizer |
|
356 | 288 | def cleanup(): |
|
357 | 289 | fixture.destroy_user(username) |
|
358 | 290 | Session().commit() |
|
359 | 291 | |
|
360 | 292 | new_user = User.query().filter(User.username == username).one() |
|
361 | 293 | |
|
362 | 294 | assert new_user.username == username |
|
363 | 295 | assert auth.check_password(password, new_user.password) |
|
364 | 296 | assert new_user.name == name |
|
365 | 297 | assert new_user.lastname == lastname |
|
366 | 298 | assert new_user.email == email |
|
367 | 299 | |
|
368 | 300 | response = self.app.get(route_path('users_data'), |
|
369 | 301 | extra_environ=xhr_header) |
|
370 | 302 | response.mustcontain(username) |
|
371 | 303 | |
|
372 | 304 | def test_create_err(self): |
|
373 | 305 | self.log_user() |
|
374 | 306 | username = 'new_user' |
|
375 | 307 | password = '' |
|
376 | 308 | name = 'name' |
|
377 | 309 | lastname = 'lastname' |
|
378 | 310 | email = 'errmail.com' |
|
379 | 311 | |
|
380 | 312 | self.app.get(route_path('users_new')) |
|
381 | 313 | |
|
382 | 314 | response = self.app.post(route_path('users_create'), params={ |
|
383 | 315 | 'username': username, |
|
384 | 316 | 'password': password, |
|
385 | 317 | 'name': name, |
|
386 | 318 | 'active': False, |
|
387 | 319 | 'lastname': lastname, |
|
388 | 320 | 'description': 'mr CTO', |
|
389 | 321 | 'email': email, |
|
390 | 322 | 'csrf_token': self.csrf_token, |
|
391 | 323 | }) |
|
392 | 324 | |
|
393 | 325 | msg = u'Username "%(username)s" is forbidden' |
|
394 | 326 | msg = h.html_escape(msg % {'username': 'new_user'}) |
|
395 | 327 | response.mustcontain('<span class="error-message">%s</span>' % msg) |
|
396 | 328 | response.mustcontain( |
|
397 | 329 | '<span class="error-message">Please enter a value</span>') |
|
398 | 330 | response.mustcontain( |
|
399 | 331 | '<span class="error-message">An email address must contain a' |
|
400 | 332 | ' single @</span>') |
|
401 | 333 | |
|
402 | 334 | def get_user(): |
|
403 | 335 | Session().query(User).filter(User.username == username).one() |
|
404 | 336 | |
|
405 | 337 | with pytest.raises(NoResultFound): |
|
406 | 338 | get_user() |
|
407 | 339 | |
|
408 | 340 | def test_new(self): |
|
409 | 341 | self.log_user() |
|
410 | 342 | self.app.get(route_path('users_new')) |
|
411 | 343 | |
|
412 | 344 | @pytest.mark.parametrize("name, attrs", [ |
|
413 | 345 | ('firstname', {'firstname': 'new_username'}), |
|
414 | 346 | ('lastname', {'lastname': 'new_username'}), |
|
415 | 347 | ('admin', {'admin': True}), |
|
416 | 348 | ('admin', {'admin': False}), |
|
417 | 349 | ('extern_type', {'extern_type': 'ldap'}), |
|
418 | 350 | ('extern_type', {'extern_type': None}), |
|
419 | 351 | ('extern_name', {'extern_name': 'test'}), |
|
420 | 352 | ('extern_name', {'extern_name': None}), |
|
421 | 353 | ('active', {'active': False}), |
|
422 | 354 | ('active', {'active': True}), |
|
423 | 355 | ('email', {'email': 'some@email.com'}), |
|
424 | 356 | ('language', {'language': 'de'}), |
|
425 | 357 | ('language', {'language': 'en'}), |
|
426 | 358 | ('description', {'description': 'hello CTO'}), |
|
427 | 359 | # ('new_password', {'new_password': 'foobar123', |
|
428 | 360 | # 'password_confirmation': 'foobar123'}) |
|
429 | 361 | ]) |
|
430 | 362 | def test_update(self, name, attrs, user_util): |
|
431 | 363 | self.log_user() |
|
432 | 364 | usr = user_util.create_user( |
|
433 | 365 | password='qweqwe', |
|
434 | 366 | email='testme@rhodecode.org', |
|
435 | 367 | extern_type='rhodecode', |
|
436 | 368 | extern_name='xxx', |
|
437 | 369 | ) |
|
438 | 370 | user_id = usr.user_id |
|
439 | 371 | Session().commit() |
|
440 | 372 | |
|
441 | 373 | params = usr.get_api_data() |
|
442 | 374 | cur_lang = params['language'] or 'en' |
|
443 | 375 | params.update({ |
|
444 | 376 | 'password_confirmation': '', |
|
445 | 377 | 'new_password': '', |
|
446 | 378 | 'language': cur_lang, |
|
447 | 379 | 'csrf_token': self.csrf_token, |
|
448 | 380 | }) |
|
449 | 381 | params.update({'new_password': ''}) |
|
450 | 382 | params.update(attrs) |
|
451 | 383 | if name == 'email': |
|
452 | 384 | params['emails'] = [attrs['email']] |
|
453 | 385 | elif name == 'extern_type': |
|
454 | 386 | # cannot update this via form, expected value is original one |
|
455 | 387 | params['extern_type'] = "rhodecode" |
|
456 | 388 | elif name == 'extern_name': |
|
457 | 389 | # cannot update this via form, expected value is original one |
|
458 | 390 | params['extern_name'] = 'xxx' |
|
459 | 391 | # special case since this user is not |
|
460 | 392 | # logged in yet his data is not filled |
|
461 | 393 | # so we use creation data |
|
462 | 394 | |
|
463 | 395 | response = self.app.post( |
|
464 | 396 | route_path('user_update', user_id=usr.user_id), params) |
|
465 | 397 | assert response.status_int == 302 |
|
466 | 398 | assert_session_flash(response, 'User updated successfully') |
|
467 | 399 | |
|
468 | 400 | updated_user = User.get(user_id) |
|
469 | 401 | updated_params = updated_user.get_api_data() |
|
470 | 402 | updated_params.update({'password_confirmation': ''}) |
|
471 | 403 | updated_params.update({'new_password': ''}) |
|
472 | 404 | |
|
473 | 405 | del params['csrf_token'] |
|
474 | 406 | assert params == updated_params |
|
475 | 407 | |
|
476 | 408 | def test_update_and_migrate_password( |
|
477 | 409 | self, autologin_user, real_crypto_backend, user_util): |
|
478 | 410 | |
|
479 | 411 | user = user_util.create_user() |
|
480 | 412 | temp_user = user.username |
|
481 | 413 | user.password = auth._RhodeCodeCryptoSha256().hash_create( |
|
482 | 414 | b'test123') |
|
483 | 415 | Session().add(user) |
|
484 | 416 | Session().commit() |
|
485 | 417 | |
|
486 | 418 | params = user.get_api_data() |
|
487 | 419 | |
|
488 | 420 | params.update({ |
|
489 | 421 | 'password_confirmation': 'qweqwe123', |
|
490 | 422 | 'new_password': 'qweqwe123', |
|
491 | 423 | 'language': 'en', |
|
492 | 424 | 'csrf_token': autologin_user.csrf_token, |
|
493 | 425 | }) |
|
494 | 426 | |
|
495 | 427 | response = self.app.post( |
|
496 | 428 | route_path('user_update', user_id=user.user_id), params) |
|
497 | 429 | assert response.status_int == 302 |
|
498 | 430 | assert_session_flash(response, 'User updated successfully') |
|
499 | 431 | |
|
500 | 432 | # new password should be bcrypted, after log-in and transfer |
|
501 | 433 | user = User.get_by_username(temp_user) |
|
502 | 434 | assert user.password.startswith('$') |
|
503 | 435 | |
|
504 | 436 | updated_user = User.get_by_username(temp_user) |
|
505 | 437 | updated_params = updated_user.get_api_data() |
|
506 | 438 | updated_params.update({'password_confirmation': 'qweqwe123'}) |
|
507 | 439 | updated_params.update({'new_password': 'qweqwe123'}) |
|
508 | 440 | |
|
509 | 441 | del params['csrf_token'] |
|
510 | 442 | assert params == updated_params |
|
511 | 443 | |
|
512 | 444 | def test_delete(self): |
|
513 | 445 | self.log_user() |
|
514 | 446 | username = 'newtestuserdeleteme' |
|
515 | 447 | |
|
516 | 448 | fixture.create_user(name=username) |
|
517 | 449 | |
|
518 | 450 | new_user = Session().query(User)\ |
|
519 | 451 | .filter(User.username == username).one() |
|
520 | 452 | response = self.app.post( |
|
521 | 453 | route_path('user_delete', user_id=new_user.user_id), |
|
522 | 454 | params={'csrf_token': self.csrf_token}) |
|
523 | 455 | |
|
524 | 456 | assert_session_flash(response, 'Successfully deleted user `{}`'.format(username)) |
|
525 | 457 | |
|
526 | 458 | def test_delete_owner_of_repository(self, request, user_util): |
|
527 | 459 | self.log_user() |
|
528 | 460 | obj_name = 'test_repo' |
|
529 | 461 | usr = user_util.create_user() |
|
530 | 462 | username = usr.username |
|
531 | 463 | fixture.create_repo(obj_name, cur_user=usr.username) |
|
532 | 464 | |
|
533 | 465 | new_user = Session().query(User)\ |
|
534 | 466 | .filter(User.username == username).one() |
|
535 | 467 | response = self.app.post( |
|
536 | 468 | route_path('user_delete', user_id=new_user.user_id), |
|
537 | 469 | params={'csrf_token': self.csrf_token}) |
|
538 | 470 | |
|
539 | 471 | msg = 'user "%s" still owns 1 repositories and cannot be removed. ' \ |
|
540 | 472 | 'Switch owners or remove those repositories:%s' % (username, obj_name) |
|
541 | 473 | assert_session_flash(response, msg) |
|
542 | 474 | fixture.destroy_repo(obj_name) |
|
543 | 475 | |
|
544 | 476 | def test_delete_owner_of_repository_detaching(self, request, user_util): |
|
545 | 477 | self.log_user() |
|
546 | 478 | obj_name = 'test_repo' |
|
547 | 479 | usr = user_util.create_user(auto_cleanup=False) |
|
548 | 480 | username = usr.username |
|
549 | 481 | fixture.create_repo(obj_name, cur_user=usr.username) |
|
550 | 482 | Session().commit() |
|
551 | 483 | |
|
552 | 484 | new_user = Session().query(User)\ |
|
553 | 485 | .filter(User.username == username).one() |
|
554 | 486 | response = self.app.post( |
|
555 | 487 | route_path('user_delete', user_id=new_user.user_id), |
|
556 | 488 | params={'user_repos': 'detach', 'csrf_token': self.csrf_token}) |
|
557 | 489 | |
|
558 | 490 | msg = 'Detached 1 repositories' |
|
559 | 491 | assert_session_flash(response, msg) |
|
560 | 492 | fixture.destroy_repo(obj_name) |
|
561 | 493 | |
|
562 | 494 | def test_delete_owner_of_repository_deleting(self, request, user_util): |
|
563 | 495 | self.log_user() |
|
564 | 496 | obj_name = 'test_repo' |
|
565 | 497 | usr = user_util.create_user(auto_cleanup=False) |
|
566 | 498 | username = usr.username |
|
567 | 499 | fixture.create_repo(obj_name, cur_user=usr.username) |
|
568 | 500 | |
|
569 | 501 | new_user = Session().query(User)\ |
|
570 | 502 | .filter(User.username == username).one() |
|
571 | 503 | response = self.app.post( |
|
572 | 504 | route_path('user_delete', user_id=new_user.user_id), |
|
573 | 505 | params={'user_repos': 'delete', 'csrf_token': self.csrf_token}) |
|
574 | 506 | |
|
575 | 507 | msg = 'Deleted 1 repositories' |
|
576 | 508 | assert_session_flash(response, msg) |
|
577 | 509 | |
|
578 | 510 | def test_delete_owner_of_repository_group(self, request, user_util): |
|
579 | 511 | self.log_user() |
|
580 | 512 | obj_name = 'test_group' |
|
581 | 513 | usr = user_util.create_user() |
|
582 | 514 | username = usr.username |
|
583 | 515 | fixture.create_repo_group(obj_name, cur_user=usr.username) |
|
584 | 516 | |
|
585 | 517 | new_user = Session().query(User)\ |
|
586 | 518 | .filter(User.username == username).one() |
|
587 | 519 | response = self.app.post( |
|
588 | 520 | route_path('user_delete', user_id=new_user.user_id), |
|
589 | 521 | params={'csrf_token': self.csrf_token}) |
|
590 | 522 | |
|
591 | 523 | msg = 'user "%s" still owns 1 repository groups and cannot be removed. ' \ |
|
592 | 524 | 'Switch owners or remove those repository groups:%s' % (username, obj_name) |
|
593 | 525 | assert_session_flash(response, msg) |
|
594 | 526 | fixture.destroy_repo_group(obj_name) |
|
595 | 527 | |
|
596 | 528 | def test_delete_owner_of_repository_group_detaching(self, request, user_util): |
|
597 | 529 | self.log_user() |
|
598 | 530 | obj_name = 'test_group' |
|
599 | 531 | usr = user_util.create_user(auto_cleanup=False) |
|
600 | 532 | username = usr.username |
|
601 | 533 | fixture.create_repo_group(obj_name, cur_user=usr.username) |
|
602 | 534 | |
|
603 | 535 | new_user = Session().query(User)\ |
|
604 | 536 | .filter(User.username == username).one() |
|
605 | 537 | response = self.app.post( |
|
606 | 538 | route_path('user_delete', user_id=new_user.user_id), |
|
607 | 539 | params={'user_repo_groups': 'delete', 'csrf_token': self.csrf_token}) |
|
608 | 540 | |
|
609 | 541 | msg = 'Deleted 1 repository groups' |
|
610 | 542 | assert_session_flash(response, msg) |
|
611 | 543 | |
|
612 | 544 | def test_delete_owner_of_repository_group_deleting(self, request, user_util): |
|
613 | 545 | self.log_user() |
|
614 | 546 | obj_name = 'test_group' |
|
615 | 547 | usr = user_util.create_user(auto_cleanup=False) |
|
616 | 548 | username = usr.username |
|
617 | 549 | fixture.create_repo_group(obj_name, cur_user=usr.username) |
|
618 | 550 | |
|
619 | 551 | new_user = Session().query(User)\ |
|
620 | 552 | .filter(User.username == username).one() |
|
621 | 553 | response = self.app.post( |
|
622 | 554 | route_path('user_delete', user_id=new_user.user_id), |
|
623 | 555 | params={'user_repo_groups': 'detach', 'csrf_token': self.csrf_token}) |
|
624 | 556 | |
|
625 | 557 | msg = 'Detached 1 repository groups' |
|
626 | 558 | assert_session_flash(response, msg) |
|
627 | 559 | fixture.destroy_repo_group(obj_name) |
|
628 | 560 | |
|
629 | 561 | def test_delete_owner_of_user_group(self, request, user_util): |
|
630 | 562 | self.log_user() |
|
631 | 563 | obj_name = 'test_user_group' |
|
632 | 564 | usr = user_util.create_user() |
|
633 | 565 | username = usr.username |
|
634 | 566 | fixture.create_user_group(obj_name, cur_user=usr.username) |
|
635 | 567 | |
|
636 | 568 | new_user = Session().query(User)\ |
|
637 | 569 | .filter(User.username == username).one() |
|
638 | 570 | response = self.app.post( |
|
639 | 571 | route_path('user_delete', user_id=new_user.user_id), |
|
640 | 572 | params={'csrf_token': self.csrf_token}) |
|
641 | 573 | |
|
642 | 574 | msg = 'user "%s" still owns 1 user groups and cannot be removed. ' \ |
|
643 | 575 | 'Switch owners or remove those user groups:%s' % (username, obj_name) |
|
644 | 576 | assert_session_flash(response, msg) |
|
645 | 577 | fixture.destroy_user_group(obj_name) |
|
646 | 578 | |
|
647 | 579 | def test_delete_owner_of_user_group_detaching(self, request, user_util): |
|
648 | 580 | self.log_user() |
|
649 | 581 | obj_name = 'test_user_group' |
|
650 | 582 | usr = user_util.create_user(auto_cleanup=False) |
|
651 | 583 | username = usr.username |
|
652 | 584 | fixture.create_user_group(obj_name, cur_user=usr.username) |
|
653 | 585 | |
|
654 | 586 | new_user = Session().query(User)\ |
|
655 | 587 | .filter(User.username == username).one() |
|
656 | 588 | try: |
|
657 | 589 | response = self.app.post( |
|
658 | 590 | route_path('user_delete', user_id=new_user.user_id), |
|
659 | 591 | params={'user_user_groups': 'detach', |
|
660 | 592 | 'csrf_token': self.csrf_token}) |
|
661 | 593 | |
|
662 | 594 | msg = 'Detached 1 user groups' |
|
663 | 595 | assert_session_flash(response, msg) |
|
664 | 596 | finally: |
|
665 | 597 | fixture.destroy_user_group(obj_name) |
|
666 | 598 | |
|
667 | 599 | def test_delete_owner_of_user_group_deleting(self, request, user_util): |
|
668 | 600 | self.log_user() |
|
669 | 601 | obj_name = 'test_user_group' |
|
670 | 602 | usr = user_util.create_user(auto_cleanup=False) |
|
671 | 603 | username = usr.username |
|
672 | 604 | fixture.create_user_group(obj_name, cur_user=usr.username) |
|
673 | 605 | |
|
674 | 606 | new_user = Session().query(User)\ |
|
675 | 607 | .filter(User.username == username).one() |
|
676 | 608 | response = self.app.post( |
|
677 | 609 | route_path('user_delete', user_id=new_user.user_id), |
|
678 | 610 | params={'user_user_groups': 'delete', 'csrf_token': self.csrf_token}) |
|
679 | 611 | |
|
680 | 612 | msg = 'Deleted 1 user groups' |
|
681 | 613 | assert_session_flash(response, msg) |
|
682 | 614 | |
|
683 | 615 | def test_edit(self, user_util): |
|
684 | 616 | self.log_user() |
|
685 | 617 | user = user_util.create_user() |
|
686 | 618 | self.app.get(route_path('user_edit', user_id=user.user_id)) |
|
687 | 619 | |
|
688 | 620 | def test_edit_default_user_redirect(self): |
|
689 | 621 | self.log_user() |
|
690 | 622 | user = User.get_default_user() |
|
691 | 623 | self.app.get(route_path('user_edit', user_id=user.user_id), status=302) |
|
692 | 624 | |
|
693 | 625 | @pytest.mark.parametrize( |
|
694 | 626 | 'repo_create, repo_create_write, user_group_create, repo_group_create,' |
|
695 | 627 | 'fork_create, inherit_default_permissions, expect_error,' |
|
696 | 628 | 'expect_form_error', [ |
|
697 | 629 | ('hg.create.none', 'hg.create.write_on_repogroup.false', |
|
698 | 630 | 'hg.usergroup.create.false', 'hg.repogroup.create.false', |
|
699 | 631 | 'hg.fork.none', 'hg.inherit_default_perms.false', False, False), |
|
700 | 632 | ('hg.create.repository', 'hg.create.write_on_repogroup.false', |
|
701 | 633 | 'hg.usergroup.create.false', 'hg.repogroup.create.false', |
|
702 | 634 | 'hg.fork.none', 'hg.inherit_default_perms.false', False, False), |
|
703 | 635 | ('hg.create.repository', 'hg.create.write_on_repogroup.true', |
|
704 | 636 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
705 | 637 | 'hg.fork.repository', 'hg.inherit_default_perms.false', False, |
|
706 | 638 | False), |
|
707 | 639 | ('hg.create.XXX', 'hg.create.write_on_repogroup.true', |
|
708 | 640 | 'hg.usergroup.create.true', 'hg.repogroup.create.true', |
|
709 | 641 | 'hg.fork.repository', 'hg.inherit_default_perms.false', False, |
|
710 | 642 | True), |
|
711 | 643 | ('', '', '', '', '', '', True, False), |
|
712 | 644 | ]) |
|
713 | 645 | def test_global_perms_on_user( |
|
714 | 646 | self, repo_create, repo_create_write, user_group_create, |
|
715 | 647 | repo_group_create, fork_create, expect_error, expect_form_error, |
|
716 | 648 | inherit_default_permissions, user_util): |
|
717 | 649 | self.log_user() |
|
718 | 650 | user = user_util.create_user() |
|
719 | 651 | uid = user.user_id |
|
720 | 652 | |
|
721 | 653 | # ENABLE REPO CREATE ON A GROUP |
|
722 | 654 | perm_params = { |
|
723 | 655 | 'inherit_default_permissions': False, |
|
724 | 656 | 'default_repo_create': repo_create, |
|
725 | 657 | 'default_repo_create_on_write': repo_create_write, |
|
726 | 658 | 'default_user_group_create': user_group_create, |
|
727 | 659 | 'default_repo_group_create': repo_group_create, |
|
728 | 660 | 'default_fork_create': fork_create, |
|
729 | 661 | 'default_inherit_default_permissions': inherit_default_permissions, |
|
730 | 662 | 'csrf_token': self.csrf_token, |
|
731 | 663 | } |
|
732 | 664 | response = self.app.post( |
|
733 | 665 | route_path('user_edit_global_perms_update', user_id=uid), |
|
734 | 666 | params=perm_params) |
|
735 | 667 | |
|
736 | 668 | if expect_form_error: |
|
737 | 669 | assert response.status_int == 200 |
|
738 | 670 | response.mustcontain('Value must be one of') |
|
739 | 671 | else: |
|
740 | 672 | if expect_error: |
|
741 | 673 | msg = 'An error occurred during permissions saving' |
|
742 | 674 | else: |
|
743 | 675 | msg = 'User global permissions updated successfully' |
|
744 | 676 | ug = User.get(uid) |
|
745 | 677 | del perm_params['inherit_default_permissions'] |
|
746 | 678 | del perm_params['csrf_token'] |
|
747 | 679 | assert perm_params == ug.get_default_perms() |
|
748 | 680 | assert_session_flash(response, msg) |
|
749 | 681 | |
|
750 | 682 | def test_global_permissions_initial_values(self, user_util): |
|
751 | 683 | self.log_user() |
|
752 | 684 | user = user_util.create_user() |
|
753 | 685 | uid = user.user_id |
|
754 | 686 | response = self.app.get( |
|
755 | 687 | route_path('user_edit_global_perms', user_id=uid)) |
|
756 | 688 | default_user = User.get_default_user() |
|
757 | 689 | default_permissions = default_user.get_default_perms() |
|
758 | 690 | assert_response = response.assert_response() |
|
759 | 691 | expected_permissions = ( |
|
760 | 692 | 'default_repo_create', 'default_repo_create_on_write', |
|
761 | 693 | 'default_fork_create', 'default_repo_group_create', |
|
762 | 694 | 'default_user_group_create', 'default_inherit_default_permissions') |
|
763 | 695 | for permission in expected_permissions: |
|
764 | 696 | css_selector = '[name={}][checked=checked]'.format(permission) |
|
765 | 697 | element = assert_response.get_element(css_selector) |
|
766 | 698 | assert element.value == default_permissions[permission] |
|
767 | 699 | |
|
768 | 700 | def test_perms_summary_page(self): |
|
769 | 701 | user = self.log_user() |
|
770 | 702 | response = self.app.get( |
|
771 | 703 | route_path('edit_user_perms_summary', user_id=user['user_id'])) |
|
772 | 704 | for repo in Repository.query().all(): |
|
773 | 705 | response.mustcontain(repo.repo_name) |
|
774 | 706 | |
|
775 | 707 | def test_perms_summary_page_json(self): |
|
776 | 708 | user = self.log_user() |
|
777 | 709 | response = self.app.get( |
|
778 | 710 | route_path('edit_user_perms_summary_json', user_id=user['user_id'])) |
|
779 | 711 | for repo in Repository.query().all(): |
|
780 | 712 | response.mustcontain(repo.repo_name) |
|
781 | 713 | |
|
782 | 714 | def test_audit_log_page(self): |
|
783 | 715 | user = self.log_user() |
|
784 | 716 | self.app.get( |
|
785 | 717 | route_path('edit_user_audit_logs', user_id=user['user_id'])) |
|
786 | 718 | |
|
787 | 719 | def test_audit_log_page_download(self): |
|
788 | 720 | user = self.log_user() |
|
789 | 721 | user_id = user['user_id'] |
|
790 | 722 | response = self.app.get( |
|
791 | 723 | route_path('edit_user_audit_logs_download', user_id=user_id)) |
|
792 | 724 | |
|
793 | 725 | assert response.content_disposition == \ |
|
794 | 726 | 'attachment; filename=user_{}_audit_logs.json'.format(user_id) |
|
795 | 727 | assert response.content_type == "application/json" |
@@ -1,177 +1,155 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.model.db import User, UserSshKeys |
|
23 | 23 | |
|
24 | 24 | from rhodecode.tests import TestController, assert_session_flash |
|
25 | 25 | from rhodecode.tests.fixture import Fixture |
|
26 | from rhodecode.tests.routes import route_path | |
|
26 | 27 | |
|
27 | 28 | fixture = Fixture() |
|
28 | 29 | |
|
29 | 30 | |
|
30 | def route_path(name, params=None, **kwargs): | |
|
31 | import urllib.request | |
|
32 | import urllib.parse | |
|
33 | import urllib.error | |
|
34 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
35 | ||
|
36 | base_url = { | |
|
37 | 'edit_user_ssh_keys': | |
|
38 | ADMIN_PREFIX + '/users/{user_id}/edit/ssh_keys', | |
|
39 | 'edit_user_ssh_keys_generate_keypair': | |
|
40 | ADMIN_PREFIX + '/users/{user_id}/edit/ssh_keys/generate', | |
|
41 | 'edit_user_ssh_keys_add': | |
|
42 | ADMIN_PREFIX + '/users/{user_id}/edit/ssh_keys/new', | |
|
43 | 'edit_user_ssh_keys_delete': | |
|
44 | ADMIN_PREFIX + '/users/{user_id}/edit/ssh_keys/delete', | |
|
45 | ||
|
46 | }[name].format(**kwargs) | |
|
47 | ||
|
48 | if params: | |
|
49 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
50 | return base_url | |
|
51 | ||
|
52 | ||
|
53 | 31 | class TestAdminUsersSshKeysView(TestController): |
|
54 | 32 | INVALID_KEY = """\ |
|
55 | 33 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDk+77sjDzVeB6vevJsuZds1iNU5 |
|
56 | 34 | LANOa5CU5G/9JYIA6RYsWWMO7mbsR82IUckdqOHmxSykfR1D1TdluyIpQLrwgH5kb |
|
57 | 35 | n8FkVI8zBMCKakxowvN67B0R7b1BT4PPzW2JlOXei/m9W12ZY484VTow6/B+kf2Q8 |
|
58 | 36 | cP8tmCJmKWZma5Em7OTUhvjyQVNz3v7HfeY5Hq0Ci4ECJ59hepFDabJvtAXg9XrI6 |
|
59 | 37 | jvdphZTc30I4fG8+hBHzpeFxUGvSGNtXPUbwaAY8j/oHYrTpMgkj6pUEFsiKfC5zP |
|
60 | 38 | qPFR5HyKTCHW0nFUJnZsbyFT5hMiF/hZkJc9A0ZbdSvJwCRQ/g3bmdL |
|
61 | 39 | your_email@example.com |
|
62 | 40 | """ |
|
63 | 41 | VALID_KEY = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDk+77sjDzVeB6vev' \ |
|
64 | 42 | 'JsuZds1iNU5LANOa5CU5G/9JYIA6RYsWWMO7mbsR82IUckdqOHmxSy' \ |
|
65 | 43 | 'kfR1D1TdluyIpQLrwgH5kbn8FkVI8zBMCKakxowvN67B0R7b1BT4PP' \ |
|
66 | 44 | 'zW2JlOXei/m9W12ZY484VTow6/B+kf2Q8cP8tmCJmKWZma5Em7OTUh' \ |
|
67 | 45 | 'vjyQVNz3v7HfeY5Hq0Ci4ECJ59hepFDabJvtAXg9XrI6jvdphZTc30' \ |
|
68 | 46 | 'I4fG8+hBHzpeFxUGvSGNtXPUbwaAY8j/oHYrTpMgkj6pUEFsiKfC5zPq' \ |
|
69 | 47 | 'PFR5HyKTCHW0nFUJnZsbyFT5hMiF/hZkJc9A0ZbdSvJwCRQ/g3bmdL ' \ |
|
70 | 48 | 'your_email@example.com' |
|
71 | 49 | FINGERPRINT = 'MD5:01:4f:ad:29:22:6e:01:37:c9:d2:52:26:52:b0:2d:93' |
|
72 | 50 | |
|
73 | 51 | def test_ssh_keys_default_user(self): |
|
74 | 52 | self.log_user() |
|
75 | 53 | user = User.get_default_user() |
|
76 | 54 | self.app.get( |
|
77 | 55 | route_path('edit_user_ssh_keys', user_id=user.user_id), |
|
78 | 56 | status=302) |
|
79 | 57 | |
|
80 | 58 | def test_add_ssh_key_error(self, user_util): |
|
81 | 59 | self.log_user() |
|
82 | 60 | user = user_util.create_user() |
|
83 | 61 | user_id = user.user_id |
|
84 | 62 | |
|
85 | 63 | key_data = self.INVALID_KEY |
|
86 | 64 | |
|
87 | 65 | desc = 'MY SSH KEY' |
|
88 | 66 | response = self.app.post( |
|
89 | 67 | route_path('edit_user_ssh_keys_add', user_id=user_id), |
|
90 | 68 | {'description': desc, 'key_data': key_data, |
|
91 | 69 | 'csrf_token': self.csrf_token}) |
|
92 | 70 | assert_session_flash(response, 'An error occurred during ssh ' |
|
93 | 71 | 'key saving: Unable to decode the key') |
|
94 | 72 | |
|
95 | 73 | def test_ssh_key_duplicate(self, user_util): |
|
96 | 74 | self.log_user() |
|
97 | 75 | user = user_util.create_user() |
|
98 | 76 | user_id = user.user_id |
|
99 | 77 | |
|
100 | 78 | key_data = self.VALID_KEY |
|
101 | 79 | |
|
102 | 80 | desc = 'MY SSH KEY' |
|
103 | 81 | response = self.app.post( |
|
104 | 82 | route_path('edit_user_ssh_keys_add', user_id=user_id), |
|
105 | 83 | {'description': desc, 'key_data': key_data, |
|
106 | 84 | 'csrf_token': self.csrf_token}) |
|
107 | 85 | assert_session_flash(response, 'Ssh Key successfully created') |
|
108 | 86 | response.follow() # flush session flash |
|
109 | 87 | |
|
110 | 88 | # add the same key AGAIN |
|
111 | 89 | desc = 'MY SSH KEY' |
|
112 | 90 | response = self.app.post( |
|
113 | 91 | route_path('edit_user_ssh_keys_add', user_id=user_id), |
|
114 | 92 | {'description': desc, 'key_data': key_data, |
|
115 | 93 | 'csrf_token': self.csrf_token}) |
|
116 | 94 | |
|
117 | 95 | err = 'Such key with fingerprint `{}` already exists, ' \ |
|
118 | 96 | 'please use a different one'.format(self.FINGERPRINT) |
|
119 | 97 | assert_session_flash(response, 'An error occurred during ssh key ' |
|
120 | 98 | 'saving: {}'.format(err)) |
|
121 | 99 | |
|
122 | 100 | def test_add_ssh_key(self, user_util): |
|
123 | 101 | self.log_user() |
|
124 | 102 | user = user_util.create_user() |
|
125 | 103 | user_id = user.user_id |
|
126 | 104 | |
|
127 | 105 | key_data = self.VALID_KEY |
|
128 | 106 | |
|
129 | 107 | desc = 'MY SSH KEY' |
|
130 | 108 | response = self.app.post( |
|
131 | 109 | route_path('edit_user_ssh_keys_add', user_id=user_id), |
|
132 | 110 | {'description': desc, 'key_data': key_data, |
|
133 | 111 | 'csrf_token': self.csrf_token}) |
|
134 | 112 | assert_session_flash(response, 'Ssh Key successfully created') |
|
135 | 113 | |
|
136 | 114 | response = response.follow() |
|
137 | 115 | response.mustcontain(desc) |
|
138 | 116 | |
|
139 | 117 | def test_delete_ssh_key(self, user_util): |
|
140 | 118 | self.log_user() |
|
141 | 119 | user = user_util.create_user() |
|
142 | 120 | user_id = user.user_id |
|
143 | 121 | |
|
144 | 122 | key_data = self.VALID_KEY |
|
145 | 123 | |
|
146 | 124 | desc = 'MY SSH KEY' |
|
147 | 125 | response = self.app.post( |
|
148 | 126 | route_path('edit_user_ssh_keys_add', user_id=user_id), |
|
149 | 127 | {'description': desc, 'key_data': key_data, |
|
150 | 128 | 'csrf_token': self.csrf_token}) |
|
151 | 129 | assert_session_flash(response, 'Ssh Key successfully created') |
|
152 | 130 | response = response.follow() # flush the Session flash |
|
153 | 131 | |
|
154 | 132 | # now delete our key |
|
155 | 133 | keys = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).all() |
|
156 | 134 | assert 1 == len(keys) |
|
157 | 135 | |
|
158 | 136 | response = self.app.post( |
|
159 | 137 | route_path('edit_user_ssh_keys_delete', user_id=user_id), |
|
160 | 138 | {'del_ssh_key': keys[0].ssh_key_id, |
|
161 | 139 | 'csrf_token': self.csrf_token}) |
|
162 | 140 | |
|
163 | 141 | assert_session_flash(response, 'Ssh key successfully deleted') |
|
164 | 142 | keys = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).all() |
|
165 | 143 | assert 0 == len(keys) |
|
166 | 144 | |
|
167 | 145 | def test_generate_keypair(self, user_util): |
|
168 | 146 | self.log_user() |
|
169 | 147 | user = user_util.create_user() |
|
170 | 148 | user_id = user.user_id |
|
171 | 149 | |
|
172 | 150 | response = self.app.get( |
|
173 | 151 | route_path('edit_user_ssh_keys_generate_keypair', user_id=user_id)) |
|
174 | 152 | |
|
175 | 153 | response.mustcontain('Private key') |
|
176 | 154 | response.mustcontain('Public key') |
|
177 | 155 | response.mustcontain('-----BEGIN PRIVATE KEY-----') |
@@ -1,261 +1,246 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | import os |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.lib.ext_json import json |
|
22 | 22 | from rhodecode.model.auth_token import AuthTokenModel |
|
23 | 23 | from rhodecode.model.db import Session, FileStore, Repository, User |
|
24 | from rhodecode.tests import TestController | |
|
25 | 24 | from rhodecode.apps.file_store import utils, config_keys |
|
26 | 25 | |
|
27 | ||
|
28 | def route_path(name, params=None, **kwargs): | |
|
29 | import urllib.request | |
|
30 | import urllib.parse | |
|
31 | import urllib.error | |
|
32 | ||
|
33 | base_url = { | |
|
34 | 'upload_file': '/_file_store/upload', | |
|
35 | 'download_file': '/_file_store/download/{fid}', | |
|
36 | 'download_file_by_token': '/_file_store/token-download/{_auth_token}/{fid}' | |
|
37 | ||
|
38 | }[name].format(**kwargs) | |
|
39 | ||
|
40 | if params: | |
|
41 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
42 | return base_url | |
|
26 | from rhodecode.tests import TestController | |
|
27 | from rhodecode.tests.routes import route_path | |
|
43 | 28 | |
|
44 | 29 | |
|
45 | 30 | class TestFileStoreViews(TestController): |
|
46 | 31 | |
|
47 | 32 | @pytest.mark.parametrize("fid, content, exists", [ |
|
48 | 33 | ('abcde-0.jpg', "xxxxx", True), |
|
49 | 34 | ('abcde-0.exe', "1234567", True), |
|
50 | 35 | ('abcde-0.jpg', "xxxxx", False), |
|
51 | 36 | ]) |
|
52 | 37 | def test_get_files_from_store(self, fid, content, exists, tmpdir, user_util): |
|
53 | 38 | user = self.log_user() |
|
54 | 39 | user_id = user['user_id'] |
|
55 | 40 | repo_id = user_util.create_repo().repo_id |
|
56 | 41 | store_path = self.app._pyramid_settings[config_keys.store_path] |
|
57 | 42 | store_uid = fid |
|
58 | 43 | |
|
59 | 44 | if exists: |
|
60 | 45 | status = 200 |
|
61 | 46 | store = utils.get_file_storage({config_keys.store_path: store_path}) |
|
62 | 47 | filesystem_file = os.path.join(str(tmpdir), fid) |
|
63 | 48 | with open(filesystem_file, 'wt') as f: |
|
64 | 49 | f.write(content) |
|
65 | 50 | |
|
66 | 51 | with open(filesystem_file, 'rb') as f: |
|
67 | 52 | store_uid, metadata = store.save_file(f, fid, extra_metadata={'filename': fid}) |
|
68 | 53 | |
|
69 | 54 | entry = FileStore.create( |
|
70 | 55 | file_uid=store_uid, filename=metadata["filename"], |
|
71 | 56 | file_hash=metadata["sha256"], file_size=metadata["size"], |
|
72 | 57 | file_display_name='file_display_name', |
|
73 | 58 | file_description='repo artifact `{}`'.format(metadata["filename"]), |
|
74 | 59 | check_acl=True, user_id=user_id, |
|
75 | 60 | scope_repo_id=repo_id |
|
76 | 61 | ) |
|
77 | 62 | Session().add(entry) |
|
78 | 63 | Session().commit() |
|
79 | 64 | |
|
80 | 65 | else: |
|
81 | 66 | status = 404 |
|
82 | 67 | |
|
83 | 68 | response = self.app.get(route_path('download_file', fid=store_uid), status=status) |
|
84 | 69 | |
|
85 | 70 | if exists: |
|
86 | 71 | assert response.text == content |
|
87 | 72 | file_store_path = os.path.dirname(store.resolve_name(store_uid, store_path)[1]) |
|
88 | 73 | metadata_file = os.path.join(file_store_path, store_uid + '.meta') |
|
89 | 74 | assert os.path.exists(metadata_file) |
|
90 | 75 | with open(metadata_file, 'rb') as f: |
|
91 | 76 | json_data = json.loads(f.read()) |
|
92 | 77 | |
|
93 | 78 | assert json_data |
|
94 | 79 | assert 'size' in json_data |
|
95 | 80 | |
|
96 | 81 | def test_upload_files_without_content_to_store(self): |
|
97 | 82 | self.log_user() |
|
98 | 83 | response = self.app.post( |
|
99 | 84 | route_path('upload_file'), |
|
100 | 85 | params={'csrf_token': self.csrf_token}, |
|
101 | 86 | status=200) |
|
102 | 87 | |
|
103 | 88 | assert response.json == { |
|
104 | 89 | 'error': 'store_file data field is missing', |
|
105 | 90 | 'access_path': None, |
|
106 | 91 | 'store_fid': None} |
|
107 | 92 | |
|
108 | 93 | def test_upload_files_bogus_content_to_store(self): |
|
109 | 94 | self.log_user() |
|
110 | 95 | response = self.app.post( |
|
111 | 96 | route_path('upload_file'), |
|
112 | 97 | params={'csrf_token': self.csrf_token, 'store_file': 'bogus'}, |
|
113 | 98 | status=200) |
|
114 | 99 | |
|
115 | 100 | assert response.json == { |
|
116 | 101 | 'error': 'filename cannot be read from the data field', |
|
117 | 102 | 'access_path': None, |
|
118 | 103 | 'store_fid': None} |
|
119 | 104 | |
|
120 | 105 | def test_upload_content_to_store(self): |
|
121 | 106 | self.log_user() |
|
122 | 107 | response = self.app.post( |
|
123 | 108 | route_path('upload_file'), |
|
124 | 109 | upload_files=[('store_file', b'myfile.txt', b'SOME CONTENT')], |
|
125 | 110 | params={'csrf_token': self.csrf_token}, |
|
126 | 111 | status=200) |
|
127 | 112 | |
|
128 | 113 | assert response.json['store_fid'] |
|
129 | 114 | |
|
130 | 115 | @pytest.fixture() |
|
131 | 116 | def create_artifact_factory(self, tmpdir): |
|
132 | 117 | def factory(user_id, content): |
|
133 | 118 | store_path = self.app._pyramid_settings[config_keys.store_path] |
|
134 | 119 | store = utils.get_file_storage({config_keys.store_path: store_path}) |
|
135 | 120 | fid = 'example.txt' |
|
136 | 121 | |
|
137 | 122 | filesystem_file = os.path.join(str(tmpdir), fid) |
|
138 | 123 | with open(filesystem_file, 'wt') as f: |
|
139 | 124 | f.write(content) |
|
140 | 125 | |
|
141 | 126 | with open(filesystem_file, 'rb') as f: |
|
142 | 127 | store_uid, metadata = store.save_file(f, fid, extra_metadata={'filename': fid}) |
|
143 | 128 | |
|
144 | 129 | entry = FileStore.create( |
|
145 | 130 | file_uid=store_uid, filename=metadata["filename"], |
|
146 | 131 | file_hash=metadata["sha256"], file_size=metadata["size"], |
|
147 | 132 | file_display_name='file_display_name', |
|
148 | 133 | file_description='repo artifact `{}`'.format(metadata["filename"]), |
|
149 | 134 | check_acl=True, user_id=user_id, |
|
150 | 135 | ) |
|
151 | 136 | Session().add(entry) |
|
152 | 137 | Session().commit() |
|
153 | 138 | return entry |
|
154 | 139 | return factory |
|
155 | 140 | |
|
156 | 141 | def test_download_file_non_scoped(self, user_util, create_artifact_factory): |
|
157 | 142 | user = self.log_user() |
|
158 | 143 | user_id = user['user_id'] |
|
159 | 144 | content = 'HELLO MY NAME IS ARTIFACT !' |
|
160 | 145 | |
|
161 | 146 | artifact = create_artifact_factory(user_id, content) |
|
162 | 147 | file_uid = artifact.file_uid |
|
163 | 148 | response = self.app.get(route_path('download_file', fid=file_uid), status=200) |
|
164 | 149 | assert response.text == content |
|
165 | 150 | |
|
166 | 151 | # log-in to new user and test download again |
|
167 | 152 | user = user_util.create_user(password='qweqwe') |
|
168 | 153 | self.log_user(user.username, 'qweqwe') |
|
169 | 154 | response = self.app.get(route_path('download_file', fid=file_uid), status=200) |
|
170 | 155 | assert response.text == content |
|
171 | 156 | |
|
172 | 157 | def test_download_file_scoped_to_repo(self, user_util, create_artifact_factory): |
|
173 | 158 | user = self.log_user() |
|
174 | 159 | user_id = user['user_id'] |
|
175 | 160 | content = 'HELLO MY NAME IS ARTIFACT !' |
|
176 | 161 | |
|
177 | 162 | artifact = create_artifact_factory(user_id, content) |
|
178 | 163 | # bind to repo |
|
179 | 164 | repo = user_util.create_repo() |
|
180 | 165 | repo_id = repo.repo_id |
|
181 | 166 | artifact.scope_repo_id = repo_id |
|
182 | 167 | Session().add(artifact) |
|
183 | 168 | Session().commit() |
|
184 | 169 | |
|
185 | 170 | file_uid = artifact.file_uid |
|
186 | 171 | response = self.app.get(route_path('download_file', fid=file_uid), status=200) |
|
187 | 172 | assert response.text == content |
|
188 | 173 | |
|
189 | 174 | # log-in to new user and test download again |
|
190 | 175 | user = user_util.create_user(password='qweqwe') |
|
191 | 176 | self.log_user(user.username, 'qweqwe') |
|
192 | 177 | response = self.app.get(route_path('download_file', fid=file_uid), status=200) |
|
193 | 178 | assert response.text == content |
|
194 | 179 | |
|
195 | 180 | # forbid user the rights to repo |
|
196 | 181 | repo = Repository.get(repo_id) |
|
197 | 182 | user_util.grant_user_permission_to_repo(repo, user, 'repository.none') |
|
198 | 183 | self.app.get(route_path('download_file', fid=file_uid), status=404) |
|
199 | 184 | |
|
200 | 185 | def test_download_file_scoped_to_user(self, user_util, create_artifact_factory): |
|
201 | 186 | user = self.log_user() |
|
202 | 187 | user_id = user['user_id'] |
|
203 | 188 | content = 'HELLO MY NAME IS ARTIFACT !' |
|
204 | 189 | |
|
205 | 190 | artifact = create_artifact_factory(user_id, content) |
|
206 | 191 | # bind to user |
|
207 | 192 | user = user_util.create_user(password='qweqwe') |
|
208 | 193 | |
|
209 | 194 | artifact.scope_user_id = user.user_id |
|
210 | 195 | Session().add(artifact) |
|
211 | 196 | Session().commit() |
|
212 | 197 | |
|
213 | 198 | # artifact creator doesn't have access since it's bind to another user |
|
214 | 199 | file_uid = artifact.file_uid |
|
215 | 200 | self.app.get(route_path('download_file', fid=file_uid), status=404) |
|
216 | 201 | |
|
217 | 202 | # log-in to new user and test download again, should be ok since we're bind to this artifact |
|
218 | 203 | self.log_user(user.username, 'qweqwe') |
|
219 | 204 | response = self.app.get(route_path('download_file', fid=file_uid), status=200) |
|
220 | 205 | assert response.text == content |
|
221 | 206 | |
|
222 | 207 | def test_download_file_scoped_to_repo_with_bad_token(self, user_util, create_artifact_factory): |
|
223 | 208 | user_id = User.get_first_super_admin().user_id |
|
224 | 209 | content = 'HELLO MY NAME IS ARTIFACT !' |
|
225 | 210 | |
|
226 | 211 | artifact = create_artifact_factory(user_id, content) |
|
227 | 212 | # bind to repo |
|
228 | 213 | repo = user_util.create_repo() |
|
229 | 214 | repo_id = repo.repo_id |
|
230 | 215 | artifact.scope_repo_id = repo_id |
|
231 | 216 | Session().add(artifact) |
|
232 | 217 | Session().commit() |
|
233 | 218 | |
|
234 | 219 | file_uid = artifact.file_uid |
|
235 | 220 | self.app.get(route_path('download_file_by_token', |
|
236 | 221 | _auth_token='bogus', fid=file_uid), status=302) |
|
237 | 222 | |
|
238 | 223 | def test_download_file_scoped_to_repo_with_token(self, user_util, create_artifact_factory): |
|
239 | 224 | user = User.get_first_super_admin() |
|
240 | 225 | AuthTokenModel().create(user, 'test artifact token', |
|
241 | 226 | role=AuthTokenModel.cls.ROLE_ARTIFACT_DOWNLOAD) |
|
242 | 227 | |
|
243 | 228 | user = User.get_first_super_admin() |
|
244 | 229 | artifact_token = user.artifact_token |
|
245 | 230 | |
|
246 | 231 | user_id = User.get_first_super_admin().user_id |
|
247 | 232 | content = 'HELLO MY NAME IS ARTIFACT !' |
|
248 | 233 | |
|
249 | 234 | artifact = create_artifact_factory(user_id, content) |
|
250 | 235 | # bind to repo |
|
251 | 236 | repo = user_util.create_repo() |
|
252 | 237 | repo_id = repo.repo_id |
|
253 | 238 | artifact.scope_repo_id = repo_id |
|
254 | 239 | Session().add(artifact) |
|
255 | 240 | Session().commit() |
|
256 | 241 | |
|
257 | 242 | file_uid = artifact.file_uid |
|
258 | 243 | response = self.app.get( |
|
259 | 244 | route_path('download_file_by_token', |
|
260 | 245 | _auth_token=artifact_token, fid=file_uid), status=200) |
|
261 | 246 | assert response.text == content |
@@ -1,389 +1,365 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import mock |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.lib import helpers as h |
|
23 | 23 | from rhodecode.model.db import User, Gist |
|
24 | 24 | from rhodecode.model.gist import GistModel |
|
25 | 25 | from rhodecode.model.meta import Session |
|
26 | 26 | from rhodecode.tests import ( |
|
27 | 27 | TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS, |
|
28 | 28 | TestController, assert_session_flash) |
|
29 | ||
|
30 | ||
|
31 | def route_path(name, params=None, **kwargs): | |
|
32 | import urllib.parse | |
|
33 | import urllib.error | |
|
34 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
35 | ||
|
36 | base_url = { | |
|
37 | 'gists_show': ADMIN_PREFIX + '/gists', | |
|
38 | 'gists_new': ADMIN_PREFIX + '/gists/new', | |
|
39 | 'gists_create': ADMIN_PREFIX + '/gists/create', | |
|
40 | 'gist_show': ADMIN_PREFIX + '/gists/{gist_id}', | |
|
41 | 'gist_delete': ADMIN_PREFIX + '/gists/{gist_id}/delete', | |
|
42 | 'gist_edit': ADMIN_PREFIX + '/gists/{gist_id}/edit', | |
|
43 | 'gist_edit_check_revision': ADMIN_PREFIX + '/gists/{gist_id}/edit/check_revision', | |
|
44 | 'gist_update': ADMIN_PREFIX + '/gists/{gist_id}/update', | |
|
45 | 'gist_show_rev': ADMIN_PREFIX + '/gists/{gist_id}/rev/{revision}', | |
|
46 | 'gist_show_formatted': ADMIN_PREFIX + '/gists/{gist_id}/rev/{revision}/{format}', | |
|
47 | 'gist_show_formatted_path': ADMIN_PREFIX + '/gists/{gist_id}/rev/{revision}/{format}/{f_path}', | |
|
48 | ||
|
49 | }[name].format(**kwargs) | |
|
50 | ||
|
51 | if params: | |
|
52 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
53 | return base_url | |
|
29 | from rhodecode.tests.routes import route_path | |
|
54 | 30 | |
|
55 | 31 | |
|
56 | 32 | class GistUtility(object): |
|
57 | 33 | |
|
58 | 34 | def __init__(self): |
|
59 | 35 | self._gist_ids = [] |
|
60 | 36 | |
|
61 | 37 | def __call__( |
|
62 | 38 | self, f_name: bytes, content: bytes = b'some gist', lifetime=-1, |
|
63 | 39 | description='gist-desc', gist_type='public', |
|
64 | 40 | acl_level=Gist.GIST_PUBLIC, owner=TEST_USER_ADMIN_LOGIN): |
|
65 | 41 | gist_mapping = { |
|
66 | 42 | f_name: {'content': content} |
|
67 | 43 | } |
|
68 | 44 | user = User.get_by_username(owner) |
|
69 | 45 | gist = GistModel().create( |
|
70 | 46 | description, owner=user, gist_mapping=gist_mapping, |
|
71 | 47 | gist_type=gist_type, lifetime=lifetime, gist_acl_level=acl_level) |
|
72 | 48 | Session().commit() |
|
73 | 49 | self._gist_ids.append(gist.gist_id) |
|
74 | 50 | return gist |
|
75 | 51 | |
|
76 | 52 | def cleanup(self): |
|
77 | 53 | for gist_id in self._gist_ids: |
|
78 | 54 | gist = Gist.get(gist_id) |
|
79 | 55 | if gist: |
|
80 | 56 | Session().delete(gist) |
|
81 | 57 | |
|
82 | 58 | Session().commit() |
|
83 | 59 | |
|
84 | 60 | |
|
85 | 61 | @pytest.fixture() |
|
86 | 62 | def create_gist(request): |
|
87 | 63 | gist_utility = GistUtility() |
|
88 | 64 | request.addfinalizer(gist_utility.cleanup) |
|
89 | 65 | return gist_utility |
|
90 | 66 | |
|
91 | 67 | |
|
92 | 68 | class TestGistsController(TestController): |
|
93 | 69 | |
|
94 | 70 | def test_index_empty(self, create_gist): |
|
95 | 71 | self.log_user() |
|
96 | 72 | response = self.app.get(route_path('gists_show')) |
|
97 | 73 | response.mustcontain('var gist_data = [];') |
|
98 | 74 | |
|
99 | 75 | def test_index(self, create_gist): |
|
100 | 76 | self.log_user() |
|
101 | 77 | g1 = create_gist(b'gist1') |
|
102 | 78 | g2 = create_gist(b'gist2', lifetime=1400) |
|
103 | 79 | g3 = create_gist(b'gist3', description='gist3-desc') |
|
104 | 80 | g4 = create_gist(b'gist4', gist_type='private').gist_access_id |
|
105 | 81 | response = self.app.get(route_path('gists_show')) |
|
106 | 82 | |
|
107 | 83 | response.mustcontain(g1.gist_access_id) |
|
108 | 84 | response.mustcontain(g2.gist_access_id) |
|
109 | 85 | response.mustcontain(g3.gist_access_id) |
|
110 | 86 | response.mustcontain('gist3-desc') |
|
111 | 87 | response.mustcontain(no=[g4]) |
|
112 | 88 | |
|
113 | 89 | # Expiration information should be visible |
|
114 | 90 | expires_tag = str(h.age_component(h.time_to_utcdatetime(g2.gist_expires))) |
|
115 | 91 | response.mustcontain(expires_tag.replace('"', '\\"')) |
|
116 | 92 | |
|
117 | 93 | def test_index_private_gists(self, create_gist): |
|
118 | 94 | self.log_user() |
|
119 | 95 | gist = create_gist(b'gist5', gist_type='private') |
|
120 | 96 | response = self.app.get(route_path('gists_show', params=dict(private=1))) |
|
121 | 97 | |
|
122 | 98 | # and privates |
|
123 | 99 | response.mustcontain(gist.gist_access_id) |
|
124 | 100 | |
|
125 | 101 | def test_index_show_all(self, create_gist): |
|
126 | 102 | self.log_user() |
|
127 | 103 | create_gist(b'gist1') |
|
128 | 104 | create_gist(b'gist2', lifetime=1400) |
|
129 | 105 | create_gist(b'gist3', description='gist3-desc') |
|
130 | 106 | create_gist(b'gist4', gist_type='private') |
|
131 | 107 | |
|
132 | 108 | response = self.app.get(route_path('gists_show', params=dict(all=1))) |
|
133 | 109 | |
|
134 | 110 | assert len(GistModel.get_all()) == 4 |
|
135 | 111 | # and privates |
|
136 | 112 | for gist in GistModel.get_all(): |
|
137 | 113 | response.mustcontain(gist.gist_access_id) |
|
138 | 114 | |
|
139 | 115 | def test_index_show_all_hidden_from_regular(self, create_gist): |
|
140 | 116 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
141 | 117 | create_gist(b'gist2', gist_type='private') |
|
142 | 118 | create_gist(b'gist3', gist_type='private') |
|
143 | 119 | create_gist(b'gist4', gist_type='private') |
|
144 | 120 | |
|
145 | 121 | response = self.app.get(route_path('gists_show', params=dict(all=1))) |
|
146 | 122 | |
|
147 | 123 | assert len(GistModel.get_all()) == 3 |
|
148 | 124 | # since we don't have access to private in this view, we |
|
149 | 125 | # should see nothing |
|
150 | 126 | for gist in GistModel.get_all(): |
|
151 | 127 | response.mustcontain(no=[gist.gist_access_id]) |
|
152 | 128 | |
|
153 | 129 | def test_create(self): |
|
154 | 130 | self.log_user() |
|
155 | 131 | response = self.app.post( |
|
156 | 132 | route_path('gists_create'), |
|
157 | 133 | params={'lifetime': -1, |
|
158 | 134 | 'content': 'gist test', |
|
159 | 135 | 'filename': 'foo', |
|
160 | 136 | 'gist_type': 'public', |
|
161 | 137 | 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC, |
|
162 | 138 | 'csrf_token': self.csrf_token}, |
|
163 | 139 | status=302) |
|
164 | 140 | response = response.follow() |
|
165 | 141 | response.mustcontain('added file: foo') |
|
166 | 142 | response.mustcontain('gist test') |
|
167 | 143 | |
|
168 | 144 | def test_create_with_path_with_dirs(self): |
|
169 | 145 | self.log_user() |
|
170 | 146 | response = self.app.post( |
|
171 | 147 | route_path('gists_create'), |
|
172 | 148 | params={'lifetime': -1, |
|
173 | 149 | 'content': 'gist test', |
|
174 | 150 | 'filename': '/home/foo', |
|
175 | 151 | 'gist_type': 'public', |
|
176 | 152 | 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC, |
|
177 | 153 | 'csrf_token': self.csrf_token}, |
|
178 | 154 | status=200) |
|
179 | 155 | response.mustcontain('Filename /home/foo cannot be inside a directory') |
|
180 | 156 | |
|
181 | 157 | def test_access_expired_gist(self, create_gist): |
|
182 | 158 | self.log_user() |
|
183 | 159 | gist = create_gist(b'never-see-me') |
|
184 | 160 | gist.gist_expires = 0 # 1970 |
|
185 | 161 | Session().add(gist) |
|
186 | 162 | Session().commit() |
|
187 | 163 | |
|
188 | 164 | self.app.get(route_path('gist_show', gist_id=gist.gist_access_id), |
|
189 | 165 | status=404) |
|
190 | 166 | |
|
191 | 167 | def test_create_private(self): |
|
192 | 168 | self.log_user() |
|
193 | 169 | response = self.app.post( |
|
194 | 170 | route_path('gists_create'), |
|
195 | 171 | params={'lifetime': -1, |
|
196 | 172 | 'content': 'private gist test', |
|
197 | 173 | 'filename': 'private-foo', |
|
198 | 174 | 'gist_type': 'private', |
|
199 | 175 | 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC, |
|
200 | 176 | 'csrf_token': self.csrf_token}, |
|
201 | 177 | status=302) |
|
202 | 178 | response = response.follow() |
|
203 | 179 | response.mustcontain('added file: private-foo<') |
|
204 | 180 | response.mustcontain('private gist test') |
|
205 | 181 | response.mustcontain('Private Gist') |
|
206 | 182 | # Make sure private gists are not indexed by robots |
|
207 | 183 | response.mustcontain( |
|
208 | 184 | '<meta name="robots" content="noindex, nofollow">') |
|
209 | 185 | |
|
210 | 186 | def test_create_private_acl_private(self): |
|
211 | 187 | self.log_user() |
|
212 | 188 | response = self.app.post( |
|
213 | 189 | route_path('gists_create'), |
|
214 | 190 | params={'lifetime': -1, |
|
215 | 191 | 'content': 'private gist test', |
|
216 | 192 | 'filename': 'private-foo', |
|
217 | 193 | 'gist_type': 'private', |
|
218 | 194 | 'gist_acl_level': Gist.ACL_LEVEL_PRIVATE, |
|
219 | 195 | 'csrf_token': self.csrf_token}, |
|
220 | 196 | status=302) |
|
221 | 197 | response = response.follow() |
|
222 | 198 | response.mustcontain('added file: private-foo<') |
|
223 | 199 | response.mustcontain('private gist test') |
|
224 | 200 | response.mustcontain('Private Gist') |
|
225 | 201 | # Make sure private gists are not indexed by robots |
|
226 | 202 | response.mustcontain( |
|
227 | 203 | '<meta name="robots" content="noindex, nofollow">') |
|
228 | 204 | |
|
229 | 205 | def test_create_with_description(self): |
|
230 | 206 | self.log_user() |
|
231 | 207 | response = self.app.post( |
|
232 | 208 | route_path('gists_create'), |
|
233 | 209 | params={'lifetime': -1, |
|
234 | 210 | 'content': 'gist test', |
|
235 | 211 | 'filename': 'foo-desc', |
|
236 | 212 | 'description': 'gist-desc', |
|
237 | 213 | 'gist_type': 'public', |
|
238 | 214 | 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC, |
|
239 | 215 | 'csrf_token': self.csrf_token}, |
|
240 | 216 | status=302) |
|
241 | 217 | response = response.follow() |
|
242 | 218 | response.mustcontain('added file: foo-desc') |
|
243 | 219 | response.mustcontain('gist test') |
|
244 | 220 | response.mustcontain('gist-desc') |
|
245 | 221 | |
|
246 | 222 | def test_create_public_with_anonymous_access(self): |
|
247 | 223 | self.log_user() |
|
248 | 224 | params = { |
|
249 | 225 | 'lifetime': -1, |
|
250 | 226 | 'content': 'gist test', |
|
251 | 227 | 'filename': 'foo-desc', |
|
252 | 228 | 'description': 'gist-desc', |
|
253 | 229 | 'gist_type': 'public', |
|
254 | 230 | 'gist_acl_level': Gist.ACL_LEVEL_PUBLIC, |
|
255 | 231 | 'csrf_token': self.csrf_token |
|
256 | 232 | } |
|
257 | 233 | response = self.app.post( |
|
258 | 234 | route_path('gists_create'), params=params, status=302) |
|
259 | 235 | self.logout_user() |
|
260 | 236 | response = response.follow() |
|
261 | 237 | response.mustcontain('added file: foo-desc') |
|
262 | 238 | response.mustcontain('gist test') |
|
263 | 239 | response.mustcontain('gist-desc') |
|
264 | 240 | |
|
265 | 241 | def test_new(self): |
|
266 | 242 | self.log_user() |
|
267 | 243 | self.app.get(route_path('gists_new')) |
|
268 | 244 | |
|
269 | 245 | def test_delete(self, create_gist): |
|
270 | 246 | self.log_user() |
|
271 | 247 | gist = create_gist(b'delete-me') |
|
272 | 248 | response = self.app.post( |
|
273 | 249 | route_path('gist_delete', gist_id=gist.gist_id), |
|
274 | 250 | params={'csrf_token': self.csrf_token}) |
|
275 | 251 | assert_session_flash(response, 'Deleted gist %s' % gist.gist_id) |
|
276 | 252 | |
|
277 | 253 | def test_delete_normal_user_his_gist(self, create_gist): |
|
278 | 254 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
279 | 255 | gist = create_gist(b'delete-me', owner=TEST_USER_REGULAR_LOGIN) |
|
280 | 256 | |
|
281 | 257 | response = self.app.post( |
|
282 | 258 | route_path('gist_delete', gist_id=gist.gist_id), |
|
283 | 259 | params={'csrf_token': self.csrf_token}) |
|
284 | 260 | assert_session_flash(response, 'Deleted gist %s' % gist.gist_id) |
|
285 | 261 | |
|
286 | 262 | def test_delete_normal_user_not_his_own_gist(self, create_gist): |
|
287 | 263 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
288 | 264 | gist = create_gist(b'delete-me-2') |
|
289 | 265 | |
|
290 | 266 | self.app.post( |
|
291 | 267 | route_path('gist_delete', gist_id=gist.gist_id), |
|
292 | 268 | params={'csrf_token': self.csrf_token}, status=404) |
|
293 | 269 | |
|
294 | 270 | def test_show(self, create_gist): |
|
295 | 271 | gist = create_gist(b'gist-show-me') |
|
296 | 272 | response = self.app.get(route_path('gist_show', gist_id=gist.gist_access_id)) |
|
297 | 273 | |
|
298 | 274 | response.mustcontain('added file: gist-show-me<') |
|
299 | 275 | |
|
300 | 276 | assert_response = response.assert_response() |
|
301 | 277 | assert_response.element_equals_to( |
|
302 | 278 | 'div.rc-user span.user', |
|
303 | 279 | '<a href="/_profiles/test_admin">test_admin</a>') |
|
304 | 280 | |
|
305 | 281 | response.mustcontain('gist-desc') |
|
306 | 282 | |
|
307 | 283 | def test_show_without_hg(self, create_gist): |
|
308 | 284 | with mock.patch( |
|
309 | 285 | 'rhodecode.lib.vcs.settings.ALIASES', ['git']): |
|
310 | 286 | gist = create_gist(b'gist-show-me-again') |
|
311 | 287 | self.app.get( |
|
312 | 288 | route_path('gist_show', gist_id=gist.gist_access_id), status=200) |
|
313 | 289 | |
|
314 | 290 | def test_show_acl_private(self, create_gist): |
|
315 | 291 | gist = create_gist(b'gist-show-me-only-when-im-logged-in', |
|
316 | 292 | acl_level=Gist.ACL_LEVEL_PRIVATE) |
|
317 | 293 | self.app.get( |
|
318 | 294 | route_path('gist_show', gist_id=gist.gist_access_id), status=404) |
|
319 | 295 | |
|
320 | 296 | # now we log-in we should see thi gist |
|
321 | 297 | self.log_user() |
|
322 | 298 | response = self.app.get( |
|
323 | 299 | route_path('gist_show', gist_id=gist.gist_access_id)) |
|
324 | 300 | response.mustcontain('added file: gist-show-me-only-when-im-logged-in') |
|
325 | 301 | |
|
326 | 302 | assert_response = response.assert_response() |
|
327 | 303 | assert_response.element_equals_to( |
|
328 | 304 | 'div.rc-user span.user', |
|
329 | 305 | '<a href="/_profiles/test_admin">test_admin</a>') |
|
330 | 306 | response.mustcontain('gist-desc') |
|
331 | 307 | |
|
332 | 308 | def test_show_as_raw(self, create_gist): |
|
333 | 309 | gist = create_gist(b'gist-show-me', content=b'GIST CONTENT') |
|
334 | 310 | response = self.app.get( |
|
335 | 311 | route_path('gist_show_formatted', |
|
336 | 312 | gist_id=gist.gist_access_id, revision='tip', |
|
337 | 313 | format='raw')) |
|
338 | 314 | assert response.text == 'GIST CONTENT' |
|
339 | 315 | |
|
340 | 316 | def test_show_as_raw_individual_file(self, create_gist): |
|
341 | 317 | gist = create_gist(b'gist-show-me-raw', content=b'GIST BODY') |
|
342 | 318 | response = self.app.get( |
|
343 | 319 | route_path('gist_show_formatted_path', |
|
344 | 320 | gist_id=gist.gist_access_id, format='raw', |
|
345 | 321 | revision='tip', f_path='gist-show-me-raw')) |
|
346 | 322 | assert response.text == 'GIST BODY' |
|
347 | 323 | |
|
348 | 324 | def test_edit_page(self, create_gist): |
|
349 | 325 | self.log_user() |
|
350 | 326 | gist = create_gist(b'gist-for-edit', content=b'GIST EDIT BODY') |
|
351 | 327 | response = self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id)) |
|
352 | 328 | response.mustcontain('GIST EDIT BODY') |
|
353 | 329 | |
|
354 | 330 | def test_edit_page_non_logged_user(self, create_gist): |
|
355 | 331 | gist = create_gist(b'gist-for-edit', content=b'GIST EDIT BODY') |
|
356 | 332 | self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id), |
|
357 | 333 | status=302) |
|
358 | 334 | |
|
359 | 335 | def test_edit_normal_user_his_gist(self, create_gist): |
|
360 | 336 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
361 | 337 | gist = create_gist(b'gist-for-edit', owner=TEST_USER_REGULAR_LOGIN) |
|
362 | 338 | self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id, |
|
363 | 339 | status=200)) |
|
364 | 340 | |
|
365 | 341 | def test_edit_normal_user_not_his_own_gist(self, create_gist): |
|
366 | 342 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
367 | 343 | gist = create_gist(b'delete-me') |
|
368 | 344 | self.app.get(route_path('gist_edit', gist_id=gist.gist_access_id), |
|
369 | 345 | status=404) |
|
370 | 346 | |
|
371 | 347 | def test_user_first_name_is_escaped(self, user_util, create_gist): |
|
372 | 348 | xss_atack_string = '"><script>alert(\'First Name\')</script>' |
|
373 | 349 | xss_escaped_string = h.html_escape(h.escape(xss_atack_string)) |
|
374 | 350 | password = 'test' |
|
375 | 351 | user = user_util.create_user( |
|
376 | 352 | firstname=xss_atack_string, password=password) |
|
377 | 353 | create_gist(b'gist', gist_type='public', owner=user.username) |
|
378 | 354 | response = self.app.get(route_path('gists_show')) |
|
379 | 355 | response.mustcontain(xss_escaped_string) |
|
380 | 356 | |
|
381 | 357 | def test_user_last_name_is_escaped(self, user_util, create_gist): |
|
382 | 358 | xss_atack_string = '"><script>alert(\'Last Name\')</script>' |
|
383 | 359 | xss_escaped_string = h.html_escape(h.escape(xss_atack_string)) |
|
384 | 360 | password = 'test' |
|
385 | 361 | user = user_util.create_user( |
|
386 | 362 | lastname=xss_atack_string, password=password) |
|
387 | 363 | create_gist(b'gist', gist_type='public', owner=user.username) |
|
388 | 364 | response = self.app.get(route_path('gists_show')) |
|
389 | 365 | response.mustcontain(xss_escaped_string) |
@@ -1,179 +1,167 b'' | |||
|
1 | 1 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from . import assert_and_get_main_filter_content |
|
22 | from rhodecode.tests import TestController, TEST_USER_ADMIN_LOGIN | |
|
23 | from rhodecode.tests.fixture import Fixture | |
|
24 | 22 | |
|
25 | 23 | from rhodecode.lib.utils import map_groups |
|
26 | 24 | from rhodecode.lib.ext_json import json |
|
27 | 25 | from rhodecode.model.repo import RepoModel |
|
28 | 26 | from rhodecode.model.repo_group import RepoGroupModel |
|
29 | 27 | from rhodecode.model.db import Session, Repository, RepoGroup |
|
30 | 28 | |
|
31 | fixture = Fixture() | |
|
32 | ||
|
33 | ||
|
34 | def route_path(name, params=None, **kwargs): | |
|
35 | import urllib.request | |
|
36 | import urllib.parse | |
|
37 | import urllib.error | |
|
29 | from rhodecode.tests import TestController, TEST_USER_ADMIN_LOGIN | |
|
30 | from rhodecode.tests.fixture import Fixture | |
|
31 | from rhodecode.tests.routes import route_path | |
|
38 | 32 | |
|
39 | base_url = { | |
|
40 | 'goto_switcher_data': '/_goto_data', | |
|
41 | }[name].format(**kwargs) | |
|
42 | ||
|
43 | if params: | |
|
44 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
45 | return base_url | |
|
33 | fixture = Fixture() | |
|
46 | 34 | |
|
47 | 35 | |
|
48 | 36 | class TestGotoSwitcherData(TestController): |
|
49 | 37 | |
|
50 | 38 | required_repos_with_groups = [ |
|
51 | 39 | 'abc', |
|
52 | 40 | 'abc-fork', |
|
53 | 41 | 'forks/abcd', |
|
54 | 42 | 'abcd', |
|
55 | 43 | 'abcde', |
|
56 | 44 | 'a/abc', |
|
57 | 45 | 'aa/abc', |
|
58 | 46 | 'aaa/abc', |
|
59 | 47 | 'aaaa/abc', |
|
60 | 48 | 'repos_abc/aaa/abc', |
|
61 | 49 | 'abc_repos/abc', |
|
62 | 50 | 'abc_repos/abcd', |
|
63 | 51 | 'xxx/xyz', |
|
64 | 52 | 'forked-abc/a/abc' |
|
65 | 53 | ] |
|
66 | 54 | |
|
67 | 55 | @pytest.fixture(autouse=True, scope='class') |
|
68 | 56 | def prepare(self, request, baseapp): |
|
69 | 57 | for repo_and_group in self.required_repos_with_groups: |
|
70 | 58 | # create structure of groups and return the last group |
|
71 | 59 | |
|
72 | 60 | repo_group = map_groups(repo_and_group) |
|
73 | 61 | |
|
74 | 62 | RepoModel()._create_repo( |
|
75 | 63 | repo_and_group, 'hg', 'test-ac', TEST_USER_ADMIN_LOGIN, |
|
76 | 64 | repo_group=getattr(repo_group, 'group_id', None)) |
|
77 | 65 | |
|
78 | 66 | Session().commit() |
|
79 | 67 | |
|
80 | 68 | request.addfinalizer(self.cleanup) |
|
81 | 69 | |
|
82 | 70 | def cleanup(self): |
|
83 | 71 | # first delete all repos |
|
84 | 72 | for repo_and_groups in self.required_repos_with_groups: |
|
85 | 73 | repo = Repository.get_by_repo_name(repo_and_groups) |
|
86 | 74 | if repo: |
|
87 | 75 | RepoModel().delete(repo) |
|
88 | 76 | Session().commit() |
|
89 | 77 | |
|
90 | 78 | # then delete all empty groups |
|
91 | 79 | for repo_and_groups in self.required_repos_with_groups: |
|
92 | 80 | if '/' in repo_and_groups: |
|
93 | 81 | r_group = repo_and_groups.rsplit('/', 1)[0] |
|
94 | 82 | repo_group = RepoGroup.get_by_group_name(r_group) |
|
95 | 83 | if not repo_group: |
|
96 | 84 | continue |
|
97 | 85 | parents = repo_group.parents |
|
98 | 86 | RepoGroupModel().delete(repo_group, force_delete=True) |
|
99 | 87 | Session().commit() |
|
100 | 88 | |
|
101 | 89 | for el in reversed(parents): |
|
102 | 90 | RepoGroupModel().delete(el, force_delete=True) |
|
103 | 91 | Session().commit() |
|
104 | 92 | |
|
105 | 93 | def test_empty_query(self, xhr_header): |
|
106 | 94 | self.log_user() |
|
107 | 95 | |
|
108 | 96 | response = self.app.get( |
|
109 | 97 | route_path('goto_switcher_data'), |
|
110 | 98 | extra_environ=xhr_header, status=200) |
|
111 | 99 | result = json.loads(response.body)['suggestions'] |
|
112 | 100 | |
|
113 | 101 | assert result == [] |
|
114 | 102 | |
|
115 | 103 | def test_returns_list_of_repos_and_groups_filtered(self, xhr_header): |
|
116 | 104 | self.log_user() |
|
117 | 105 | |
|
118 | 106 | response = self.app.get( |
|
119 | 107 | route_path('goto_switcher_data'), |
|
120 | 108 | params={'query': 'abc'}, |
|
121 | 109 | extra_environ=xhr_header, status=200) |
|
122 | 110 | result = json.loads(response.body)['suggestions'] |
|
123 | 111 | |
|
124 | 112 | repos, groups, users, commits = assert_and_get_main_filter_content(result) |
|
125 | 113 | |
|
126 | 114 | assert len(repos) == 13 |
|
127 | 115 | assert len(groups) == 5 |
|
128 | 116 | assert len(users) == 0 |
|
129 | 117 | assert len(commits) == 0 |
|
130 | 118 | |
|
131 | 119 | def test_returns_list_of_users_filtered(self, xhr_header): |
|
132 | 120 | self.log_user() |
|
133 | 121 | |
|
134 | 122 | response = self.app.get( |
|
135 | 123 | route_path('goto_switcher_data'), |
|
136 | 124 | params={'query': 'user:admin'}, |
|
137 | 125 | extra_environ=xhr_header, status=200) |
|
138 | 126 | result = json.loads(response.body)['suggestions'] |
|
139 | 127 | |
|
140 | 128 | repos, groups, users, commits = assert_and_get_main_filter_content(result) |
|
141 | 129 | |
|
142 | 130 | assert len(repos) == 0 |
|
143 | 131 | assert len(groups) == 0 |
|
144 | 132 | assert len(users) == 1 |
|
145 | 133 | assert len(commits) == 0 |
|
146 | 134 | |
|
147 | 135 | def test_returns_list_of_commits_filtered(self, xhr_header): |
|
148 | 136 | self.log_user() |
|
149 | 137 | |
|
150 | 138 | response = self.app.get( |
|
151 | 139 | route_path('goto_switcher_data'), |
|
152 | 140 | params={'query': 'commit:e8'}, |
|
153 | 141 | extra_environ=xhr_header, status=200) |
|
154 | 142 | result = json.loads(response.body)['suggestions'] |
|
155 | 143 | |
|
156 | 144 | repos, groups, users, commits = assert_and_get_main_filter_content(result) |
|
157 | 145 | |
|
158 | 146 | assert len(repos) == 0 |
|
159 | 147 | assert len(groups) == 0 |
|
160 | 148 | assert len(users) == 0 |
|
161 | 149 | assert len(commits) == 5 |
|
162 | 150 | |
|
163 | 151 | def test_returns_list_of_properly_sorted_and_filtered(self, xhr_header): |
|
164 | 152 | self.log_user() |
|
165 | 153 | |
|
166 | 154 | response = self.app.get( |
|
167 | 155 | route_path('goto_switcher_data'), |
|
168 | 156 | params={'query': 'abc'}, |
|
169 | 157 | extra_environ=xhr_header, status=200) |
|
170 | 158 | result = json.loads(response.body)['suggestions'] |
|
171 | 159 | |
|
172 | 160 | repos, groups, users, commits = assert_and_get_main_filter_content(result) |
|
173 | 161 | |
|
174 | 162 | test_repos = [x['value_display'] for x in repos[:4]] |
|
175 | 163 | assert ['abc', 'abcd', 'a/abc', 'abcde'] == test_repos |
|
176 | 164 | |
|
177 | 165 | test_groups = [x['value_display'] for x in groups[:4]] |
|
178 | 166 | assert ['abc_repos', 'repos_abc', |
|
179 | 167 | 'forked-abc', 'forked-abc/a'] == test_groups |
@@ -1,95 +1,83 b'' | |||
|
1 | 1 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | from . import assert_and_get_repo_list_content |
|
20 | from rhodecode.tests import TestController | |
|
21 | from rhodecode.tests.fixture import Fixture | |
|
20 | ||
|
22 | 21 | from rhodecode.model.db import Repository |
|
23 | 22 | from rhodecode.lib.ext_json import json |
|
24 | 23 | |
|
24 | from rhodecode.tests import TestController | |
|
25 | from rhodecode.tests.fixture import Fixture | |
|
26 | from rhodecode.tests.routes import route_path | |
|
25 | 27 | |
|
26 | 28 | fixture = Fixture() |
|
27 | 29 | |
|
28 | 30 | |
|
29 | def route_path(name, params=None, **kwargs): | |
|
30 | import urllib.request | |
|
31 | import urllib.parse | |
|
32 | import urllib.error | |
|
33 | ||
|
34 | base_url = { | |
|
35 | 'repo_list_data': '/_repos', | |
|
36 | }[name].format(**kwargs) | |
|
37 | ||
|
38 | if params: | |
|
39 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
40 | return base_url | |
|
41 | ||
|
42 | ||
|
43 | 31 | class TestRepoListData(TestController): |
|
44 | 32 | |
|
45 | 33 | def test_returns_list_of_repos_and_groups(self, xhr_header): |
|
46 | 34 | self.log_user() |
|
47 | 35 | |
|
48 | 36 | response = self.app.get( |
|
49 | 37 | route_path('repo_list_data'), |
|
50 | 38 | extra_environ=xhr_header, status=200) |
|
51 | 39 | result = json.loads(response.body)['results'] |
|
52 | 40 | |
|
53 | 41 | repos = assert_and_get_repo_list_content(result) |
|
54 | 42 | |
|
55 | 43 | assert len(repos) == len(Repository.get_all()) |
|
56 | 44 | |
|
57 | 45 | def test_returns_list_of_repos_and_groups_filtered(self, xhr_header): |
|
58 | 46 | self.log_user() |
|
59 | 47 | |
|
60 | 48 | response = self.app.get( |
|
61 | 49 | route_path('repo_list_data'), |
|
62 | 50 | params={'query': 'vcs_test_git'}, |
|
63 | 51 | extra_environ=xhr_header, status=200) |
|
64 | 52 | result = json.loads(response.body)['results'] |
|
65 | 53 | |
|
66 | 54 | repos = assert_and_get_repo_list_content(result) |
|
67 | 55 | |
|
68 | 56 | assert len(repos) == len(Repository.query().filter( |
|
69 | 57 | Repository.repo_name.ilike('%vcs_test_git%')).all()) |
|
70 | 58 | |
|
71 | 59 | def test_returns_list_of_repos_and_groups_filtered_with_type(self, xhr_header): |
|
72 | 60 | self.log_user() |
|
73 | 61 | |
|
74 | 62 | response = self.app.get( |
|
75 | 63 | route_path('repo_list_data'), |
|
76 | 64 | params={'query': 'vcs_test_git', 'repo_type': 'git'}, |
|
77 | 65 | extra_environ=xhr_header, status=200) |
|
78 | 66 | result = json.loads(response.body)['results'] |
|
79 | 67 | |
|
80 | 68 | repos = assert_and_get_repo_list_content(result) |
|
81 | 69 | |
|
82 | 70 | assert len(repos) == len(Repository.query().filter( |
|
83 | 71 | Repository.repo_name.ilike('%vcs_test_git%')).all()) |
|
84 | 72 | |
|
85 | 73 | def test_returns_list_of_repos_non_ascii_query(self, xhr_header): |
|
86 | 74 | self.log_user() |
|
87 | 75 | response = self.app.get( |
|
88 | 76 | route_path('repo_list_data'), |
|
89 | 77 | params={'query': 'ć_vcs_test_ą', 'repo_type': 'git'}, |
|
90 | 78 | extra_environ=xhr_header, status=200) |
|
91 | 79 | result = json.loads(response.body)['results'] |
|
92 | 80 | |
|
93 | 81 | repos = assert_and_get_repo_list_content(result) |
|
94 | 82 | |
|
95 | 83 | assert len(repos) == 0 |
@@ -1,110 +1,97 b'' | |||
|
1 | 1 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | import pytest |
|
19 | 19 | |
|
20 | from rhodecode.lib.ext_json import json | |
|
21 | ||
|
20 | 22 | from rhodecode.tests import TestController |
|
21 | 23 | from rhodecode.tests.fixture import Fixture |
|
22 |
from rhodecode. |
|
|
24 | from rhodecode.tests.routes import route_path | |
|
23 | 25 | |
|
24 | 26 | fixture = Fixture() |
|
25 | 27 | |
|
26 | 28 | |
|
27 | def route_path(name, params=None, **kwargs): | |
|
28 | import urllib.request | |
|
29 | import urllib.parse | |
|
30 | import urllib.error | |
|
31 | ||
|
32 | base_url = { | |
|
33 | 'user_autocomplete_data': '/_users', | |
|
34 | 'user_group_autocomplete_data': '/_user_groups' | |
|
35 | }[name].format(**kwargs) | |
|
36 | ||
|
37 | if params: | |
|
38 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
39 | return base_url | |
|
40 | ||
|
41 | ||
|
42 | 29 | class TestUserAutocompleteData(TestController): |
|
43 | 30 | |
|
44 | 31 | def test_returns_list_of_users(self, user_util, xhr_header): |
|
45 | 32 | self.log_user() |
|
46 | 33 | user = user_util.create_user(active=True) |
|
47 | 34 | user_name = user.username |
|
48 | 35 | response = self.app.get( |
|
49 | 36 | route_path('user_autocomplete_data'), |
|
50 | 37 | extra_environ=xhr_header, status=200) |
|
51 | 38 | result = json.loads(response.body) |
|
52 | 39 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
53 | 40 | assert user_name in values |
|
54 | 41 | |
|
55 | 42 | def test_returns_inactive_users_when_active_flag_sent( |
|
56 | 43 | self, user_util, xhr_header): |
|
57 | 44 | self.log_user() |
|
58 | 45 | user = user_util.create_user(active=False) |
|
59 | 46 | user_name = user.username |
|
60 | 47 | |
|
61 | 48 | response = self.app.get( |
|
62 | 49 | route_path('user_autocomplete_data', |
|
63 | 50 | params=dict(user_groups='true', active='0')), |
|
64 | 51 | extra_environ=xhr_header, status=200) |
|
65 | 52 | result = json.loads(response.body) |
|
66 | 53 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
67 | 54 | assert user_name in values |
|
68 | 55 | |
|
69 | 56 | response = self.app.get( |
|
70 | 57 | route_path('user_autocomplete_data', |
|
71 | 58 | params=dict(user_groups='true', active='1')), |
|
72 | 59 | extra_environ=xhr_header, status=200) |
|
73 | 60 | result = json.loads(response.body) |
|
74 | 61 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
75 | 62 | assert user_name not in values |
|
76 | 63 | |
|
77 | 64 | def test_returns_groups_when_user_groups_flag_sent( |
|
78 | 65 | self, user_util, xhr_header): |
|
79 | 66 | self.log_user() |
|
80 | 67 | group = user_util.create_user_group(user_groups_active=True) |
|
81 | 68 | group_name = group.users_group_name |
|
82 | 69 | response = self.app.get( |
|
83 | 70 | route_path('user_autocomplete_data', |
|
84 | 71 | params=dict(user_groups='true')), |
|
85 | 72 | extra_environ=xhr_header, status=200) |
|
86 | 73 | result = json.loads(response.body) |
|
87 | 74 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
88 | 75 | assert group_name in values |
|
89 | 76 | |
|
90 | 77 | @pytest.mark.parametrize('query, count', [ |
|
91 | 78 | ('hello1', 0), |
|
92 | 79 | ('dev', 2), |
|
93 | 80 | ]) |
|
94 | 81 | def test_result_is_limited_when_query_is_sent(self, user_util, xhr_header, |
|
95 | 82 | query, count): |
|
96 | 83 | self.log_user() |
|
97 | 84 | |
|
98 | 85 | user_util._test_name = 'dev-test' |
|
99 | 86 | user_util.create_user() |
|
100 | 87 | |
|
101 | 88 | user_util._test_name = 'dev-group-test' |
|
102 | 89 | user_util.create_user_group() |
|
103 | 90 | |
|
104 | 91 | response = self.app.get( |
|
105 | 92 | route_path('user_autocomplete_data', |
|
106 | 93 | params=dict(user_groups='true', query=query)), |
|
107 | 94 | extra_environ=xhr_header, status=200) |
|
108 | 95 | |
|
109 | 96 | result = json.loads(response.body) |
|
110 | 97 | assert len(result['suggestions']) == count |
@@ -1,116 +1,102 b'' | |||
|
1 | 1 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | |
|
20 | 20 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
21 | 21 | # |
|
22 | 22 | # This program is free software: you can redistribute it and/or modify |
|
23 | 23 | # it under the terms of the GNU Affero General Public License, version 3 |
|
24 | 24 | # (only), as published by the Free Software Foundation. |
|
25 | 25 | # |
|
26 | 26 | # This program is distributed in the hope that it will be useful, |
|
27 | 27 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
28 | 28 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
29 | 29 | # GNU General Public License for more details. |
|
30 | 30 | # |
|
31 | 31 | # You should have received a copy of the GNU Affero General Public License |
|
32 | 32 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
33 | 33 | # |
|
34 | 34 | # This program is dual-licensed. If you wish to learn more about the |
|
35 | 35 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
36 | 36 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
37 | 37 | |
|
38 | 38 | import pytest |
|
39 | 39 | |
|
40 | from rhodecode.lib.ext_json import json | |
|
41 | ||
|
40 | 42 | from rhodecode.tests import TestController |
|
41 | 43 | from rhodecode.tests.fixture import Fixture |
|
42 |
from rhodecode. |
|
|
43 | ||
|
44 | from rhodecode.tests.routes import route_path | |
|
44 | 45 | |
|
45 | 46 | fixture = Fixture() |
|
46 | 47 | |
|
47 | 48 | |
|
48 | def route_path(name, params=None, **kwargs): | |
|
49 | import urllib.request | |
|
50 | import urllib.parse | |
|
51 | import urllib.error | |
|
52 | ||
|
53 | base_url = { | |
|
54 | 'user_autocomplete_data': '/_users', | |
|
55 | 'user_group_autocomplete_data': '/_user_groups' | |
|
56 | }[name].format(**kwargs) | |
|
57 | ||
|
58 | if params: | |
|
59 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
60 | return base_url | |
|
61 | ||
|
62 | ||
|
63 | 49 | class TestUserGroupAutocompleteData(TestController): |
|
64 | 50 | |
|
65 | 51 | def test_returns_list_of_user_groups(self, user_util, xhr_header): |
|
66 | 52 | self.log_user() |
|
67 | 53 | user_group = user_util.create_user_group(active=True) |
|
68 | 54 | user_group_name = user_group.users_group_name |
|
69 | 55 | response = self.app.get( |
|
70 | 56 | route_path('user_group_autocomplete_data'), |
|
71 | 57 | extra_environ=xhr_header, status=200) |
|
72 | 58 | result = json.loads(response.body) |
|
73 | 59 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
74 | 60 | assert user_group_name in values |
|
75 | 61 | |
|
76 | 62 | def test_returns_inactive_user_groups_when_active_flag_sent( |
|
77 | 63 | self, user_util, xhr_header): |
|
78 | 64 | self.log_user() |
|
79 | 65 | user_group = user_util.create_user_group(active=False) |
|
80 | 66 | user_group_name = user_group.users_group_name |
|
81 | 67 | |
|
82 | 68 | response = self.app.get( |
|
83 | 69 | route_path('user_group_autocomplete_data', |
|
84 | 70 | params=dict(active='0')), |
|
85 | 71 | extra_environ=xhr_header, status=200) |
|
86 | 72 | result = json.loads(response.body) |
|
87 | 73 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
88 | 74 | assert user_group_name in values |
|
89 | 75 | |
|
90 | 76 | response = self.app.get( |
|
91 | 77 | route_path('user_group_autocomplete_data', |
|
92 | 78 | params=dict(active='1')), |
|
93 | 79 | extra_environ=xhr_header, status=200) |
|
94 | 80 | result = json.loads(response.body) |
|
95 | 81 | values = [suggestion['value'] for suggestion in result['suggestions']] |
|
96 | 82 | assert user_group_name not in values |
|
97 | 83 | |
|
98 | 84 | @pytest.mark.parametrize('query, count', [ |
|
99 | 85 | ('hello1', 0), |
|
100 | 86 | ('dev', 1), |
|
101 | 87 | ]) |
|
102 | 88 | def test_result_is_limited_when_query_is_sent(self, user_util, xhr_header, query, count): |
|
103 | 89 | self.log_user() |
|
104 | 90 | |
|
105 | 91 | user_util._test_name = 'dev-test' |
|
106 | 92 | user_util.create_user_group() |
|
107 | 93 | |
|
108 | 94 | response = self.app.get( |
|
109 | 95 | route_path('user_group_autocomplete_data', |
|
110 | 96 | params=dict(user_groups='true', |
|
111 | 97 | query=query)), |
|
112 | 98 | extra_environ=xhr_header, status=200) |
|
113 | 99 | |
|
114 | 100 | result = json.loads(response.body) |
|
115 | 101 | |
|
116 | 102 | assert len(result['suggestions']) == count |
@@ -1,177 +1,167 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | import rhodecode |
|
23 | 23 | from rhodecode.model.db import Repository, RepoGroup, User |
|
24 | 24 | from rhodecode.model.meta import Session |
|
25 | from rhodecode.model.repo import RepoModel | |
|
26 | from rhodecode.model.repo_group import RepoGroupModel | |
|
27 | 25 | from rhodecode.model.settings import SettingsModel |
|
28 | 26 | from rhodecode.tests import TestController |
|
29 | 27 | from rhodecode.tests.fixture import Fixture |
|
30 | from rhodecode.lib import helpers as h | |
|
31 | ||
|
32 | fixture = Fixture() | |
|
28 | from rhodecode.tests.routes import route_path | |
|
33 | 29 | |
|
34 | 30 | |
|
35 | def route_path(name, **kwargs): | |
|
36 | return { | |
|
37 | 'home': '/', | |
|
38 | 'main_page_repos_data': '/_home_repos', | |
|
39 | 'main_page_repo_groups_data': '/_home_repo_groups', | |
|
40 | 'repo_group_home': '/{repo_group_name}' | |
|
41 | }[name].format(**kwargs) | |
|
31 | fixture = Fixture() | |
|
42 | 32 | |
|
43 | 33 | |
|
44 | 34 | class TestHomeController(TestController): |
|
45 | 35 | |
|
46 | 36 | def test_index(self): |
|
47 | 37 | self.log_user() |
|
48 | 38 | response = self.app.get(route_path('home')) |
|
49 | 39 | # if global permission is set |
|
50 | 40 | response.mustcontain('New Repository') |
|
51 | 41 | |
|
52 | 42 | def test_index_grid_repos(self, xhr_header): |
|
53 | 43 | self.log_user() |
|
54 | 44 | response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header) |
|
55 | 45 | # search for objects inside the JavaScript JSON |
|
56 | 46 | for obj in Repository.getAll(): |
|
57 | 47 | response.mustcontain('<a href=\\"/{}\\">'.format(obj.repo_name)) |
|
58 | 48 | |
|
59 | 49 | def test_index_grid_repo_groups(self, xhr_header): |
|
60 | 50 | self.log_user() |
|
61 | 51 | response = self.app.get(route_path('main_page_repo_groups_data'), |
|
62 | 52 | extra_environ=xhr_header,) |
|
63 | 53 | |
|
64 | 54 | # search for objects inside the JavaScript JSON |
|
65 | 55 | for obj in RepoGroup.getAll(): |
|
66 | 56 | response.mustcontain('<a href=\\"/{}\\">'.format(obj.group_name)) |
|
67 | 57 | |
|
68 | 58 | def test_index_grid_repo_groups_without_access(self, xhr_header, user_util): |
|
69 | 59 | user = user_util.create_user(password='qweqwe') |
|
70 | 60 | group_ok = user_util.create_repo_group(owner=user) |
|
71 | 61 | group_id_ok = group_ok.group_id |
|
72 | 62 | |
|
73 | 63 | group_forbidden = user_util.create_repo_group(owner=User.get_first_super_admin()) |
|
74 | 64 | group_id_forbidden = group_forbidden.group_id |
|
75 | 65 | |
|
76 | 66 | user_util.grant_user_permission_to_repo_group(group_forbidden, user, 'group.none') |
|
77 | 67 | self.log_user(user.username, 'qweqwe') |
|
78 | 68 | |
|
79 | 69 | self.app.get(route_path('main_page_repo_groups_data'), |
|
80 | 70 | extra_environ=xhr_header, |
|
81 | 71 | params={'repo_group_id': group_id_ok}, status=200) |
|
82 | 72 | |
|
83 | 73 | self.app.get(route_path('main_page_repo_groups_data'), |
|
84 | 74 | extra_environ=xhr_header, |
|
85 | 75 | params={'repo_group_id': group_id_forbidden}, status=404) |
|
86 | 76 | |
|
87 | 77 | def test_index_contains_statics_with_ver(self): |
|
88 | 78 | from rhodecode.lib.base import calculate_version_hash |
|
89 | 79 | |
|
90 | 80 | self.log_user() |
|
91 | 81 | response = self.app.get(route_path('home')) |
|
92 | 82 | |
|
93 | 83 | rhodecode_version_hash = calculate_version_hash( |
|
94 | 84 | {'beaker.session.secret': 'test-rc-uytcxaz'}) |
|
95 | 85 | response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash)) |
|
96 | 86 | response.mustcontain('scripts.min.js?ver={0}'.format(rhodecode_version_hash)) |
|
97 | 87 | |
|
98 | 88 | def test_index_contains_backend_specific_details(self, backend, xhr_header): |
|
99 | 89 | self.log_user() |
|
100 | 90 | response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header) |
|
101 | 91 | tip = backend.repo.get_commit().raw_id |
|
102 | 92 | |
|
103 | 93 | # html in javascript variable: |
|
104 | 94 | response.mustcontain(r'<i class=\"icon-%s\"' % (backend.alias, )) |
|
105 | 95 | response.mustcontain(r'href=\"/%s\"' % (backend.repo_name, )) |
|
106 | 96 | |
|
107 | 97 | response.mustcontain("""/%s/changeset/%s""" % (backend.repo_name, tip)) |
|
108 | 98 | response.mustcontain("""Added a symlink""") |
|
109 | 99 | |
|
110 | 100 | def test_index_with_anonymous_access_disabled(self): |
|
111 | 101 | with fixture.anon_access(False): |
|
112 | 102 | response = self.app.get(route_path('home'), status=302) |
|
113 | 103 | assert 'login' in response.location |
|
114 | 104 | |
|
115 | 105 | def test_index_page_on_groups_with_wrong_group_id(self, autologin_user, xhr_header): |
|
116 | 106 | group_id = 918123 |
|
117 | 107 | self.app.get( |
|
118 | 108 | route_path('main_page_repo_groups_data'), |
|
119 | 109 | params={'repo_group_id': group_id}, |
|
120 | 110 | status=404, extra_environ=xhr_header) |
|
121 | 111 | |
|
122 | 112 | def test_index_page_on_groups(self, autologin_user, user_util, xhr_header): |
|
123 | 113 | gr = user_util.create_repo_group() |
|
124 | 114 | repo = user_util.create_repo(parent=gr) |
|
125 | 115 | repo_name = repo.repo_name |
|
126 | 116 | group_id = gr.group_id |
|
127 | 117 | |
|
128 | 118 | response = self.app.get(route_path( |
|
129 | 119 | 'repo_group_home', repo_group_name=gr.group_name)) |
|
130 | 120 | response.mustcontain('d.repo_group_id = {}'.format(group_id)) |
|
131 | 121 | |
|
132 | 122 | response = self.app.get( |
|
133 | 123 | route_path('main_page_repos_data'), |
|
134 | 124 | params={'repo_group_id': group_id}, |
|
135 | 125 | extra_environ=xhr_header,) |
|
136 | 126 | response.mustcontain(repo_name) |
|
137 | 127 | |
|
138 | 128 | def test_index_page_on_group_with_trailing_slash(self, autologin_user, user_util, xhr_header): |
|
139 | 129 | gr = user_util.create_repo_group() |
|
140 | 130 | repo = user_util.create_repo(parent=gr) |
|
141 | 131 | repo_name = repo.repo_name |
|
142 | 132 | group_id = gr.group_id |
|
143 | 133 | |
|
144 | 134 | response = self.app.get(route_path( |
|
145 | 135 | 'repo_group_home', repo_group_name=gr.group_name+'/')) |
|
146 | 136 | response.mustcontain('d.repo_group_id = {}'.format(group_id)) |
|
147 | 137 | |
|
148 | 138 | response = self.app.get( |
|
149 | 139 | route_path('main_page_repos_data'), |
|
150 | 140 | params={'repo_group_id': group_id}, |
|
151 | 141 | extra_environ=xhr_header, ) |
|
152 | 142 | response.mustcontain(repo_name) |
|
153 | 143 | |
|
154 | 144 | @pytest.mark.parametrize("name, state", [ |
|
155 | 145 | ('Disabled', False), |
|
156 | 146 | ('Enabled', True), |
|
157 | 147 | ]) |
|
158 | 148 | def test_index_show_version(self, autologin_user, name, state): |
|
159 | 149 | version_string = 'RhodeCode %s' % rhodecode.__version__ |
|
160 | 150 | |
|
161 | 151 | sett = SettingsModel().create_or_update_setting( |
|
162 | 152 | 'show_version', state, 'bool') |
|
163 | 153 | Session().add(sett) |
|
164 | 154 | Session().commit() |
|
165 | 155 | SettingsModel().invalidate_settings_cache(hard=True) |
|
166 | 156 | |
|
167 | 157 | response = self.app.get(route_path('home')) |
|
168 | 158 | if state is True: |
|
169 | 159 | response.mustcontain(version_string) |
|
170 | 160 | if state is False: |
|
171 | 161 | response.mustcontain(no=[version_string]) |
|
172 | 162 | |
|
173 | 163 | def test_logout_form_contains_csrf(self, autologin_user, csrf_token): |
|
174 | 164 | response = self.app.get(route_path('home')) |
|
175 | 165 | assert_response = response.assert_response() |
|
176 | 166 | element = assert_response.get_element('.logout [name=csrf_token]') |
|
177 | 167 | assert element.value == csrf_token |
@@ -1,107 +1,87 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import datetime |
|
21 | 21 | |
|
22 | 22 | import pytest |
|
23 | 23 | |
|
24 | 24 | from rhodecode.apps._base import ADMIN_PREFIX |
|
25 | from rhodecode.tests import TestController | |
|
26 | 25 | from rhodecode.model.db import UserFollowing, Repository |
|
27 | 26 | |
|
28 | ||
|
29 | def route_path(name, params=None, **kwargs): | |
|
30 | import urllib.request | |
|
31 | import urllib.parse | |
|
32 | import urllib.error | |
|
33 | ||
|
34 | base_url = { | |
|
35 | 'journal': ADMIN_PREFIX + '/journal', | |
|
36 | 'journal_rss': ADMIN_PREFIX + '/journal/rss', | |
|
37 | 'journal_atom': ADMIN_PREFIX + '/journal/atom', | |
|
38 | 'journal_public': ADMIN_PREFIX + '/public_journal', | |
|
39 | 'journal_public_atom': ADMIN_PREFIX + '/public_journal/atom', | |
|
40 | 'journal_public_atom_old': ADMIN_PREFIX + '/public_journal_atom', | |
|
41 | 'journal_public_rss': ADMIN_PREFIX + '/public_journal/rss', | |
|
42 | 'journal_public_rss_old': ADMIN_PREFIX + '/public_journal_rss', | |
|
43 | 'toggle_following': ADMIN_PREFIX + '/toggle_following', | |
|
44 | }[name].format(**kwargs) | |
|
45 | ||
|
46 | if params: | |
|
47 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
48 | return base_url | |
|
27 | from rhodecode.tests import TestController | |
|
28 | from rhodecode.tests.routes import route_path | |
|
49 | 29 | |
|
50 | 30 | |
|
51 | 31 | class TestJournalViews(TestController): |
|
52 | 32 | |
|
53 | 33 | def test_journal(self): |
|
54 | 34 | self.log_user() |
|
55 | 35 | response = self.app.get(route_path('journal')) |
|
56 | 36 | # response.mustcontain( |
|
57 | 37 | # """<div class="journal_day">%s</div>""" % datetime.date.today()) |
|
58 | 38 | |
|
59 | 39 | @pytest.mark.parametrize("feed_type, content_type", [ |
|
60 | 40 | ('rss', "application/rss+xml"), |
|
61 | 41 | ('atom', "application/atom+xml") |
|
62 | 42 | ]) |
|
63 | 43 | def test_journal_feed(self, feed_type, content_type): |
|
64 | 44 | self.log_user() |
|
65 | 45 | response = self.app.get( |
|
66 | 46 | route_path( |
|
67 | 47 | 'journal_{}'.format(feed_type)), |
|
68 | 48 | status=200) |
|
69 | 49 | |
|
70 | 50 | assert response.content_type == content_type |
|
71 | 51 | |
|
72 | 52 | def test_toggle_following_repository(self, backend): |
|
73 | 53 | user = self.log_user() |
|
74 | 54 | repo = Repository.get_by_repo_name(backend.repo_name) |
|
75 | 55 | repo_id = repo.repo_id |
|
76 | 56 | self.app.post( |
|
77 | 57 | route_path('toggle_following'), {'follows_repo_id': repo_id, |
|
78 | 58 | 'csrf_token': self.csrf_token}) |
|
79 | 59 | |
|
80 | 60 | followings = UserFollowing.query()\ |
|
81 | 61 | .filter(UserFollowing.user_id == user['user_id'])\ |
|
82 | 62 | .filter(UserFollowing.follows_repo_id == repo_id).all() |
|
83 | 63 | |
|
84 | 64 | assert len(followings) == 0 |
|
85 | 65 | |
|
86 | 66 | self.app.post( |
|
87 | 67 | route_path('toggle_following'), {'follows_repo_id': repo_id, |
|
88 | 68 | 'csrf_token': self.csrf_token}) |
|
89 | 69 | |
|
90 | 70 | followings = UserFollowing.query()\ |
|
91 | 71 | .filter(UserFollowing.user_id == user['user_id'])\ |
|
92 | 72 | .filter(UserFollowing.follows_repo_id == repo_id).all() |
|
93 | 73 | |
|
94 | 74 | assert len(followings) == 1 |
|
95 | 75 | |
|
96 | 76 | @pytest.mark.parametrize("feed_type, content_type", [ |
|
97 | 77 | ('rss', "application/rss+xml"), |
|
98 | 78 | ('atom', "application/atom+xml") |
|
99 | 79 | ]) |
|
100 | 80 | def test_public_journal_feed(self, feed_type, content_type): |
|
101 | 81 | self.log_user() |
|
102 | 82 | response = self.app.get( |
|
103 | 83 | route_path( |
|
104 | 84 | 'journal_public_{}'.format(feed_type)), |
|
105 | 85 | status=200) |
|
106 | 86 | |
|
107 | 87 | assert response.content_type == content_type |
@@ -1,607 +1,581 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import urllib.parse |
|
20 | 20 | |
|
21 | 21 | import mock |
|
22 | 22 | import pytest |
|
23 | 23 | |
|
24 | from rhodecode.tests import ( | |
|
25 | assert_session_flash, HG_REPO, TEST_USER_ADMIN_LOGIN, | |
|
26 | no_newline_id_generator) | |
|
27 | from rhodecode.tests.fixture import Fixture | |
|
24 | ||
|
28 | 25 | from rhodecode.lib.auth import check_password |
|
29 | 26 | from rhodecode.lib import helpers as h |
|
30 | 27 | from rhodecode.model.auth_token import AuthTokenModel |
|
31 | 28 | from rhodecode.model.db import User, Notification, UserApiKeys |
|
32 | 29 | from rhodecode.model.meta import Session |
|
33 | 30 | |
|
31 | from rhodecode.tests import ( | |
|
32 | assert_session_flash, HG_REPO, TEST_USER_ADMIN_LOGIN, | |
|
33 | no_newline_id_generator) | |
|
34 | from rhodecode.tests.fixture import Fixture | |
|
35 | from rhodecode.tests.routes import route_path | |
|
36 | ||
|
34 | 37 | fixture = Fixture() |
|
35 | 38 | |
|
36 | 39 | whitelist_view = ['RepoCommitsView:repo_commit_raw'] |
|
37 | 40 | |
|
38 | 41 | |
|
39 | def route_path(name, params=None, **kwargs): | |
|
40 | import urllib.request | |
|
41 | import urllib.parse | |
|
42 | import urllib.error | |
|
43 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
44 | ||
|
45 | base_url = { | |
|
46 | 'login': ADMIN_PREFIX + '/login', | |
|
47 | 'logout': ADMIN_PREFIX + '/logout', | |
|
48 | 'register': ADMIN_PREFIX + '/register', | |
|
49 | 'reset_password': | |
|
50 | ADMIN_PREFIX + '/password_reset', | |
|
51 | 'reset_password_confirmation': | |
|
52 | ADMIN_PREFIX + '/password_reset_confirmation', | |
|
53 | ||
|
54 | 'admin_permissions_application': | |
|
55 | ADMIN_PREFIX + '/permissions/application', | |
|
56 | 'admin_permissions_application_update': | |
|
57 | ADMIN_PREFIX + '/permissions/application/update', | |
|
58 | ||
|
59 | 'repo_commit_raw': '/{repo_name}/raw-changeset/{commit_id}' | |
|
60 | ||
|
61 | }[name].format(**kwargs) | |
|
62 | ||
|
63 | if params: | |
|
64 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
65 | return base_url | |
|
66 | ||
|
67 | ||
|
68 | 42 | @pytest.mark.usefixtures('app') |
|
69 | 43 | class TestLoginController(object): |
|
70 | 44 | destroy_users = set() |
|
71 | 45 | |
|
72 | 46 | @classmethod |
|
73 | 47 | def teardown_class(cls): |
|
74 | 48 | fixture.destroy_users(cls.destroy_users) |
|
75 | 49 | |
|
76 | 50 | def teardown_method(self, method): |
|
77 | 51 | for n in Notification.query().all(): |
|
78 | 52 | Session().delete(n) |
|
79 | 53 | |
|
80 | 54 | Session().commit() |
|
81 | 55 | assert Notification.query().all() == [] |
|
82 | 56 | |
|
83 | 57 | def test_index(self): |
|
84 | 58 | response = self.app.get(route_path('login')) |
|
85 | 59 | assert response.status == '200 OK' |
|
86 | 60 | # Test response... |
|
87 | 61 | |
|
88 | 62 | def test_login_admin_ok(self): |
|
89 | 63 | response = self.app.post(route_path('login'), |
|
90 | 64 | {'username': 'test_admin', |
|
91 | 65 | 'password': 'test12'}, status=302) |
|
92 | 66 | response = response.follow() |
|
93 | 67 | session = response.get_session_from_response() |
|
94 | 68 | username = session['rhodecode_user'].get('username') |
|
95 | 69 | assert username == 'test_admin' |
|
96 | 70 | response.mustcontain('logout') |
|
97 | 71 | |
|
98 | 72 | def test_login_regular_ok(self): |
|
99 | 73 | response = self.app.post(route_path('login'), |
|
100 | 74 | {'username': 'test_regular', |
|
101 | 75 | 'password': 'test12'}, status=302) |
|
102 | 76 | |
|
103 | 77 | response = response.follow() |
|
104 | 78 | session = response.get_session_from_response() |
|
105 | 79 | username = session['rhodecode_user'].get('username') |
|
106 | 80 | assert username == 'test_regular' |
|
107 | 81 | response.mustcontain('logout') |
|
108 | 82 | |
|
109 | 83 | def test_login_regular_forbidden_when_super_admin_restriction(self): |
|
110 | 84 | from rhodecode.authentication.plugins.auth_rhodecode import RhodeCodeAuthPlugin |
|
111 | 85 | with fixture.auth_restriction(self.app._pyramid_registry, |
|
112 | 86 | RhodeCodeAuthPlugin.AUTH_RESTRICTION_SUPER_ADMIN): |
|
113 | 87 | response = self.app.post(route_path('login'), |
|
114 | 88 | {'username': 'test_regular', |
|
115 | 89 | 'password': 'test12'}) |
|
116 | 90 | |
|
117 | 91 | response.mustcontain('invalid user name') |
|
118 | 92 | response.mustcontain('invalid password') |
|
119 | 93 | |
|
120 | 94 | def test_login_regular_forbidden_when_scope_restriction(self): |
|
121 | 95 | from rhodecode.authentication.plugins.auth_rhodecode import RhodeCodeAuthPlugin |
|
122 | 96 | with fixture.scope_restriction(self.app._pyramid_registry, |
|
123 | 97 | RhodeCodeAuthPlugin.AUTH_RESTRICTION_SCOPE_VCS): |
|
124 | 98 | response = self.app.post(route_path('login'), |
|
125 | 99 | {'username': 'test_regular', |
|
126 | 100 | 'password': 'test12'}) |
|
127 | 101 | |
|
128 | 102 | response.mustcontain('invalid user name') |
|
129 | 103 | response.mustcontain('invalid password') |
|
130 | 104 | |
|
131 | 105 | def test_login_ok_came_from(self): |
|
132 | 106 | test_came_from = '/_admin/users?branch=stable' |
|
133 | 107 | _url = '{}?came_from={}'.format(route_path('login'), test_came_from) |
|
134 | 108 | response = self.app.post( |
|
135 | 109 | _url, {'username': 'test_admin', 'password': 'test12'}, status=302) |
|
136 | 110 | |
|
137 | 111 | assert 'branch=stable' in response.location |
|
138 | 112 | response = response.follow() |
|
139 | 113 | |
|
140 | 114 | assert response.status == '200 OK' |
|
141 | 115 | response.mustcontain('Users administration') |
|
142 | 116 | |
|
143 | 117 | def test_redirect_to_login_with_get_args(self): |
|
144 | 118 | with fixture.anon_access(False): |
|
145 | 119 | kwargs = {'branch': 'stable'} |
|
146 | 120 | response = self.app.get( |
|
147 | 121 | h.route_path('repo_summary', repo_name=HG_REPO, _query=kwargs), |
|
148 | 122 | status=302) |
|
149 | 123 | |
|
150 | 124 | response_query = urllib.parse.parse_qsl(response.location) |
|
151 | 125 | assert 'branch=stable' in response_query[0][1] |
|
152 | 126 | |
|
153 | 127 | def test_login_form_with_get_args(self): |
|
154 | 128 | _url = '{}?came_from=/_admin/users,branch=stable'.format(route_path('login')) |
|
155 | 129 | response = self.app.get(_url) |
|
156 | 130 | assert 'branch%3Dstable' in response.form.action |
|
157 | 131 | |
|
158 | 132 | @pytest.mark.parametrize("url_came_from", [ |
|
159 | 133 | 'data:text/html,<script>window.alert("xss")</script>', |
|
160 | 134 | 'mailto:test@rhodecode.org', |
|
161 | 135 | 'file:///etc/passwd', |
|
162 | 136 | 'ftp://some.ftp.server', |
|
163 | 137 | 'http://other.domain', |
|
164 | 138 | ], ids=no_newline_id_generator) |
|
165 | 139 | def test_login_bad_came_froms(self, url_came_from): |
|
166 | 140 | _url = '{}?came_from={}'.format(route_path('login'), url_came_from) |
|
167 | 141 | response = self.app.post( |
|
168 | 142 | _url, {'username': 'test_admin', 'password': 'test12'}, status=302) |
|
169 | 143 | assert response.status == '302 Found' |
|
170 | 144 | response = response.follow() |
|
171 | 145 | assert response.status == '200 OK' |
|
172 | 146 | assert response.request.path == '/' |
|
173 | 147 | |
|
174 | 148 | @pytest.mark.xfail(reason="newline params changed behaviour in python3") |
|
175 | 149 | @pytest.mark.parametrize("url_came_from", [ |
|
176 | 150 | '/\r\nX-Forwarded-Host: \rhttp://example.org', |
|
177 | 151 | ], ids=no_newline_id_generator) |
|
178 | 152 | def test_login_bad_came_froms_404(self, url_came_from): |
|
179 | 153 | _url = '{}?came_from={}'.format(route_path('login'), url_came_from) |
|
180 | 154 | response = self.app.post( |
|
181 | 155 | _url, {'username': 'test_admin', 'password': 'test12'}, status=302) |
|
182 | 156 | |
|
183 | 157 | response = response.follow() |
|
184 | 158 | assert response.status == '404 Not Found' |
|
185 | 159 | |
|
186 | 160 | def test_login_short_password(self): |
|
187 | 161 | response = self.app.post(route_path('login'), |
|
188 | 162 | {'username': 'test_admin', |
|
189 | 163 | 'password': 'as'}) |
|
190 | 164 | assert response.status == '200 OK' |
|
191 | 165 | |
|
192 | 166 | response.mustcontain('Enter 3 characters or more') |
|
193 | 167 | |
|
194 | 168 | def test_login_wrong_non_ascii_password(self, user_regular): |
|
195 | 169 | response = self.app.post( |
|
196 | 170 | route_path('login'), |
|
197 | 171 | {'username': user_regular.username, |
|
198 | 172 | 'password': 'invalid-non-asci\xe4'.encode('utf8')}) |
|
199 | 173 | |
|
200 | 174 | response.mustcontain('invalid user name') |
|
201 | 175 | response.mustcontain('invalid password') |
|
202 | 176 | |
|
203 | 177 | def test_login_with_non_ascii_password(self, user_util): |
|
204 | 178 | password = u'valid-non-ascii\xe4' |
|
205 | 179 | user = user_util.create_user(password=password) |
|
206 | 180 | response = self.app.post( |
|
207 | 181 | route_path('login'), |
|
208 | 182 | {'username': user.username, |
|
209 | 183 | 'password': password}) |
|
210 | 184 | assert response.status_code == 302 |
|
211 | 185 | |
|
212 | 186 | def test_login_wrong_username_password(self): |
|
213 | 187 | response = self.app.post(route_path('login'), |
|
214 | 188 | {'username': 'error', |
|
215 | 189 | 'password': 'test12'}) |
|
216 | 190 | |
|
217 | 191 | response.mustcontain('invalid user name') |
|
218 | 192 | response.mustcontain('invalid password') |
|
219 | 193 | |
|
220 | 194 | def test_login_admin_ok_password_migration(self, real_crypto_backend): |
|
221 | 195 | from rhodecode.lib import auth |
|
222 | 196 | |
|
223 | 197 | # create new user, with sha256 password |
|
224 | 198 | temp_user = 'test_admin_sha256' |
|
225 | 199 | user = fixture.create_user(temp_user) |
|
226 | 200 | user.password = auth._RhodeCodeCryptoSha256().hash_create( |
|
227 | 201 | b'test123') |
|
228 | 202 | Session().add(user) |
|
229 | 203 | Session().commit() |
|
230 | 204 | self.destroy_users.add(temp_user) |
|
231 | 205 | response = self.app.post(route_path('login'), |
|
232 | 206 | {'username': temp_user, |
|
233 | 207 | 'password': 'test123'}, status=302) |
|
234 | 208 | |
|
235 | 209 | response = response.follow() |
|
236 | 210 | session = response.get_session_from_response() |
|
237 | 211 | username = session['rhodecode_user'].get('username') |
|
238 | 212 | assert username == temp_user |
|
239 | 213 | response.mustcontain('logout') |
|
240 | 214 | |
|
241 | 215 | # new password should be bcrypted, after log-in and transfer |
|
242 | 216 | user = User.get_by_username(temp_user) |
|
243 | 217 | assert user.password.startswith('$') |
|
244 | 218 | |
|
245 | 219 | # REGISTRATIONS |
|
246 | 220 | def test_register(self): |
|
247 | 221 | response = self.app.get(route_path('register')) |
|
248 | 222 | response.mustcontain('Create an Account') |
|
249 | 223 | |
|
250 | 224 | def test_register_err_same_username(self): |
|
251 | 225 | uname = 'test_admin' |
|
252 | 226 | response = self.app.post( |
|
253 | 227 | route_path('register'), |
|
254 | 228 | { |
|
255 | 229 | 'username': uname, |
|
256 | 230 | 'password': 'test12', |
|
257 | 231 | 'password_confirmation': 'test12', |
|
258 | 232 | 'email': 'goodmail@domain.com', |
|
259 | 233 | 'firstname': 'test', |
|
260 | 234 | 'lastname': 'test' |
|
261 | 235 | } |
|
262 | 236 | ) |
|
263 | 237 | |
|
264 | 238 | assertr = response.assert_response() |
|
265 | 239 | msg = 'Username "%(username)s" already exists' |
|
266 | 240 | msg = msg % {'username': uname} |
|
267 | 241 | assertr.element_contains('#username+.error-message', msg) |
|
268 | 242 | |
|
269 | 243 | def test_register_err_same_email(self): |
|
270 | 244 | response = self.app.post( |
|
271 | 245 | route_path('register'), |
|
272 | 246 | { |
|
273 | 247 | 'username': 'test_admin_0', |
|
274 | 248 | 'password': 'test12', |
|
275 | 249 | 'password_confirmation': 'test12', |
|
276 | 250 | 'email': 'test_admin@mail.com', |
|
277 | 251 | 'firstname': 'test', |
|
278 | 252 | 'lastname': 'test' |
|
279 | 253 | } |
|
280 | 254 | ) |
|
281 | 255 | |
|
282 | 256 | assertr = response.assert_response() |
|
283 | 257 | msg = u'This e-mail address is already taken' |
|
284 | 258 | assertr.element_contains('#email+.error-message', msg) |
|
285 | 259 | |
|
286 | 260 | def test_register_err_same_email_case_sensitive(self): |
|
287 | 261 | response = self.app.post( |
|
288 | 262 | route_path('register'), |
|
289 | 263 | { |
|
290 | 264 | 'username': 'test_admin_1', |
|
291 | 265 | 'password': 'test12', |
|
292 | 266 | 'password_confirmation': 'test12', |
|
293 | 267 | 'email': 'TesT_Admin@mail.COM', |
|
294 | 268 | 'firstname': 'test', |
|
295 | 269 | 'lastname': 'test' |
|
296 | 270 | } |
|
297 | 271 | ) |
|
298 | 272 | assertr = response.assert_response() |
|
299 | 273 | msg = u'This e-mail address is already taken' |
|
300 | 274 | assertr.element_contains('#email+.error-message', msg) |
|
301 | 275 | |
|
302 | 276 | def test_register_err_wrong_data(self): |
|
303 | 277 | response = self.app.post( |
|
304 | 278 | route_path('register'), |
|
305 | 279 | { |
|
306 | 280 | 'username': 'xs', |
|
307 | 281 | 'password': 'test', |
|
308 | 282 | 'password_confirmation': 'test', |
|
309 | 283 | 'email': 'goodmailm', |
|
310 | 284 | 'firstname': 'test', |
|
311 | 285 | 'lastname': 'test' |
|
312 | 286 | } |
|
313 | 287 | ) |
|
314 | 288 | assert response.status == '200 OK' |
|
315 | 289 | response.mustcontain('An email address must contain a single @') |
|
316 | 290 | response.mustcontain('Enter a value 6 characters long or more') |
|
317 | 291 | |
|
318 | 292 | def test_register_err_username(self): |
|
319 | 293 | response = self.app.post( |
|
320 | 294 | route_path('register'), |
|
321 | 295 | { |
|
322 | 296 | 'username': 'error user', |
|
323 | 297 | 'password': 'test12', |
|
324 | 298 | 'password_confirmation': 'test12', |
|
325 | 299 | 'email': 'goodmailm', |
|
326 | 300 | 'firstname': 'test', |
|
327 | 301 | 'lastname': 'test' |
|
328 | 302 | } |
|
329 | 303 | ) |
|
330 | 304 | |
|
331 | 305 | response.mustcontain('An email address must contain a single @') |
|
332 | 306 | response.mustcontain( |
|
333 | 307 | 'Username may only contain ' |
|
334 | 308 | 'alphanumeric characters underscores, ' |
|
335 | 309 | 'periods or dashes and must begin with ' |
|
336 | 310 | 'alphanumeric character') |
|
337 | 311 | |
|
338 | 312 | def test_register_err_case_sensitive(self): |
|
339 | 313 | usr = 'Test_Admin' |
|
340 | 314 | response = self.app.post( |
|
341 | 315 | route_path('register'), |
|
342 | 316 | { |
|
343 | 317 | 'username': usr, |
|
344 | 318 | 'password': 'test12', |
|
345 | 319 | 'password_confirmation': 'test12', |
|
346 | 320 | 'email': 'goodmailm', |
|
347 | 321 | 'firstname': 'test', |
|
348 | 322 | 'lastname': 'test' |
|
349 | 323 | } |
|
350 | 324 | ) |
|
351 | 325 | |
|
352 | 326 | assertr = response.assert_response() |
|
353 | 327 | msg = u'Username "%(username)s" already exists' |
|
354 | 328 | msg = msg % {'username': usr} |
|
355 | 329 | assertr.element_contains('#username+.error-message', msg) |
|
356 | 330 | |
|
357 | 331 | def test_register_special_chars(self): |
|
358 | 332 | response = self.app.post( |
|
359 | 333 | route_path('register'), |
|
360 | 334 | { |
|
361 | 335 | 'username': 'xxxaxn', |
|
362 | 336 | 'password': 'ąćźżąśśśś', |
|
363 | 337 | 'password_confirmation': 'ąćźżąśśśś', |
|
364 | 338 | 'email': 'goodmailm@test.plx', |
|
365 | 339 | 'firstname': 'test', |
|
366 | 340 | 'lastname': 'test' |
|
367 | 341 | } |
|
368 | 342 | ) |
|
369 | 343 | |
|
370 | 344 | msg = u'Invalid characters (non-ascii) in password' |
|
371 | 345 | response.mustcontain(msg) |
|
372 | 346 | |
|
373 | 347 | def test_register_password_mismatch(self): |
|
374 | 348 | response = self.app.post( |
|
375 | 349 | route_path('register'), |
|
376 | 350 | { |
|
377 | 351 | 'username': 'xs', |
|
378 | 352 | 'password': '123qwe', |
|
379 | 353 | 'password_confirmation': 'qwe123', |
|
380 | 354 | 'email': 'goodmailm@test.plxa', |
|
381 | 355 | 'firstname': 'test', |
|
382 | 356 | 'lastname': 'test' |
|
383 | 357 | } |
|
384 | 358 | ) |
|
385 | 359 | msg = u'Passwords do not match' |
|
386 | 360 | response.mustcontain(msg) |
|
387 | 361 | |
|
388 | 362 | def test_register_ok(self): |
|
389 | 363 | username = 'test_regular4' |
|
390 | 364 | password = 'qweqwe' |
|
391 | 365 | email = 'marcin@test.com' |
|
392 | 366 | name = 'testname' |
|
393 | 367 | lastname = 'testlastname' |
|
394 | 368 | |
|
395 | 369 | # this initializes a session |
|
396 | 370 | response = self.app.get(route_path('register')) |
|
397 | 371 | response.mustcontain('Create an Account') |
|
398 | 372 | |
|
399 | 373 | |
|
400 | 374 | response = self.app.post( |
|
401 | 375 | route_path('register'), |
|
402 | 376 | { |
|
403 | 377 | 'username': username, |
|
404 | 378 | 'password': password, |
|
405 | 379 | 'password_confirmation': password, |
|
406 | 380 | 'email': email, |
|
407 | 381 | 'firstname': name, |
|
408 | 382 | 'lastname': lastname, |
|
409 | 383 | 'admin': True |
|
410 | 384 | }, |
|
411 | 385 | status=302 |
|
412 | 386 | ) # This should be overridden |
|
413 | 387 | |
|
414 | 388 | assert_session_flash( |
|
415 | 389 | response, 'You have successfully registered with RhodeCode. You can log-in now.') |
|
416 | 390 | |
|
417 | 391 | ret = Session().query(User).filter( |
|
418 | 392 | User.username == 'test_regular4').one() |
|
419 | 393 | assert ret.username == username |
|
420 | 394 | assert check_password(password, ret.password) |
|
421 | 395 | assert ret.email == email |
|
422 | 396 | assert ret.name == name |
|
423 | 397 | assert ret.lastname == lastname |
|
424 | 398 | assert ret.auth_tokens is not None |
|
425 | 399 | assert not ret.admin |
|
426 | 400 | |
|
427 | 401 | def test_forgot_password_wrong_mail(self): |
|
428 | 402 | bad_email = 'marcin@wrongmail.org' |
|
429 | 403 | # this initializes a session |
|
430 | 404 | self.app.get(route_path('reset_password')) |
|
431 | 405 | |
|
432 | 406 | response = self.app.post( |
|
433 | 407 | route_path('reset_password'), {'email': bad_email, } |
|
434 | 408 | ) |
|
435 | 409 | assert_session_flash(response, |
|
436 | 410 | 'If such email exists, a password reset link was sent to it.') |
|
437 | 411 | |
|
438 | 412 | def test_forgot_password(self, user_util): |
|
439 | 413 | # this initializes a session |
|
440 | 414 | self.app.get(route_path('reset_password')) |
|
441 | 415 | |
|
442 | 416 | user = user_util.create_user() |
|
443 | 417 | user_id = user.user_id |
|
444 | 418 | email = user.email |
|
445 | 419 | |
|
446 | 420 | response = self.app.post(route_path('reset_password'), {'email': email, }) |
|
447 | 421 | |
|
448 | 422 | assert_session_flash(response, |
|
449 | 423 | 'If such email exists, a password reset link was sent to it.') |
|
450 | 424 | |
|
451 | 425 | # BAD KEY |
|
452 | 426 | confirm_url = '{}?key={}'.format(route_path('reset_password_confirmation'), 'badkey') |
|
453 | 427 | response = self.app.get(confirm_url, status=302) |
|
454 | 428 | assert response.location.endswith(route_path('reset_password')) |
|
455 | 429 | assert_session_flash(response, 'Given reset token is invalid') |
|
456 | 430 | |
|
457 | 431 | response.follow() # cleanup flash |
|
458 | 432 | |
|
459 | 433 | # GOOD KEY |
|
460 | 434 | key = UserApiKeys.query()\ |
|
461 | 435 | .filter(UserApiKeys.user_id == user_id)\ |
|
462 | 436 | .filter(UserApiKeys.role == UserApiKeys.ROLE_PASSWORD_RESET)\ |
|
463 | 437 | .first() |
|
464 | 438 | |
|
465 | 439 | assert key |
|
466 | 440 | |
|
467 | 441 | confirm_url = '{}?key={}'.format(route_path('reset_password_confirmation'), key.api_key) |
|
468 | 442 | response = self.app.get(confirm_url) |
|
469 | 443 | assert response.status == '302 Found' |
|
470 | 444 | assert response.location.endswith(route_path('login')) |
|
471 | 445 | |
|
472 | 446 | assert_session_flash( |
|
473 | 447 | response, |
|
474 | 448 | 'Your password reset was successful, ' |
|
475 | 449 | 'a new password has been sent to your email') |
|
476 | 450 | |
|
477 | 451 | response.follow() |
|
478 | 452 | |
|
479 | 453 | def _get_api_whitelist(self, values=None): |
|
480 | 454 | config = {'api_access_controllers_whitelist': values or []} |
|
481 | 455 | return config |
|
482 | 456 | |
|
483 | 457 | @pytest.mark.parametrize("test_name, auth_token", [ |
|
484 | 458 | ('none', None), |
|
485 | 459 | ('empty_string', ''), |
|
486 | 460 | ('fake_number', '123456'), |
|
487 | 461 | ('proper_auth_token', None) |
|
488 | 462 | ]) |
|
489 | 463 | def test_access_not_whitelisted_page_via_auth_token( |
|
490 | 464 | self, test_name, auth_token, user_admin): |
|
491 | 465 | |
|
492 | 466 | whitelist = self._get_api_whitelist([]) |
|
493 | 467 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
494 | 468 | assert [] == whitelist['api_access_controllers_whitelist'] |
|
495 | 469 | if test_name == 'proper_auth_token': |
|
496 | 470 | # use builtin if api_key is None |
|
497 | 471 | auth_token = user_admin.api_key |
|
498 | 472 | |
|
499 | 473 | with fixture.anon_access(False): |
|
500 | 474 | # webtest uses linter to check if response is bytes, |
|
501 | 475 | # and we use memoryview here as a wrapper, quick turn-off |
|
502 | 476 | self.app.lint = False |
|
503 | 477 | |
|
504 | 478 | self.app.get( |
|
505 | 479 | route_path('repo_commit_raw', |
|
506 | 480 | repo_name=HG_REPO, commit_id='tip', |
|
507 | 481 | params=dict(api_key=auth_token)), |
|
508 | 482 | status=302) |
|
509 | 483 | |
|
510 | 484 | @pytest.mark.parametrize("test_name, auth_token, code", [ |
|
511 | 485 | ('none', None, 302), |
|
512 | 486 | ('empty_string', '', 302), |
|
513 | 487 | ('fake_number', '123456', 302), |
|
514 | 488 | ('proper_auth_token', None, 200) |
|
515 | 489 | ]) |
|
516 | 490 | def test_access_whitelisted_page_via_auth_token( |
|
517 | 491 | self, test_name, auth_token, code, user_admin): |
|
518 | 492 | |
|
519 | 493 | whitelist = self._get_api_whitelist(whitelist_view) |
|
520 | 494 | |
|
521 | 495 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
522 | 496 | assert whitelist_view == whitelist['api_access_controllers_whitelist'] |
|
523 | 497 | |
|
524 | 498 | if test_name == 'proper_auth_token': |
|
525 | 499 | auth_token = user_admin.api_key |
|
526 | 500 | assert auth_token |
|
527 | 501 | |
|
528 | 502 | with fixture.anon_access(False): |
|
529 | 503 | # webtest uses linter to check if response is bytes, |
|
530 | 504 | # and we use memoryview here as a wrapper, quick turn-off |
|
531 | 505 | self.app.lint = False |
|
532 | 506 | self.app.get( |
|
533 | 507 | route_path('repo_commit_raw', |
|
534 | 508 | repo_name=HG_REPO, commit_id='tip', |
|
535 | 509 | params=dict(api_key=auth_token)), |
|
536 | 510 | status=code) |
|
537 | 511 | |
|
538 | 512 | @pytest.mark.parametrize("test_name, auth_token, code", [ |
|
539 | 513 | ('proper_auth_token', None, 200), |
|
540 | 514 | ('wrong_auth_token', '123456', 302), |
|
541 | 515 | ]) |
|
542 | 516 | def test_access_whitelisted_page_via_auth_token_bound_to_token( |
|
543 | 517 | self, test_name, auth_token, code, user_admin): |
|
544 | 518 | |
|
545 | 519 | expected_token = auth_token |
|
546 | 520 | if test_name == 'proper_auth_token': |
|
547 | 521 | auth_token = user_admin.api_key |
|
548 | 522 | expected_token = auth_token |
|
549 | 523 | assert auth_token |
|
550 | 524 | |
|
551 | 525 | whitelist = self._get_api_whitelist([ |
|
552 | 526 | 'RepoCommitsView:repo_commit_raw@{}'.format(expected_token)]) |
|
553 | 527 | |
|
554 | 528 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
555 | 529 | |
|
556 | 530 | with fixture.anon_access(False): |
|
557 | 531 | # webtest uses linter to check if response is bytes, |
|
558 | 532 | # and we use memoryview here as a wrapper, quick turn-off |
|
559 | 533 | self.app.lint = False |
|
560 | 534 | |
|
561 | 535 | self.app.get( |
|
562 | 536 | route_path('repo_commit_raw', |
|
563 | 537 | repo_name=HG_REPO, commit_id='tip', |
|
564 | 538 | params=dict(api_key=auth_token)), |
|
565 | 539 | status=code) |
|
566 | 540 | |
|
567 | 541 | def test_access_page_via_extra_auth_token(self): |
|
568 | 542 | whitelist = self._get_api_whitelist(whitelist_view) |
|
569 | 543 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
570 | 544 | assert whitelist_view == \ |
|
571 | 545 | whitelist['api_access_controllers_whitelist'] |
|
572 | 546 | |
|
573 | 547 | new_auth_token = AuthTokenModel().create( |
|
574 | 548 | TEST_USER_ADMIN_LOGIN, 'test') |
|
575 | 549 | Session().commit() |
|
576 | 550 | with fixture.anon_access(False): |
|
577 | 551 | # webtest uses linter to check if response is bytes, |
|
578 | 552 | # and we use memoryview here as a wrapper, quick turn-off |
|
579 | 553 | self.app.lint = False |
|
580 | 554 | self.app.get( |
|
581 | 555 | route_path('repo_commit_raw', |
|
582 | 556 | repo_name=HG_REPO, commit_id='tip', |
|
583 | 557 | params=dict(api_key=new_auth_token.api_key)), |
|
584 | 558 | status=200) |
|
585 | 559 | |
|
586 | 560 | def test_access_page_via_expired_auth_token(self): |
|
587 | 561 | whitelist = self._get_api_whitelist(whitelist_view) |
|
588 | 562 | with mock.patch.dict('rhodecode.CONFIG', whitelist): |
|
589 | 563 | assert whitelist_view == \ |
|
590 | 564 | whitelist['api_access_controllers_whitelist'] |
|
591 | 565 | |
|
592 | 566 | new_auth_token = AuthTokenModel().create( |
|
593 | 567 | TEST_USER_ADMIN_LOGIN, 'test') |
|
594 | 568 | Session().commit() |
|
595 | 569 | # patch the api key and make it expired |
|
596 | 570 | new_auth_token.expires = 0 |
|
597 | 571 | Session().add(new_auth_token) |
|
598 | 572 | Session().commit() |
|
599 | 573 | with fixture.anon_access(False): |
|
600 | 574 | # webtest uses linter to check if response is bytes, |
|
601 | 575 | # and we use memoryview here as a wrapper, quick turn-off |
|
602 | 576 | self.app.lint = False |
|
603 | 577 | self.app.get( |
|
604 | 578 | route_path('repo_commit_raw', |
|
605 | 579 | repo_name=HG_REPO, commit_id='tip', |
|
606 | 580 | params=dict(api_key=new_auth_token.api_key)), |
|
607 | 581 | status=302) |
@@ -1,118 +1,94 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.lib import helpers as h |
|
22 | 22 | from rhodecode.tests import ( |
|
23 | 23 | TestController, clear_cache_regions, |
|
24 | 24 | TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
25 | 25 | from rhodecode.tests.fixture import Fixture |
|
26 | 26 | from rhodecode.tests.utils import AssertResponse |
|
27 | ||
|
28 | fixture = Fixture() | |
|
27 | from rhodecode.tests.routes import route_path | |
|
29 | 28 | |
|
30 | 29 | |
|
31 | def route_path(name, params=None, **kwargs): | |
|
32 | import urllib.request | |
|
33 | import urllib.parse | |
|
34 | import urllib.error | |
|
35 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
36 | ||
|
37 | base_url = { | |
|
38 | 'login': ADMIN_PREFIX + '/login', | |
|
39 | 'logout': ADMIN_PREFIX + '/logout', | |
|
40 | 'register': ADMIN_PREFIX + '/register', | |
|
41 | 'reset_password': | |
|
42 | ADMIN_PREFIX + '/password_reset', | |
|
43 | 'reset_password_confirmation': | |
|
44 | ADMIN_PREFIX + '/password_reset_confirmation', | |
|
45 | ||
|
46 | 'admin_permissions_application': | |
|
47 | ADMIN_PREFIX + '/permissions/application', | |
|
48 | 'admin_permissions_application_update': | |
|
49 | ADMIN_PREFIX + '/permissions/application/update', | |
|
50 | }[name].format(**kwargs) | |
|
51 | ||
|
52 | if params: | |
|
53 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
54 | return base_url | |
|
30 | fixture = Fixture() | |
|
55 | 31 | |
|
56 | 32 | |
|
57 | 33 | class TestPasswordReset(TestController): |
|
58 | 34 | |
|
59 | 35 | @pytest.mark.parametrize( |
|
60 | 36 | 'pwd_reset_setting, show_link, show_reset', [ |
|
61 | 37 | ('hg.password_reset.enabled', True, True), |
|
62 | 38 | ('hg.password_reset.hidden', False, True), |
|
63 | 39 | ('hg.password_reset.disabled', False, False), |
|
64 | 40 | ]) |
|
65 | 41 | def test_password_reset_settings( |
|
66 | 42 | self, pwd_reset_setting, show_link, show_reset): |
|
67 | 43 | clear_cache_regions() |
|
68 | 44 | self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
69 | 45 | params = { |
|
70 | 46 | 'csrf_token': self.csrf_token, |
|
71 | 47 | 'anonymous': 'True', |
|
72 | 48 | 'default_register': 'hg.register.auto_activate', |
|
73 | 49 | 'default_register_message': '', |
|
74 | 50 | 'default_password_reset': pwd_reset_setting, |
|
75 | 51 | 'default_extern_activate': 'hg.extern_activate.auto', |
|
76 | 52 | } |
|
77 | 53 | resp = self.app.post( |
|
78 | 54 | route_path('admin_permissions_application_update'), params=params) |
|
79 | 55 | self.logout_user() |
|
80 | 56 | |
|
81 | 57 | login_page = self.app.get(route_path('login')) |
|
82 | 58 | asr_login = AssertResponse(login_page) |
|
83 | 59 | |
|
84 | 60 | if show_link: |
|
85 | 61 | asr_login.one_element_exists('a.pwd_reset') |
|
86 | 62 | else: |
|
87 | 63 | asr_login.no_element_exists('a.pwd_reset') |
|
88 | 64 | |
|
89 | 65 | response = self.app.get(route_path('reset_password')) |
|
90 | 66 | |
|
91 | 67 | assert_response = response.assert_response() |
|
92 | 68 | if show_reset: |
|
93 | 69 | response.mustcontain('Send password reset email') |
|
94 | 70 | assert_response.one_element_exists('#email') |
|
95 | 71 | assert_response.one_element_exists('#send') |
|
96 | 72 | else: |
|
97 | 73 | response.mustcontain('Password reset is disabled.') |
|
98 | 74 | assert_response.no_element_exists('#email') |
|
99 | 75 | assert_response.no_element_exists('#send') |
|
100 | 76 | |
|
101 | 77 | def test_password_form_disabled(self): |
|
102 | 78 | self.log_user(TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
103 | 79 | params = { |
|
104 | 80 | 'csrf_token': self.csrf_token, |
|
105 | 81 | 'anonymous': 'True', |
|
106 | 82 | 'default_register': 'hg.register.auto_activate', |
|
107 | 83 | 'default_register_message': '', |
|
108 | 84 | 'default_password_reset': 'hg.password_reset.disabled', |
|
109 | 85 | 'default_extern_activate': 'hg.extern_activate.auto', |
|
110 | 86 | } |
|
111 | 87 | self.app.post(route_path('admin_permissions_application_update'), params=params) |
|
112 | 88 | self.logout_user() |
|
113 | 89 | |
|
114 | 90 | response = self.app.post( |
|
115 | 91 | route_path('reset_password'), {'email': 'lisa@rhodecode.com',} |
|
116 | 92 | ) |
|
117 | 93 | response = response.follow() |
|
118 | 94 | response.mustcontain('Password reset is disabled.') |
@@ -1,109 +1,98 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.apps._base import ADMIN_PREFIX |
|
22 | 22 | from rhodecode.model.db import User |
|
23 | 23 | from rhodecode.tests import ( |
|
24 |
TestController, |
|
|
24 | TestController, assert_session_flash) | |
|
25 | 25 | from rhodecode.tests.fixture import Fixture |
|
26 |
from rhodecode.tests. |
|
|
27 | ||
|
28 | fixture = Fixture() | |
|
26 | from rhodecode.tests.routes import route_path | |
|
29 | 27 | |
|
30 | 28 | |
|
31 | def route_path(name, params=None, **kwargs): | |
|
32 | url_defs = { | |
|
33 | 'my_account_auth_tokens': | |
|
34 | ADMIN_PREFIX + '/my_account/auth_tokens', | |
|
35 | 'my_account_auth_tokens_add': | |
|
36 | ADMIN_PREFIX + '/my_account/auth_tokens/new', | |
|
37 | 'my_account_auth_tokens_delete': | |
|
38 | ADMIN_PREFIX + '/my_account/auth_tokens/delete', | |
|
39 | } | |
|
40 | return route_path_generator(url_defs, name=name, params=params, **kwargs) | |
|
29 | fixture = Fixture() | |
|
41 | 30 | |
|
42 | 31 | |
|
43 | 32 | class TestMyAccountAuthTokens(TestController): |
|
44 | 33 | |
|
45 | 34 | def test_my_account_auth_tokens(self): |
|
46 | 35 | usr = self.log_user('test_regular2', 'test12') |
|
47 | 36 | user = User.get(usr['user_id']) |
|
48 | 37 | response = self.app.get(route_path('my_account_auth_tokens')) |
|
49 | 38 | for token in user.auth_tokens: |
|
50 | 39 | response.mustcontain(token[:4]) |
|
51 | 40 | response.mustcontain('never') |
|
52 | 41 | |
|
53 | 42 | def test_my_account_add_auth_tokens_wrong_csrf(self, user_util): |
|
54 | 43 | user = user_util.create_user(password='qweqwe') |
|
55 | 44 | self.log_user(user.username, 'qweqwe') |
|
56 | 45 | |
|
57 | 46 | self.app.post( |
|
58 | 47 | route_path('my_account_auth_tokens_add'), |
|
59 | 48 | {'description': 'desc', 'lifetime': -1}, status=403) |
|
60 | 49 | |
|
61 | 50 | @pytest.mark.parametrize("desc, lifetime", [ |
|
62 | 51 | ('forever', -1), |
|
63 | 52 | ('5mins', 60*5), |
|
64 | 53 | ('30days', 60*60*24*30), |
|
65 | 54 | ]) |
|
66 | 55 | def test_my_account_add_auth_tokens(self, desc, lifetime, user_util): |
|
67 | 56 | user = user_util.create_user(password='qweqwe') |
|
68 | 57 | user_id = user.user_id |
|
69 | 58 | self.log_user(user.username, 'qweqwe') |
|
70 | 59 | |
|
71 | 60 | response = self.app.post( |
|
72 | 61 | route_path('my_account_auth_tokens_add'), |
|
73 | 62 | {'description': desc, 'lifetime': lifetime, |
|
74 | 63 | 'csrf_token': self.csrf_token}) |
|
75 | 64 | assert_session_flash(response, 'Auth token successfully created') |
|
76 | 65 | |
|
77 | 66 | response = response.follow() |
|
78 | 67 | user = User.get(user_id) |
|
79 | 68 | for auth_token in user.auth_tokens: |
|
80 | 69 | response.mustcontain(auth_token[:4]) |
|
81 | 70 | |
|
82 | 71 | def test_my_account_delete_auth_token(self, user_util): |
|
83 | 72 | user = user_util.create_user(password='qweqwe') |
|
84 | 73 | user_id = user.user_id |
|
85 | 74 | self.log_user(user.username, 'qweqwe') |
|
86 | 75 | |
|
87 | 76 | user = User.get(user_id) |
|
88 | 77 | keys = user.get_auth_tokens() |
|
89 | 78 | assert 2 == len(keys) |
|
90 | 79 | |
|
91 | 80 | response = self.app.post( |
|
92 | 81 | route_path('my_account_auth_tokens_add'), |
|
93 | 82 | {'description': 'desc', 'lifetime': -1, |
|
94 | 83 | 'csrf_token': self.csrf_token}) |
|
95 | 84 | assert_session_flash(response, 'Auth token successfully created') |
|
96 | 85 | response.follow() |
|
97 | 86 | |
|
98 | 87 | user = User.get(user_id) |
|
99 | 88 | keys = user.get_auth_tokens() |
|
100 | 89 | assert 3 == len(keys) |
|
101 | 90 | |
|
102 | 91 | response = self.app.post( |
|
103 | 92 | route_path('my_account_auth_tokens_delete'), |
|
104 | 93 | {'del_auth_token': keys[0].user_api_key_id, 'csrf_token': self.csrf_token}) |
|
105 | 94 | assert_session_flash(response, 'Auth token successfully deleted') |
|
106 | 95 | |
|
107 | 96 | user = User.get(user_id) |
|
108 | 97 | keys = user.auth_tokens |
|
109 | 98 | assert 2 == len(keys) |
@@ -1,208 +1,190 b'' | |||
|
1 | 1 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | |
|
20 | 20 | # Copyright (C) 2016-2023 RhodeCode GmbH |
|
21 | 21 | # |
|
22 | 22 | # This program is free software: you can redistribute it and/or modify |
|
23 | 23 | # it under the terms of the GNU Affero General Public License, version 3 |
|
24 | 24 | # (only), as published by the Free Software Foundation. |
|
25 | 25 | # |
|
26 | 26 | # This program is distributed in the hope that it will be useful, |
|
27 | 27 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
28 | 28 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
29 | 29 | # GNU General Public License for more details. |
|
30 | 30 | # |
|
31 | 31 | # You should have received a copy of the GNU Affero General Public License |
|
32 | 32 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
33 | 33 | # |
|
34 | 34 | # This program is dual-licensed. If you wish to learn more about the |
|
35 | 35 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
36 | 36 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
37 | 37 | |
|
38 | 38 | import pytest |
|
39 | 39 | |
|
40 | 40 | from rhodecode.model.db import User |
|
41 | 41 | from rhodecode.tests import TestController, assert_session_flash |
|
42 | from rhodecode.lib import helpers as h | |
|
43 | ||
|
44 | ||
|
45 | def route_path(name, params=None, **kwargs): | |
|
46 | import urllib.request | |
|
47 | import urllib.parse | |
|
48 | import urllib.error | |
|
49 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
50 | ||
|
51 | base_url = { | |
|
52 | 'my_account_edit': ADMIN_PREFIX + '/my_account/edit', | |
|
53 | 'my_account_update': ADMIN_PREFIX + '/my_account/update', | |
|
54 | 'my_account_pullrequests': ADMIN_PREFIX + '/my_account/pull_requests', | |
|
55 | 'my_account_pullrequests_data': ADMIN_PREFIX + '/my_account/pull_requests/data', | |
|
56 | }[name].format(**kwargs) | |
|
57 | ||
|
58 | if params: | |
|
59 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
60 | return base_url | |
|
42 | from rhodecode.tests.routes import route_path | |
|
61 | 43 | |
|
62 | 44 | |
|
63 | 45 | class TestMyAccountEdit(TestController): |
|
64 | 46 | |
|
65 | 47 | def test_my_account_edit(self): |
|
66 | 48 | self.log_user() |
|
67 | 49 | response = self.app.get(route_path('my_account_edit')) |
|
68 | 50 | |
|
69 | 51 | response.mustcontain('value="test_admin') |
|
70 | 52 | |
|
71 | 53 | @pytest.mark.backends("git", "hg") |
|
72 | 54 | def test_my_account_my_pullrequests(self, pr_util): |
|
73 | 55 | self.log_user() |
|
74 | 56 | response = self.app.get(route_path('my_account_pullrequests')) |
|
75 | 57 | response.mustcontain('There are currently no open pull ' |
|
76 | 58 | 'requests requiring your participation.') |
|
77 | 59 | |
|
78 | 60 | @pytest.mark.backends("git", "hg") |
|
79 | 61 | @pytest.mark.parametrize('params, expected_title', [ |
|
80 | 62 | ({'closed': 1}, 'Closed'), |
|
81 | 63 | ({'awaiting_my_review': 1}, 'Awaiting my review'), |
|
82 | 64 | ]) |
|
83 | 65 | def test_my_account_my_pullrequests_data(self, pr_util, xhr_header, params, expected_title): |
|
84 | 66 | self.log_user() |
|
85 | 67 | response = self.app.get(route_path('my_account_pullrequests_data'), |
|
86 | 68 | extra_environ=xhr_header) |
|
87 | 69 | assert response.json == { |
|
88 | 70 | 'data': [], 'draw': None, |
|
89 | 71 | 'recordsFiltered': 0, 'recordsTotal': 0} |
|
90 | 72 | |
|
91 | 73 | pr = pr_util.create_pull_request(title='TestMyAccountPR') |
|
92 | 74 | expected = { |
|
93 | 75 | 'author_raw': 'RhodeCode Admin', |
|
94 | 76 | 'name_raw': pr.pull_request_id |
|
95 | 77 | } |
|
96 | 78 | response = self.app.get(route_path('my_account_pullrequests_data'), |
|
97 | 79 | extra_environ=xhr_header) |
|
98 | 80 | assert response.json['recordsTotal'] == 1 |
|
99 | 81 | assert response.json['data'][0]['author_raw'] == expected['author_raw'] |
|
100 | 82 | |
|
101 | 83 | assert response.json['data'][0]['author_raw'] == expected['author_raw'] |
|
102 | 84 | assert response.json['data'][0]['name_raw'] == expected['name_raw'] |
|
103 | 85 | |
|
104 | 86 | @pytest.mark.parametrize( |
|
105 | 87 | "name, attrs", [ |
|
106 | 88 | ('firstname', {'firstname': 'new_username'}), |
|
107 | 89 | ('lastname', {'lastname': 'new_username'}), |
|
108 | 90 | ('admin', {'admin': True}), |
|
109 | 91 | ('admin', {'admin': False}), |
|
110 | 92 | ('extern_type', {'extern_type': 'ldap'}), |
|
111 | 93 | ('extern_type', {'extern_type': None}), |
|
112 | 94 | # ('extern_name', {'extern_name': 'test'}), |
|
113 | 95 | # ('extern_name', {'extern_name': None}), |
|
114 | 96 | ('active', {'active': False}), |
|
115 | 97 | ('active', {'active': True}), |
|
116 | 98 | ('email', {'email': 'some@email.com'}), |
|
117 | 99 | ]) |
|
118 | 100 | def test_my_account_update(self, name, attrs, user_util): |
|
119 | 101 | usr = user_util.create_user(password='qweqwe') |
|
120 | 102 | params = usr.get_api_data() # current user data |
|
121 | 103 | user_id = usr.user_id |
|
122 | 104 | self.log_user( |
|
123 | 105 | username=usr.username, password='qweqwe') |
|
124 | 106 | |
|
125 | 107 | params.update({'password_confirmation': ''}) |
|
126 | 108 | params.update({'new_password': ''}) |
|
127 | 109 | params.update({'extern_type': 'rhodecode'}) |
|
128 | 110 | params.update({'extern_name': 'rhodecode'}) |
|
129 | 111 | params.update({'csrf_token': self.csrf_token}) |
|
130 | 112 | |
|
131 | 113 | params.update(attrs) |
|
132 | 114 | # my account page cannot set language param yet, only for admins |
|
133 | 115 | del params['language'] |
|
134 | 116 | if name == 'email': |
|
135 | 117 | uem = user_util.create_additional_user_email(usr, attrs['email']) |
|
136 | 118 | email_before = User.get(user_id).email |
|
137 | 119 | |
|
138 | 120 | response = self.app.post(route_path('my_account_update'), params) |
|
139 | 121 | |
|
140 | 122 | assert_session_flash( |
|
141 | 123 | response, 'Your account was updated successfully') |
|
142 | 124 | |
|
143 | 125 | del params['csrf_token'] |
|
144 | 126 | |
|
145 | 127 | updated_user = User.get(user_id) |
|
146 | 128 | updated_params = updated_user.get_api_data() |
|
147 | 129 | updated_params.update({'password_confirmation': ''}) |
|
148 | 130 | updated_params.update({'new_password': ''}) |
|
149 | 131 | |
|
150 | 132 | params['last_login'] = updated_params['last_login'] |
|
151 | 133 | params['last_activity'] = updated_params['last_activity'] |
|
152 | 134 | # my account page cannot set language param yet, only for admins |
|
153 | 135 | # but we get this info from API anyway |
|
154 | 136 | params['language'] = updated_params['language'] |
|
155 | 137 | |
|
156 | 138 | if name == 'email': |
|
157 | 139 | params['emails'] = [attrs['email'], email_before] |
|
158 | 140 | if name == 'extern_type': |
|
159 | 141 | # cannot update this via form, expected value is original one |
|
160 | 142 | params['extern_type'] = "rhodecode" |
|
161 | 143 | if name == 'extern_name': |
|
162 | 144 | # cannot update this via form, expected value is original one |
|
163 | 145 | params['extern_name'] = str(user_id) |
|
164 | 146 | if name == 'active': |
|
165 | 147 | # my account cannot deactivate account |
|
166 | 148 | params['active'] = True |
|
167 | 149 | if name == 'admin': |
|
168 | 150 | # my account cannot make you an admin ! |
|
169 | 151 | params['admin'] = False |
|
170 | 152 | |
|
171 | 153 | assert params == updated_params |
|
172 | 154 | |
|
173 | 155 | def test_my_account_update_err_email_not_exists_in_emails(self): |
|
174 | 156 | self.log_user() |
|
175 | 157 | |
|
176 | 158 | new_email = 'test_regular@mail.com' # not in emails |
|
177 | 159 | params = { |
|
178 | 160 | 'username': 'test_admin', |
|
179 | 161 | 'new_password': 'test12', |
|
180 | 162 | 'password_confirmation': 'test122', |
|
181 | 163 | 'firstname': 'NewName', |
|
182 | 164 | 'lastname': 'NewLastname', |
|
183 | 165 | 'email': new_email, |
|
184 | 166 | 'csrf_token': self.csrf_token, |
|
185 | 167 | } |
|
186 | 168 | |
|
187 | 169 | response = self.app.post(route_path('my_account_update'), |
|
188 | 170 | params=params) |
|
189 | 171 | |
|
190 | 172 | response.mustcontain('"test_regular@mail.com" is not one of test_admin@mail.com') |
|
191 | 173 | |
|
192 | 174 | def test_my_account_update_bad_email_address(self): |
|
193 | 175 | self.log_user('test_regular2', 'test12') |
|
194 | 176 | |
|
195 | 177 | new_email = 'newmail.pl' |
|
196 | 178 | params = { |
|
197 | 179 | 'username': 'test_admin', |
|
198 | 180 | 'new_password': 'test12', |
|
199 | 181 | 'password_confirmation': 'test122', |
|
200 | 182 | 'firstname': 'NewName', |
|
201 | 183 | 'lastname': 'NewLastname', |
|
202 | 184 | 'email': new_email, |
|
203 | 185 | 'csrf_token': self.csrf_token, |
|
204 | 186 | } |
|
205 | 187 | response = self.app.post(route_path('my_account_update'), |
|
206 | 188 | params=params) |
|
207 | 189 | |
|
208 | 190 | response.mustcontain('"newmail.pl" is not one of test_regular2@mail.com') |
@@ -1,75 +1,66 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.apps._base import ADMIN_PREFIX |
|
22 | 22 | from rhodecode.model.db import User, UserEmailMap |
|
23 | 23 | from rhodecode.tests import ( |
|
24 | 24 | TestController, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL, |
|
25 | 25 | assert_session_flash, TEST_USER_REGULAR_PASS) |
|
26 | 26 | from rhodecode.tests.fixture import Fixture |
|
27 | ||
|
28 | fixture = Fixture() | |
|
27 | from rhodecode.tests.routes import route_path | |
|
29 | 28 | |
|
30 | 29 | |
|
31 | def route_path(name, **kwargs): | |
|
32 | return { | |
|
33 | 'my_account_emails': | |
|
34 | ADMIN_PREFIX + '/my_account/emails', | |
|
35 | 'my_account_emails_add': | |
|
36 | ADMIN_PREFIX + '/my_account/emails/new', | |
|
37 | 'my_account_emails_delete': | |
|
38 | ADMIN_PREFIX + '/my_account/emails/delete', | |
|
39 | }[name].format(**kwargs) | |
|
30 | fixture = Fixture() | |
|
40 | 31 | |
|
41 | 32 | |
|
42 | 33 | class TestMyAccountEmails(TestController): |
|
43 | 34 | def test_my_account_my_emails(self): |
|
44 | 35 | self.log_user() |
|
45 | 36 | response = self.app.get(route_path('my_account_emails')) |
|
46 | 37 | response.mustcontain('No additional emails specified') |
|
47 | 38 | |
|
48 | 39 | def test_my_account_my_emails_add_remove(self): |
|
49 | 40 | self.log_user() |
|
50 | 41 | response = self.app.get(route_path('my_account_emails')) |
|
51 | 42 | response.mustcontain('No additional emails specified') |
|
52 | 43 | |
|
53 | 44 | response = self.app.post(route_path('my_account_emails_add'), |
|
54 | 45 | {'email': 'foo@barz.com', |
|
55 | 46 | 'current_password': TEST_USER_REGULAR_PASS, |
|
56 | 47 | 'csrf_token': self.csrf_token}) |
|
57 | 48 | |
|
58 | 49 | response = self.app.get(route_path('my_account_emails')) |
|
59 | 50 | |
|
60 | 51 | email_id = UserEmailMap.query().filter( |
|
61 | 52 | UserEmailMap.user == User.get_by_username( |
|
62 | 53 | TEST_USER_ADMIN_LOGIN)).filter( |
|
63 | 54 | UserEmailMap.email == 'foo@barz.com').one().email_id |
|
64 | 55 | |
|
65 | 56 | response.mustcontain('foo@barz.com') |
|
66 | 57 | response.mustcontain('<input id="del_email_id" name="del_email_id" ' |
|
67 | 58 | 'type="hidden" value="%s" />' % email_id) |
|
68 | 59 | |
|
69 | 60 | response = self.app.post( |
|
70 | 61 | route_path('my_account_emails_delete'), { |
|
71 | 62 | 'del_email_id': email_id, |
|
72 | 63 | 'csrf_token': self.csrf_token}) |
|
73 | 64 | assert_session_flash(response, 'Email successfully deleted') |
|
74 | 65 | response = self.app.get(route_path('my_account_emails')) |
|
75 | 66 | response.mustcontain('No additional emails specified') |
@@ -1,207 +1,186 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
22 | 21 | from rhodecode.tests import ( |
|
23 | 22 | TestController, TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS, |
|
24 | 23 | TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
25 | 24 | from rhodecode.tests.fixture import Fixture |
|
25 | from rhodecode.tests.routes import route_path | |
|
26 | 26 | |
|
27 | 27 | from rhodecode.model.db import Notification, User |
|
28 | from rhodecode.model.user import UserModel | |
|
29 | 28 | from rhodecode.model.notification import NotificationModel |
|
30 | 29 | from rhodecode.model.meta import Session |
|
31 | 30 | |
|
32 | 31 | fixture = Fixture() |
|
33 | 32 | |
|
34 | 33 | |
|
35 | def route_path(name, params=None, **kwargs): | |
|
36 | import urllib.request | |
|
37 | import urllib.parse | |
|
38 | import urllib.error | |
|
39 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
40 | ||
|
41 | base_url = { | |
|
42 | 'notifications_show_all': ADMIN_PREFIX + '/notifications', | |
|
43 | 'notifications_mark_all_read': ADMIN_PREFIX + '/notifications_mark_all_read', | |
|
44 | 'notifications_show': ADMIN_PREFIX + '/notifications/{notification_id}', | |
|
45 | 'notifications_update': ADMIN_PREFIX + '/notifications/{notification_id}/update', | |
|
46 | 'notifications_delete': ADMIN_PREFIX + '/notifications/{notification_id}/delete', | |
|
47 | ||
|
48 | }[name].format(**kwargs) | |
|
49 | ||
|
50 | if params: | |
|
51 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
52 | return base_url | |
|
53 | ||
|
54 | ||
|
55 | 34 | class TestNotificationsController(TestController): |
|
56 | 35 | |
|
57 | 36 | def teardown_method(self, method): |
|
58 | 37 | for n in Notification.query().all(): |
|
59 | 38 | inst = Notification.get(n.notification_id) |
|
60 | 39 | Session().delete(inst) |
|
61 | 40 | Session().commit() |
|
62 | 41 | |
|
63 | 42 | def test_mark_all_read(self, user_util): |
|
64 | 43 | user = user_util.create_user(password='qweqwe') |
|
65 | 44 | self.log_user(user.username, 'qweqwe') |
|
66 | 45 | |
|
67 | 46 | self.app.post( |
|
68 | 47 | route_path('notifications_mark_all_read'), status=302, |
|
69 | 48 | params={'csrf_token': self.csrf_token} |
|
70 | 49 | ) |
|
71 | 50 | |
|
72 | 51 | def test_show_all(self, user_util): |
|
73 | 52 | user = user_util.create_user(password='qweqwe') |
|
74 | 53 | user_id = user.user_id |
|
75 | 54 | self.log_user(user.username, 'qweqwe') |
|
76 | 55 | |
|
77 | 56 | response = self.app.get( |
|
78 | 57 | route_path('notifications_show_all', params={'type': 'all'})) |
|
79 | 58 | response.mustcontain( |
|
80 | 59 | '<div class="table">No notifications here yet</div>') |
|
81 | 60 | |
|
82 | 61 | notification = NotificationModel().create( |
|
83 | 62 | created_by=user_id, notification_subject=u'test_notification_1', |
|
84 | 63 | notification_body=u'notification_1', recipients=[user_id]) |
|
85 | 64 | Session().commit() |
|
86 | 65 | notification_id = notification.notification_id |
|
87 | 66 | |
|
88 | 67 | response = self.app.get(route_path('notifications_show_all', |
|
89 | 68 | params={'type': 'all'})) |
|
90 | 69 | response.mustcontain('id="notification_%s"' % notification_id) |
|
91 | 70 | |
|
92 | 71 | def test_show_unread(self, user_util): |
|
93 | 72 | user = user_util.create_user(password='qweqwe') |
|
94 | 73 | user_id = user.user_id |
|
95 | 74 | self.log_user(user.username, 'qweqwe') |
|
96 | 75 | |
|
97 | 76 | response = self.app.get(route_path('notifications_show_all')) |
|
98 | 77 | response.mustcontain( |
|
99 | 78 | '<div class="table">No notifications here yet</div>') |
|
100 | 79 | |
|
101 | 80 | notification = NotificationModel().create( |
|
102 | 81 | created_by=user_id, notification_subject=u'test_notification_1', |
|
103 | 82 | notification_body=u'notification_1', recipients=[user_id]) |
|
104 | 83 | |
|
105 | 84 | # mark the USER notification as unread |
|
106 | 85 | user_notification = NotificationModel().get_user_notification( |
|
107 | 86 | user_id, notification) |
|
108 | 87 | user_notification.read = False |
|
109 | 88 | |
|
110 | 89 | Session().commit() |
|
111 | 90 | notification_id = notification.notification_id |
|
112 | 91 | |
|
113 | 92 | response = self.app.get(route_path('notifications_show_all')) |
|
114 | 93 | response.mustcontain('id="notification_%s"' % notification_id) |
|
115 | 94 | response.mustcontain('<div class="desc unread') |
|
116 | 95 | |
|
117 | 96 | @pytest.mark.parametrize('user,password', [ |
|
118 | 97 | (TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS), |
|
119 | 98 | (TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS), |
|
120 | 99 | ]) |
|
121 | 100 | def test_delete(self, user, password, user_util): |
|
122 | 101 | self.log_user(user, password) |
|
123 | 102 | cur_user = self._get_logged_user() |
|
124 | 103 | |
|
125 | 104 | u1 = user_util.create_user() |
|
126 | 105 | u2 = user_util.create_user() |
|
127 | 106 | |
|
128 | 107 | # make notifications |
|
129 | 108 | notification = NotificationModel().create( |
|
130 | 109 | created_by=cur_user, notification_subject=u'test', |
|
131 | 110 | notification_body=u'hi there', recipients=[cur_user, u1, u2]) |
|
132 | 111 | Session().commit() |
|
133 | 112 | u1 = User.get(u1.user_id) |
|
134 | 113 | u2 = User.get(u2.user_id) |
|
135 | 114 | |
|
136 | 115 | # check DB |
|
137 | 116 | def get_notif(un): |
|
138 | 117 | return [x.notification for x in un] |
|
139 | 118 | assert get_notif(cur_user.notifications) == [notification] |
|
140 | 119 | assert get_notif(u1.notifications) == [notification] |
|
141 | 120 | assert get_notif(u2.notifications) == [notification] |
|
142 | 121 | cur_usr_id = cur_user.user_id |
|
143 | 122 | |
|
144 | 123 | response = self.app.post( |
|
145 | 124 | route_path('notifications_delete', |
|
146 | 125 | notification_id=notification.notification_id), |
|
147 | 126 | params={'csrf_token': self.csrf_token}) |
|
148 | 127 | assert response.json == 'ok' |
|
149 | 128 | |
|
150 | 129 | cur_user = User.get(cur_usr_id) |
|
151 | 130 | assert cur_user.notifications == [] |
|
152 | 131 | |
|
153 | 132 | @pytest.mark.parametrize('user,password', [ |
|
154 | 133 | (TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS), |
|
155 | 134 | (TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS), |
|
156 | 135 | ]) |
|
157 | 136 | def test_show(self, user, password, user_util): |
|
158 | 137 | self.log_user(user, password) |
|
159 | 138 | cur_user = self._get_logged_user() |
|
160 | 139 | u1 = user_util.create_user() |
|
161 | 140 | u2 = user_util.create_user() |
|
162 | 141 | |
|
163 | 142 | subject = u'test' |
|
164 | 143 | notif_body = u'hi there' |
|
165 | 144 | notification = NotificationModel().create( |
|
166 | 145 | created_by=cur_user, notification_subject=subject, |
|
167 | 146 | notification_body=notif_body, recipients=[cur_user, u1, u2]) |
|
168 | 147 | Session().commit() |
|
169 | 148 | |
|
170 | 149 | response = self.app.get( |
|
171 | 150 | route_path('notifications_show', |
|
172 | 151 | notification_id=notification.notification_id)) |
|
173 | 152 | |
|
174 | 153 | response.mustcontain(subject) |
|
175 | 154 | response.mustcontain(notif_body) |
|
176 | 155 | |
|
177 | 156 | @pytest.mark.parametrize('user,password', [ |
|
178 | 157 | (TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS), |
|
179 | 158 | (TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS), |
|
180 | 159 | ]) |
|
181 | 160 | def test_update(self, user, password, user_util): |
|
182 | 161 | self.log_user(user, password) |
|
183 | 162 | cur_user = self._get_logged_user() |
|
184 | 163 | u1 = user_util.create_user() |
|
185 | 164 | u2 = user_util.create_user() |
|
186 | 165 | |
|
187 | 166 | # make notifications |
|
188 | 167 | recipients = [cur_user, u1, u2] |
|
189 | 168 | notification = NotificationModel().create( |
|
190 | 169 | created_by=cur_user, notification_subject=u'test', |
|
191 | 170 | notification_body=u'hi there', recipients=recipients) |
|
192 | 171 | Session().commit() |
|
193 | 172 | |
|
194 | 173 | for u_obj in recipients: |
|
195 | 174 | # if it's current user, he has his message already read |
|
196 | 175 | read = u_obj.username == user |
|
197 | 176 | assert len(u_obj.notifications) == 1 |
|
198 | 177 | assert u_obj.notifications[0].read == read |
|
199 | 178 | |
|
200 | 179 | response = self.app.post( |
|
201 | 180 | route_path('notifications_update', |
|
202 | 181 | notification_id=notification.notification_id), |
|
203 | 182 | params={'csrf_token': self.csrf_token}) |
|
204 | 183 | assert response.json == 'ok' |
|
205 | 184 | |
|
206 | 185 | cur_user = self._get_logged_user() |
|
207 | 186 | assert True is cur_user.notifications[0].read |
@@ -1,143 +1,134 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | import mock |
|
22 | 22 | |
|
23 | 23 | from rhodecode.apps._base import ADMIN_PREFIX |
|
24 | 24 | from rhodecode.lib import helpers as h |
|
25 | 25 | from rhodecode.lib.auth import check_password |
|
26 | 26 | from rhodecode.model.meta import Session |
|
27 | 27 | from rhodecode.model.user import UserModel |
|
28 | 28 | from rhodecode.tests import assert_session_flash |
|
29 | 29 | from rhodecode.tests.fixture import Fixture, TestController, error_function |
|
30 | from rhodecode.tests.routes import route_path | |
|
30 | 31 | |
|
31 | 32 | fixture = Fixture() |
|
32 | 33 | |
|
33 | 34 | |
|
34 | def route_path(name, **kwargs): | |
|
35 | return { | |
|
36 | 'home': '/', | |
|
37 | 'my_account_password': | |
|
38 | ADMIN_PREFIX + '/my_account/password', | |
|
39 | 'my_account_password_update': | |
|
40 | ADMIN_PREFIX + '/my_account/password/update', | |
|
41 | }[name].format(**kwargs) | |
|
42 | ||
|
43 | ||
|
44 | 35 | test_user_1 = 'testme' |
|
45 | 36 | test_user_1_password = '0jd83nHNS/d23n' |
|
46 | 37 | |
|
47 | 38 | |
|
48 | 39 | class TestMyAccountPassword(TestController): |
|
49 | 40 | def test_valid_change_password(self, user_util): |
|
50 | 41 | new_password = 'my_new_valid_password' |
|
51 | 42 | user = user_util.create_user(password=test_user_1_password) |
|
52 | 43 | self.log_user(user.username, test_user_1_password) |
|
53 | 44 | |
|
54 | 45 | form_data = [ |
|
55 | 46 | ('current_password', test_user_1_password), |
|
56 | 47 | ('__start__', 'new_password:mapping'), |
|
57 | 48 | ('new_password', new_password), |
|
58 | 49 | ('new_password-confirm', new_password), |
|
59 | 50 | ('__end__', 'new_password:mapping'), |
|
60 | 51 | ('csrf_token', self.csrf_token), |
|
61 | 52 | ] |
|
62 | 53 | response = self.app.post( |
|
63 | 54 | route_path('my_account_password_update'), form_data).follow() |
|
64 | 55 | assert 'Successfully updated password' in response |
|
65 | 56 | |
|
66 | 57 | # check_password depends on user being in session |
|
67 | 58 | Session().add(user) |
|
68 | 59 | try: |
|
69 | 60 | assert check_password(new_password, user.password) |
|
70 | 61 | finally: |
|
71 | 62 | Session().expunge(user) |
|
72 | 63 | |
|
73 | 64 | @pytest.mark.parametrize('current_pw, new_pw, confirm_pw', [ |
|
74 | 65 | ('', 'abcdef123', 'abcdef123'), |
|
75 | 66 | ('wrong_pw', 'abcdef123', 'abcdef123'), |
|
76 | 67 | (test_user_1_password, test_user_1_password, test_user_1_password), |
|
77 | 68 | (test_user_1_password, '', ''), |
|
78 | 69 | (test_user_1_password, 'abcdef123', ''), |
|
79 | 70 | (test_user_1_password, '', 'abcdef123'), |
|
80 | 71 | (test_user_1_password, 'not_the', 'same_pw'), |
|
81 | 72 | (test_user_1_password, 'short', 'short'), |
|
82 | 73 | ]) |
|
83 | 74 | def test_invalid_change_password(self, current_pw, new_pw, confirm_pw, |
|
84 | 75 | user_util): |
|
85 | 76 | user = user_util.create_user(password=test_user_1_password) |
|
86 | 77 | self.log_user(user.username, test_user_1_password) |
|
87 | 78 | |
|
88 | 79 | form_data = [ |
|
89 | 80 | ('current_password', current_pw), |
|
90 | 81 | ('__start__', 'new_password:mapping'), |
|
91 | 82 | ('new_password', new_pw), |
|
92 | 83 | ('new_password-confirm', confirm_pw), |
|
93 | 84 | ('__end__', 'new_password:mapping'), |
|
94 | 85 | ('csrf_token', self.csrf_token), |
|
95 | 86 | ] |
|
96 | 87 | response = self.app.post( |
|
97 | 88 | route_path('my_account_password_update'), form_data) |
|
98 | 89 | |
|
99 | 90 | assert_response = response.assert_response() |
|
100 | 91 | assert assert_response.get_elements('.error-block') |
|
101 | 92 | |
|
102 | 93 | @mock.patch.object(UserModel, 'update_user', error_function) |
|
103 | 94 | def test_invalid_change_password_exception(self, user_util): |
|
104 | 95 | user = user_util.create_user(password=test_user_1_password) |
|
105 | 96 | self.log_user(user.username, test_user_1_password) |
|
106 | 97 | |
|
107 | 98 | form_data = [ |
|
108 | 99 | ('current_password', test_user_1_password), |
|
109 | 100 | ('__start__', 'new_password:mapping'), |
|
110 | 101 | ('new_password', '123456'), |
|
111 | 102 | ('new_password-confirm', '123456'), |
|
112 | 103 | ('__end__', 'new_password:mapping'), |
|
113 | 104 | ('csrf_token', self.csrf_token), |
|
114 | 105 | ] |
|
115 | 106 | response = self.app.post( |
|
116 | 107 | route_path('my_account_password_update'), form_data) |
|
117 | 108 | assert_session_flash( |
|
118 | 109 | response, 'Error occurred during update of user password') |
|
119 | 110 | |
|
120 | 111 | def test_password_is_updated_in_session_on_password_change(self, user_util): |
|
121 | 112 | old_password = 'abcdef123' |
|
122 | 113 | new_password = 'abcdef124' |
|
123 | 114 | |
|
124 | 115 | user = user_util.create_user(password=old_password) |
|
125 | 116 | session = self.log_user(user.username, old_password) |
|
126 | 117 | old_password_hash = session['password'] |
|
127 | 118 | |
|
128 | 119 | form_data = [ |
|
129 | 120 | ('current_password', old_password), |
|
130 | 121 | ('__start__', 'new_password:mapping'), |
|
131 | 122 | ('new_password', new_password), |
|
132 | 123 | ('new_password-confirm', new_password), |
|
133 | 124 | ('__end__', 'new_password:mapping'), |
|
134 | 125 | ('csrf_token', self.csrf_token), |
|
135 | 126 | ] |
|
136 | 127 | self.app.post( |
|
137 | 128 | route_path('my_account_password_update'), form_data) |
|
138 | 129 | |
|
139 | 130 | response = self.app.get(route_path('home')) |
|
140 | 131 | session = response.get_session_from_response() |
|
141 | 132 | new_password_hash = session['rhodecode_user']['password'] |
|
142 | 133 | |
|
143 | 134 | assert old_password_hash != new_password_hash No newline at end of file |
@@ -1,54 +1,45 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | import pytest | |
|
21 | ||
|
22 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
23 | 20 | from rhodecode.tests import ( |
|
24 | 21 | TestController, TEST_USER_ADMIN_LOGIN, |
|
25 | 22 | TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
26 | 23 | from rhodecode.tests.fixture import Fixture |
|
24 | from rhodecode.tests.routes import route_path | |
|
27 | 25 | |
|
28 | 26 | fixture = Fixture() |
|
29 | 27 | |
|
30 | 28 | |
|
31 | def route_path(name, **kwargs): | |
|
32 | return { | |
|
33 | 'my_account': | |
|
34 | ADMIN_PREFIX + '/my_account/profile', | |
|
35 | }[name].format(**kwargs) | |
|
36 | ||
|
37 | ||
|
38 | 29 | class TestMyAccountProfile(TestController): |
|
39 | 30 | |
|
40 | 31 | def test_my_account(self): |
|
41 | 32 | self.log_user() |
|
42 | 33 | response = self.app.get(route_path('my_account')) |
|
43 | 34 | |
|
44 | 35 | response.mustcontain(TEST_USER_ADMIN_LOGIN) |
|
45 | 36 | response.mustcontain('href="/_admin/my_account/edit"') |
|
46 | 37 | response.mustcontain('Photo') |
|
47 | 38 | |
|
48 | 39 | def test_my_account_regular_user(self): |
|
49 | 40 | self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) |
|
50 | 41 | response = self.app.get(route_path('my_account')) |
|
51 | 42 | |
|
52 | 43 | response.mustcontain(TEST_USER_REGULAR_LOGIN) |
|
53 | 44 | response.mustcontain('href="/_admin/my_account/edit"') |
|
54 | 45 | response.mustcontain('Photo') |
@@ -1,74 +1,57 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | import pytest | |
|
21 | ||
|
22 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
23 | from rhodecode.model.db import User, UserEmailMap, Repository, UserFollowing | |
|
24 | from rhodecode.tests import ( | |
|
25 | TestController, TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_EMAIL, | |
|
26 | assert_session_flash) | |
|
20 | from rhodecode.model.db import User, Repository, UserFollowing | |
|
21 | from rhodecode.tests import TestController, TEST_USER_ADMIN_LOGIN | |
|
27 | 22 | from rhodecode.tests.fixture import Fixture |
|
23 | from rhodecode.tests.routes import route_path | |
|
28 | 24 | |
|
29 | 25 | fixture = Fixture() |
|
30 | 26 | |
|
31 | 27 | |
|
32 | def route_path(name, **kwargs): | |
|
33 | return { | |
|
34 | 'my_account_repos': | |
|
35 | ADMIN_PREFIX + '/my_account/repos', | |
|
36 | 'my_account_watched': | |
|
37 | ADMIN_PREFIX + '/my_account/watched', | |
|
38 | 'my_account_perms': | |
|
39 | ADMIN_PREFIX + '/my_account/perms', | |
|
40 | 'my_account_notifications': | |
|
41 | ADMIN_PREFIX + '/my_account/notifications', | |
|
42 | }[name].format(**kwargs) | |
|
43 | ||
|
44 | ||
|
45 | 28 | class TestMyAccountSimpleViews(TestController): |
|
46 | 29 | |
|
47 | 30 | def test_my_account_my_repos(self, autologin_user): |
|
48 | 31 | response = self.app.get(route_path('my_account_repos')) |
|
49 | 32 | repos = Repository.query().filter( |
|
50 | 33 | Repository.user == User.get_by_username( |
|
51 | 34 | TEST_USER_ADMIN_LOGIN)).all() |
|
52 | 35 | for repo in repos: |
|
53 | 36 | response.mustcontain(f'"name_raw":"{repo.repo_name}"') |
|
54 | 37 | |
|
55 | 38 | def test_my_account_my_watched(self, autologin_user): |
|
56 | 39 | response = self.app.get(route_path('my_account_watched')) |
|
57 | 40 | |
|
58 | 41 | repos = UserFollowing.query().filter( |
|
59 | 42 | UserFollowing.user == User.get_by_username( |
|
60 | 43 | TEST_USER_ADMIN_LOGIN)).all() |
|
61 | 44 | for repo in repos: |
|
62 | 45 | response.mustcontain(f'"name_raw":"{repo.follows_repository.repo_name}"') |
|
63 | 46 | |
|
64 | 47 | def test_my_account_perms(self, autologin_user): |
|
65 | 48 | response = self.app.get(route_path('my_account_perms')) |
|
66 | 49 | assert_response = response.assert_response() |
|
67 | 50 | assert assert_response.get_elements('.perm_tag.none') |
|
68 | 51 | assert assert_response.get_elements('.perm_tag.read') |
|
69 | 52 | assert assert_response.get_elements('.perm_tag.write') |
|
70 | 53 | assert assert_response.get_elements('.perm_tag.admin') |
|
71 | 54 | |
|
72 | 55 | def test_my_account_notifications(self, autologin_user): |
|
73 | 56 | response = self.app.get(route_path('my_account_notifications')) |
|
74 | 57 | response.mustcontain('Test flash message') |
@@ -1,164 +1,142 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | import pytest | |
|
21 | 20 | |
|
22 | 21 | from rhodecode.model.db import User, UserSshKeys |
|
23 | 22 | |
|
24 | 23 | from rhodecode.tests import TestController, assert_session_flash |
|
25 | 24 | from rhodecode.tests.fixture import Fixture |
|
25 | from rhodecode.tests.routes import route_path | |
|
26 | 26 | |
|
27 | 27 | fixture = Fixture() |
|
28 | 28 | |
|
29 | 29 | |
|
30 | def route_path(name, params=None, **kwargs): | |
|
31 | import urllib.request | |
|
32 | import urllib.parse | |
|
33 | import urllib.error | |
|
34 | from rhodecode.apps._base import ADMIN_PREFIX | |
|
35 | ||
|
36 | base_url = { | |
|
37 | 'my_account_ssh_keys': | |
|
38 | ADMIN_PREFIX + '/my_account/ssh_keys', | |
|
39 | 'my_account_ssh_keys_generate': | |
|
40 | ADMIN_PREFIX + '/my_account/ssh_keys/generate', | |
|
41 | 'my_account_ssh_keys_add': | |
|
42 | ADMIN_PREFIX + '/my_account/ssh_keys/new', | |
|
43 | 'my_account_ssh_keys_delete': | |
|
44 | ADMIN_PREFIX + '/my_account/ssh_keys/delete', | |
|
45 | }[name].format(**kwargs) | |
|
46 | ||
|
47 | if params: | |
|
48 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
49 | return base_url | |
|
50 | ||
|
51 | ||
|
52 | 30 | class TestMyAccountSshKeysView(TestController): |
|
53 | 31 | INVALID_KEY = """\ |
|
54 | 32 | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDk+77sjDzVeB6vevJsuZds1iNU5 |
|
55 | 33 | LANOa5CU5G/9JYIA6RYsWWMO7mbsR82IUckdqOHmxSykfR1D1TdluyIpQLrwgH5kb |
|
56 | 34 | n8FkVI8zBMCKakxowvN67B0R7b1BT4PPzW2JlOXei/m9W12ZY484VTow6/B+kf2Q8 |
|
57 | 35 | cP8tmCJmKWZma5Em7OTUhvjyQVNz3v7HfeY5Hq0Ci4ECJ59hepFDabJvtAXg9XrI6 |
|
58 | 36 | jvdphZTc30I4fG8+hBHzpeFxUGvSGNtXPUbwaAY8j/oHYrTpMgkj6pUEFsiKfC5zP |
|
59 | 37 | qPFR5HyKTCHW0nFUJnZsbyFT5hMiF/hZkJc9A0ZbdSvJwCRQ/g3bmdL |
|
60 | 38 | your_email@example.com |
|
61 | 39 | """ |
|
62 | 40 | VALID_KEY = 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDk+77sjDzVeB6vev' \ |
|
63 | 41 | 'JsuZds1iNU5LANOa5CU5G/9JYIA6RYsWWMO7mbsR82IUckdqOHmxSy' \ |
|
64 | 42 | 'kfR1D1TdluyIpQLrwgH5kbn8FkVI8zBMCKakxowvN67B0R7b1BT4PP' \ |
|
65 | 43 | 'zW2JlOXei/m9W12ZY484VTow6/B+kf2Q8cP8tmCJmKWZma5Em7OTUh' \ |
|
66 | 44 | 'vjyQVNz3v7HfeY5Hq0Ci4ECJ59hepFDabJvtAXg9XrI6jvdphZTc30' \ |
|
67 | 45 | 'I4fG8+hBHzpeFxUGvSGNtXPUbwaAY8j/oHYrTpMgkj6pUEFsiKfC5zPq' \ |
|
68 | 46 | 'PFR5HyKTCHW0nFUJnZsbyFT5hMiF/hZkJc9A0ZbdSvJwCRQ/g3bmdL ' \ |
|
69 | 47 | 'your_email@example.com' |
|
70 | 48 | FINGERPRINT = 'MD5:01:4f:ad:29:22:6e:01:37:c9:d2:52:26:52:b0:2d:93' |
|
71 | 49 | |
|
72 | 50 | def test_add_ssh_key_error(self, user_util): |
|
73 | 51 | user = user_util.create_user(password='qweqwe') |
|
74 | 52 | self.log_user(user.username, 'qweqwe') |
|
75 | 53 | |
|
76 | 54 | key_data = self.INVALID_KEY |
|
77 | 55 | |
|
78 | 56 | desc = 'MY SSH KEY' |
|
79 | 57 | response = self.app.post( |
|
80 | 58 | route_path('my_account_ssh_keys_add'), |
|
81 | 59 | {'description': desc, 'key_data': key_data, |
|
82 | 60 | 'csrf_token': self.csrf_token}) |
|
83 | 61 | assert_session_flash(response, 'An error occurred during ssh ' |
|
84 | 62 | 'key saving: Unable to decode the key') |
|
85 | 63 | |
|
86 | 64 | def test_ssh_key_duplicate(self, user_util): |
|
87 | 65 | user = user_util.create_user(password='qweqwe') |
|
88 | 66 | self.log_user(user.username, 'qweqwe') |
|
89 | 67 | key_data = self.VALID_KEY |
|
90 | 68 | |
|
91 | 69 | desc = 'MY SSH KEY' |
|
92 | 70 | response = self.app.post( |
|
93 | 71 | route_path('my_account_ssh_keys_add'), |
|
94 | 72 | {'description': desc, 'key_data': key_data, |
|
95 | 73 | 'csrf_token': self.csrf_token}) |
|
96 | 74 | assert_session_flash(response, 'Ssh Key successfully created') |
|
97 | 75 | response.follow() # flush session flash |
|
98 | 76 | |
|
99 | 77 | # add the same key AGAIN |
|
100 | 78 | desc = 'MY SSH KEY' |
|
101 | 79 | response = self.app.post( |
|
102 | 80 | route_path('my_account_ssh_keys_add'), |
|
103 | 81 | {'description': desc, 'key_data': key_data, |
|
104 | 82 | 'csrf_token': self.csrf_token}) |
|
105 | 83 | |
|
106 | 84 | err = 'Such key with fingerprint `{}` already exists, ' \ |
|
107 | 85 | 'please use a different one'.format(self.FINGERPRINT) |
|
108 | 86 | assert_session_flash(response, 'An error occurred during ssh key ' |
|
109 | 87 | 'saving: {}'.format(err)) |
|
110 | 88 | |
|
111 | 89 | def test_add_ssh_key(self, user_util): |
|
112 | 90 | user = user_util.create_user(password='qweqwe') |
|
113 | 91 | self.log_user(user.username, 'qweqwe') |
|
114 | 92 | |
|
115 | 93 | key_data = self.VALID_KEY |
|
116 | 94 | |
|
117 | 95 | desc = 'MY SSH KEY' |
|
118 | 96 | response = self.app.post( |
|
119 | 97 | route_path('my_account_ssh_keys_add'), |
|
120 | 98 | {'description': desc, 'key_data': key_data, |
|
121 | 99 | 'csrf_token': self.csrf_token}) |
|
122 | 100 | assert_session_flash(response, 'Ssh Key successfully created') |
|
123 | 101 | |
|
124 | 102 | response = response.follow() |
|
125 | 103 | response.mustcontain(desc) |
|
126 | 104 | |
|
127 | 105 | def test_delete_ssh_key(self, user_util): |
|
128 | 106 | user = user_util.create_user(password='qweqwe') |
|
129 | 107 | user_id = user.user_id |
|
130 | 108 | self.log_user(user.username, 'qweqwe') |
|
131 | 109 | |
|
132 | 110 | key_data = self.VALID_KEY |
|
133 | 111 | |
|
134 | 112 | desc = 'MY SSH KEY' |
|
135 | 113 | response = self.app.post( |
|
136 | 114 | route_path('my_account_ssh_keys_add'), |
|
137 | 115 | {'description': desc, 'key_data': key_data, |
|
138 | 116 | 'csrf_token': self.csrf_token}) |
|
139 | 117 | assert_session_flash(response, 'Ssh Key successfully created') |
|
140 | 118 | response = response.follow() # flush the Session flash |
|
141 | 119 | |
|
142 | 120 | # now delete our key |
|
143 | 121 | keys = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).all() |
|
144 | 122 | assert 1 == len(keys) |
|
145 | 123 | |
|
146 | 124 | response = self.app.post( |
|
147 | 125 | route_path('my_account_ssh_keys_delete'), |
|
148 | 126 | {'del_ssh_key': keys[0].ssh_key_id, |
|
149 | 127 | 'csrf_token': self.csrf_token}) |
|
150 | 128 | |
|
151 | 129 | assert_session_flash(response, 'Ssh key successfully deleted') |
|
152 | 130 | keys = UserSshKeys.query().filter(UserSshKeys.user_id == user_id).all() |
|
153 | 131 | assert 0 == len(keys) |
|
154 | 132 | |
|
155 | 133 | def test_generate_keypair(self, user_util): |
|
156 | 134 | user = user_util.create_user(password='qweqwe') |
|
157 | 135 | self.log_user(user.username, 'qweqwe') |
|
158 | 136 | |
|
159 | 137 | response = self.app.get( |
|
160 | 138 | route_path('my_account_ssh_keys_generate')) |
|
161 | 139 | |
|
162 | 140 | response.mustcontain('Private key') |
|
163 | 141 | response.mustcontain('Public key') |
|
164 | 142 | response.mustcontain('-----BEGIN PRIVATE KEY-----') |
@@ -1,89 +1,73 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.tests import assert_session_flash |
|
22 | ||
|
23 | ||
|
24 | def route_path(name, params=None, **kwargs): | |
|
25 | import urllib.request | |
|
26 | import urllib.parse | |
|
27 | import urllib.error | |
|
28 | ||
|
29 | base_url = { | |
|
30 | 'edit_repo_group_advanced': | |
|
31 | '/{repo_group_name}/_settings/advanced', | |
|
32 | 'edit_repo_group_advanced_delete': | |
|
33 | '/{repo_group_name}/_settings/advanced/delete', | |
|
34 | }[name].format(**kwargs) | |
|
35 | ||
|
36 | if params: | |
|
37 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
38 | return base_url | |
|
22 | from rhodecode.tests.routes import route_path | |
|
39 | 23 | |
|
40 | 24 | |
|
41 | 25 | @pytest.mark.usefixtures("app") |
|
42 | 26 | class TestRepoGroupsAdvancedView(object): |
|
43 | 27 | |
|
44 | 28 | @pytest.mark.parametrize('repo_group_name', [ |
|
45 | 29 | 'gro', |
|
46 | 30 | '12345', |
|
47 | 31 | ]) |
|
48 | 32 | def test_show_advanced_settings(self, autologin_user, user_util, repo_group_name): |
|
49 | 33 | user_util._test_name = repo_group_name |
|
50 | 34 | gr = user_util.create_repo_group() |
|
51 | 35 | self.app.get( |
|
52 | 36 | route_path('edit_repo_group_advanced', |
|
53 | 37 | repo_group_name=gr.group_name)) |
|
54 | 38 | |
|
55 | 39 | def test_show_advanced_settings_delete(self, autologin_user, user_util, |
|
56 | 40 | csrf_token): |
|
57 | 41 | gr = user_util.create_repo_group(auto_cleanup=False) |
|
58 | 42 | repo_group_name = gr.group_name |
|
59 | 43 | |
|
60 | 44 | params = dict( |
|
61 | 45 | csrf_token=csrf_token |
|
62 | 46 | ) |
|
63 | 47 | response = self.app.post( |
|
64 | 48 | route_path('edit_repo_group_advanced_delete', |
|
65 | 49 | repo_group_name=repo_group_name), params=params) |
|
66 | 50 | assert_session_flash( |
|
67 | 51 | response, 'Removed repository group `{}`'.format(repo_group_name)) |
|
68 | 52 | |
|
69 | 53 | def test_delete_not_possible_with_objects_inside(self, autologin_user, |
|
70 | 54 | repo_groups, csrf_token): |
|
71 | 55 | zombie_group, parent_group, child_group = repo_groups |
|
72 | 56 | |
|
73 | 57 | response = self.app.get( |
|
74 | 58 | route_path('edit_repo_group_advanced', |
|
75 | 59 | repo_group_name=parent_group.group_name)) |
|
76 | 60 | |
|
77 | 61 | response.mustcontain( |
|
78 | 62 | 'This repository group includes 1 children repository group') |
|
79 | 63 | |
|
80 | 64 | params = dict( |
|
81 | 65 | csrf_token=csrf_token |
|
82 | 66 | ) |
|
83 | 67 | response = self.app.post( |
|
84 | 68 | route_path('edit_repo_group_advanced_delete', |
|
85 | 69 | repo_group_name=parent_group.group_name), params=params) |
|
86 | 70 | |
|
87 | 71 | assert_session_flash( |
|
88 | 72 | response, 'This repository group contains 1 subgroup ' |
|
89 | 73 | 'and cannot be deleted') |
@@ -1,86 +1,70 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.tests.utils import permission_update_data_generator |
|
22 | ||
|
23 | ||
|
24 | def route_path(name, params=None, **kwargs): | |
|
25 | import urllib.request | |
|
26 | import urllib.parse | |
|
27 | import urllib.error | |
|
28 | ||
|
29 | base_url = { | |
|
30 | 'edit_repo_group_perms': | |
|
31 | '/{repo_group_name:}/_settings/permissions', | |
|
32 | 'edit_repo_group_perms_update': | |
|
33 | '/{repo_group_name}/_settings/permissions/update', | |
|
34 | }[name].format(**kwargs) | |
|
35 | ||
|
36 | if params: | |
|
37 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
38 | return base_url | |
|
22 | from rhodecode.tests.routes import route_path | |
|
39 | 23 | |
|
40 | 24 | |
|
41 | 25 | @pytest.mark.usefixtures("app") |
|
42 | 26 | class TestRepoGroupPermissionsView(object): |
|
43 | 27 | |
|
44 | 28 | def test_edit_perms_view(self, user_util, autologin_user): |
|
45 | 29 | repo_group = user_util.create_repo_group() |
|
46 | 30 | |
|
47 | 31 | self.app.get( |
|
48 | 32 | route_path('edit_repo_group_perms', |
|
49 | 33 | repo_group_name=repo_group.group_name), status=200) |
|
50 | 34 | |
|
51 | 35 | def test_update_permissions(self, csrf_token, user_util): |
|
52 | 36 | repo_group = user_util.create_repo_group() |
|
53 | 37 | repo_group_name = repo_group.group_name |
|
54 | 38 | user = user_util.create_user() |
|
55 | 39 | user_id = user.user_id |
|
56 | 40 | username = user.username |
|
57 | 41 | |
|
58 | 42 | # grant new |
|
59 | 43 | form_data = permission_update_data_generator( |
|
60 | 44 | csrf_token, |
|
61 | 45 | default='group.write', |
|
62 | 46 | grant=[(user_id, 'group.write', username, 'user')]) |
|
63 | 47 | |
|
64 | 48 | # recursive flag required for repo groups |
|
65 | 49 | form_data.extend([('recursive', u'none')]) |
|
66 | 50 | |
|
67 | 51 | response = self.app.post( |
|
68 | 52 | route_path('edit_repo_group_perms_update', |
|
69 | 53 | repo_group_name=repo_group_name), form_data).follow() |
|
70 | 54 | |
|
71 | 55 | assert 'Repository Group permissions updated' in response |
|
72 | 56 | |
|
73 | 57 | # revoke given |
|
74 | 58 | form_data = permission_update_data_generator( |
|
75 | 59 | csrf_token, |
|
76 | 60 | default='group.read', |
|
77 | 61 | revoke=[(user_id, 'user')]) |
|
78 | 62 | |
|
79 | 63 | # recursive flag required for repo groups |
|
80 | 64 | form_data.extend([('recursive', u'none')]) |
|
81 | 65 | |
|
82 | 66 | response = self.app.post( |
|
83 | 67 | route_path('edit_repo_group_perms_update', |
|
84 | 68 | repo_group_name=repo_group_name), form_data).follow() |
|
85 | 69 | |
|
86 | 70 | assert 'Repository Group permissions updated' in response |
@@ -1,91 +1,78 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.tests import assert_session_flash |
|
23 | ||
|
24 | ||
|
25 | def route_path(name, params=None, **kwargs): | |
|
26 | import urllib.request | |
|
27 | import urllib.parse | |
|
28 | import urllib.error | |
|
23 | from rhodecode.tests.routes import route_path | |
|
29 | 24 | |
|
30 | base_url = { | |
|
31 | 'edit_repo_group': '/{repo_group_name}/_edit', | |
|
32 | # Update is POST to the above url | |
|
33 | }[name].format(**kwargs) | |
|
34 | ||
|
35 | if params: | |
|
36 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
37 | return base_url | |
|
38 | 25 | |
|
39 | 26 | |
|
40 | 27 | @pytest.mark.usefixtures("app") |
|
41 | 28 | class TestRepoGroupsSettingsView(object): |
|
42 | 29 | |
|
43 | 30 | @pytest.mark.parametrize('repo_group_name', [ |
|
44 | 31 | 'gro', |
|
45 | 32 | u'12345', |
|
46 | 33 | ]) |
|
47 | 34 | def test_edit(self, user_util, autologin_user, repo_group_name): |
|
48 | 35 | user_util._test_name = repo_group_name |
|
49 | 36 | repo_group = user_util.create_repo_group() |
|
50 | 37 | |
|
51 | 38 | self.app.get( |
|
52 | 39 | route_path('edit_repo_group', repo_group_name=repo_group.group_name), |
|
53 | 40 | status=200) |
|
54 | 41 | |
|
55 | 42 | def test_update(self, csrf_token, autologin_user, user_util, rc_fixture): |
|
56 | 43 | repo_group = user_util.create_repo_group() |
|
57 | 44 | repo_group_name = repo_group.group_name |
|
58 | 45 | |
|
59 | 46 | description = 'description for newly created repo group' |
|
60 | 47 | form_data = rc_fixture._get_group_create_params( |
|
61 | 48 | group_name=repo_group.group_name, |
|
62 | 49 | group_description=description, |
|
63 | 50 | csrf_token=csrf_token, |
|
64 | 51 | repo_group_name=repo_group.group_name, |
|
65 | 52 | repo_group_owner=repo_group.user.username) |
|
66 | 53 | |
|
67 | 54 | response = self.app.post( |
|
68 | 55 | route_path('edit_repo_group', |
|
69 | 56 | repo_group_name=repo_group.group_name), |
|
70 | 57 | form_data, |
|
71 | 58 | status=302) |
|
72 | 59 | |
|
73 | 60 | assert_session_flash( |
|
74 | 61 | response, 'Repository Group `{}` updated successfully'.format( |
|
75 | 62 | repo_group_name)) |
|
76 | 63 | |
|
77 | 64 | def test_update_fails_when_parent_pointing_to_self( |
|
78 | 65 | self, csrf_token, user_util, autologin_user, rc_fixture): |
|
79 | 66 | group = user_util.create_repo_group() |
|
80 | 67 | response = self.app.post( |
|
81 | 68 | route_path('edit_repo_group', repo_group_name=group.group_name), |
|
82 | 69 | rc_fixture._get_group_create_params( |
|
83 | 70 | repo_group_name=group.group_name, |
|
84 | 71 | repo_group_owner=group.user.username, |
|
85 | 72 | repo_group=group.group_id, |
|
86 | 73 | csrf_token=csrf_token), |
|
87 | 74 | status=200 |
|
88 | 75 | ) |
|
89 | 76 | response.mustcontain( |
|
90 | 77 | '<span class="error-message">"{}" is not one of -1'.format( |
|
91 | 78 | group.group_id)) |
@@ -1,84 +1,69 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 |
from rhodecode. |
|
|
21 | ||
|
22 | ||
|
23 | def route_path(name, params=None, **kwargs): | |
|
24 | import urllib.request | |
|
25 | import urllib.parse | |
|
26 | import urllib.error | |
|
27 | ||
|
28 | base_url = { | |
|
29 | 'pullrequest_show_all': '/{repo_name}/pull-request', | |
|
30 | 'pullrequest_show_all_data': '/{repo_name}/pull-request-data', | |
|
31 | }[name].format(**kwargs) | |
|
32 | ||
|
33 | if params: | |
|
34 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
35 | return base_url | |
|
20 | from rhodecode.tests.routes import route_path | |
|
36 | 21 | |
|
37 | 22 | |
|
38 | 23 | @pytest.mark.backends("git", "hg") |
|
39 | 24 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
40 | 25 | class TestPullRequestList(object): |
|
41 | 26 | |
|
42 | 27 | @pytest.mark.parametrize('params, expected_title', [ |
|
43 | 28 | ({'source': 0, 'closed': 1}, 'Closed'), |
|
44 | 29 | ({'source': 0, 'my': 1}, 'Created by me'), |
|
45 | 30 | ({'source': 0, 'awaiting_review': 1}, 'Awaiting review'), |
|
46 | 31 | ({'source': 0, 'awaiting_my_review': 1}, 'Awaiting my review'), |
|
47 | 32 | ({'source': 1}, 'From this repo'), |
|
48 | 33 | ]) |
|
49 | 34 | def test_showing_list_page(self, backend, pr_util, params, expected_title): |
|
50 | 35 | pull_request = pr_util.create_pull_request() |
|
51 | 36 | |
|
52 | 37 | response = self.app.get( |
|
53 | 38 | route_path('pullrequest_show_all', |
|
54 | 39 | repo_name=pull_request.target_repo.repo_name, |
|
55 | 40 | params=params)) |
|
56 | 41 | |
|
57 | 42 | assert_response = response.assert_response() |
|
58 | 43 | |
|
59 | 44 | element = assert_response.get_element('.title .active') |
|
60 | 45 | element_text = element.text_content() |
|
61 | 46 | assert expected_title == element_text |
|
62 | 47 | |
|
63 | 48 | def test_showing_list_page_data(self, backend, pr_util, xhr_header): |
|
64 | 49 | pull_request = pr_util.create_pull_request() |
|
65 | 50 | response = self.app.get( |
|
66 | 51 | route_path('pullrequest_show_all_data', |
|
67 | 52 | repo_name=pull_request.target_repo.repo_name), |
|
68 | 53 | extra_environ=xhr_header) |
|
69 | 54 | |
|
70 | 55 | assert response.json['recordsTotal'] == 1 |
|
71 | 56 | assert response.json['data'][0]['description'] == 'Description' |
|
72 | 57 | |
|
73 | 58 | def test_description_is_escaped_on_index_page(self, backend, pr_util, xhr_header): |
|
74 | 59 | xss_description = "<script>alert('Hi!')</script>" |
|
75 | 60 | pull_request = pr_util.create_pull_request(description=xss_description) |
|
76 | 61 | |
|
77 | 62 | response = self.app.get( |
|
78 | 63 | route_path('pullrequest_show_all_data', |
|
79 | 64 | repo_name=pull_request.target_repo.repo_name), |
|
80 | 65 | extra_environ=xhr_header) |
|
81 | 66 | |
|
82 | 67 | assert response.json['recordsTotal'] == 1 |
|
83 | 68 | assert response.json['data'][0]['description'] == \ |
|
84 | 69 | "<script>alert('Hi!')</script>" |
@@ -1,52 +1,40 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | from rhodecode.model.db import Repository |
|
21 | ||
|
22 | ||
|
23 | def route_path(name, params=None, **kwargs): | |
|
24 | import urllib.request | |
|
25 | import urllib.parse | |
|
26 | import urllib.error | |
|
21 | from rhodecode.tests.routes import route_path | |
|
27 | 22 | |
|
28 | base_url = { | |
|
29 | 'bookmarks_home': '/{repo_name}/bookmarks', | |
|
30 | }[name].format(**kwargs) | |
|
31 | ||
|
32 | if params: | |
|
33 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
34 | return base_url | |
|
35 | 23 | |
|
36 | 24 | |
|
37 | 25 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
38 | 26 | class TestBookmarks(object): |
|
39 | 27 | |
|
40 | 28 | def test_index(self, backend): |
|
41 | 29 | if backend.alias == 'hg': |
|
42 | 30 | response = self.app.get( |
|
43 | 31 | route_path('bookmarks_home', repo_name=backend.repo_name)) |
|
44 | 32 | |
|
45 | 33 | repo = Repository.get_by_repo_name(backend.repo_name) |
|
46 | 34 | for commit_id, obj_name in repo.scm_instance().bookmarks.items(): |
|
47 | 35 | assert commit_id in response |
|
48 | 36 | assert obj_name in response |
|
49 | 37 | else: |
|
50 | 38 | self.app.get( |
|
51 | 39 | route_path('bookmarks_home', repo_name=backend.repo_name), |
|
52 | 40 | status=404) |
@@ -1,48 +1,35 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | from rhodecode.model.db import Repository |
|
21 | ||
|
22 | ||
|
23 | def route_path(name, params=None, **kwargs): | |
|
24 | import urllib.request | |
|
25 | import urllib.parse | |
|
26 | import urllib.error | |
|
27 | ||
|
28 | base_url = { | |
|
29 | 'branches_home': '/{repo_name}/branches', | |
|
30 | }[name].format(**kwargs) | |
|
31 | ||
|
32 | if params: | |
|
33 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
34 | return base_url | |
|
21 | from rhodecode.tests.routes import route_path | |
|
35 | 22 | |
|
36 | 23 | |
|
37 | 24 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
38 | 25 | class TestBranchesController(object): |
|
39 | 26 | |
|
40 | 27 | def test_index(self, backend): |
|
41 | 28 | response = self.app.get( |
|
42 | 29 | route_path('branches_home', repo_name=backend.repo_name)) |
|
43 | 30 | |
|
44 | 31 | repo = Repository.get_by_repo_name(backend.repo_name) |
|
45 | 32 | |
|
46 | 33 | for commit_id, obj_name in repo.scm_instance().branches.items(): |
|
47 | 34 | assert commit_id in response |
|
48 | 35 | assert obj_name in response |
@@ -1,219 +1,204 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import re |
|
20 | 20 | |
|
21 | 21 | import pytest |
|
22 | 22 | |
|
23 | 23 | from rhodecode.apps.repository.views.repo_changelog import DEFAULT_CHANGELOG_SIZE |
|
24 | 24 | from rhodecode.tests import TestController |
|
25 | ||
|
26 | MATCH_HASH = re.compile(r'<span class="commit_hash">r(\d+):[\da-f]+</span>') | |
|
25 | from rhodecode.tests.routes import route_path | |
|
27 | 26 | |
|
28 | 27 | |
|
29 | def route_path(name, params=None, **kwargs): | |
|
30 | import urllib.request | |
|
31 | import urllib.parse | |
|
32 | import urllib.error | |
|
33 | ||
|
34 | base_url = { | |
|
35 | 'repo_changelog': '/{repo_name}/changelog', | |
|
36 | 'repo_commits': '/{repo_name}/commits', | |
|
37 | 'repo_commits_file': '/{repo_name}/commits/{commit_id}/{f_path}', | |
|
38 | 'repo_commits_elements': '/{repo_name}/commits_elements', | |
|
39 | }[name].format(**kwargs) | |
|
40 | ||
|
41 | if params: | |
|
42 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
43 | return base_url | |
|
28 | MATCH_HASH = re.compile(r'<span class="commit_hash">r(\d+):[\da-f]+</span>') | |
|
44 | 29 | |
|
45 | 30 | |
|
46 | 31 | def assert_commits_on_page(response, indexes): |
|
47 | 32 | found_indexes = [int(idx) for idx in MATCH_HASH.findall(response.text)] |
|
48 | 33 | assert found_indexes == indexes |
|
49 | 34 | |
|
50 | 35 | |
|
51 | 36 | class TestChangelogController(TestController): |
|
52 | 37 | |
|
53 | 38 | def test_commits_page(self, backend): |
|
54 | 39 | self.log_user() |
|
55 | 40 | response = self.app.get( |
|
56 | 41 | route_path('repo_commits', repo_name=backend.repo_name)) |
|
57 | 42 | |
|
58 | 43 | first_idx = -1 |
|
59 | 44 | last_idx = -DEFAULT_CHANGELOG_SIZE |
|
60 | 45 | self.assert_commit_range_on_page(response, first_idx, last_idx, backend) |
|
61 | 46 | |
|
62 | 47 | def test_changelog(self, backend): |
|
63 | 48 | self.log_user() |
|
64 | 49 | response = self.app.get( |
|
65 | 50 | route_path('repo_changelog', repo_name=backend.repo_name)) |
|
66 | 51 | |
|
67 | 52 | first_idx = -1 |
|
68 | 53 | last_idx = -DEFAULT_CHANGELOG_SIZE |
|
69 | 54 | self.assert_commit_range_on_page( |
|
70 | 55 | response, first_idx, last_idx, backend) |
|
71 | 56 | |
|
72 | 57 | @pytest.mark.backends("hg", "git") |
|
73 | 58 | def test_changelog_filtered_by_branch(self, backend): |
|
74 | 59 | self.log_user() |
|
75 | 60 | self.app.get( |
|
76 | 61 | route_path('repo_changelog', repo_name=backend.repo_name, |
|
77 | 62 | params=dict(branch=backend.default_branch_name)), |
|
78 | 63 | status=200) |
|
79 | 64 | |
|
80 | 65 | @pytest.mark.backends("hg", "git") |
|
81 | 66 | def test_commits_filtered_by_branch(self, backend): |
|
82 | 67 | self.log_user() |
|
83 | 68 | self.app.get( |
|
84 | 69 | route_path('repo_commits', repo_name=backend.repo_name, |
|
85 | 70 | params=dict(branch=backend.default_branch_name)), |
|
86 | 71 | status=200) |
|
87 | 72 | |
|
88 | 73 | @pytest.mark.backends("svn") |
|
89 | 74 | def test_changelog_filtered_by_branch_svn(self, autologin_user, backend): |
|
90 | 75 | repo = backend['svn-simple-layout'] |
|
91 | 76 | response = self.app.get( |
|
92 | 77 | route_path('repo_changelog', repo_name=repo.repo_name, |
|
93 | 78 | params=dict(branch='trunk')), |
|
94 | 79 | status=200) |
|
95 | 80 | |
|
96 | 81 | assert_commits_on_page(response, indexes=[15, 12, 7, 3, 2, 1]) |
|
97 | 82 | |
|
98 | 83 | def test_commits_filtered_by_wrong_branch(self, backend): |
|
99 | 84 | self.log_user() |
|
100 | 85 | branch = 'wrong-branch-name' |
|
101 | 86 | response = self.app.get( |
|
102 | 87 | route_path('repo_commits', repo_name=backend.repo_name, |
|
103 | 88 | params=dict(branch=branch)), |
|
104 | 89 | status=302) |
|
105 | 90 | expected_url = '/{repo}/commits/{branch}'.format( |
|
106 | 91 | repo=backend.repo_name, branch=branch) |
|
107 | 92 | assert expected_url in response.location |
|
108 | 93 | response = response.follow() |
|
109 | 94 | expected_warning = f'Branch {branch} is not found.' |
|
110 | 95 | assert expected_warning in response.text |
|
111 | 96 | |
|
112 | 97 | @pytest.mark.xfail_backends("svn", reason="Depends on branch support") |
|
113 | 98 | def test_changelog_filtered_by_branch_with_merges(self, autologin_user, backend): |
|
114 | 99 | |
|
115 | 100 | # Note: The changelog of branch "b" does not contain the commit "a1" |
|
116 | 101 | # although this is a parent of commit "b1". And branch "b" has commits |
|
117 | 102 | # which have a smaller index than commit "a1". |
|
118 | 103 | commits = [ |
|
119 | 104 | {'message': 'a'}, |
|
120 | 105 | {'message': 'b', 'branch': 'b'}, |
|
121 | 106 | {'message': 'a1', 'parents': ['a']}, |
|
122 | 107 | {'message': 'b1', 'branch': 'b', 'parents': ['b', 'a1']}, |
|
123 | 108 | ] |
|
124 | 109 | backend.create_repo(commits) |
|
125 | 110 | |
|
126 | 111 | self.app.get( |
|
127 | 112 | route_path('repo_changelog', repo_name=backend.repo_name, |
|
128 | 113 | params=dict(branch='b')), |
|
129 | 114 | status=200) |
|
130 | 115 | |
|
131 | 116 | @pytest.mark.backends("hg") |
|
132 | 117 | def test_commits_closed_branches(self, autologin_user, backend): |
|
133 | 118 | repo = backend['closed_branch'] |
|
134 | 119 | response = self.app.get( |
|
135 | 120 | route_path('repo_commits', repo_name=repo.repo_name, |
|
136 | 121 | params=dict(branch='experimental')), |
|
137 | 122 | status=200) |
|
138 | 123 | |
|
139 | 124 | assert_commits_on_page(response, indexes=[3, 1]) |
|
140 | 125 | |
|
141 | 126 | def test_changelog_pagination(self, backend): |
|
142 | 127 | self.log_user() |
|
143 | 128 | # pagination, walk up to page 6 |
|
144 | 129 | changelog_url = route_path( |
|
145 | 130 | 'repo_commits', repo_name=backend.repo_name) |
|
146 | 131 | |
|
147 | 132 | for page in range(1, 7): |
|
148 | 133 | response = self.app.get(changelog_url, {'page': page}) |
|
149 | 134 | |
|
150 | 135 | first_idx = -DEFAULT_CHANGELOG_SIZE * (page - 1) - 1 |
|
151 | 136 | last_idx = -DEFAULT_CHANGELOG_SIZE * page |
|
152 | 137 | self.assert_commit_range_on_page(response, first_idx, last_idx, backend) |
|
153 | 138 | |
|
154 | 139 | def assert_commit_range_on_page( |
|
155 | 140 | self, response, first_idx, last_idx, backend): |
|
156 | 141 | input_template = ( |
|
157 | 142 | """<input class="commit-range" """ |
|
158 | 143 | """data-commit-id="%(raw_id)s" data-commit-idx="%(idx)s" """ |
|
159 | 144 | """data-short-id="%(short_id)s" id="%(raw_id)s" """ |
|
160 | 145 | """name="%(raw_id)s" type="checkbox" value="1" />""" |
|
161 | 146 | ) |
|
162 | 147 | |
|
163 | 148 | commit_span_template = """<span class="commit_hash">r%s:%s</span>""" |
|
164 | 149 | repo = backend.repo |
|
165 | 150 | |
|
166 | 151 | first_commit_on_page = repo.get_commit(commit_idx=first_idx) |
|
167 | 152 | response.mustcontain( |
|
168 | 153 | input_template % {'raw_id': first_commit_on_page.raw_id, |
|
169 | 154 | 'idx': first_commit_on_page.idx, |
|
170 | 155 | 'short_id': first_commit_on_page.short_id}) |
|
171 | 156 | |
|
172 | 157 | response.mustcontain(commit_span_template % ( |
|
173 | 158 | first_commit_on_page.idx, first_commit_on_page.short_id) |
|
174 | 159 | ) |
|
175 | 160 | |
|
176 | 161 | last_commit_on_page = repo.get_commit(commit_idx=last_idx) |
|
177 | 162 | response.mustcontain( |
|
178 | 163 | input_template % {'raw_id': last_commit_on_page.raw_id, |
|
179 | 164 | 'idx': last_commit_on_page.idx, |
|
180 | 165 | 'short_id': last_commit_on_page.short_id}) |
|
181 | 166 | response.mustcontain(commit_span_template % ( |
|
182 | 167 | last_commit_on_page.idx, last_commit_on_page.short_id) |
|
183 | 168 | ) |
|
184 | 169 | |
|
185 | 170 | first_commit_of_next_page = repo.get_commit(commit_idx=last_idx - 1) |
|
186 | 171 | first_span_of_next_page = commit_span_template % ( |
|
187 | 172 | first_commit_of_next_page.idx, first_commit_of_next_page.short_id) |
|
188 | 173 | assert first_span_of_next_page not in response |
|
189 | 174 | |
|
190 | 175 | @pytest.mark.parametrize('test_path', [ |
|
191 | 176 | 'vcs/exceptions.py', |
|
192 | 177 | '/vcs/exceptions.py', |
|
193 | 178 | '//vcs/exceptions.py' |
|
194 | 179 | ]) |
|
195 | 180 | def test_commits_with_filenode(self, backend, test_path): |
|
196 | 181 | self.log_user() |
|
197 | 182 | response = self.app.get( |
|
198 | 183 | route_path('repo_commits_file', repo_name=backend.repo_name, |
|
199 | 184 | commit_id='tip', f_path=test_path), |
|
200 | 185 | ) |
|
201 | 186 | |
|
202 | 187 | # history commits messages |
|
203 | 188 | response.mustcontain('Added exceptions module, this time for real') |
|
204 | 189 | response.mustcontain('Added not implemented hg backend test case') |
|
205 | 190 | response.mustcontain('Added BaseChangeset class') |
|
206 | 191 | |
|
207 | 192 | def test_commits_with_filenode_that_is_dirnode(self, backend): |
|
208 | 193 | self.log_user() |
|
209 | 194 | self.app.get( |
|
210 | 195 | route_path('repo_commits_file', repo_name=backend.repo_name, |
|
211 | 196 | commit_id='tip', f_path='/tests'), |
|
212 | 197 | status=302) |
|
213 | 198 | |
|
214 | 199 | def test_commits_with_filenode_not_existing(self, backend): |
|
215 | 200 | self.log_user() |
|
216 | 201 | self.app.get( |
|
217 | 202 | route_path('repo_commits_file', repo_name=backend.repo_name, |
|
218 | 203 | commit_id='tip', f_path='wrong_path'), |
|
219 | 204 | status=302) |
@@ -1,494 +1,477 b'' | |||
|
1 | 1 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
2 | 2 | # |
|
3 | 3 | # This program is free software: you can redistribute it and/or modify |
|
4 | 4 | # it under the terms of the GNU Affero General Public License, version 3 |
|
5 | 5 | # (only), as published by the Free Software Foundation. |
|
6 | 6 | # |
|
7 | 7 | # This program is distributed in the hope that it will be useful, |
|
8 | 8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9 | 9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
10 | 10 | # GNU General Public License for more details. |
|
11 | 11 | # |
|
12 | 12 | # You should have received a copy of the GNU Affero General Public License |
|
13 | 13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
14 | 14 | # |
|
15 | 15 | # This program is dual-licensed. If you wish to learn more about the |
|
16 | 16 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
17 | 17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
18 | 18 | |
|
19 | 19 | import pytest |
|
20 | 20 | |
|
21 | 21 | from rhodecode.tests import TestController |
|
22 | ||
|
22 | from rhodecode.tests.routes import route_path | |
|
23 | 23 | from rhodecode.model.db import ChangesetComment, Notification |
|
24 | 24 | from rhodecode.model.meta import Session |
|
25 | 25 | from rhodecode.lib import helpers as h |
|
26 | 26 | |
|
27 | 27 | |
|
28 | def route_path(name, params=None, **kwargs): | |
|
29 | import urllib.request | |
|
30 | import urllib.parse | |
|
31 | import urllib.error | |
|
32 | ||
|
33 | base_url = { | |
|
34 | 'repo_commit': '/{repo_name}/changeset/{commit_id}', | |
|
35 | 'repo_commit_comment_create': '/{repo_name}/changeset/{commit_id}/comment/create', | |
|
36 | 'repo_commit_comment_preview': '/{repo_name}/changeset/{commit_id}/comment/preview', | |
|
37 | 'repo_commit_comment_delete': '/{repo_name}/changeset/{commit_id}/comment/{comment_id}/delete', | |
|
38 | 'repo_commit_comment_edit': '/{repo_name}/changeset/{commit_id}/comment/{comment_id}/edit', | |
|
39 | }[name].format(**kwargs) | |
|
40 | ||
|
41 | if params: | |
|
42 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
43 | return base_url | |
|
44 | ||
|
45 | 28 | |
|
46 | 29 | @pytest.mark.backends("git", "hg", "svn") |
|
47 | 30 | class TestRepoCommitCommentsView(TestController): |
|
48 | 31 | |
|
49 | 32 | @pytest.fixture(autouse=True) |
|
50 | 33 | def prepare(self, request, baseapp): |
|
51 | 34 | for x in ChangesetComment.query().all(): |
|
52 | 35 | Session().delete(x) |
|
53 | 36 | Session().commit() |
|
54 | 37 | |
|
55 | 38 | for x in Notification.query().all(): |
|
56 | 39 | Session().delete(x) |
|
57 | 40 | Session().commit() |
|
58 | 41 | |
|
59 | 42 | request.addfinalizer(self.cleanup) |
|
60 | 43 | |
|
61 | 44 | def cleanup(self): |
|
62 | 45 | for x in ChangesetComment.query().all(): |
|
63 | 46 | Session().delete(x) |
|
64 | 47 | Session().commit() |
|
65 | 48 | |
|
66 | 49 | for x in Notification.query().all(): |
|
67 | 50 | Session().delete(x) |
|
68 | 51 | Session().commit() |
|
69 | 52 | |
|
70 | 53 | @pytest.mark.parametrize('comment_type', ChangesetComment.COMMENT_TYPES) |
|
71 | 54 | def test_create(self, comment_type, backend): |
|
72 | 55 | self.log_user() |
|
73 | 56 | commit = backend.repo.get_commit('300') |
|
74 | 57 | commit_id = commit.raw_id |
|
75 | 58 | text = 'CommentOnCommit' |
|
76 | 59 | |
|
77 | 60 | params = {'text': text, 'csrf_token': self.csrf_token, |
|
78 | 61 | 'comment_type': comment_type} |
|
79 | 62 | self.app.post( |
|
80 | 63 | route_path('repo_commit_comment_create', |
|
81 | 64 | repo_name=backend.repo_name, commit_id=commit_id), |
|
82 | 65 | params=params) |
|
83 | 66 | |
|
84 | 67 | response = self.app.get( |
|
85 | 68 | route_path('repo_commit', |
|
86 | 69 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
87 | 70 | |
|
88 | 71 | # test DB |
|
89 | 72 | assert ChangesetComment.query().count() == 1 |
|
90 | 73 | assert_comment_links(response, ChangesetComment.query().count(), 0) |
|
91 | 74 | |
|
92 | 75 | assert Notification.query().count() == 1 |
|
93 | 76 | assert ChangesetComment.query().count() == 1 |
|
94 | 77 | |
|
95 | 78 | notification = Notification.query().all()[0] |
|
96 | 79 | |
|
97 | 80 | comment_id = ChangesetComment.query().first().comment_id |
|
98 | 81 | assert notification.type_ == Notification.TYPE_CHANGESET_COMMENT |
|
99 | 82 | |
|
100 | 83 | author = notification.created_by_user.username_and_name |
|
101 | 84 | sbj = '@{0} left a {1} on commit `{2}` in the `{3}` repository'.format( |
|
102 | 85 | author, comment_type, h.show_id(commit), backend.repo_name) |
|
103 | 86 | assert sbj == notification.subject |
|
104 | 87 | |
|
105 | 88 | lnk = ('/{0}/changeset/{1}#comment-{2}'.format( |
|
106 | 89 | backend.repo_name, commit_id, comment_id)) |
|
107 | 90 | assert lnk in notification.body |
|
108 | 91 | |
|
109 | 92 | @pytest.mark.parametrize('comment_type', ChangesetComment.COMMENT_TYPES) |
|
110 | 93 | def test_create_inline(self, comment_type, backend): |
|
111 | 94 | self.log_user() |
|
112 | 95 | commit = backend.repo.get_commit('300') |
|
113 | 96 | commit_id = commit.raw_id |
|
114 | 97 | text = 'CommentOnCommit' |
|
115 | 98 | f_path = 'vcs/web/simplevcs/views/repository.py' |
|
116 | 99 | line = 'n1' |
|
117 | 100 | |
|
118 | 101 | params = {'text': text, 'f_path': f_path, 'line': line, |
|
119 | 102 | 'comment_type': comment_type, |
|
120 | 103 | 'csrf_token': self.csrf_token} |
|
121 | 104 | |
|
122 | 105 | self.app.post( |
|
123 | 106 | route_path('repo_commit_comment_create', |
|
124 | 107 | repo_name=backend.repo_name, commit_id=commit_id), |
|
125 | 108 | params=params) |
|
126 | 109 | |
|
127 | 110 | response = self.app.get( |
|
128 | 111 | route_path('repo_commit', |
|
129 | 112 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
130 | 113 | |
|
131 | 114 | # test DB |
|
132 | 115 | assert ChangesetComment.query().count() == 1 |
|
133 | 116 | assert_comment_links(response, 0, ChangesetComment.query().count()) |
|
134 | 117 | |
|
135 | 118 | if backend.alias == 'svn': |
|
136 | 119 | response.mustcontain( |
|
137 | 120 | '''data-f-path="vcs/commands/summary.py" ''' |
|
138 | 121 | '''data-anchor-id="c-300-ad05457a43f8"''' |
|
139 | 122 | ) |
|
140 | 123 | if backend.alias == 'git': |
|
141 | 124 | response.mustcontain( |
|
142 | 125 | '''data-f-path="vcs/backends/hg.py" ''' |
|
143 | 126 | '''data-anchor-id="c-883e775e89ea-9c390eb52cd6"''' |
|
144 | 127 | ) |
|
145 | 128 | |
|
146 | 129 | if backend.alias == 'hg': |
|
147 | 130 | response.mustcontain( |
|
148 | 131 | '''data-f-path="vcs/backends/hg.py" ''' |
|
149 | 132 | '''data-anchor-id="c-e58d85a3973b-9c390eb52cd6"''' |
|
150 | 133 | ) |
|
151 | 134 | |
|
152 | 135 | assert Notification.query().count() == 1 |
|
153 | 136 | assert ChangesetComment.query().count() == 1 |
|
154 | 137 | |
|
155 | 138 | notification = Notification.query().all()[0] |
|
156 | 139 | comment = ChangesetComment.query().first() |
|
157 | 140 | assert notification.type_ == Notification.TYPE_CHANGESET_COMMENT |
|
158 | 141 | |
|
159 | 142 | assert comment.revision == commit_id |
|
160 | 143 | |
|
161 | 144 | author = notification.created_by_user.username_and_name |
|
162 | 145 | sbj = '@{0} left a {1} on file `{2}` in commit `{3}` in the `{4}` repository'.format( |
|
163 | 146 | author, comment_type, f_path, h.show_id(commit), backend.repo_name) |
|
164 | 147 | |
|
165 | 148 | assert sbj == notification.subject |
|
166 | 149 | |
|
167 | 150 | lnk = ('/{0}/changeset/{1}#comment-{2}'.format( |
|
168 | 151 | backend.repo_name, commit_id, comment.comment_id)) |
|
169 | 152 | assert lnk in notification.body |
|
170 | 153 | assert 'on line n1' in notification.body |
|
171 | 154 | |
|
172 | 155 | def test_create_with_mention(self, backend): |
|
173 | 156 | self.log_user() |
|
174 | 157 | |
|
175 | 158 | commit_id = backend.repo.get_commit('300').raw_id |
|
176 | 159 | text = '@test_regular check CommentOnCommit' |
|
177 | 160 | |
|
178 | 161 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
179 | 162 | self.app.post( |
|
180 | 163 | route_path('repo_commit_comment_create', |
|
181 | 164 | repo_name=backend.repo_name, commit_id=commit_id), |
|
182 | 165 | params=params) |
|
183 | 166 | |
|
184 | 167 | response = self.app.get( |
|
185 | 168 | route_path('repo_commit', |
|
186 | 169 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
187 | 170 | # test DB |
|
188 | 171 | assert ChangesetComment.query().count() == 1 |
|
189 | 172 | assert_comment_links(response, ChangesetComment.query().count(), 0) |
|
190 | 173 | |
|
191 | 174 | notification = Notification.query().one() |
|
192 | 175 | |
|
193 | 176 | assert len(notification.recipients) == 2 |
|
194 | 177 | users = [x.username for x in notification.recipients] |
|
195 | 178 | |
|
196 | 179 | # test_regular gets notification by @mention |
|
197 | 180 | assert sorted(users) == ['test_admin', 'test_regular'] |
|
198 | 181 | |
|
199 | 182 | def test_create_with_status_change(self, backend): |
|
200 | 183 | self.log_user() |
|
201 | 184 | commit = backend.repo.get_commit('300') |
|
202 | 185 | commit_id = commit.raw_id |
|
203 | 186 | text = 'CommentOnCommit' |
|
204 | 187 | f_path = 'vcs/web/simplevcs/views/repository.py' |
|
205 | 188 | line = 'n1' |
|
206 | 189 | |
|
207 | 190 | params = {'text': text, 'changeset_status': 'approved', |
|
208 | 191 | 'csrf_token': self.csrf_token} |
|
209 | 192 | |
|
210 | 193 | self.app.post( |
|
211 | 194 | route_path( |
|
212 | 195 | 'repo_commit_comment_create', |
|
213 | 196 | repo_name=backend.repo_name, commit_id=commit_id), |
|
214 | 197 | params=params) |
|
215 | 198 | |
|
216 | 199 | response = self.app.get( |
|
217 | 200 | route_path('repo_commit', |
|
218 | 201 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
219 | 202 | |
|
220 | 203 | # test DB |
|
221 | 204 | assert ChangesetComment.query().count() == 1 |
|
222 | 205 | assert_comment_links(response, ChangesetComment.query().count(), 0) |
|
223 | 206 | |
|
224 | 207 | assert Notification.query().count() == 1 |
|
225 | 208 | assert ChangesetComment.query().count() == 1 |
|
226 | 209 | |
|
227 | 210 | notification = Notification.query().all()[0] |
|
228 | 211 | |
|
229 | 212 | comment_id = ChangesetComment.query().first().comment_id |
|
230 | 213 | assert notification.type_ == Notification.TYPE_CHANGESET_COMMENT |
|
231 | 214 | |
|
232 | 215 | author = notification.created_by_user.username_and_name |
|
233 | 216 | sbj = '[status: Approved] @{0} left a note on commit `{1}` in the `{2}` repository'.format( |
|
234 | 217 | author, h.show_id(commit), backend.repo_name) |
|
235 | 218 | assert sbj == notification.subject |
|
236 | 219 | |
|
237 | 220 | lnk = ('/{0}/changeset/{1}#comment-{2}'.format( |
|
238 | 221 | backend.repo_name, commit_id, comment_id)) |
|
239 | 222 | assert lnk in notification.body |
|
240 | 223 | |
|
241 | 224 | def test_delete(self, backend): |
|
242 | 225 | self.log_user() |
|
243 | 226 | commit_id = backend.repo.get_commit('300').raw_id |
|
244 | 227 | text = 'CommentOnCommit' |
|
245 | 228 | |
|
246 | 229 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
247 | 230 | self.app.post( |
|
248 | 231 | route_path( |
|
249 | 232 | 'repo_commit_comment_create', |
|
250 | 233 | repo_name=backend.repo_name, commit_id=commit_id), |
|
251 | 234 | params=params) |
|
252 | 235 | |
|
253 | 236 | comments = ChangesetComment.query().all() |
|
254 | 237 | assert len(comments) == 1 |
|
255 | 238 | comment_id = comments[0].comment_id |
|
256 | 239 | |
|
257 | 240 | self.app.post( |
|
258 | 241 | route_path('repo_commit_comment_delete', |
|
259 | 242 | repo_name=backend.repo_name, |
|
260 | 243 | commit_id=commit_id, |
|
261 | 244 | comment_id=comment_id), |
|
262 | 245 | params={'csrf_token': self.csrf_token}) |
|
263 | 246 | |
|
264 | 247 | comments = ChangesetComment.query().all() |
|
265 | 248 | assert len(comments) == 0 |
|
266 | 249 | |
|
267 | 250 | response = self.app.get( |
|
268 | 251 | route_path('repo_commit', |
|
269 | 252 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
270 | 253 | assert_comment_links(response, 0, 0) |
|
271 | 254 | |
|
272 | 255 | def test_edit(self, backend): |
|
273 | 256 | self.log_user() |
|
274 | 257 | commit_id = backend.repo.get_commit('300').raw_id |
|
275 | 258 | text = 'CommentOnCommit' |
|
276 | 259 | |
|
277 | 260 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
278 | 261 | self.app.post( |
|
279 | 262 | route_path( |
|
280 | 263 | 'repo_commit_comment_create', |
|
281 | 264 | repo_name=backend.repo_name, commit_id=commit_id), |
|
282 | 265 | params=params) |
|
283 | 266 | |
|
284 | 267 | comments = ChangesetComment.query().all() |
|
285 | 268 | assert len(comments) == 1 |
|
286 | 269 | comment_id = comments[0].comment_id |
|
287 | 270 | test_text = 'test_text' |
|
288 | 271 | self.app.post( |
|
289 | 272 | route_path( |
|
290 | 273 | 'repo_commit_comment_edit', |
|
291 | 274 | repo_name=backend.repo_name, |
|
292 | 275 | commit_id=commit_id, |
|
293 | 276 | comment_id=comment_id, |
|
294 | 277 | ), |
|
295 | 278 | params={ |
|
296 | 279 | 'csrf_token': self.csrf_token, |
|
297 | 280 | 'text': test_text, |
|
298 | 281 | 'version': '0', |
|
299 | 282 | }) |
|
300 | 283 | |
|
301 | 284 | text_form_db = ChangesetComment.query().filter( |
|
302 | 285 | ChangesetComment.comment_id == comment_id).first().text |
|
303 | 286 | assert test_text == text_form_db |
|
304 | 287 | |
|
305 | 288 | def test_edit_without_change(self, backend): |
|
306 | 289 | self.log_user() |
|
307 | 290 | commit_id = backend.repo.get_commit('300').raw_id |
|
308 | 291 | text = 'CommentOnCommit' |
|
309 | 292 | |
|
310 | 293 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
311 | 294 | self.app.post( |
|
312 | 295 | route_path( |
|
313 | 296 | 'repo_commit_comment_create', |
|
314 | 297 | repo_name=backend.repo_name, commit_id=commit_id), |
|
315 | 298 | params=params) |
|
316 | 299 | |
|
317 | 300 | comments = ChangesetComment.query().all() |
|
318 | 301 | assert len(comments) == 1 |
|
319 | 302 | comment_id = comments[0].comment_id |
|
320 | 303 | |
|
321 | 304 | response = self.app.post( |
|
322 | 305 | route_path( |
|
323 | 306 | 'repo_commit_comment_edit', |
|
324 | 307 | repo_name=backend.repo_name, |
|
325 | 308 | commit_id=commit_id, |
|
326 | 309 | comment_id=comment_id, |
|
327 | 310 | ), |
|
328 | 311 | params={ |
|
329 | 312 | 'csrf_token': self.csrf_token, |
|
330 | 313 | 'text': text, |
|
331 | 314 | 'version': '0', |
|
332 | 315 | }, |
|
333 | 316 | status=404, |
|
334 | 317 | ) |
|
335 | 318 | assert response.status_int == 404 |
|
336 | 319 | |
|
337 | 320 | def test_edit_try_edit_already_edited(self, backend): |
|
338 | 321 | self.log_user() |
|
339 | 322 | commit_id = backend.repo.get_commit('300').raw_id |
|
340 | 323 | text = 'CommentOnCommit' |
|
341 | 324 | |
|
342 | 325 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
343 | 326 | self.app.post( |
|
344 | 327 | route_path( |
|
345 | 328 | 'repo_commit_comment_create', |
|
346 | 329 | repo_name=backend.repo_name, commit_id=commit_id |
|
347 | 330 | ), |
|
348 | 331 | params=params, |
|
349 | 332 | ) |
|
350 | 333 | |
|
351 | 334 | comments = ChangesetComment.query().all() |
|
352 | 335 | assert len(comments) == 1 |
|
353 | 336 | comment_id = comments[0].comment_id |
|
354 | 337 | test_text = 'test_text' |
|
355 | 338 | self.app.post( |
|
356 | 339 | route_path( |
|
357 | 340 | 'repo_commit_comment_edit', |
|
358 | 341 | repo_name=backend.repo_name, |
|
359 | 342 | commit_id=commit_id, |
|
360 | 343 | comment_id=comment_id, |
|
361 | 344 | ), |
|
362 | 345 | params={ |
|
363 | 346 | 'csrf_token': self.csrf_token, |
|
364 | 347 | 'text': test_text, |
|
365 | 348 | 'version': '0', |
|
366 | 349 | } |
|
367 | 350 | ) |
|
368 | 351 | test_text_v2 = 'test_v2' |
|
369 | 352 | response = self.app.post( |
|
370 | 353 | route_path( |
|
371 | 354 | 'repo_commit_comment_edit', |
|
372 | 355 | repo_name=backend.repo_name, |
|
373 | 356 | commit_id=commit_id, |
|
374 | 357 | comment_id=comment_id, |
|
375 | 358 | ), |
|
376 | 359 | params={ |
|
377 | 360 | 'csrf_token': self.csrf_token, |
|
378 | 361 | 'text': test_text_v2, |
|
379 | 362 | 'version': '0', |
|
380 | 363 | }, |
|
381 | 364 | status=409, |
|
382 | 365 | ) |
|
383 | 366 | assert response.status_int == 409 |
|
384 | 367 | |
|
385 | 368 | text_form_db = ChangesetComment.query().filter( |
|
386 | 369 | ChangesetComment.comment_id == comment_id).first().text |
|
387 | 370 | |
|
388 | 371 | assert test_text == text_form_db |
|
389 | 372 | assert test_text_v2 != text_form_db |
|
390 | 373 | |
|
391 | 374 | def test_edit_forbidden_for_immutable_comments(self, backend): |
|
392 | 375 | self.log_user() |
|
393 | 376 | commit_id = backend.repo.get_commit('300').raw_id |
|
394 | 377 | text = 'CommentOnCommit' |
|
395 | 378 | |
|
396 | 379 | params = {'text': text, 'csrf_token': self.csrf_token, 'version': '0'} |
|
397 | 380 | self.app.post( |
|
398 | 381 | route_path( |
|
399 | 382 | 'repo_commit_comment_create', |
|
400 | 383 | repo_name=backend.repo_name, |
|
401 | 384 | commit_id=commit_id, |
|
402 | 385 | ), |
|
403 | 386 | params=params |
|
404 | 387 | ) |
|
405 | 388 | |
|
406 | 389 | comments = ChangesetComment.query().all() |
|
407 | 390 | assert len(comments) == 1 |
|
408 | 391 | comment_id = comments[0].comment_id |
|
409 | 392 | |
|
410 | 393 | comment = ChangesetComment.get(comment_id) |
|
411 | 394 | comment.immutable_state = ChangesetComment.OP_IMMUTABLE |
|
412 | 395 | Session().add(comment) |
|
413 | 396 | Session().commit() |
|
414 | 397 | |
|
415 | 398 | response = self.app.post( |
|
416 | 399 | route_path( |
|
417 | 400 | 'repo_commit_comment_edit', |
|
418 | 401 | repo_name=backend.repo_name, |
|
419 | 402 | commit_id=commit_id, |
|
420 | 403 | comment_id=comment_id, |
|
421 | 404 | ), |
|
422 | 405 | params={ |
|
423 | 406 | 'csrf_token': self.csrf_token, |
|
424 | 407 | 'text': 'test_text', |
|
425 | 408 | }, |
|
426 | 409 | status=403, |
|
427 | 410 | ) |
|
428 | 411 | assert response.status_int == 403 |
|
429 | 412 | |
|
430 | 413 | def test_delete_forbidden_for_immutable_comments(self, backend): |
|
431 | 414 | self.log_user() |
|
432 | 415 | commit_id = backend.repo.get_commit('300').raw_id |
|
433 | 416 | text = 'CommentOnCommit' |
|
434 | 417 | |
|
435 | 418 | params = {'text': text, 'csrf_token': self.csrf_token} |
|
436 | 419 | self.app.post( |
|
437 | 420 | route_path( |
|
438 | 421 | 'repo_commit_comment_create', |
|
439 | 422 | repo_name=backend.repo_name, commit_id=commit_id), |
|
440 | 423 | params=params) |
|
441 | 424 | |
|
442 | 425 | comments = ChangesetComment.query().all() |
|
443 | 426 | assert len(comments) == 1 |
|
444 | 427 | comment_id = comments[0].comment_id |
|
445 | 428 | |
|
446 | 429 | comment = ChangesetComment.get(comment_id) |
|
447 | 430 | comment.immutable_state = ChangesetComment.OP_IMMUTABLE |
|
448 | 431 | Session().add(comment) |
|
449 | 432 | Session().commit() |
|
450 | 433 | |
|
451 | 434 | self.app.post( |
|
452 | 435 | route_path('repo_commit_comment_delete', |
|
453 | 436 | repo_name=backend.repo_name, |
|
454 | 437 | commit_id=commit_id, |
|
455 | 438 | comment_id=comment_id), |
|
456 | 439 | params={'csrf_token': self.csrf_token}, |
|
457 | 440 | status=403) |
|
458 | 441 | |
|
459 | 442 | @pytest.mark.parametrize('renderer, text_input, output', [ |
|
460 | 443 | ('rst', 'plain text', '<p>plain text</p>'), |
|
461 | 444 | ('rst', 'header\n======', '<h1 class="title">header</h1>'), |
|
462 | 445 | ('rst', '*italics*', '<em>italics</em>'), |
|
463 | 446 | ('rst', '**bold**', '<strong>bold</strong>'), |
|
464 | 447 | ('markdown', 'plain text', '<p>plain text</p>'), |
|
465 | 448 | ('markdown', '# header', '<h1>header</h1>'), |
|
466 | 449 | ('markdown', '*italics*', '<em>italics</em>'), |
|
467 | 450 | ('markdown', '**bold**', '<strong>bold</strong>'), |
|
468 | 451 | ], ids=['rst-plain', 'rst-header', 'rst-italics', 'rst-bold', 'md-plain', |
|
469 | 452 | 'md-header', 'md-italics', 'md-bold', ]) |
|
470 | 453 | def test_preview(self, renderer, text_input, output, backend, xhr_header): |
|
471 | 454 | self.log_user() |
|
472 | 455 | params = { |
|
473 | 456 | 'renderer': renderer, |
|
474 | 457 | 'text': text_input, |
|
475 | 458 | 'csrf_token': self.csrf_token |
|
476 | 459 | } |
|
477 | 460 | commit_id = '0' * 16 # fake this for tests |
|
478 | 461 | response = self.app.post( |
|
479 | 462 | route_path('repo_commit_comment_preview', |
|
480 | 463 | repo_name=backend.repo_name, commit_id=commit_id,), |
|
481 | 464 | params=params, |
|
482 | 465 | extra_environ=xhr_header) |
|
483 | 466 | |
|
484 | 467 | response.mustcontain(output) |
|
485 | 468 | |
|
486 | 469 | |
|
487 | 470 | def assert_comment_links(response, comments, inline_comments): |
|
488 | 471 | response.mustcontain( |
|
489 | 472 | '<span class="display-none" id="general-comments-count">{}</span>'.format(comments)) |
|
490 | 473 | response.mustcontain( |
|
491 | 474 | '<span class="display-none" id="inline-comments-count">{}</span>'.format(inline_comments)) |
|
492 | 475 | |
|
493 | 476 | |
|
494 | 477 |
@@ -1,336 +1,316 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.apps.repository.tests.test_repo_compare import ComparePage |
|
23 | 23 | from rhodecode.lib.helpers import _shorten_commit_id |
|
24 | ||
|
25 | ||
|
26 | def route_path(name, params=None, **kwargs): | |
|
27 | import urllib.request | |
|
28 | import urllib.parse | |
|
29 | import urllib.error | |
|
30 | ||
|
31 | base_url = { | |
|
32 | 'repo_commit': '/{repo_name}/changeset/{commit_id}', | |
|
33 | 'repo_commit_children': '/{repo_name}/changeset_children/{commit_id}', | |
|
34 | 'repo_commit_parents': '/{repo_name}/changeset_parents/{commit_id}', | |
|
35 | 'repo_commit_raw': '/{repo_name}/changeset-diff/{commit_id}', | |
|
36 | 'repo_commit_patch': '/{repo_name}/changeset-patch/{commit_id}', | |
|
37 | 'repo_commit_download': '/{repo_name}/changeset-download/{commit_id}', | |
|
38 | 'repo_commit_data': '/{repo_name}/changeset-data/{commit_id}', | |
|
39 | 'repo_compare': '/{repo_name}/compare/{source_ref_type}@{source_ref}...{target_ref_type}@{target_ref}', | |
|
40 | }[name].format(**kwargs) | |
|
41 | ||
|
42 | if params: | |
|
43 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
44 | return base_url | |
|
24 | from rhodecode.tests.routes import route_path | |
|
45 | 25 | |
|
46 | 26 | |
|
47 | 27 | @pytest.mark.usefixtures("app") |
|
48 | 28 | class TestRepoCommitView(object): |
|
49 | 29 | |
|
50 | 30 | def test_show_commit(self, backend): |
|
51 | 31 | commit_id = self.commit_id[backend.alias] |
|
52 | 32 | response = self.app.get(route_path( |
|
53 | 33 | 'repo_commit', repo_name=backend.repo_name, commit_id=commit_id)) |
|
54 | 34 | response.mustcontain('Added a symlink') |
|
55 | 35 | response.mustcontain(commit_id) |
|
56 | 36 | response.mustcontain('No newline at end of file') |
|
57 | 37 | |
|
58 | 38 | def test_show_raw(self, backend): |
|
59 | 39 | commit_id = self.commit_id[backend.alias] |
|
60 | 40 | # webtest uses linter to check if response is bytes, |
|
61 | 41 | # and we use memoryview here as a wrapper, quick turn-off |
|
62 | 42 | self.app.lint = False |
|
63 | 43 | |
|
64 | 44 | response = self.app.get(route_path( |
|
65 | 45 | 'repo_commit_raw', |
|
66 | 46 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
67 | 47 | assert response.body == self.diffs[backend.alias] |
|
68 | 48 | |
|
69 | 49 | def test_show_raw_patch(self, backend): |
|
70 | 50 | response = self.app.get(route_path( |
|
71 | 51 | 'repo_commit_patch', repo_name=backend.repo_name, |
|
72 | 52 | commit_id=self.commit_id[backend.alias])) |
|
73 | 53 | assert response.body == self.patches[backend.alias] |
|
74 | 54 | |
|
75 | 55 | def test_commit_download(self, backend): |
|
76 | 56 | # webtest uses linter to check if response is bytes, |
|
77 | 57 | # and we use memoryview here as a wrapper, quick turn-off |
|
78 | 58 | self.app.lint = False |
|
79 | 59 | |
|
80 | 60 | response = self.app.get(route_path( |
|
81 | 61 | 'repo_commit_download', |
|
82 | 62 | repo_name=backend.repo_name, |
|
83 | 63 | commit_id=self.commit_id[backend.alias])) |
|
84 | 64 | assert response.body == self.diffs[backend.alias] |
|
85 | 65 | |
|
86 | 66 | def test_single_commit_page_different_ops(self, backend): |
|
87 | 67 | commit_id = { |
|
88 | 68 | 'hg': '603d6c72c46d953420c89d36372f08d9f305f5dd', |
|
89 | 69 | 'git': '03fa803d7e9fb14daa9a3089e0d1494eda75d986', |
|
90 | 70 | 'svn': '337', |
|
91 | 71 | } |
|
92 | 72 | diff_stat = { |
|
93 | 73 | 'hg': (21, 943, 288), |
|
94 | 74 | 'git': (20, 941, 286), |
|
95 | 75 | 'svn': (21, 943, 288), |
|
96 | 76 | } |
|
97 | 77 | |
|
98 | 78 | commit_id = commit_id[backend.alias] |
|
99 | 79 | response = self.app.get(route_path( |
|
100 | 80 | 'repo_commit', |
|
101 | 81 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
102 | 82 | |
|
103 | 83 | response.mustcontain(_shorten_commit_id(commit_id)) |
|
104 | 84 | |
|
105 | 85 | compare_page = ComparePage(response) |
|
106 | 86 | file_changes = diff_stat[backend.alias] |
|
107 | 87 | compare_page.contains_change_summary(*file_changes) |
|
108 | 88 | |
|
109 | 89 | # files op files |
|
110 | 90 | response.mustcontain('File not present at commit: %s' % |
|
111 | 91 | _shorten_commit_id(commit_id)) |
|
112 | 92 | |
|
113 | 93 | # svn uses a different filename |
|
114 | 94 | if backend.alias == 'svn': |
|
115 | 95 | response.mustcontain('new file 10644') |
|
116 | 96 | else: |
|
117 | 97 | response.mustcontain('new file 100644') |
|
118 | 98 | response.mustcontain('Changed theme to ADC theme') # commit msg |
|
119 | 99 | |
|
120 | 100 | self._check_new_diff_menus(response, right_menu=True) |
|
121 | 101 | |
|
122 | 102 | def test_commit_range_page_different_ops(self, backend): |
|
123 | 103 | commit_id_range = { |
|
124 | 104 | 'hg': ( |
|
125 | 105 | '25d7e49c18b159446cadfa506a5cf8ad1cb04067', |
|
126 | 106 | '603d6c72c46d953420c89d36372f08d9f305f5dd'), |
|
127 | 107 | 'git': ( |
|
128 | 108 | '6fc9270775aaf5544c1deb014f4ddd60c952fcbb', |
|
129 | 109 | '03fa803d7e9fb14daa9a3089e0d1494eda75d986'), |
|
130 | 110 | 'svn': ( |
|
131 | 111 | '335', |
|
132 | 112 | '337'), |
|
133 | 113 | } |
|
134 | 114 | commit_ids = commit_id_range[backend.alias] |
|
135 | 115 | commit_id = '%s...%s' % (commit_ids[0], commit_ids[1]) |
|
136 | 116 | response = self.app.get(route_path( |
|
137 | 117 | 'repo_commit', |
|
138 | 118 | repo_name=backend.repo_name, commit_id=commit_id)) |
|
139 | 119 | |
|
140 | 120 | response.mustcontain(_shorten_commit_id(commit_ids[0])) |
|
141 | 121 | response.mustcontain(_shorten_commit_id(commit_ids[1])) |
|
142 | 122 | |
|
143 | 123 | compare_page = ComparePage(response) |
|
144 | 124 | |
|
145 | 125 | # svn is special |
|
146 | 126 | if backend.alias == 'svn': |
|
147 | 127 | response.mustcontain('new file 10644') |
|
148 | 128 | for file_changes in [(1, 5, 1), (12, 236, 22), (21, 943, 288)]: |
|
149 | 129 | compare_page.contains_change_summary(*file_changes) |
|
150 | 130 | elif backend.alias == 'git': |
|
151 | 131 | response.mustcontain('new file 100644') |
|
152 | 132 | for file_changes in [(12, 222, 20), (20, 941, 286)]: |
|
153 | 133 | compare_page.contains_change_summary(*file_changes) |
|
154 | 134 | else: |
|
155 | 135 | response.mustcontain('new file 100644') |
|
156 | 136 | for file_changes in [(12, 222, 20), (21, 943, 288)]: |
|
157 | 137 | compare_page.contains_change_summary(*file_changes) |
|
158 | 138 | |
|
159 | 139 | # files op files |
|
160 | 140 | response.mustcontain('File not present at commit: %s' % _shorten_commit_id(commit_ids[1])) |
|
161 | 141 | response.mustcontain('Added docstrings to vcs.cli') # commit msg |
|
162 | 142 | response.mustcontain('Changed theme to ADC theme') # commit msg |
|
163 | 143 | |
|
164 | 144 | self._check_new_diff_menus(response) |
|
165 | 145 | |
|
166 | 146 | def test_combined_compare_commit_page_different_ops(self, backend): |
|
167 | 147 | commit_id_range = { |
|
168 | 148 | 'hg': ( |
|
169 | 149 | '4fdd71e9427417b2e904e0464c634fdee85ec5a7', |
|
170 | 150 | '603d6c72c46d953420c89d36372f08d9f305f5dd'), |
|
171 | 151 | 'git': ( |
|
172 | 152 | 'f5fbf9cfd5f1f1be146f6d3b38bcd791a7480c13', |
|
173 | 153 | '03fa803d7e9fb14daa9a3089e0d1494eda75d986'), |
|
174 | 154 | 'svn': ( |
|
175 | 155 | '335', |
|
176 | 156 | '337'), |
|
177 | 157 | } |
|
178 | 158 | commit_ids = commit_id_range[backend.alias] |
|
179 | 159 | response = self.app.get(route_path( |
|
180 | 160 | 'repo_compare', |
|
181 | 161 | repo_name=backend.repo_name, |
|
182 | 162 | source_ref_type='rev', source_ref=commit_ids[0], |
|
183 | 163 | target_ref_type='rev', target_ref=commit_ids[1], )) |
|
184 | 164 | |
|
185 | 165 | response.mustcontain(_shorten_commit_id(commit_ids[0])) |
|
186 | 166 | response.mustcontain(_shorten_commit_id(commit_ids[1])) |
|
187 | 167 | |
|
188 | 168 | # files op files |
|
189 | 169 | response.mustcontain('File not present at commit: %s' % |
|
190 | 170 | _shorten_commit_id(commit_ids[1])) |
|
191 | 171 | |
|
192 | 172 | compare_page = ComparePage(response) |
|
193 | 173 | |
|
194 | 174 | # svn is special |
|
195 | 175 | if backend.alias == 'svn': |
|
196 | 176 | response.mustcontain('new file 10644') |
|
197 | 177 | file_changes = (32, 1179, 310) |
|
198 | 178 | compare_page.contains_change_summary(*file_changes) |
|
199 | 179 | elif backend.alias == 'git': |
|
200 | 180 | response.mustcontain('new file 100644') |
|
201 | 181 | file_changes = (31, 1163, 306) |
|
202 | 182 | compare_page.contains_change_summary(*file_changes) |
|
203 | 183 | else: |
|
204 | 184 | response.mustcontain('new file 100644') |
|
205 | 185 | file_changes = (32, 1165, 308) |
|
206 | 186 | compare_page.contains_change_summary(*file_changes) |
|
207 | 187 | |
|
208 | 188 | response.mustcontain('Added docstrings to vcs.cli') # commit msg |
|
209 | 189 | response.mustcontain('Changed theme to ADC theme') # commit msg |
|
210 | 190 | |
|
211 | 191 | self._check_new_diff_menus(response) |
|
212 | 192 | |
|
213 | 193 | def test_changeset_range(self, backend): |
|
214 | 194 | self._check_changeset_range( |
|
215 | 195 | backend, self.commit_id_range, self.commit_id_range_result) |
|
216 | 196 | |
|
217 | 197 | def test_changeset_range_with_initial_commit(self, backend): |
|
218 | 198 | commit_id_range = { |
|
219 | 199 | 'hg': ( |
|
220 | 200 | 'b986218ba1c9b0d6a259fac9b050b1724ed8e545' |
|
221 | 201 | '...6cba7170863a2411822803fa77a0a264f1310b35'), |
|
222 | 202 | 'git': ( |
|
223 | 203 | 'c1214f7e79e02fc37156ff215cd71275450cffc3' |
|
224 | 204 | '...fa6600f6848800641328adbf7811fd2372c02ab2'), |
|
225 | 205 | 'svn': '1...3', |
|
226 | 206 | } |
|
227 | 207 | commit_id_range_result = { |
|
228 | 208 | 'hg': ['b986218ba1c9', '3d8f361e72ab', '6cba7170863a'], |
|
229 | 209 | 'git': ['c1214f7e79e0', '38b5fe81f109', 'fa6600f68488'], |
|
230 | 210 | 'svn': ['1', '2', '3'], |
|
231 | 211 | } |
|
232 | 212 | self._check_changeset_range( |
|
233 | 213 | backend, commit_id_range, commit_id_range_result) |
|
234 | 214 | |
|
235 | 215 | def _check_changeset_range( |
|
236 | 216 | self, backend, commit_id_ranges, commit_id_range_result): |
|
237 | 217 | response = self.app.get( |
|
238 | 218 | route_path('repo_commit', |
|
239 | 219 | repo_name=backend.repo_name, |
|
240 | 220 | commit_id=commit_id_ranges[backend.alias])) |
|
241 | 221 | |
|
242 | 222 | expected_result = commit_id_range_result[backend.alias] |
|
243 | 223 | response.mustcontain('{} commits'.format(len(expected_result))) |
|
244 | 224 | for commit_id in expected_result: |
|
245 | 225 | response.mustcontain(commit_id) |
|
246 | 226 | |
|
247 | 227 | commit_id = { |
|
248 | 228 | 'hg': '2062ec7beeeaf9f44a1c25c41479565040b930b2', |
|
249 | 229 | 'svn': '393', |
|
250 | 230 | 'git': 'fd627b9e0dd80b47be81af07c4a98518244ed2f7', |
|
251 | 231 | } |
|
252 | 232 | |
|
253 | 233 | commit_id_range = { |
|
254 | 234 | 'hg': ( |
|
255 | 235 | 'a53d9201d4bc278910d416d94941b7ea007ecd52' |
|
256 | 236 | '...2062ec7beeeaf9f44a1c25c41479565040b930b2'), |
|
257 | 237 | 'git': ( |
|
258 | 238 | '7ab37bc680b4aa72c34d07b230c866c28e9fc204' |
|
259 | 239 | '...fd627b9e0dd80b47be81af07c4a98518244ed2f7'), |
|
260 | 240 | 'svn': '391...393', |
|
261 | 241 | } |
|
262 | 242 | |
|
263 | 243 | commit_id_range_result = { |
|
264 | 244 | 'hg': ['a53d9201d4bc', '96507bd11ecc', '2062ec7beeea'], |
|
265 | 245 | 'git': ['7ab37bc680b4', '5f2c6ee19592', 'fd627b9e0dd8'], |
|
266 | 246 | 'svn': ['391', '392', '393'], |
|
267 | 247 | } |
|
268 | 248 | |
|
269 | 249 | diffs = { |
|
270 | 250 | 'hg': br"""diff --git a/README b/README |
|
271 | 251 | new file mode 120000 |
|
272 | 252 | --- /dev/null |
|
273 | 253 | +++ b/README |
|
274 | 254 | @@ -0,0 +1,1 @@ |
|
275 | 255 | +README.rst |
|
276 | 256 | \ No newline at end of file |
|
277 | 257 | """, |
|
278 | 258 | 'git': br"""diff --git a/README b/README |
|
279 | 259 | new file mode 120000 |
|
280 | 260 | index 0000000..92cacd2 |
|
281 | 261 | --- /dev/null |
|
282 | 262 | +++ b/README |
|
283 | 263 | @@ -0,0 +1 @@ |
|
284 | 264 | +README.rst |
|
285 | 265 | \ No newline at end of file |
|
286 | 266 | """, |
|
287 | 267 | 'svn': b"""Index: README |
|
288 | 268 | =================================================================== |
|
289 | 269 | diff --git a/README b/README |
|
290 | 270 | new file mode 10644 |
|
291 | 271 | --- /dev/null\t(revision 0) |
|
292 | 272 | +++ b/README\t(revision 393) |
|
293 | 273 | @@ -0,0 +1 @@ |
|
294 | 274 | +link README.rst |
|
295 | 275 | \\ No newline at end of file |
|
296 | 276 | """, |
|
297 | 277 | } |
|
298 | 278 | |
|
299 | 279 | patches = { |
|
300 | 280 | 'hg': br"""# HG changeset patch |
|
301 | 281 | # User Marcin Kuzminski <marcin@python-works.com> |
|
302 | 282 | # Date 2014-01-07 12:21:40 |
|
303 | 283 | # Node ID 2062ec7beeeaf9f44a1c25c41479565040b930b2 |
|
304 | 284 | # Parent 96507bd11ecc815ebc6270fdf6db110928c09c1e |
|
305 | 285 | |
|
306 | 286 | Added a symlink |
|
307 | 287 | |
|
308 | 288 | """ + diffs['hg'], |
|
309 | 289 | 'git': br"""From fd627b9e0dd80b47be81af07c4a98518244ed2f7 2014-01-07 12:22:20 |
|
310 | 290 | From: Marcin Kuzminski <marcin@python-works.com> |
|
311 | 291 | Date: 2014-01-07 12:22:20 |
|
312 | 292 | Subject: [PATCH] Added a symlink |
|
313 | 293 | |
|
314 | 294 | --- |
|
315 | 295 | |
|
316 | 296 | """ + diffs['git'], |
|
317 | 297 | 'svn': br"""# SVN changeset patch |
|
318 | 298 | # User marcin |
|
319 | 299 | # Date 2014-09-02 12:25:22.071142 |
|
320 | 300 | # Revision 393 |
|
321 | 301 | |
|
322 | 302 | Added a symlink |
|
323 | 303 | |
|
324 | 304 | """ + diffs['svn'], |
|
325 | 305 | } |
|
326 | 306 | |
|
327 | 307 | def _check_new_diff_menus(self, response, right_menu=False,): |
|
328 | 308 | # individual file diff menus |
|
329 | 309 | for elem in ['Show file before', 'Show file after']: |
|
330 | 310 | response.mustcontain(elem) |
|
331 | 311 | |
|
332 | 312 | # right pane diff menus |
|
333 | 313 | if right_menu: |
|
334 | 314 | for elem in ['Hide whitespace changes', 'Toggle wide diff', |
|
335 | 315 | 'Show full context diff']: |
|
336 | 316 | response.mustcontain(elem) |
@@ -1,670 +1,656 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import mock |
|
21 | 21 | import pytest |
|
22 | 22 | import lxml.html |
|
23 | 23 | |
|
24 | 24 | from rhodecode.lib.vcs.exceptions import RepositoryRequirementError |
|
25 | 25 | from rhodecode.tests import assert_session_flash |
|
26 | 26 | from rhodecode.tests.utils import AssertResponse, commit_change |
|
27 | ||
|
28 | ||
|
29 | def route_path(name, params=None, **kwargs): | |
|
30 | import urllib.request | |
|
31 | import urllib.parse | |
|
32 | import urllib.error | |
|
33 | ||
|
34 | base_url = { | |
|
35 | 'repo_compare_select': '/{repo_name}/compare', | |
|
36 | 'repo_compare': '/{repo_name}/compare/{source_ref_type}@{source_ref}...{target_ref_type}@{target_ref}', | |
|
37 | }[name].format(**kwargs) | |
|
38 | ||
|
39 | if params: | |
|
40 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
41 | return base_url | |
|
27 | from rhodecode.tests.routes import route_path | |
|
42 | 28 | |
|
43 | 29 | |
|
44 | 30 | @pytest.mark.usefixtures("autologin_user", "app") |
|
45 | 31 | class TestCompareView(object): |
|
46 | 32 | |
|
47 | 33 | def test_compare_index_is_reached_at_least_once(self, backend): |
|
48 | 34 | repo = backend.repo |
|
49 | 35 | self.app.get( |
|
50 | 36 | route_path('repo_compare_select', repo_name=repo.repo_name)) |
|
51 | 37 | |
|
52 | 38 | @pytest.mark.xfail_backends("svn", reason="Requires pull") |
|
53 | 39 | def test_compare_remote_with_different_commit_indexes(self, backend): |
|
54 | 40 | # Preparing the following repository structure: |
|
55 | 41 | # |
|
56 | 42 | # Origin repository has two commits: |
|
57 | 43 | # |
|
58 | 44 | # 0 1 |
|
59 | 45 | # A -- D |
|
60 | 46 | # |
|
61 | 47 | # The fork of it has a few more commits and "D" has a commit index |
|
62 | 48 | # which does not exist in origin. |
|
63 | 49 | # |
|
64 | 50 | # 0 1 2 3 4 |
|
65 | 51 | # A -- -- -- D -- E |
|
66 | 52 | # \- B -- C |
|
67 | 53 | # |
|
68 | 54 | |
|
69 | 55 | fork = backend.create_repo() |
|
70 | 56 | origin = backend.create_repo() |
|
71 | 57 | |
|
72 | 58 | # prepare fork |
|
73 | 59 | commit0 = commit_change( |
|
74 | 60 | fork.repo_name, filename=b'file1', content=b'A', |
|
75 | 61 | message='A - Initial Commit', vcs_type=backend.alias, parent=None, newfile=True) |
|
76 | 62 | |
|
77 | 63 | commit1 = commit_change( |
|
78 | 64 | fork.repo_name, filename=b'file1', content=b'B', |
|
79 | 65 | message='B, child of A', vcs_type=backend.alias, parent=commit0) |
|
80 | 66 | |
|
81 | 67 | commit_change( # commit 2 |
|
82 | 68 | fork.repo_name, filename=b'file1', content=b'C', |
|
83 | 69 | message='C, child of B', vcs_type=backend.alias, parent=commit1) |
|
84 | 70 | |
|
85 | 71 | commit3 = commit_change( |
|
86 | 72 | fork.repo_name, filename=b'file1', content=b'D', |
|
87 | 73 | message='D, child of A', vcs_type=backend.alias, parent=commit0) |
|
88 | 74 | |
|
89 | 75 | commit4 = commit_change( |
|
90 | 76 | fork.repo_name, filename=b'file1', content=b'E', |
|
91 | 77 | message='E, child of D', vcs_type=backend.alias, parent=commit3) |
|
92 | 78 | |
|
93 | 79 | # prepare origin repository, taking just the history up to D |
|
94 | 80 | |
|
95 | 81 | origin_repo = origin.scm_instance(cache=False) |
|
96 | 82 | origin_repo.config.clear_section('hooks') |
|
97 | 83 | origin_repo.pull(fork.repo_full_path, commit_ids=[commit3.raw_id]) |
|
98 | 84 | origin_repo = origin.scm_instance(cache=False) # cache rebuild |
|
99 | 85 | |
|
100 | 86 | # Verify test fixture setup |
|
101 | 87 | # This does not work for git |
|
102 | 88 | if backend.alias != 'git': |
|
103 | 89 | assert 5 == len(fork.scm_instance(cache=False).commit_ids) |
|
104 | 90 | assert 2 == len(origin_repo.commit_ids) |
|
105 | 91 | |
|
106 | 92 | # Comparing the revisions |
|
107 | 93 | response = self.app.get( |
|
108 | 94 | route_path('repo_compare', |
|
109 | 95 | repo_name=origin.repo_name, |
|
110 | 96 | source_ref_type="rev", source_ref=commit3.raw_id, |
|
111 | 97 | target_ref_type="rev", target_ref=commit4.raw_id, |
|
112 | 98 | params=dict(merge='1', target_repo=fork.repo_name) |
|
113 | 99 | ), |
|
114 | 100 | status=200) |
|
115 | 101 | |
|
116 | 102 | compare_page = ComparePage(response) |
|
117 | 103 | compare_page.contains_commits([commit4]) |
|
118 | 104 | |
|
119 | 105 | @pytest.mark.xfail_backends("svn", reason="Depends on branch support") |
|
120 | 106 | def test_compare_forks_on_branch_extra_commits(self, backend): |
|
121 | 107 | repo1 = backend.create_repo() |
|
122 | 108 | |
|
123 | 109 | # commit something ! |
|
124 | 110 | commit0 = commit_change( |
|
125 | 111 | repo1.repo_name, filename=b'file1', content=b'line1\n', |
|
126 | 112 | message='commit1', vcs_type=backend.alias, parent=None, |
|
127 | 113 | newfile=True) |
|
128 | 114 | |
|
129 | 115 | # fork this repo |
|
130 | 116 | repo2 = backend.create_fork() |
|
131 | 117 | |
|
132 | 118 | # add two extra commit into fork |
|
133 | 119 | commit1 = commit_change( |
|
134 | 120 | repo2.repo_name, filename=b'file1', content=b'line1\nline2\n', |
|
135 | 121 | message='commit2', vcs_type=backend.alias, parent=commit0) |
|
136 | 122 | |
|
137 | 123 | commit2 = commit_change( |
|
138 | 124 | repo2.repo_name, filename=b'file1', content=b'line1\nline2\nline3\n', |
|
139 | 125 | message='commit3', vcs_type=backend.alias, parent=commit1) |
|
140 | 126 | |
|
141 | 127 | commit_id1 = repo1.scm_instance().DEFAULT_BRANCH_NAME |
|
142 | 128 | commit_id2 = repo2.scm_instance().DEFAULT_BRANCH_NAME |
|
143 | 129 | |
|
144 | 130 | response = self.app.get( |
|
145 | 131 | route_path('repo_compare', |
|
146 | 132 | repo_name=repo1.repo_name, |
|
147 | 133 | source_ref_type="branch", source_ref=commit_id2, |
|
148 | 134 | target_ref_type="branch", target_ref=commit_id1, |
|
149 | 135 | params=dict(merge='1', target_repo=repo2.repo_name) |
|
150 | 136 | )) |
|
151 | 137 | |
|
152 | 138 | response.mustcontain('%s@%s' % (repo1.repo_name, commit_id2)) |
|
153 | 139 | response.mustcontain('%s@%s' % (repo2.repo_name, commit_id1)) |
|
154 | 140 | |
|
155 | 141 | compare_page = ComparePage(response) |
|
156 | 142 | compare_page.contains_change_summary(1, 2, 0) |
|
157 | 143 | compare_page.contains_commits([commit1, commit2]) |
|
158 | 144 | |
|
159 | 145 | anchor = 'a_c-{}-826e8142e6ba'.format(commit0.short_id) |
|
160 | 146 | compare_page.contains_file_links_and_anchors([('file1', anchor), ]) |
|
161 | 147 | |
|
162 | 148 | # Swap is removed when comparing branches since it's a PR feature and |
|
163 | 149 | # it is then a preview mode |
|
164 | 150 | compare_page.swap_is_hidden() |
|
165 | 151 | compare_page.target_source_are_disabled() |
|
166 | 152 | |
|
167 | 153 | @pytest.mark.xfail_backends("svn", reason="Depends on branch support") |
|
168 |
def test_compare_forks_on_branch_extra_commits_origin_has_incom |
|
|
154 | def test_compare_forks_on_branch_extra_commits_origin_has_incoming(self, backend): | |
|
169 | 155 | repo1 = backend.create_repo() |
|
170 | 156 | |
|
171 | 157 | # commit something ! |
|
172 | 158 | commit0 = commit_change( |
|
173 | 159 | repo1.repo_name, filename=b'file1', content=b'line1\n', |
|
174 | 160 | message='commit1', vcs_type=backend.alias, parent=None, |
|
175 | 161 | newfile=True) |
|
176 | 162 | |
|
177 | 163 | # fork this repo |
|
178 | 164 | repo2 = backend.create_fork() |
|
179 | 165 | |
|
180 | 166 | # now commit something to origin repo |
|
181 | 167 | commit_change( |
|
182 | 168 | repo1.repo_name, filename=b'file2', content=b'line1file2\n', |
|
183 | 169 | message='commit2', vcs_type=backend.alias, parent=commit0, |
|
184 | 170 | newfile=True) |
|
185 | 171 | |
|
186 | 172 | # add two extra commit into fork |
|
187 | 173 | commit1 = commit_change( |
|
188 | 174 | repo2.repo_name, filename=b'file1', content=b'line1\nline2\n', |
|
189 | 175 | message='commit2', vcs_type=backend.alias, parent=commit0) |
|
190 | 176 | |
|
191 | 177 | commit2 = commit_change( |
|
192 | 178 | repo2.repo_name, filename=b'file1', content=b'line1\nline2\nline3\n', |
|
193 | 179 | message='commit3', vcs_type=backend.alias, parent=commit1) |
|
194 | 180 | |
|
195 | 181 | commit_id1 = repo1.scm_instance().DEFAULT_BRANCH_NAME |
|
196 | 182 | commit_id2 = repo2.scm_instance().DEFAULT_BRANCH_NAME |
|
197 | 183 | |
|
198 | 184 | response = self.app.get( |
|
199 | 185 | route_path('repo_compare', |
|
200 | 186 | repo_name=repo1.repo_name, |
|
201 | 187 | source_ref_type="branch", source_ref=commit_id2, |
|
202 | 188 | target_ref_type="branch", target_ref=commit_id1, |
|
203 | 189 | params=dict(merge='1', target_repo=repo2.repo_name), |
|
204 | 190 | )) |
|
205 | 191 | |
|
206 |
response.mustcontain(' |
|
|
207 |
response.mustcontain(' |
|
|
192 | response.mustcontain(f'{repo1.repo_name}@{commit_id2}') | |
|
193 | response.mustcontain(f'{repo2.repo_name}@{commit_id1}') | |
|
208 | 194 | |
|
209 | 195 | compare_page = ComparePage(response) |
|
210 | 196 | compare_page.contains_change_summary(1, 2, 0) |
|
211 | 197 | compare_page.contains_commits([commit1, commit2]) |
|
212 |
anchor = 'a_c-{ |
|
|
198 | anchor = f'a_c-{commit0.short_id}-826e8142e6ba' | |
|
213 | 199 | compare_page.contains_file_links_and_anchors([('file1', anchor), ]) |
|
214 | 200 | |
|
215 | 201 | # Swap is removed when comparing branches since it's a PR feature and |
|
216 | 202 | # it is then a preview mode |
|
217 | 203 | compare_page.swap_is_hidden() |
|
218 | 204 | compare_page.target_source_are_disabled() |
|
219 | 205 | |
|
220 | 206 | @pytest.mark.xfail_backends("svn") |
|
221 | 207 | # TODO(marcink): no svn support for compare two seperate repos |
|
222 | 208 | def test_compare_of_unrelated_forks(self, backend): |
|
223 | 209 | orig = backend.create_repo(number_of_commits=1) |
|
224 | 210 | fork = backend.create_repo(number_of_commits=1) |
|
225 | 211 | |
|
226 | 212 | response = self.app.get( |
|
227 | 213 | route_path('repo_compare', |
|
228 | 214 | repo_name=orig.repo_name, |
|
229 | 215 | source_ref_type="rev", source_ref="tip", |
|
230 | 216 | target_ref_type="rev", target_ref="tip", |
|
231 | 217 | params=dict(merge='1', target_repo=fork.repo_name), |
|
232 | 218 | ), |
|
233 | 219 | status=302) |
|
234 | 220 | response = response.follow() |
|
235 | 221 | response.mustcontain("Repositories unrelated.") |
|
236 | 222 | |
|
237 | 223 | @pytest.mark.xfail_backends("svn") |
|
238 | 224 | def test_compare_cherry_pick_commits_from_bottom(self, backend): |
|
239 | 225 | |
|
240 | 226 | # repo1: |
|
241 | 227 | # commit0: |
|
242 | 228 | # commit1: |
|
243 | 229 | # repo1-fork- in which we will cherry pick bottom commits |
|
244 | 230 | # commit0: |
|
245 | 231 | # commit1: |
|
246 | 232 | # commit2: x |
|
247 | 233 | # commit3: x |
|
248 | 234 | # commit4: x |
|
249 | 235 | # commit5: |
|
250 | 236 | # make repo1, and commit1+commit2 |
|
251 | 237 | |
|
252 | 238 | repo1 = backend.create_repo() |
|
253 | 239 | |
|
254 | 240 | # commit something ! |
|
255 | 241 | commit0 = commit_change( |
|
256 | 242 | repo1.repo_name, filename=b'file1', content=b'line1\n', |
|
257 | 243 | message='commit1', vcs_type=backend.alias, parent=None, |
|
258 | 244 | newfile=True) |
|
259 | 245 | commit1 = commit_change( |
|
260 | 246 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\n', |
|
261 | 247 | message='commit2', vcs_type=backend.alias, parent=commit0) |
|
262 | 248 | |
|
263 | 249 | # fork this repo |
|
264 | 250 | repo2 = backend.create_fork() |
|
265 | 251 | |
|
266 | 252 | # now make commit3-6 |
|
267 | 253 | commit2 = commit_change( |
|
268 | 254 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\nline3\n', |
|
269 | 255 | message='commit3', vcs_type=backend.alias, parent=commit1) |
|
270 | 256 | commit3 = commit_change( |
|
271 | 257 | repo1.repo_name, filename=b'file1',content=b'line1\nline2\nline3\nline4\n', |
|
272 | 258 | message='commit4', vcs_type=backend.alias, parent=commit2) |
|
273 | 259 | commit4 = commit_change( |
|
274 | 260 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\nline3\nline4\nline5\n', |
|
275 | 261 | message='commit5', vcs_type=backend.alias, parent=commit3) |
|
276 | 262 | commit_change( # commit 5 |
|
277 | 263 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\nline3\nline4\nline5\nline6\n', |
|
278 | 264 | message='commit6', vcs_type=backend.alias, parent=commit4) |
|
279 | 265 | |
|
280 | 266 | response = self.app.get( |
|
281 | 267 | route_path('repo_compare', |
|
282 | 268 | repo_name=repo2.repo_name, |
|
283 | 269 | # parent of commit2, in target repo2 |
|
284 | 270 | source_ref_type="rev", source_ref=commit1.raw_id, |
|
285 | 271 | target_ref_type="rev", target_ref=commit4.raw_id, |
|
286 | 272 | params=dict(merge='1', target_repo=repo1.repo_name), |
|
287 | 273 | )) |
|
288 | 274 | response.mustcontain('%s@%s' % (repo2.repo_name, commit1.short_id)) |
|
289 | 275 | response.mustcontain('%s@%s' % (repo1.repo_name, commit4.short_id)) |
|
290 | 276 | |
|
291 | 277 | # files |
|
292 | 278 | compare_page = ComparePage(response) |
|
293 | 279 | compare_page.contains_change_summary(1, 3, 0) |
|
294 | 280 | compare_page.contains_commits([commit2, commit3, commit4]) |
|
295 | 281 | anchor = 'a_c-{}-826e8142e6ba'.format(commit1.short_id) |
|
296 | 282 | compare_page.contains_file_links_and_anchors([('file1', anchor),]) |
|
297 | 283 | |
|
298 | 284 | @pytest.mark.xfail_backends("svn") |
|
299 | 285 | def test_compare_cherry_pick_commits_from_top(self, backend): |
|
300 | 286 | # repo1: |
|
301 | 287 | # commit0: |
|
302 | 288 | # commit1: |
|
303 | 289 | # repo1-fork- in which we will cherry pick bottom commits |
|
304 | 290 | # commit0: |
|
305 | 291 | # commit1: |
|
306 | 292 | # commit2: |
|
307 | 293 | # commit3: x |
|
308 | 294 | # commit4: x |
|
309 | 295 | # commit5: x |
|
310 | 296 | |
|
311 | 297 | # make repo1, and commit1+commit2 |
|
312 | 298 | repo1 = backend.create_repo() |
|
313 | 299 | |
|
314 | 300 | # commit something ! |
|
315 | 301 | commit0 = commit_change( |
|
316 | 302 | repo1.repo_name, filename=b'file1', content=b'line1\n', |
|
317 | 303 | message='commit1', vcs_type=backend.alias, parent=None, |
|
318 | 304 | newfile=True) |
|
319 | 305 | commit1 = commit_change( |
|
320 | 306 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\n', |
|
321 | 307 | message='commit2', vcs_type=backend.alias, parent=commit0) |
|
322 | 308 | |
|
323 | 309 | # fork this repo |
|
324 | 310 | backend.create_fork() |
|
325 | 311 | |
|
326 | 312 | # now make commit3-6 |
|
327 | 313 | commit2 = commit_change( |
|
328 | 314 | repo1.repo_name, filename=b'file1', content=b'line1\nline2\nline3\n', |
|
329 | 315 | message='commit3', vcs_type=backend.alias, parent=commit1) |
|
330 | 316 | commit3 = commit_change( |
|
331 | 317 | repo1.repo_name, filename=b'file1', |
|
332 | 318 | content=b'line1\nline2\nline3\nline4\n', message='commit4', |
|
333 | 319 | vcs_type=backend.alias, parent=commit2) |
|
334 | 320 | commit4 = commit_change( |
|
335 | 321 | repo1.repo_name, filename=b'file1', |
|
336 | 322 | content=b'line1\nline2\nline3\nline4\nline5\n', message='commit5', |
|
337 | 323 | vcs_type=backend.alias, parent=commit3) |
|
338 | 324 | commit5 = commit_change( |
|
339 | 325 | repo1.repo_name, filename=b'file1', |
|
340 | 326 | content=b'line1\nline2\nline3\nline4\nline5\nline6\n', |
|
341 | 327 | message='commit6', vcs_type=backend.alias, parent=commit4) |
|
342 | 328 | |
|
343 | 329 | response = self.app.get( |
|
344 | 330 | route_path('repo_compare', |
|
345 | 331 | repo_name=repo1.repo_name, |
|
346 | 332 | # parent of commit3, not in source repo2 |
|
347 | 333 | source_ref_type="rev", source_ref=commit2.raw_id, |
|
348 | 334 | target_ref_type="rev", target_ref=commit5.raw_id, |
|
349 | 335 | params=dict(merge='1'),)) |
|
350 | 336 | |
|
351 | 337 | response.mustcontain('%s@%s' % (repo1.repo_name, commit2.short_id)) |
|
352 | 338 | response.mustcontain('%s@%s' % (repo1.repo_name, commit5.short_id)) |
|
353 | 339 | |
|
354 | 340 | compare_page = ComparePage(response) |
|
355 | 341 | compare_page.contains_change_summary(1, 3, 0) |
|
356 | 342 | compare_page.contains_commits([commit3, commit4, commit5]) |
|
357 | 343 | |
|
358 | 344 | # files |
|
359 | 345 | anchor = 'a_c-{}-826e8142e6ba'.format(commit2.short_id) |
|
360 | 346 | compare_page.contains_file_links_and_anchors([('file1', anchor),]) |
|
361 | 347 | |
|
362 | 348 | @pytest.mark.xfail_backends("svn") |
|
363 | 349 | def test_compare_remote_branches(self, backend): |
|
364 | 350 | repo1 = backend.repo |
|
365 | 351 | repo2 = backend.create_fork() |
|
366 | 352 | |
|
367 | 353 | commit_id1 = repo1.get_commit(commit_idx=3).raw_id |
|
368 | 354 | commit_id1_short = repo1.get_commit(commit_idx=3).short_id |
|
369 | 355 | commit_id2 = repo1.get_commit(commit_idx=6).raw_id |
|
370 | 356 | commit_id2_short = repo1.get_commit(commit_idx=6).short_id |
|
371 | 357 | |
|
372 | 358 | response = self.app.get( |
|
373 | 359 | route_path('repo_compare', |
|
374 | 360 | repo_name=repo1.repo_name, |
|
375 | 361 | source_ref_type="rev", source_ref=commit_id1, |
|
376 | 362 | target_ref_type="rev", target_ref=commit_id2, |
|
377 | 363 | params=dict(merge='1', target_repo=repo2.repo_name), |
|
378 | 364 | )) |
|
379 | 365 | |
|
380 | 366 | response.mustcontain('%s@%s' % (repo1.repo_name, commit_id1)) |
|
381 | 367 | response.mustcontain('%s@%s' % (repo2.repo_name, commit_id2)) |
|
382 | 368 | |
|
383 | 369 | compare_page = ComparePage(response) |
|
384 | 370 | |
|
385 | 371 | # outgoing commits between those commits |
|
386 | 372 | compare_page.contains_commits( |
|
387 | 373 | [repo2.get_commit(commit_idx=x) for x in [4, 5, 6]]) |
|
388 | 374 | |
|
389 | 375 | # files |
|
390 | 376 | compare_page.contains_file_links_and_anchors([ |
|
391 | 377 | ('vcs/backends/hg.py', 'a_c-{}-9c390eb52cd6'.format(commit_id2_short)), |
|
392 | 378 | ('vcs/backends/__init__.py', 'a_c-{}-41b41c1f2796'.format(commit_id1_short)), |
|
393 | 379 | ('vcs/backends/base.py', 'a_c-{}-2f574d260608'.format(commit_id1_short)), |
|
394 | 380 | ]) |
|
395 | 381 | |
|
396 | 382 | @pytest.mark.xfail_backends("svn") |
|
397 | 383 | def test_source_repo_new_commits_after_forking_simple_diff(self, backend): |
|
398 | 384 | repo1 = backend.create_repo() |
|
399 | 385 | r1_name = repo1.repo_name |
|
400 | 386 | |
|
401 | 387 | commit0 = commit_change( |
|
402 | 388 | repo=r1_name, filename=b'file1', |
|
403 | 389 | content=b'line1', message='commit1', vcs_type=backend.alias, |
|
404 | 390 | newfile=True) |
|
405 | 391 | assert repo1.scm_instance().commit_ids == [commit0.raw_id] |
|
406 | 392 | |
|
407 | 393 | # fork the repo1 |
|
408 | 394 | repo2 = backend.create_fork() |
|
409 | 395 | assert repo2.scm_instance().commit_ids == [commit0.raw_id] |
|
410 | 396 | |
|
411 | 397 | self.r2_id = repo2.repo_id |
|
412 | 398 | r2_name = repo2.repo_name |
|
413 | 399 | |
|
414 | 400 | commit1 = commit_change( |
|
415 | 401 | repo=r2_name, filename=b'file1-fork', |
|
416 | 402 | content=b'file1-line1-from-fork', message='commit1-fork', |
|
417 | 403 | vcs_type=backend.alias, parent=repo2.scm_instance()[-1], |
|
418 | 404 | newfile=True) |
|
419 | 405 | |
|
420 | 406 | commit2 = commit_change( |
|
421 | 407 | repo=r2_name, filename=b'file2-fork', |
|
422 | 408 | content=b'file2-line1-from-fork', message='commit2-fork', |
|
423 | 409 | vcs_type=backend.alias, parent=commit1, |
|
424 | 410 | newfile=True) |
|
425 | 411 | |
|
426 | 412 | commit_change( # commit 3 |
|
427 | 413 | repo=r2_name, filename=b'file3-fork', |
|
428 | 414 | content=b'file3-line1-from-fork', message='commit3-fork', |
|
429 | 415 | vcs_type=backend.alias, parent=commit2, newfile=True) |
|
430 | 416 | |
|
431 | 417 | # compare ! |
|
432 | 418 | commit_id1 = repo1.scm_instance().DEFAULT_BRANCH_NAME |
|
433 | 419 | commit_id2 = repo2.scm_instance().DEFAULT_BRANCH_NAME |
|
434 | 420 | |
|
435 | 421 | response = self.app.get( |
|
436 | 422 | route_path('repo_compare', |
|
437 | 423 | repo_name=r2_name, |
|
438 | 424 | source_ref_type="branch", source_ref=commit_id1, |
|
439 | 425 | target_ref_type="branch", target_ref=commit_id2, |
|
440 | 426 | params=dict(merge='1', target_repo=r1_name), |
|
441 | 427 | )) |
|
442 | 428 | |
|
443 | 429 | response.mustcontain('%s@%s' % (r2_name, commit_id1)) |
|
444 | 430 | response.mustcontain('%s@%s' % (r1_name, commit_id2)) |
|
445 | 431 | response.mustcontain('No files') |
|
446 | 432 | response.mustcontain('No commits in this compare') |
|
447 | 433 | |
|
448 | 434 | commit0 = commit_change( |
|
449 | 435 | repo=r1_name, filename=b'file2', |
|
450 | 436 | content=b'line1-added-after-fork', message='commit2-parent', |
|
451 | 437 | vcs_type=backend.alias, parent=None, newfile=True) |
|
452 | 438 | |
|
453 | 439 | # compare ! |
|
454 | 440 | response = self.app.get( |
|
455 | 441 | route_path('repo_compare', |
|
456 | 442 | repo_name=r2_name, |
|
457 | 443 | source_ref_type="branch", source_ref=commit_id1, |
|
458 | 444 | target_ref_type="branch", target_ref=commit_id2, |
|
459 | 445 | params=dict(merge='1', target_repo=r1_name), |
|
460 | 446 | )) |
|
461 | 447 | |
|
462 | 448 | response.mustcontain('%s@%s' % (r2_name, commit_id1)) |
|
463 | 449 | response.mustcontain('%s@%s' % (r1_name, commit_id2)) |
|
464 | 450 | |
|
465 | 451 | response.mustcontain("""commit2-parent""") |
|
466 | 452 | response.mustcontain("""line1-added-after-fork""") |
|
467 | 453 | compare_page = ComparePage(response) |
|
468 | 454 | compare_page.contains_change_summary(1, 1, 0) |
|
469 | 455 | |
|
470 | 456 | @pytest.mark.xfail_backends("svn") |
|
471 | 457 | def test_compare_commits(self, backend, xhr_header): |
|
472 | 458 | commit0 = backend.repo.get_commit(commit_idx=0) |
|
473 | 459 | commit1 = backend.repo.get_commit(commit_idx=1) |
|
474 | 460 | |
|
475 | 461 | response = self.app.get( |
|
476 | 462 | route_path('repo_compare', |
|
477 | 463 | repo_name=backend.repo_name, |
|
478 | 464 | source_ref_type="rev", source_ref=commit0.raw_id, |
|
479 | 465 | target_ref_type="rev", target_ref=commit1.raw_id, |
|
480 | 466 | params=dict(merge='1') |
|
481 | 467 | ), |
|
482 | 468 | extra_environ=xhr_header, ) |
|
483 | 469 | |
|
484 | 470 | # outgoing commits between those commits |
|
485 | 471 | compare_page = ComparePage(response) |
|
486 | 472 | compare_page.contains_commits(commits=[commit1]) |
|
487 | 473 | |
|
488 | 474 | def test_errors_when_comparing_unknown_source_repo(self, backend): |
|
489 | 475 | repo = backend.repo |
|
490 | 476 | |
|
491 | 477 | self.app.get( |
|
492 | 478 | route_path('repo_compare', |
|
493 | 479 | repo_name='badrepo', |
|
494 | 480 | source_ref_type="rev", source_ref='tip', |
|
495 | 481 | target_ref_type="rev", target_ref='tip', |
|
496 | 482 | params=dict(merge='1', target_repo=repo.repo_name) |
|
497 | 483 | ), |
|
498 | 484 | status=404) |
|
499 | 485 | |
|
500 | 486 | def test_errors_when_comparing_unknown_target_repo(self, backend): |
|
501 | 487 | repo = backend.repo |
|
502 | 488 | badrepo = 'badrepo' |
|
503 | 489 | |
|
504 | 490 | response = self.app.get( |
|
505 | 491 | route_path('repo_compare', |
|
506 | 492 | repo_name=repo.repo_name, |
|
507 | 493 | source_ref_type="rev", source_ref='tip', |
|
508 | 494 | target_ref_type="rev", target_ref='tip', |
|
509 | 495 | params=dict(merge='1', target_repo=badrepo), |
|
510 | 496 | ), |
|
511 | 497 | status=302) |
|
512 | 498 | redirected = response.follow() |
|
513 | 499 | redirected.mustcontain( |
|
514 | 500 | 'Could not find the target repo: `{}`'.format(badrepo)) |
|
515 | 501 | |
|
516 | 502 | def test_compare_not_in_preview_mode(self, backend_stub): |
|
517 | 503 | commit0 = backend_stub.repo.get_commit(commit_idx=0) |
|
518 | 504 | commit1 = backend_stub.repo.get_commit(commit_idx=1) |
|
519 | 505 | |
|
520 | 506 | response = self.app.get( |
|
521 | 507 | route_path('repo_compare', |
|
522 | 508 | repo_name=backend_stub.repo_name, |
|
523 | 509 | source_ref_type="rev", source_ref=commit0.raw_id, |
|
524 | 510 | target_ref_type="rev", target_ref=commit1.raw_id, |
|
525 | 511 | )) |
|
526 | 512 | |
|
527 | 513 | # outgoing commits between those commits |
|
528 | 514 | compare_page = ComparePage(response) |
|
529 | 515 | compare_page.swap_is_visible() |
|
530 | 516 | compare_page.target_source_are_enabled() |
|
531 | 517 | |
|
532 | 518 | def test_compare_of_fork_with_largefiles(self, backend_hg, settings_util): |
|
533 | 519 | orig = backend_hg.create_repo(number_of_commits=1) |
|
534 | 520 | fork = backend_hg.create_fork() |
|
535 | 521 | |
|
536 | 522 | settings_util.create_repo_rhodecode_ui( |
|
537 | 523 | orig, 'extensions', value='', key='largefiles', active=False) |
|
538 | 524 | settings_util.create_repo_rhodecode_ui( |
|
539 | 525 | fork, 'extensions', value='', key='largefiles', active=True) |
|
540 | 526 | |
|
541 | 527 | compare_module = ('rhodecode.lib.vcs.backends.hg.repository.' |
|
542 | 528 | 'MercurialRepository.compare') |
|
543 | 529 | with mock.patch(compare_module) as compare_mock: |
|
544 | 530 | compare_mock.side_effect = RepositoryRequirementError() |
|
545 | 531 | |
|
546 | 532 | response = self.app.get( |
|
547 | 533 | route_path('repo_compare', |
|
548 | 534 | repo_name=orig.repo_name, |
|
549 | 535 | source_ref_type="rev", source_ref="tip", |
|
550 | 536 | target_ref_type="rev", target_ref="tip", |
|
551 | 537 | params=dict(merge='1', target_repo=fork.repo_name), |
|
552 | 538 | ), |
|
553 | 539 | status=302) |
|
554 | 540 | |
|
555 | 541 | assert_session_flash( |
|
556 | 542 | response, |
|
557 | 543 | 'Could not compare repos with different large file settings') |
|
558 | 544 | |
|
559 | 545 | |
|
560 | 546 | @pytest.mark.usefixtures("autologin_user") |
|
561 | 547 | class TestCompareControllerSvn(object): |
|
562 | 548 | |
|
563 | 549 | def test_supports_references_with_path(self, app, backend_svn): |
|
564 | 550 | repo = backend_svn['svn-simple-layout'] |
|
565 | 551 | commit_id = repo.get_commit(commit_idx=-1).raw_id |
|
566 | 552 | response = app.get( |
|
567 | 553 | route_path('repo_compare', |
|
568 | 554 | repo_name=repo.repo_name, |
|
569 | 555 | source_ref_type="tag", |
|
570 | 556 | source_ref="%s@%s" % ('tags/v0.1', commit_id), |
|
571 | 557 | target_ref_type="tag", |
|
572 | 558 | target_ref="%s@%s" % ('tags/v0.2', commit_id), |
|
573 | 559 | params=dict(merge='1'), |
|
574 | 560 | ), |
|
575 | 561 | status=200) |
|
576 | 562 | |
|
577 | 563 | # Expecting no commits, since both paths are at the same revision |
|
578 | 564 | response.mustcontain('No commits in this compare') |
|
579 | 565 | |
|
580 | 566 | # Should find only one file changed when comparing those two tags |
|
581 | 567 | response.mustcontain('example.py') |
|
582 | 568 | compare_page = ComparePage(response) |
|
583 | 569 | compare_page.contains_change_summary(1, 5, 1) |
|
584 | 570 | |
|
585 | 571 | def test_shows_commits_if_different_ids(self, app, backend_svn): |
|
586 | 572 | repo = backend_svn['svn-simple-layout'] |
|
587 | 573 | source_id = repo.get_commit(commit_idx=-6).raw_id |
|
588 | 574 | target_id = repo.get_commit(commit_idx=-1).raw_id |
|
589 | 575 | response = app.get( |
|
590 | 576 | route_path('repo_compare', |
|
591 | 577 | repo_name=repo.repo_name, |
|
592 | 578 | source_ref_type="tag", |
|
593 | 579 | source_ref="%s@%s" % ('tags/v0.1', source_id), |
|
594 | 580 | target_ref_type="tag", |
|
595 | 581 | target_ref="%s@%s" % ('tags/v0.2', target_id), |
|
596 | 582 | params=dict(merge='1') |
|
597 | 583 | ), |
|
598 | 584 | status=200) |
|
599 | 585 | |
|
600 | 586 | # It should show commits |
|
601 | 587 | assert 'No commits in this compare' not in response.text |
|
602 | 588 | |
|
603 | 589 | # Should find only one file changed when comparing those two tags |
|
604 | 590 | response.mustcontain('example.py') |
|
605 | 591 | compare_page = ComparePage(response) |
|
606 | 592 | compare_page.contains_change_summary(1, 5, 1) |
|
607 | 593 | |
|
608 | 594 | |
|
609 | 595 | class ComparePage(AssertResponse): |
|
610 | 596 | """ |
|
611 | 597 | Abstracts the page template from the tests |
|
612 | 598 | """ |
|
613 | 599 | |
|
614 | 600 | def contains_file_links_and_anchors(self, files): |
|
615 | 601 | doc = lxml.html.fromstring(self.response.body) |
|
616 | 602 | for filename, file_id in files: |
|
617 | 603 | self.contains_one_anchor(file_id) |
|
618 | 604 | diffblock = doc.cssselect('[data-f-path="%s"]' % filename) |
|
619 | 605 | assert len(diffblock) == 2 |
|
620 | 606 | for lnk in diffblock[0].cssselect('a'): |
|
621 | 607 | if 'permalink' in lnk.text: |
|
622 | 608 | assert '#{}'.format(file_id) in lnk.attrib['href'] |
|
623 | 609 | break |
|
624 | 610 | else: |
|
625 | 611 | pytest.fail('Unable to find permalink') |
|
626 | 612 | |
|
627 | 613 | def contains_change_summary(self, files_changed, inserted, deleted): |
|
628 | 614 | template = ( |
|
629 | 615 | '{files_changed} file{plural} changed: ' |
|
630 | 616 | '<span class="op-added">{inserted} inserted</span>, <span class="op-deleted">{deleted} deleted</span>') |
|
631 | 617 | self.response.mustcontain(template.format( |
|
632 | 618 | files_changed=files_changed, |
|
633 | 619 | plural="s" if files_changed > 1 else "", |
|
634 | 620 | inserted=inserted, |
|
635 | 621 | deleted=deleted)) |
|
636 | 622 | |
|
637 | 623 | def contains_commits(self, commits, ancestors=None): |
|
638 | 624 | response = self.response |
|
639 | 625 | |
|
640 | 626 | for commit in commits: |
|
641 | 627 | # Expecting to see the commit message in an element which |
|
642 | 628 | # has the ID "c-{commit.raw_id}" |
|
643 | 629 | self.element_contains('#c-' + commit.raw_id, commit.message) |
|
644 | 630 | self.contains_one_link( |
|
645 | 631 | 'r%s:%s' % (commit.idx, commit.short_id), |
|
646 | 632 | self._commit_url(commit)) |
|
647 | 633 | |
|
648 | 634 | if ancestors: |
|
649 | 635 | response.mustcontain('Ancestor') |
|
650 | 636 | for ancestor in ancestors: |
|
651 | 637 | self.contains_one_link( |
|
652 | 638 | ancestor.short_id, self._commit_url(ancestor)) |
|
653 | 639 | |
|
654 | 640 | def _commit_url(self, commit): |
|
655 | 641 | return '/%s/changeset/%s' % (commit.repository.name, commit.raw_id) |
|
656 | 642 | |
|
657 | 643 | def swap_is_hidden(self): |
|
658 | 644 | assert '<a id="btn-swap"' not in self.response.text |
|
659 | 645 | |
|
660 | 646 | def swap_is_visible(self): |
|
661 | 647 | assert '<a id="btn-swap"' in self.response.text |
|
662 | 648 | |
|
663 | 649 | def target_source_are_disabled(self): |
|
664 | 650 | response = self.response |
|
665 | 651 | response.mustcontain("var enable_fields = false;") |
|
666 | 652 | response.mustcontain('.select2("enable", enable_fields)') |
|
667 | 653 | |
|
668 | 654 | def target_source_are_enabled(self): |
|
669 | 655 | response = self.response |
|
670 | 656 | response.mustcontain("var enable_fields = true;") |
@@ -1,168 +1,154 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from .test_repo_compare import ComparePage |
|
23 | ||
|
24 | ||
|
25 | def route_path(name, params=None, **kwargs): | |
|
26 | import urllib.request | |
|
27 | import urllib.parse | |
|
28 | import urllib.error | |
|
29 | ||
|
30 | base_url = { | |
|
31 | 'repo_compare_select': '/{repo_name}/compare', | |
|
32 | 'repo_compare': '/{repo_name}/compare/{source_ref_type}@{source_ref}...{target_ref_type}@{target_ref}', | |
|
33 | }[name].format(**kwargs) | |
|
34 | ||
|
35 | if params: | |
|
36 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
37 | return base_url | |
|
23 | from rhodecode.tests.routes import route_path | |
|
38 | 24 | |
|
39 | 25 | |
|
40 | 26 | @pytest.mark.usefixtures("autologin_user", "app") |
|
41 | 27 | class TestCompareView(object): |
|
42 | 28 | |
|
43 | 29 | @pytest.mark.xfail_backends("svn", msg="Depends on branch and tag support") |
|
44 | 30 | def test_compare_tag(self, backend): |
|
45 | 31 | tag1 = 'v0.1.2' |
|
46 | 32 | tag2 = 'v0.1.3' |
|
47 | 33 | response = self.app.get( |
|
48 | 34 | route_path( |
|
49 | 35 | 'repo_compare', |
|
50 | 36 | repo_name=backend.repo_name, |
|
51 | 37 | source_ref_type="tag", source_ref=tag1, |
|
52 | 38 | target_ref_type="tag", target_ref=tag2), |
|
53 | 39 | status=200) |
|
54 | 40 | |
|
55 | 41 | response.mustcontain('%s@%s' % (backend.repo_name, tag1)) |
|
56 | 42 | response.mustcontain('%s@%s' % (backend.repo_name, tag2)) |
|
57 | 43 | |
|
58 | 44 | # outgoing commits between tags |
|
59 | 45 | commit_indexes = { |
|
60 | 46 | 'git': [113] + list(range(115, 121)), |
|
61 | 47 | 'hg': [112] + list(range(115, 121)), |
|
62 | 48 | } |
|
63 | 49 | repo = backend.repo |
|
64 | 50 | commits = (repo.get_commit(commit_idx=idx) |
|
65 | 51 | for idx in commit_indexes[backend.alias]) |
|
66 | 52 | compare_page = ComparePage(response) |
|
67 | 53 | compare_page.contains_change_summary(11, 94, 64) |
|
68 | 54 | compare_page.contains_commits(commits) |
|
69 | 55 | |
|
70 | 56 | # files diff |
|
71 | 57 | short_id = short_id_new = '' |
|
72 | 58 | if backend.alias == 'git': |
|
73 | 59 | short_id = '5a3a8fb00555' |
|
74 | 60 | short_id_new = '0ba5f8a46600' |
|
75 | 61 | if backend.alias == 'hg': |
|
76 | 62 | short_id = '17544fbfcd33' |
|
77 | 63 | short_id_new = 'a7e60bff65d5' |
|
78 | 64 | |
|
79 | 65 | compare_page.contains_file_links_and_anchors([ |
|
80 | 66 | # modified |
|
81 | 67 | ('docs/api/utils/index.rst', 'a_c-{}-1c5cf9e91c12'.format(short_id)), |
|
82 | 68 | ('test_and_report.sh', 'a_c-{}-e3305437df55'.format(short_id)), |
|
83 | 69 | # added |
|
84 | 70 | ('.hgignore', 'a_c-{}-c8e92ef85cd1'.format(short_id_new)), |
|
85 | 71 | ('.hgtags', 'a_c-{}-6e08b694d687'.format(short_id_new)), |
|
86 | 72 | ('docs/api/index.rst', 'a_c-{}-2c14b00f3393'.format(short_id_new)), |
|
87 | 73 | ('vcs/__init__.py', 'a_c-{}-430ccbc82bdf'.format(short_id_new)), |
|
88 | 74 | ('vcs/backends/hg.py', 'a_c-{}-9c390eb52cd6'.format(short_id_new)), |
|
89 | 75 | ('vcs/utils/__init__.py', 'a_c-{}-ebb592c595c0'.format(short_id_new)), |
|
90 | 76 | ('vcs/utils/annotate.py', 'a_c-{}-7abc741b5052'.format(short_id_new)), |
|
91 | 77 | ('vcs/utils/diffs.py', 'a_c-{}-2ef0ef106c56'.format(short_id_new)), |
|
92 | 78 | ('vcs/utils/lazy.py', 'a_c-{}-3150cb87d4b7'.format(short_id_new)), |
|
93 | 79 | ]) |
|
94 | 80 | |
|
95 | 81 | @pytest.mark.xfail_backends("svn", msg="Depends on branch and tag support") |
|
96 | 82 | def test_compare_tag_branch(self, backend): |
|
97 | 83 | revisions = { |
|
98 | 84 | 'hg': { |
|
99 | 85 | 'tag': 'v0.2.0', |
|
100 | 86 | 'branch': 'default', |
|
101 | 87 | 'response': (147, 5701, 10177) |
|
102 | 88 | }, |
|
103 | 89 | 'git': { |
|
104 | 90 | 'tag': 'v0.2.2', |
|
105 | 91 | 'branch': 'master', |
|
106 | 92 | 'response': (70, 1855, 3002) |
|
107 | 93 | }, |
|
108 | 94 | } |
|
109 | 95 | |
|
110 | 96 | # Backend specific data, depends on the test repository for |
|
111 | 97 | # functional tests. |
|
112 | 98 | data = revisions[backend.alias] |
|
113 | 99 | |
|
114 | 100 | response = self.app.get( |
|
115 | 101 | route_path( |
|
116 | 102 | 'repo_compare', |
|
117 | 103 | repo_name=backend.repo_name, |
|
118 | 104 | source_ref_type='branch', source_ref=data['branch'], |
|
119 | 105 | target_ref_type="tag", target_ref=data['tag'], |
|
120 | 106 | )) |
|
121 | 107 | |
|
122 | 108 | response.mustcontain('%s@%s' % (backend.repo_name, data['branch'])) |
|
123 | 109 | response.mustcontain('%s@%s' % (backend.repo_name, data['tag'])) |
|
124 | 110 | compare_page = ComparePage(response) |
|
125 | 111 | compare_page.contains_change_summary(*data['response']) |
|
126 | 112 | |
|
127 | 113 | def test_index_branch(self, backend): |
|
128 | 114 | head_id = backend.default_head_id |
|
129 | 115 | response = self.app.get( |
|
130 | 116 | route_path( |
|
131 | 117 | 'repo_compare', |
|
132 | 118 | repo_name=backend.repo_name, |
|
133 | 119 | source_ref_type="branch", source_ref=head_id, |
|
134 | 120 | target_ref_type="branch", target_ref=head_id, |
|
135 | 121 | )) |
|
136 | 122 | |
|
137 | 123 | response.mustcontain('%s@%s' % (backend.repo_name, head_id)) |
|
138 | 124 | |
|
139 | 125 | # branches are equal |
|
140 | 126 | response.mustcontain('No files') |
|
141 | 127 | response.mustcontain('No commits in this compare') |
|
142 | 128 | |
|
143 | 129 | def test_compare_commits(self, backend): |
|
144 | 130 | repo = backend.repo |
|
145 | 131 | commit1 = repo.get_commit(commit_idx=0) |
|
146 | 132 | commit1_short_id = commit1.short_id |
|
147 | 133 | commit2 = repo.get_commit(commit_idx=1) |
|
148 | 134 | commit2_short_id = commit2.short_id |
|
149 | 135 | |
|
150 | 136 | response = self.app.get( |
|
151 | 137 | route_path( |
|
152 | 138 | 'repo_compare', |
|
153 | 139 | repo_name=backend.repo_name, |
|
154 | 140 | source_ref_type="rev", source_ref=commit1.raw_id, |
|
155 | 141 | target_ref_type="rev", target_ref=commit2.raw_id, |
|
156 | 142 | )) |
|
157 | 143 | response.mustcontain('%s@%s' % (backend.repo_name, commit1.raw_id)) |
|
158 | 144 | response.mustcontain('%s@%s' % (backend.repo_name, commit2.raw_id)) |
|
159 | 145 | compare_page = ComparePage(response) |
|
160 | 146 | |
|
161 | 147 | # files |
|
162 | 148 | compare_page.contains_change_summary(1, 7, 0) |
|
163 | 149 | |
|
164 | 150 | # outgoing commits between those commits |
|
165 | 151 | compare_page.contains_commits([commit2]) |
|
166 | 152 | anchor = 'a_c-{}-c8e92ef85cd1'.format(commit2_short_id) |
|
167 | 153 | response.mustcontain(anchor) |
|
168 | 154 | compare_page.contains_file_links_and_anchors([('.hgignore', anchor),]) |
@@ -1,292 +1,279 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.apps.repository.tests.test_repo_compare import ComparePage |
|
23 | 23 | from rhodecode.lib.vcs import nodes |
|
24 | 24 | from rhodecode.lib.vcs.backends.base import EmptyCommit |
|
25 | 25 | from rhodecode.tests.fixture import Fixture |
|
26 | 26 | from rhodecode.tests.utils import commit_change |
|
27 | ||
|
28 | fixture = Fixture() | |
|
27 | from rhodecode.tests.routes import route_path | |
|
29 | 28 | |
|
30 | 29 | |
|
31 | def route_path(name, params=None, **kwargs): | |
|
32 | import urllib.request | |
|
33 | import urllib.parse | |
|
34 | import urllib.error | |
|
35 | ||
|
36 | base_url = { | |
|
37 | 'repo_compare_select': '/{repo_name}/compare', | |
|
38 | 'repo_compare': '/{repo_name}/compare/{source_ref_type}@{source_ref}...{target_ref_type}@{target_ref}', | |
|
39 | }[name].format(**kwargs) | |
|
40 | ||
|
41 | if params: | |
|
42 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
43 | return base_url | |
|
30 | fixture = Fixture() | |
|
44 | 31 | |
|
45 | 32 | |
|
46 | 33 | @pytest.mark.usefixtures("autologin_user", "app") |
|
47 | 34 | class TestSideBySideDiff(object): |
|
48 | 35 | |
|
49 | 36 | def test_diff_sidebyside_single_commit(self, app, backend): |
|
50 | 37 | commit_id_range = { |
|
51 | 38 | 'hg': { |
|
52 | 39 | 'commits': ['25d7e49c18b159446cadfa506a5cf8ad1cb04067', |
|
53 | 40 | '603d6c72c46d953420c89d36372f08d9f305f5dd'], |
|
54 | 41 | 'changes': (21, 943, 288), |
|
55 | 42 | }, |
|
56 | 43 | 'git': { |
|
57 | 44 | 'commits': ['6fc9270775aaf5544c1deb014f4ddd60c952fcbb', |
|
58 | 45 | '03fa803d7e9fb14daa9a3089e0d1494eda75d986'], |
|
59 | 46 | 'changes': (20, 941, 286), |
|
60 | 47 | }, |
|
61 | 48 | |
|
62 | 49 | 'svn': { |
|
63 | 50 | 'commits': ['336', |
|
64 | 51 | '337'], |
|
65 | 52 | 'changes': (21, 943, 288), |
|
66 | 53 | }, |
|
67 | 54 | } |
|
68 | 55 | |
|
69 | 56 | commit_info = commit_id_range[backend.alias] |
|
70 | 57 | commit2, commit1 = commit_info['commits'] |
|
71 | 58 | file_changes = commit_info['changes'] |
|
72 | 59 | |
|
73 | 60 | response = self.app.get(route_path( |
|
74 | 61 | 'repo_compare', |
|
75 | 62 | repo_name=backend.repo_name, |
|
76 | 63 | source_ref_type='rev', |
|
77 | 64 | source_ref=commit2, |
|
78 | 65 | target_repo=backend.repo_name, |
|
79 | 66 | target_ref_type='rev', |
|
80 | 67 | target_ref=commit1, |
|
81 | 68 | params=dict(target_repo=backend.repo_name, diffmode='sidebyside') |
|
82 | 69 | )) |
|
83 | 70 | |
|
84 | 71 | compare_page = ComparePage(response) |
|
85 | 72 | compare_page.contains_change_summary(*file_changes) |
|
86 | 73 | response.mustcontain('Collapse 1 commit') |
|
87 | 74 | |
|
88 | 75 | def test_diff_sidebyside_two_commits(self, app, backend): |
|
89 | 76 | commit_id_range = { |
|
90 | 77 | 'hg': { |
|
91 | 78 | 'commits': ['4fdd71e9427417b2e904e0464c634fdee85ec5a7', |
|
92 | 79 | '603d6c72c46d953420c89d36372f08d9f305f5dd'], |
|
93 | 80 | 'changes': (32, 1165, 308), |
|
94 | 81 | }, |
|
95 | 82 | 'git': { |
|
96 | 83 | 'commits': ['f5fbf9cfd5f1f1be146f6d3b38bcd791a7480c13', |
|
97 | 84 | '03fa803d7e9fb14daa9a3089e0d1494eda75d986'], |
|
98 | 85 | 'changes': (31, 1163, 306), |
|
99 | 86 | }, |
|
100 | 87 | |
|
101 | 88 | 'svn': { |
|
102 | 89 | 'commits': ['335', |
|
103 | 90 | '337'], |
|
104 | 91 | 'changes': (32, 1179, 310), |
|
105 | 92 | }, |
|
106 | 93 | } |
|
107 | 94 | |
|
108 | 95 | commit_info = commit_id_range[backend.alias] |
|
109 | 96 | commit2, commit1 = commit_info['commits'] |
|
110 | 97 | file_changes = commit_info['changes'] |
|
111 | 98 | |
|
112 | 99 | response = self.app.get(route_path( |
|
113 | 100 | 'repo_compare', |
|
114 | 101 | repo_name=backend.repo_name, |
|
115 | 102 | source_ref_type='rev', |
|
116 | 103 | source_ref=commit2, |
|
117 | 104 | target_repo=backend.repo_name, |
|
118 | 105 | target_ref_type='rev', |
|
119 | 106 | target_ref=commit1, |
|
120 | 107 | params=dict(target_repo=backend.repo_name, diffmode='sidebyside') |
|
121 | 108 | )) |
|
122 | 109 | |
|
123 | 110 | compare_page = ComparePage(response) |
|
124 | 111 | compare_page.contains_change_summary(*file_changes) |
|
125 | 112 | |
|
126 | 113 | response.mustcontain('Collapse 2 commits') |
|
127 | 114 | |
|
128 | 115 | def test_diff_sidebyside_collapsed_commits(self, app, backend_svn): |
|
129 | 116 | commit_id_range = { |
|
130 | 117 | |
|
131 | 118 | 'svn': { |
|
132 | 119 | 'commits': ['330', |
|
133 | 120 | '337'], |
|
134 | 121 | |
|
135 | 122 | }, |
|
136 | 123 | } |
|
137 | 124 | |
|
138 | 125 | commit_info = commit_id_range['svn'] |
|
139 | 126 | commit2, commit1 = commit_info['commits'] |
|
140 | 127 | |
|
141 | 128 | response = self.app.get(route_path( |
|
142 | 129 | 'repo_compare', |
|
143 | 130 | repo_name=backend_svn.repo_name, |
|
144 | 131 | source_ref_type='rev', |
|
145 | 132 | source_ref=commit2, |
|
146 | 133 | target_repo=backend_svn.repo_name, |
|
147 | 134 | target_ref_type='rev', |
|
148 | 135 | target_ref=commit1, |
|
149 | 136 | params=dict(target_repo=backend_svn.repo_name, diffmode='sidebyside') |
|
150 | 137 | )) |
|
151 | 138 | |
|
152 | 139 | response.mustcontain('Expand 7 commits') |
|
153 | 140 | |
|
154 | 141 | @pytest.mark.xfail(reason='GIT does not handle empty commit compare correct (missing 1 commit)') |
|
155 | 142 | def test_diff_side_by_side_from_0_commit(self, app, backend, backend_stub): |
|
156 | 143 | f_path = b'test_sidebyside_file.py' |
|
157 | 144 | commit1_content = b'content-25d7e49c18b159446c\n' |
|
158 | 145 | commit2_content = b'content-603d6c72c46d953420\n' |
|
159 | 146 | repo = backend.create_repo() |
|
160 | 147 | |
|
161 | 148 | commit1 = commit_change( |
|
162 | 149 | repo.repo_name, filename=f_path, content=commit1_content, |
|
163 | 150 | message='A', vcs_type=backend.alias, parent=None, newfile=True) |
|
164 | 151 | |
|
165 | 152 | commit2 = commit_change( |
|
166 | 153 | repo.repo_name, filename=f_path, content=commit2_content, |
|
167 | 154 | message='B, child of A', vcs_type=backend.alias, parent=commit1) |
|
168 | 155 | |
|
169 | 156 | response = self.app.get(route_path( |
|
170 | 157 | 'repo_compare', |
|
171 | 158 | repo_name=repo.repo_name, |
|
172 | 159 | source_ref_type='rev', |
|
173 | 160 | source_ref=EmptyCommit().raw_id, |
|
174 | 161 | target_ref_type='rev', |
|
175 | 162 | target_ref=commit2.raw_id, |
|
176 | 163 | params=dict(diffmode='sidebyside') |
|
177 | 164 | )) |
|
178 | 165 | |
|
179 | 166 | response.mustcontain('Collapse 2 commits') |
|
180 | 167 | response.mustcontain('123 file changed') |
|
181 | 168 | |
|
182 | 169 | response.mustcontain( |
|
183 | 170 | 'r%s:%s...r%s:%s' % ( |
|
184 | 171 | commit1.idx, commit1.short_id, commit2.idx, commit2.short_id)) |
|
185 | 172 | |
|
186 | 173 | response.mustcontain(f_path) |
|
187 | 174 | |
|
188 | 175 | @pytest.mark.xfail(reason='GIT does not handle empty commit compare correct (missing 1 commit)') |
|
189 | 176 | def test_diff_side_by_side_from_0_commit_with_file_filter(self, app, backend, backend_stub): |
|
190 | 177 | f_path = b'test_sidebyside_file.py' |
|
191 | 178 | commit1_content = b'content-25d7e49c18b159446c\n' |
|
192 | 179 | commit2_content = b'content-603d6c72c46d953420\n' |
|
193 | 180 | repo = backend.create_repo() |
|
194 | 181 | |
|
195 | 182 | commit1 = commit_change( |
|
196 | 183 | repo.repo_name, filename=f_path, content=commit1_content, |
|
197 | 184 | message='A', vcs_type=backend.alias, parent=None, newfile=True) |
|
198 | 185 | |
|
199 | 186 | commit2 = commit_change( |
|
200 | 187 | repo.repo_name, filename=f_path, content=commit2_content, |
|
201 | 188 | message='B, child of A', vcs_type=backend.alias, parent=commit1) |
|
202 | 189 | |
|
203 | 190 | response = self.app.get(route_path( |
|
204 | 191 | 'repo_compare', |
|
205 | 192 | repo_name=repo.repo_name, |
|
206 | 193 | source_ref_type='rev', |
|
207 | 194 | source_ref=EmptyCommit().raw_id, |
|
208 | 195 | target_ref_type='rev', |
|
209 | 196 | target_ref=commit2.raw_id, |
|
210 | 197 | params=dict(f_path=f_path, target_repo=repo.repo_name, diffmode='sidebyside') |
|
211 | 198 | )) |
|
212 | 199 | |
|
213 | 200 | response.mustcontain('Collapse 2 commits') |
|
214 | 201 | response.mustcontain('1 file changed') |
|
215 | 202 | |
|
216 | 203 | response.mustcontain( |
|
217 | 204 | 'r%s:%s...r%s:%s' % ( |
|
218 | 205 | commit1.idx, commit1.short_id, commit2.idx, commit2.short_id)) |
|
219 | 206 | |
|
220 | 207 | response.mustcontain(f_path) |
|
221 | 208 | |
|
222 | 209 | def test_diff_side_by_side_with_empty_file(self, app, backend, backend_stub): |
|
223 | 210 | commits = [ |
|
224 | 211 | {'message': 'First commit'}, |
|
225 | 212 | {'message': 'Second commit'}, |
|
226 | 213 | {'message': 'Commit with binary', |
|
227 | 214 | 'added': [nodes.FileNode(b'file.empty', content=b'')]}, |
|
228 | 215 | ] |
|
229 | 216 | f_path = 'file.empty' |
|
230 | 217 | repo = backend.create_repo(commits=commits) |
|
231 | 218 | commit1 = repo.get_commit(commit_idx=0) |
|
232 | 219 | commit2 = repo.get_commit(commit_idx=1) |
|
233 | 220 | commit3 = repo.get_commit(commit_idx=2) |
|
234 | 221 | |
|
235 | 222 | response = self.app.get(route_path( |
|
236 | 223 | 'repo_compare', |
|
237 | 224 | repo_name=repo.repo_name, |
|
238 | 225 | source_ref_type='rev', |
|
239 | 226 | source_ref=commit1.raw_id, |
|
240 | 227 | target_ref_type='rev', |
|
241 | 228 | target_ref=commit3.raw_id, |
|
242 | 229 | params=dict(f_path=f_path, target_repo=repo.repo_name, diffmode='sidebyside') |
|
243 | 230 | )) |
|
244 | 231 | |
|
245 | 232 | response.mustcontain('Collapse 2 commits') |
|
246 | 233 | response.mustcontain('1 file changed') |
|
247 | 234 | |
|
248 | 235 | response.mustcontain( |
|
249 | 236 | 'r%s:%s...r%s:%s' % ( |
|
250 | 237 | commit2.idx, commit2.short_id, commit3.idx, commit3.short_id)) |
|
251 | 238 | |
|
252 | 239 | response.mustcontain(f_path) |
|
253 | 240 | |
|
254 | 241 | def test_diff_sidebyside_two_commits_with_file_filter(self, app, backend): |
|
255 | 242 | commit_id_range = { |
|
256 | 243 | 'hg': { |
|
257 | 244 | 'commits': ['4fdd71e9427417b2e904e0464c634fdee85ec5a7', |
|
258 | 245 | '603d6c72c46d953420c89d36372f08d9f305f5dd'], |
|
259 | 246 | 'changes': (1, 3, 3) |
|
260 | 247 | }, |
|
261 | 248 | 'git': { |
|
262 | 249 | 'commits': ['f5fbf9cfd5f1f1be146f6d3b38bcd791a7480c13', |
|
263 | 250 | '03fa803d7e9fb14daa9a3089e0d1494eda75d986'], |
|
264 | 251 | 'changes': (1, 3, 3) |
|
265 | 252 | }, |
|
266 | 253 | |
|
267 | 254 | 'svn': { |
|
268 | 255 | 'commits': ['335', |
|
269 | 256 | '337'], |
|
270 | 257 | 'changes': (1, 3, 3) |
|
271 | 258 | }, |
|
272 | 259 | } |
|
273 | 260 | f_path = 'docs/conf.py' |
|
274 | 261 | |
|
275 | 262 | commit_info = commit_id_range[backend.alias] |
|
276 | 263 | commit2, commit1 = commit_info['commits'] |
|
277 | 264 | file_changes = commit_info['changes'] |
|
278 | 265 | |
|
279 | 266 | response = self.app.get(route_path( |
|
280 | 267 | 'repo_compare', |
|
281 | 268 | repo_name=backend.repo_name, |
|
282 | 269 | source_ref_type='rev', |
|
283 | 270 | source_ref=commit2, |
|
284 | 271 | target_ref_type='rev', |
|
285 | 272 | target_ref=commit1, |
|
286 | 273 | params=dict(f_path=f_path, target_repo=backend.repo_name, diffmode='sidebyside') |
|
287 | 274 | )) |
|
288 | 275 | |
|
289 | 276 | response.mustcontain('Collapse 2 commits') |
|
290 | 277 | |
|
291 | 278 | compare_page = ComparePage(response) |
|
292 | 279 | compare_page.contains_change_summary(*file_changes) |
@@ -1,138 +1,122 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | from rhodecode.model.auth_token import AuthTokenModel |
|
22 | 22 | from rhodecode.tests import TestController |
|
23 | ||
|
24 | ||
|
25 | def route_path(name, params=None, **kwargs): | |
|
26 | import urllib.request | |
|
27 | import urllib.parse | |
|
28 | import urllib.error | |
|
29 | ||
|
30 | base_url = { | |
|
31 | 'rss_feed_home': '/{repo_name}/feed-rss', | |
|
32 | 'atom_feed_home': '/{repo_name}/feed-atom', | |
|
33 | 'rss_feed_home_old': '/{repo_name}/feed/rss', | |
|
34 | 'atom_feed_home_old': '/{repo_name}/feed/atom', | |
|
35 | }[name].format(**kwargs) | |
|
36 | ||
|
37 | if params: | |
|
38 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
39 | return base_url | |
|
23 | from rhodecode.tests.routes import route_path | |
|
40 | 24 | |
|
41 | 25 | |
|
42 | 26 | class TestFeedView(TestController): |
|
43 | 27 | |
|
44 | 28 | @pytest.mark.parametrize("feed_type,response_types,content_type",[ |
|
45 | 29 | ('rss', ['<rss version="2.0"'], |
|
46 | 30 | "application/rss+xml"), |
|
47 | 31 | ('atom', ['xmlns="http://www.w3.org/2005/Atom"', 'xml:lang="en-us"'], |
|
48 | 32 | "application/atom+xml"), |
|
49 | 33 | ]) |
|
50 | 34 | def test_feed(self, backend, feed_type, response_types, content_type): |
|
51 | 35 | self.log_user() |
|
52 | 36 | response = self.app.get( |
|
53 | 37 | route_path('{}_feed_home'.format(feed_type), |
|
54 | 38 | repo_name=backend.repo_name)) |
|
55 | 39 | |
|
56 | 40 | for content in response_types: |
|
57 | 41 | response.mustcontain(content) |
|
58 | 42 | |
|
59 | 43 | assert response.content_type == content_type |
|
60 | 44 | |
|
61 | 45 | @pytest.mark.parametrize("feed_type, content_type", [ |
|
62 | 46 | ('rss', "application/rss+xml"), |
|
63 | 47 | ('atom', "application/atom+xml") |
|
64 | 48 | ]) |
|
65 | 49 | def test_feed_with_auth_token( |
|
66 | 50 | self, backend, user_admin, feed_type, content_type): |
|
67 | 51 | auth_token = user_admin.feed_token |
|
68 | 52 | assert auth_token != '' |
|
69 | 53 | |
|
70 | 54 | response = self.app.get( |
|
71 | 55 | route_path( |
|
72 | 56 | '{}_feed_home'.format(feed_type), |
|
73 | 57 | repo_name=backend.repo_name, |
|
74 | 58 | params=dict(auth_token=auth_token)), |
|
75 | 59 | status=200) |
|
76 | 60 | |
|
77 | 61 | assert response.content_type == content_type |
|
78 | 62 | |
|
79 | 63 | @pytest.mark.parametrize("feed_type, content_type", [ |
|
80 | 64 | ('rss', "application/rss+xml"), |
|
81 | 65 | ('atom', "application/atom+xml") |
|
82 | 66 | ]) |
|
83 | 67 | def test_feed_with_auth_token_by_uid( |
|
84 | 68 | self, backend, user_admin, feed_type, content_type): |
|
85 | 69 | auth_token = user_admin.feed_token |
|
86 | 70 | assert auth_token != '' |
|
87 | 71 | |
|
88 | 72 | response = self.app.get( |
|
89 | 73 | route_path( |
|
90 | 74 | '{}_feed_home'.format(feed_type), |
|
91 | 75 | repo_name='_{}'.format(backend.repo.repo_id), |
|
92 | 76 | params=dict(auth_token=auth_token)), |
|
93 | 77 | status=200) |
|
94 | 78 | |
|
95 | 79 | assert response.content_type == content_type |
|
96 | 80 | |
|
97 | 81 | @pytest.mark.parametrize("feed_type, content_type", [ |
|
98 | 82 | ('rss', "application/rss+xml"), |
|
99 | 83 | ('atom', "application/atom+xml") |
|
100 | 84 | ]) |
|
101 | 85 | def test_feed_old_urls_with_auth_token( |
|
102 | 86 | self, backend, user_admin, feed_type, content_type): |
|
103 | 87 | auth_token = user_admin.feed_token |
|
104 | 88 | assert auth_token != '' |
|
105 | 89 | |
|
106 | 90 | response = self.app.get( |
|
107 | 91 | route_path( |
|
108 | 92 | '{}_feed_home_old'.format(feed_type), |
|
109 | 93 | repo_name=backend.repo_name, |
|
110 | 94 | params=dict(auth_token=auth_token)), |
|
111 | 95 | status=200) |
|
112 | 96 | |
|
113 | 97 | assert response.content_type == content_type |
|
114 | 98 | |
|
115 | 99 | @pytest.mark.parametrize("feed_type", ['rss', 'atom']) |
|
116 | 100 | def test_feed_with_auth_token_of_wrong_type( |
|
117 | 101 | self, backend, user_util, feed_type): |
|
118 | 102 | user = user_util.create_user() |
|
119 | 103 | auth_token = AuthTokenModel().create( |
|
120 | 104 | user.user_id, u'test-token', -1, AuthTokenModel.cls.ROLE_API) |
|
121 | 105 | auth_token = auth_token.api_key |
|
122 | 106 | |
|
123 | 107 | self.app.get( |
|
124 | 108 | route_path( |
|
125 | 109 | '{}_feed_home'.format(feed_type), |
|
126 | 110 | repo_name=backend.repo_name, |
|
127 | 111 | params=dict(auth_token=auth_token)), |
|
128 | 112 | status=302) |
|
129 | 113 | |
|
130 | 114 | auth_token = AuthTokenModel().create( |
|
131 | 115 | user.user_id, u'test-token', -1, AuthTokenModel.cls.ROLE_FEED) |
|
132 | 116 | auth_token = auth_token.api_key |
|
133 | 117 | self.app.get( |
|
134 | 118 | route_path( |
|
135 | 119 | '{}_feed_home'.format(feed_type), |
|
136 | 120 | repo_name=backend.repo_name, |
|
137 | 121 | params=dict(auth_token=auth_token)), |
|
138 | 122 | status=200) |
@@ -1,1125 +1,1090 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import os |
|
21 | 21 | |
|
22 | 22 | import mock |
|
23 | 23 | import pytest |
|
24 | 24 | from collections import OrderedDict |
|
25 | 25 | |
|
26 | 26 | from rhodecode.apps.repository.tests.test_repo_compare import ComparePage |
|
27 | 27 | from rhodecode.apps.repository.views.repo_files import RepoFilesView, get_archive_name, get_path_sha |
|
28 | 28 | from rhodecode.lib import helpers as h |
|
29 | 29 | from rhodecode.lib.ext_json import json |
|
30 | 30 | from rhodecode.lib.str_utils import safe_str |
|
31 | 31 | from rhodecode.lib.vcs import nodes |
|
32 | 32 | from rhodecode.lib.vcs.conf import settings |
|
33 | 33 | from rhodecode.model.db import Session, Repository |
|
34 | 34 | |
|
35 | 35 | from rhodecode.tests import assert_session_flash |
|
36 | 36 | from rhodecode.tests.fixture import Fixture |
|
37 | from rhodecode.tests.routes import route_path | |
|
38 | ||
|
37 | 39 | |
|
38 | 40 | fixture = Fixture() |
|
39 | 41 | |
|
40 | 42 | |
|
41 | 43 | def get_node_history(backend_type): |
|
42 | 44 | return { |
|
43 | 45 | 'hg': json.loads(fixture.load_resource('hg_node_history_response.json')), |
|
44 | 46 | 'git': json.loads(fixture.load_resource('git_node_history_response.json')), |
|
45 | 47 | 'svn': json.loads(fixture.load_resource('svn_node_history_response.json')), |
|
46 | 48 | }[backend_type] |
|
47 | 49 | |
|
48 | 50 | |
|
49 | def route_path(name, params=None, **kwargs): | |
|
50 | import urllib.request | |
|
51 | import urllib.parse | |
|
52 | import urllib.error | |
|
53 | ||
|
54 | base_url = { | |
|
55 | 'repo_summary': '/{repo_name}', | |
|
56 | 'repo_archivefile': '/{repo_name}/archive/{fname}', | |
|
57 | 'repo_files_diff': '/{repo_name}/diff/{f_path}', | |
|
58 | 'repo_files_diff_2way_redirect': '/{repo_name}/diff-2way/{f_path}', | |
|
59 | 'repo_files': '/{repo_name}/files/{commit_id}/{f_path}', | |
|
60 | 'repo_files:default_path': '/{repo_name}/files/{commit_id}/', | |
|
61 | 'repo_files:default_commit': '/{repo_name}/files', | |
|
62 | 'repo_files:rendered': '/{repo_name}/render/{commit_id}/{f_path}', | |
|
63 | 'repo_files:annotated': '/{repo_name}/annotate/{commit_id}/{f_path}', | |
|
64 | 'repo_files:annotated_previous': '/{repo_name}/annotate-previous/{commit_id}/{f_path}', | |
|
65 | 'repo_files_nodelist': '/{repo_name}/nodelist/{commit_id}/{f_path}', | |
|
66 | 'repo_file_raw': '/{repo_name}/raw/{commit_id}/{f_path}', | |
|
67 | 'repo_file_download': '/{repo_name}/download/{commit_id}/{f_path}', | |
|
68 | 'repo_file_history': '/{repo_name}/history/{commit_id}/{f_path}', | |
|
69 | 'repo_file_authors': '/{repo_name}/authors/{commit_id}/{f_path}', | |
|
70 | 'repo_files_remove_file': '/{repo_name}/remove_file/{commit_id}/{f_path}', | |
|
71 | 'repo_files_delete_file': '/{repo_name}/delete_file/{commit_id}/{f_path}', | |
|
72 | 'repo_files_edit_file': '/{repo_name}/edit_file/{commit_id}/{f_path}', | |
|
73 | 'repo_files_update_file': '/{repo_name}/update_file/{commit_id}/{f_path}', | |
|
74 | 'repo_files_add_file': '/{repo_name}/add_file/{commit_id}/{f_path}', | |
|
75 | 'repo_files_upload_file': '/{repo_name}/upload_file/{commit_id}/{f_path}', | |
|
76 | 'repo_files_create_file': '/{repo_name}/create_file/{commit_id}/{f_path}', | |
|
77 | 'repo_nodetree_full': '/{repo_name}/nodetree_full/{commit_id}/{f_path}', | |
|
78 | 'repo_nodetree_full:default_path': '/{repo_name}/nodetree_full/{commit_id}/', | |
|
79 | }[name].format(**kwargs) | |
|
80 | ||
|
81 | if params: | |
|
82 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
83 | return base_url | |
|
84 | ||
|
85 | ||
|
86 | 51 | def assert_files_in_response(response, files, params): |
|
87 | 52 | template = ( |
|
88 | 53 | 'href="/%(repo_name)s/files/%(commit_id)s/%(name)s"') |
|
89 | 54 | _assert_items_in_response(response, files, template, params) |
|
90 | 55 | |
|
91 | 56 | |
|
92 | 57 | def assert_dirs_in_response(response, dirs, params): |
|
93 | 58 | template = ( |
|
94 | 59 | 'href="/%(repo_name)s/files/%(commit_id)s/%(name)s"') |
|
95 | 60 | _assert_items_in_response(response, dirs, template, params) |
|
96 | 61 | |
|
97 | 62 | |
|
98 | 63 | def _assert_items_in_response(response, items, template, params): |
|
99 | 64 | for item in items: |
|
100 | 65 | item_params = {'name': item} |
|
101 | 66 | item_params.update(params) |
|
102 | 67 | response.mustcontain(template % item_params) |
|
103 | 68 | |
|
104 | 69 | |
|
105 | 70 | def assert_timeago_in_response(response, items, params): |
|
106 | 71 | for item in items: |
|
107 | 72 | response.mustcontain(h.age_component(params['date'])) |
|
108 | 73 | |
|
109 | 74 | |
|
110 | 75 | @pytest.mark.usefixtures("app") |
|
111 | 76 | class TestFilesViews(object): |
|
112 | 77 | |
|
113 | 78 | def test_show_files(self, backend): |
|
114 | 79 | response = self.app.get( |
|
115 | 80 | route_path('repo_files', |
|
116 | 81 | repo_name=backend.repo_name, |
|
117 | 82 | commit_id='tip', f_path='/')) |
|
118 | 83 | commit = backend.repo.get_commit() |
|
119 | 84 | |
|
120 | 85 | params = { |
|
121 | 86 | 'repo_name': backend.repo_name, |
|
122 | 87 | 'commit_id': commit.raw_id, |
|
123 | 88 | 'date': commit.date |
|
124 | 89 | } |
|
125 | 90 | assert_dirs_in_response(response, ['docs', 'vcs'], params) |
|
126 | 91 | files = [ |
|
127 | 92 | '.gitignore', |
|
128 | 93 | '.hgignore', |
|
129 | 94 | '.hgtags', |
|
130 | 95 | # TODO: missing in Git |
|
131 | 96 | # '.travis.yml', |
|
132 | 97 | 'MANIFEST.in', |
|
133 | 98 | 'README.rst', |
|
134 | 99 | # TODO: File is missing in svn repository |
|
135 | 100 | # 'run_test_and_report.sh', |
|
136 | 101 | 'setup.cfg', |
|
137 | 102 | 'setup.py', |
|
138 | 103 | 'test_and_report.sh', |
|
139 | 104 | 'tox.ini', |
|
140 | 105 | ] |
|
141 | 106 | assert_files_in_response(response, files, params) |
|
142 | 107 | assert_timeago_in_response(response, files, params) |
|
143 | 108 | |
|
144 | 109 | def test_show_files_links_submodules_with_absolute_url(self, backend_hg): |
|
145 | 110 | repo = backend_hg['subrepos'] |
|
146 | 111 | response = self.app.get( |
|
147 | 112 | route_path('repo_files', |
|
148 | 113 | repo_name=repo.repo_name, |
|
149 | 114 | commit_id='tip', f_path='/')) |
|
150 | 115 | assert_response = response.assert_response() |
|
151 | 116 | assert_response.contains_one_link( |
|
152 | 117 | 'absolute-path @ 000000000000', 'http://example.com/absolute-path') |
|
153 | 118 | |
|
154 | 119 | def test_show_files_links_submodules_with_absolute_url_subpaths( |
|
155 | 120 | self, backend_hg): |
|
156 | 121 | repo = backend_hg['subrepos'] |
|
157 | 122 | response = self.app.get( |
|
158 | 123 | route_path('repo_files', |
|
159 | 124 | repo_name=repo.repo_name, |
|
160 | 125 | commit_id='tip', f_path='/')) |
|
161 | 126 | assert_response = response.assert_response() |
|
162 | 127 | assert_response.contains_one_link( |
|
163 | 128 | 'subpaths-path @ 000000000000', |
|
164 | 129 | 'http://sub-base.example.com/subpaths-path') |
|
165 | 130 | |
|
166 | 131 | @pytest.mark.xfail_backends("svn", reason="Depends on branch support") |
|
167 | 132 | def test_files_menu(self, backend): |
|
168 | 133 | new_branch = "temp_branch_name" |
|
169 | 134 | commits = [ |
|
170 | 135 | {'message': 'a'}, |
|
171 | 136 | {'message': 'b', 'branch': new_branch} |
|
172 | 137 | ] |
|
173 | 138 | backend.create_repo(commits) |
|
174 | 139 | backend.repo.landing_rev = f"branch:{new_branch}" |
|
175 | 140 | Session().commit() |
|
176 | 141 | |
|
177 | 142 | # get response based on tip and not new commit |
|
178 | 143 | response = self.app.get( |
|
179 | 144 | route_path('repo_files', |
|
180 | 145 | repo_name=backend.repo_name, |
|
181 | 146 | commit_id='tip', f_path='/')) |
|
182 | 147 | |
|
183 | 148 | # make sure Files menu url is not tip but new commit |
|
184 | 149 | landing_rev = backend.repo.landing_ref_name |
|
185 | 150 | files_url = route_path('repo_files:default_path', |
|
186 | 151 | repo_name=backend.repo_name, |
|
187 | 152 | commit_id=landing_rev, params={'at': landing_rev}) |
|
188 | 153 | |
|
189 | 154 | assert landing_rev != 'tip' |
|
190 | 155 | response.mustcontain(f'<li class="active"><a class="menulink" href="{files_url}">') |
|
191 | 156 | |
|
192 | 157 | def test_show_files_commit(self, backend): |
|
193 | 158 | commit = backend.repo.get_commit(commit_idx=32) |
|
194 | 159 | |
|
195 | 160 | response = self.app.get( |
|
196 | 161 | route_path('repo_files', |
|
197 | 162 | repo_name=backend.repo_name, |
|
198 | 163 | commit_id=commit.raw_id, f_path='/')) |
|
199 | 164 | |
|
200 | 165 | dirs = ['docs', 'tests'] |
|
201 | 166 | files = ['README.rst'] |
|
202 | 167 | params = { |
|
203 | 168 | 'repo_name': backend.repo_name, |
|
204 | 169 | 'commit_id': commit.raw_id, |
|
205 | 170 | } |
|
206 | 171 | assert_dirs_in_response(response, dirs, params) |
|
207 | 172 | assert_files_in_response(response, files, params) |
|
208 | 173 | |
|
209 | 174 | def test_show_files_different_branch(self, backend): |
|
210 | 175 | branches = dict( |
|
211 | 176 | hg=(150, ['git']), |
|
212 | 177 | # TODO: Git test repository does not contain other branches |
|
213 | 178 | git=(633, ['master']), |
|
214 | 179 | # TODO: Branch support in Subversion |
|
215 | 180 | svn=(150, []) |
|
216 | 181 | ) |
|
217 | 182 | idx, branches = branches[backend.alias] |
|
218 | 183 | commit = backend.repo.get_commit(commit_idx=idx) |
|
219 | 184 | response = self.app.get( |
|
220 | 185 | route_path('repo_files', |
|
221 | 186 | repo_name=backend.repo_name, |
|
222 | 187 | commit_id=commit.raw_id, f_path='/')) |
|
223 | 188 | |
|
224 | 189 | assert_response = response.assert_response() |
|
225 | 190 | for branch in branches: |
|
226 | 191 | assert_response.element_contains('.tags .branchtag', branch) |
|
227 | 192 | |
|
228 | 193 | def test_show_files_paging(self, backend): |
|
229 | 194 | repo = backend.repo |
|
230 | 195 | indexes = [73, 92, 109, 1, 0] |
|
231 | 196 | idx_map = [(rev, repo.get_commit(commit_idx=rev).raw_id) |
|
232 | 197 | for rev in indexes] |
|
233 | 198 | |
|
234 | 199 | for idx in idx_map: |
|
235 | 200 | response = self.app.get( |
|
236 | 201 | route_path('repo_files', |
|
237 | 202 | repo_name=backend.repo_name, |
|
238 | 203 | commit_id=idx[1], f_path='/')) |
|
239 | 204 | |
|
240 | 205 | response.mustcontain("""r%s:%s""" % (idx[0], idx[1][:8])) |
|
241 | 206 | |
|
242 | 207 | def test_file_source(self, backend): |
|
243 | 208 | commit = backend.repo.get_commit(commit_idx=167) |
|
244 | 209 | response = self.app.get( |
|
245 | 210 | route_path('repo_files', |
|
246 | 211 | repo_name=backend.repo_name, |
|
247 | 212 | commit_id=commit.raw_id, f_path='vcs/nodes.py')) |
|
248 | 213 | |
|
249 | 214 | msgbox = """<div class="commit">%s</div>""" |
|
250 | 215 | response.mustcontain(msgbox % (commit.message, )) |
|
251 | 216 | |
|
252 | 217 | assert_response = response.assert_response() |
|
253 | 218 | if commit.branch: |
|
254 | 219 | assert_response.element_contains( |
|
255 | 220 | '.tags.tags-main .branchtag', commit.branch) |
|
256 | 221 | if commit.tags: |
|
257 | 222 | for tag in commit.tags: |
|
258 | 223 | assert_response.element_contains('.tags.tags-main .tagtag', tag) |
|
259 | 224 | |
|
260 | 225 | def test_file_source_annotated(self, backend): |
|
261 | 226 | response = self.app.get( |
|
262 | 227 | route_path('repo_files:annotated', |
|
263 | 228 | repo_name=backend.repo_name, |
|
264 | 229 | commit_id='tip', f_path='vcs/nodes.py')) |
|
265 | 230 | expected_commits = { |
|
266 | 231 | 'hg': 'r356', |
|
267 | 232 | 'git': 'r345', |
|
268 | 233 | 'svn': 'r208', |
|
269 | 234 | } |
|
270 | 235 | response.mustcontain(expected_commits[backend.alias]) |
|
271 | 236 | |
|
272 | 237 | def test_file_source_authors(self, backend): |
|
273 | 238 | response = self.app.get( |
|
274 | 239 | route_path('repo_file_authors', |
|
275 | 240 | repo_name=backend.repo_name, |
|
276 | 241 | commit_id='tip', f_path='vcs/nodes.py')) |
|
277 | 242 | expected_authors = { |
|
278 | 243 | 'hg': ('Marcin Kuzminski', 'Lukasz Balcerzak'), |
|
279 | 244 | 'git': ('Marcin Kuzminski', 'Lukasz Balcerzak'), |
|
280 | 245 | 'svn': ('marcin', 'lukasz'), |
|
281 | 246 | } |
|
282 | 247 | |
|
283 | 248 | for author in expected_authors[backend.alias]: |
|
284 | 249 | response.mustcontain(author) |
|
285 | 250 | |
|
286 | 251 | def test_file_source_authors_with_annotation(self, backend): |
|
287 | 252 | response = self.app.get( |
|
288 | 253 | route_path('repo_file_authors', |
|
289 | 254 | repo_name=backend.repo_name, |
|
290 | 255 | commit_id='tip', f_path='vcs/nodes.py', |
|
291 | 256 | params=dict(annotate=1))) |
|
292 | 257 | expected_authors = { |
|
293 | 258 | 'hg': ('Marcin Kuzminski', 'Lukasz Balcerzak'), |
|
294 | 259 | 'git': ('Marcin Kuzminski', 'Lukasz Balcerzak'), |
|
295 | 260 | 'svn': ('marcin', 'lukasz'), |
|
296 | 261 | } |
|
297 | 262 | |
|
298 | 263 | for author in expected_authors[backend.alias]: |
|
299 | 264 | response.mustcontain(author) |
|
300 | 265 | |
|
301 | 266 | def test_file_source_history(self, backend, xhr_header): |
|
302 | 267 | response = self.app.get( |
|
303 | 268 | route_path('repo_file_history', |
|
304 | 269 | repo_name=backend.repo_name, |
|
305 | 270 | commit_id='tip', f_path='vcs/nodes.py'), |
|
306 | 271 | extra_environ=xhr_header) |
|
307 | 272 | assert get_node_history(backend.alias) == json.loads(response.body) |
|
308 | 273 | |
|
309 | 274 | def test_file_source_history_svn(self, backend_svn, xhr_header): |
|
310 | 275 | simple_repo = backend_svn['svn-simple-layout'] |
|
311 | 276 | response = self.app.get( |
|
312 | 277 | route_path('repo_file_history', |
|
313 | 278 | repo_name=simple_repo.repo_name, |
|
314 | 279 | commit_id='tip', f_path='trunk/example.py'), |
|
315 | 280 | extra_environ=xhr_header) |
|
316 | 281 | |
|
317 | 282 | expected_data = json.loads( |
|
318 | 283 | fixture.load_resource('svn_node_history_branches.json')) |
|
319 | 284 | |
|
320 | 285 | assert expected_data == response.json |
|
321 | 286 | |
|
322 | 287 | def test_file_source_history_with_annotation(self, backend, xhr_header): |
|
323 | 288 | response = self.app.get( |
|
324 | 289 | route_path('repo_file_history', |
|
325 | 290 | repo_name=backend.repo_name, |
|
326 | 291 | commit_id='tip', f_path='vcs/nodes.py', |
|
327 | 292 | params=dict(annotate=1)), |
|
328 | 293 | |
|
329 | 294 | extra_environ=xhr_header) |
|
330 | 295 | assert get_node_history(backend.alias) == json.loads(response.body) |
|
331 | 296 | |
|
332 | 297 | def test_tree_search_top_level(self, backend, xhr_header): |
|
333 | 298 | commit = backend.repo.get_commit(commit_idx=173) |
|
334 | 299 | response = self.app.get( |
|
335 | 300 | route_path('repo_files_nodelist', |
|
336 | 301 | repo_name=backend.repo_name, |
|
337 | 302 | commit_id=commit.raw_id, f_path='/'), |
|
338 | 303 | extra_environ=xhr_header) |
|
339 | 304 | assert 'nodes' in response.json |
|
340 | 305 | assert {'name': 'docs', 'type': 'dir'} in response.json['nodes'] |
|
341 | 306 | |
|
342 | 307 | def test_tree_search_missing_xhr(self, backend): |
|
343 | 308 | self.app.get( |
|
344 | 309 | route_path('repo_files_nodelist', |
|
345 | 310 | repo_name=backend.repo_name, |
|
346 | 311 | commit_id='tip', f_path='/'), |
|
347 | 312 | status=404) |
|
348 | 313 | |
|
349 | 314 | def test_tree_search_at_path(self, backend, xhr_header): |
|
350 | 315 | commit = backend.repo.get_commit(commit_idx=173) |
|
351 | 316 | response = self.app.get( |
|
352 | 317 | route_path('repo_files_nodelist', |
|
353 | 318 | repo_name=backend.repo_name, |
|
354 | 319 | commit_id=commit.raw_id, f_path='/docs'), |
|
355 | 320 | extra_environ=xhr_header) |
|
356 | 321 | assert 'nodes' in response.json |
|
357 | 322 | nodes = response.json['nodes'] |
|
358 | 323 | assert {'name': 'docs/api', 'type': 'dir'} in nodes |
|
359 | 324 | assert {'name': 'docs/index.rst', 'type': 'file'} in nodes |
|
360 | 325 | |
|
361 | 326 | def test_tree_search_at_path_2nd_level(self, backend, xhr_header): |
|
362 | 327 | commit = backend.repo.get_commit(commit_idx=173) |
|
363 | 328 | response = self.app.get( |
|
364 | 329 | route_path('repo_files_nodelist', |
|
365 | 330 | repo_name=backend.repo_name, |
|
366 | 331 | commit_id=commit.raw_id, f_path='/docs/api'), |
|
367 | 332 | extra_environ=xhr_header) |
|
368 | 333 | assert 'nodes' in response.json |
|
369 | 334 | nodes = response.json['nodes'] |
|
370 | 335 | assert {'name': 'docs/api/index.rst', 'type': 'file'} in nodes |
|
371 | 336 | |
|
372 | 337 | def test_tree_search_at_path_missing_xhr(self, backend): |
|
373 | 338 | self.app.get( |
|
374 | 339 | route_path('repo_files_nodelist', |
|
375 | 340 | repo_name=backend.repo_name, |
|
376 | 341 | commit_id='tip', f_path='/docs'), |
|
377 | 342 | status=404) |
|
378 | 343 | |
|
379 | 344 | def test_nodetree(self, backend, xhr_header): |
|
380 | 345 | commit = backend.repo.get_commit(commit_idx=173) |
|
381 | 346 | response = self.app.get( |
|
382 | 347 | route_path('repo_nodetree_full', |
|
383 | 348 | repo_name=backend.repo_name, |
|
384 | 349 | commit_id=commit.raw_id, f_path='/'), |
|
385 | 350 | extra_environ=xhr_header) |
|
386 | 351 | |
|
387 | 352 | assert_response = response.assert_response() |
|
388 | 353 | |
|
389 | 354 | for attr in ['data-commit-id', 'data-date', 'data-author']: |
|
390 | 355 | elements = assert_response.get_elements('[{}]'.format(attr)) |
|
391 | 356 | assert len(elements) > 1 |
|
392 | 357 | |
|
393 | 358 | for element in elements: |
|
394 | 359 | assert element.get(attr) |
|
395 | 360 | |
|
396 | 361 | def test_nodetree_if_file(self, backend, xhr_header): |
|
397 | 362 | commit = backend.repo.get_commit(commit_idx=173) |
|
398 | 363 | response = self.app.get( |
|
399 | 364 | route_path('repo_nodetree_full', |
|
400 | 365 | repo_name=backend.repo_name, |
|
401 | 366 | commit_id=commit.raw_id, f_path='README.rst'), |
|
402 | 367 | extra_environ=xhr_header) |
|
403 | 368 | assert response.text == '' |
|
404 | 369 | |
|
405 | 370 | def test_nodetree_wrong_path(self, backend, xhr_header): |
|
406 | 371 | commit = backend.repo.get_commit(commit_idx=173) |
|
407 | 372 | response = self.app.get( |
|
408 | 373 | route_path('repo_nodetree_full', |
|
409 | 374 | repo_name=backend.repo_name, |
|
410 | 375 | commit_id=commit.raw_id, f_path='/dont-exist'), |
|
411 | 376 | extra_environ=xhr_header) |
|
412 | 377 | |
|
413 | 378 | err = 'error: There is no file nor ' \ |
|
414 | 379 | 'directory at the given path' |
|
415 | 380 | assert err in response.text |
|
416 | 381 | |
|
417 | 382 | def test_nodetree_missing_xhr(self, backend): |
|
418 | 383 | self.app.get( |
|
419 | 384 | route_path('repo_nodetree_full', |
|
420 | 385 | repo_name=backend.repo_name, |
|
421 | 386 | commit_id='tip', f_path='/'), |
|
422 | 387 | status=404) |
|
423 | 388 | |
|
424 | 389 | |
|
425 | 390 | @pytest.mark.usefixtures("app", "autologin_user") |
|
426 | 391 | class TestRawFileHandling(object): |
|
427 | 392 | |
|
428 | 393 | def test_download_file(self, backend): |
|
429 | 394 | commit = backend.repo.get_commit(commit_idx=173) |
|
430 | 395 | response = self.app.get( |
|
431 | 396 | route_path('repo_file_download', |
|
432 | 397 | repo_name=backend.repo_name, |
|
433 | 398 | commit_id=commit.raw_id, f_path='vcs/nodes.py'),) |
|
434 | 399 | |
|
435 | 400 | assert response.content_disposition == 'attachment; filename="nodes.py"; filename*=UTF-8\'\'nodes.py' |
|
436 | 401 | assert response.content_type == "text/x-python" |
|
437 | 402 | |
|
438 | 403 | def test_download_file_wrong_cs(self, backend): |
|
439 | 404 | raw_id = u'ERRORce30c96924232dffcd24178a07ffeb5dfc' |
|
440 | 405 | |
|
441 | 406 | response = self.app.get( |
|
442 | 407 | route_path('repo_file_download', |
|
443 | 408 | repo_name=backend.repo_name, |
|
444 | 409 | commit_id=raw_id, f_path='vcs/nodes.svg'), |
|
445 | 410 | status=404) |
|
446 | 411 | |
|
447 | 412 | msg = """No such commit exists for this repository""" |
|
448 | 413 | response.mustcontain(msg) |
|
449 | 414 | |
|
450 | 415 | def test_download_file_wrong_f_path(self, backend): |
|
451 | 416 | commit = backend.repo.get_commit(commit_idx=173) |
|
452 | 417 | f_path = 'vcs/ERRORnodes.py' |
|
453 | 418 | |
|
454 | 419 | response = self.app.get( |
|
455 | 420 | route_path('repo_file_download', |
|
456 | 421 | repo_name=backend.repo_name, |
|
457 | 422 | commit_id=commit.raw_id, f_path=f_path), |
|
458 | 423 | status=404) |
|
459 | 424 | |
|
460 | 425 | msg = ( |
|
461 | 426 | "There is no file nor directory at the given path: " |
|
462 | 427 | "`%s` at commit %s" % (f_path, commit.short_id)) |
|
463 | 428 | response.mustcontain(msg) |
|
464 | 429 | |
|
465 | 430 | def test_file_raw(self, backend): |
|
466 | 431 | commit = backend.repo.get_commit(commit_idx=173) |
|
467 | 432 | response = self.app.get( |
|
468 | 433 | route_path('repo_file_raw', |
|
469 | 434 | repo_name=backend.repo_name, |
|
470 | 435 | commit_id=commit.raw_id, f_path='vcs/nodes.py'),) |
|
471 | 436 | |
|
472 | 437 | assert response.content_type == "text/plain" |
|
473 | 438 | |
|
474 | 439 | def test_file_raw_binary(self, backend): |
|
475 | 440 | commit = backend.repo.get_commit() |
|
476 | 441 | response = self.app.get( |
|
477 | 442 | route_path('repo_file_raw', |
|
478 | 443 | repo_name=backend.repo_name, |
|
479 | 444 | commit_id=commit.raw_id, |
|
480 | 445 | f_path='docs/theme/ADC/static/breadcrumb_background.png'),) |
|
481 | 446 | |
|
482 | 447 | assert response.content_disposition == 'inline' |
|
483 | 448 | |
|
484 | 449 | def test_raw_file_wrong_cs(self, backend): |
|
485 | 450 | raw_id = u'ERRORcce30c96924232dffcd24178a07ffeb5dfc' |
|
486 | 451 | |
|
487 | 452 | response = self.app.get( |
|
488 | 453 | route_path('repo_file_raw', |
|
489 | 454 | repo_name=backend.repo_name, |
|
490 | 455 | commit_id=raw_id, f_path='vcs/nodes.svg'), |
|
491 | 456 | status=404) |
|
492 | 457 | |
|
493 | 458 | msg = """No such commit exists for this repository""" |
|
494 | 459 | response.mustcontain(msg) |
|
495 | 460 | |
|
496 | 461 | def test_raw_wrong_f_path(self, backend): |
|
497 | 462 | commit = backend.repo.get_commit(commit_idx=173) |
|
498 | 463 | f_path = 'vcs/ERRORnodes.py' |
|
499 | 464 | response = self.app.get( |
|
500 | 465 | route_path('repo_file_raw', |
|
501 | 466 | repo_name=backend.repo_name, |
|
502 | 467 | commit_id=commit.raw_id, f_path=f_path), |
|
503 | 468 | status=404) |
|
504 | 469 | |
|
505 | 470 | msg = ( |
|
506 | 471 | "There is no file nor directory at the given path: " |
|
507 | 472 | "`%s` at commit %s" % (f_path, commit.short_id)) |
|
508 | 473 | response.mustcontain(msg) |
|
509 | 474 | |
|
510 | 475 | def test_raw_svg_should_not_be_rendered(self, backend): |
|
511 | 476 | backend.create_repo() |
|
512 | 477 | backend.ensure_file(b"xss.svg") |
|
513 | 478 | response = self.app.get( |
|
514 | 479 | route_path('repo_file_raw', |
|
515 | 480 | repo_name=backend.repo_name, |
|
516 | 481 | commit_id='tip', f_path='xss.svg'),) |
|
517 | 482 | # If the content type is image/svg+xml then it allows to render HTML |
|
518 | 483 | # and malicious SVG. |
|
519 | 484 | assert response.content_type == "text/plain" |
|
520 | 485 | |
|
521 | 486 | |
|
522 | 487 | @pytest.mark.usefixtures("app") |
|
523 | 488 | class TestRepositoryArchival(object): |
|
524 | 489 | |
|
525 | 490 | def test_archival(self, backend): |
|
526 | 491 | backend.enable_downloads() |
|
527 | 492 | commit = backend.repo.get_commit(commit_idx=173) |
|
528 | 493 | |
|
529 | 494 | for a_type, content_type, extension in settings.ARCHIVE_SPECS: |
|
530 | 495 | path_sha = get_path_sha('/') |
|
531 | 496 | filename = get_archive_name(backend.repo_id, backend.repo_name, commit_sha=commit.short_id, ext=extension, path_sha=path_sha) |
|
532 | 497 | |
|
533 | 498 | fname = commit.raw_id + extension |
|
534 | 499 | response = self.app.get( |
|
535 | 500 | route_path('repo_archivefile', |
|
536 | 501 | repo_name=backend.repo_name, |
|
537 | 502 | fname=fname)) |
|
538 | 503 | |
|
539 | 504 | assert response.status == '200 OK' |
|
540 | 505 | headers = [ |
|
541 | 506 | ('Content-Disposition', f'attachment; filename={filename}'), |
|
542 | 507 | ('Content-Type', content_type), |
|
543 | 508 | ] |
|
544 | 509 | |
|
545 | 510 | for header in headers: |
|
546 | 511 | assert header in list(response.headers.items()) |
|
547 | 512 | |
|
548 | 513 | def test_archival_no_hash(self, backend): |
|
549 | 514 | backend.enable_downloads() |
|
550 | 515 | commit = backend.repo.get_commit(commit_idx=173) |
|
551 | 516 | for a_type, content_type, extension in settings.ARCHIVE_SPECS: |
|
552 | 517 | path_sha = get_path_sha('/') |
|
553 | 518 | filename = get_archive_name(backend.repo_id, backend.repo_name, commit_sha=commit.short_id, ext=extension, path_sha=path_sha, with_hash=False) |
|
554 | 519 | |
|
555 | 520 | fname = commit.raw_id + extension |
|
556 | 521 | response = self.app.get( |
|
557 | 522 | route_path('repo_archivefile', |
|
558 | 523 | repo_name=backend.repo_name, |
|
559 | 524 | fname=fname, params={'with_hash': 0})) |
|
560 | 525 | |
|
561 | 526 | assert response.status == '200 OK' |
|
562 | 527 | headers = [ |
|
563 | 528 | ('Content-Disposition', f'attachment; filename={filename}'), |
|
564 | 529 | ('Content-Type', content_type), |
|
565 | 530 | ] |
|
566 | 531 | |
|
567 | 532 | for header in headers: |
|
568 | 533 | assert header in list(response.headers.items()) |
|
569 | 534 | |
|
570 | 535 | def test_archival_at_path(self, backend): |
|
571 | 536 | backend.enable_downloads() |
|
572 | 537 | commit = backend.repo.get_commit(commit_idx=190) |
|
573 | 538 | at_path = 'vcs' |
|
574 | 539 | |
|
575 | 540 | for a_type, content_type, extension in settings.ARCHIVE_SPECS: |
|
576 | 541 | path_sha = get_path_sha(at_path) |
|
577 | 542 | filename = get_archive_name(backend.repo_id, backend.repo_name, commit_sha=commit.short_id, ext=extension, path_sha=path_sha) |
|
578 | 543 | |
|
579 | 544 | fname = commit.raw_id + extension |
|
580 | 545 | response = self.app.get( |
|
581 | 546 | route_path('repo_archivefile', |
|
582 | 547 | repo_name=backend.repo_name, |
|
583 | 548 | fname=fname, params={'at_path': at_path})) |
|
584 | 549 | |
|
585 | 550 | assert response.status == '200 OK' |
|
586 | 551 | headers = [ |
|
587 | 552 | ('Content-Disposition', f'attachment; filename={filename}'), |
|
588 | 553 | ('Content-Type', content_type), |
|
589 | 554 | ] |
|
590 | 555 | |
|
591 | 556 | for header in headers: |
|
592 | 557 | assert header in list(response.headers.items()) |
|
593 | 558 | |
|
594 | 559 | @pytest.mark.parametrize('arch_ext',[ |
|
595 | 560 | 'tar', 'rar', 'x', '..ax', '.zipz', 'tar.gz.tar']) |
|
596 | 561 | def test_archival_wrong_ext(self, backend, arch_ext): |
|
597 | 562 | backend.enable_downloads() |
|
598 | 563 | commit = backend.repo.get_commit(commit_idx=173) |
|
599 | 564 | |
|
600 | 565 | fname = commit.raw_id + '.' + arch_ext |
|
601 | 566 | |
|
602 | 567 | response = self.app.get( |
|
603 | 568 | route_path('repo_archivefile', |
|
604 | 569 | repo_name=backend.repo_name, |
|
605 | 570 | fname=fname)) |
|
606 | 571 | response.mustcontain( |
|
607 | 572 | 'Unknown archive type for: `{}`'.format(fname)) |
|
608 | 573 | |
|
609 | 574 | @pytest.mark.parametrize('commit_id', [ |
|
610 | 575 | '00x000000', 'tar', 'wrong', '@$@$42413232', '232dffcd']) |
|
611 | 576 | def test_archival_wrong_commit_id(self, backend, commit_id): |
|
612 | 577 | backend.enable_downloads() |
|
613 | 578 | fname = f'{commit_id}.zip' |
|
614 | 579 | |
|
615 | 580 | response = self.app.get( |
|
616 | 581 | route_path('repo_archivefile', |
|
617 | 582 | repo_name=backend.repo_name, |
|
618 | 583 | fname=fname)) |
|
619 | 584 | response.mustcontain('Unknown commit_id') |
|
620 | 585 | |
|
621 | 586 | |
|
622 | 587 | @pytest.mark.usefixtures("app") |
|
623 | 588 | class TestFilesDiff(object): |
|
624 | 589 | |
|
625 | 590 | @pytest.mark.parametrize("diff", ['diff', 'download', 'raw']) |
|
626 | 591 | def test_file_full_diff(self, backend, diff): |
|
627 | 592 | commit1 = backend.repo.get_commit(commit_idx=-1) |
|
628 | 593 | commit2 = backend.repo.get_commit(commit_idx=-2) |
|
629 | 594 | |
|
630 | 595 | response = self.app.get( |
|
631 | 596 | route_path('repo_files_diff', |
|
632 | 597 | repo_name=backend.repo_name, |
|
633 | 598 | f_path='README'), |
|
634 | 599 | params={ |
|
635 | 600 | 'diff1': commit2.raw_id, |
|
636 | 601 | 'diff2': commit1.raw_id, |
|
637 | 602 | 'fulldiff': '1', |
|
638 | 603 | 'diff': diff, |
|
639 | 604 | }) |
|
640 | 605 | |
|
641 | 606 | if diff == 'diff': |
|
642 | 607 | # use redirect since this is OLD view redirecting to compare page |
|
643 | 608 | response = response.follow() |
|
644 | 609 | |
|
645 | 610 | # It's a symlink to README.rst |
|
646 | 611 | response.mustcontain('README.rst') |
|
647 | 612 | response.mustcontain('No newline at end of file') |
|
648 | 613 | |
|
649 | 614 | def test_file_binary_diff(self, backend): |
|
650 | 615 | commits = [ |
|
651 | 616 | {'message': 'First commit'}, |
|
652 | 617 | {'message': 'Commit with binary', |
|
653 | 618 | 'added': [nodes.FileNode(b'file.bin', content='\0BINARY\0')]}, |
|
654 | 619 | ] |
|
655 | 620 | repo = backend.create_repo(commits=commits) |
|
656 | 621 | |
|
657 | 622 | response = self.app.get( |
|
658 | 623 | route_path('repo_files_diff', |
|
659 | 624 | repo_name=backend.repo_name, |
|
660 | 625 | f_path='file.bin'), |
|
661 | 626 | params={ |
|
662 | 627 | 'diff1': repo.get_commit(commit_idx=0).raw_id, |
|
663 | 628 | 'diff2': repo.get_commit(commit_idx=1).raw_id, |
|
664 | 629 | 'fulldiff': '1', |
|
665 | 630 | 'diff': 'diff', |
|
666 | 631 | }) |
|
667 | 632 | # use redirect since this is OLD view redirecting to compare page |
|
668 | 633 | response = response.follow() |
|
669 | 634 | response.mustcontain('Collapse 1 commit') |
|
670 | 635 | file_changes = (1, 0, 0) |
|
671 | 636 | |
|
672 | 637 | compare_page = ComparePage(response) |
|
673 | 638 | compare_page.contains_change_summary(*file_changes) |
|
674 | 639 | |
|
675 | 640 | if backend.alias == 'svn': |
|
676 | 641 | response.mustcontain('new file 10644') |
|
677 | 642 | # TODO(marcink): SVN doesn't yet detect binary changes |
|
678 | 643 | else: |
|
679 | 644 | response.mustcontain('new file 100644') |
|
680 | 645 | response.mustcontain('binary diff hidden') |
|
681 | 646 | |
|
682 | 647 | def test_diff_2way(self, backend): |
|
683 | 648 | commit1 = backend.repo.get_commit(commit_idx=-1) |
|
684 | 649 | commit2 = backend.repo.get_commit(commit_idx=-2) |
|
685 | 650 | response = self.app.get( |
|
686 | 651 | route_path('repo_files_diff_2way_redirect', |
|
687 | 652 | repo_name=backend.repo_name, |
|
688 | 653 | f_path='README'), |
|
689 | 654 | params={ |
|
690 | 655 | 'diff1': commit2.raw_id, |
|
691 | 656 | 'diff2': commit1.raw_id, |
|
692 | 657 | }) |
|
693 | 658 | # use redirect since this is OLD view redirecting to compare page |
|
694 | 659 | response = response.follow() |
|
695 | 660 | |
|
696 | 661 | # It's a symlink to README.rst |
|
697 | 662 | response.mustcontain('README.rst') |
|
698 | 663 | response.mustcontain('No newline at end of file') |
|
699 | 664 | |
|
700 | 665 | def test_requires_one_commit_id(self, backend, autologin_user): |
|
701 | 666 | response = self.app.get( |
|
702 | 667 | route_path('repo_files_diff', |
|
703 | 668 | repo_name=backend.repo_name, |
|
704 | 669 | f_path='README.rst'), |
|
705 | 670 | status=400) |
|
706 | 671 | response.mustcontain( |
|
707 | 672 | 'Need query parameter', 'diff1', 'diff2', 'to generate a diff.') |
|
708 | 673 | |
|
709 | 674 | def test_returns_no_files_if_file_does_not_exist(self, vcsbackend): |
|
710 | 675 | repo = vcsbackend.repo |
|
711 | 676 | response = self.app.get( |
|
712 | 677 | route_path('repo_files_diff', |
|
713 | 678 | repo_name=repo.name, |
|
714 | 679 | f_path='does-not-exist-in-any-commit'), |
|
715 | 680 | params={ |
|
716 | 681 | 'diff1': repo[0].raw_id, |
|
717 | 682 | 'diff2': repo[1].raw_id |
|
718 | 683 | }) |
|
719 | 684 | |
|
720 | 685 | response = response.follow() |
|
721 | 686 | response.mustcontain('No files') |
|
722 | 687 | |
|
723 | 688 | def test_returns_redirect_if_file_not_changed(self, backend): |
|
724 | 689 | commit = backend.repo.get_commit(commit_idx=-1) |
|
725 | 690 | response = self.app.get( |
|
726 | 691 | route_path('repo_files_diff_2way_redirect', |
|
727 | 692 | repo_name=backend.repo_name, |
|
728 | 693 | f_path='README'), |
|
729 | 694 | params={ |
|
730 | 695 | 'diff1': commit.raw_id, |
|
731 | 696 | 'diff2': commit.raw_id, |
|
732 | 697 | }) |
|
733 | 698 | |
|
734 | 699 | response = response.follow() |
|
735 | 700 | response.mustcontain('No files') |
|
736 | 701 | response.mustcontain('No commits in this compare') |
|
737 | 702 | |
|
738 | 703 | def test_supports_diff_to_different_path_svn(self, backend_svn): |
|
739 | 704 | #TODO: check this case |
|
740 | 705 | return |
|
741 | 706 | |
|
742 | 707 | repo = backend_svn['svn-simple-layout'].scm_instance() |
|
743 | 708 | commit_id_1 = '24' |
|
744 | 709 | commit_id_2 = '26' |
|
745 | 710 | |
|
746 | 711 | response = self.app.get( |
|
747 | 712 | route_path('repo_files_diff', |
|
748 | 713 | repo_name=backend_svn.repo_name, |
|
749 | 714 | f_path='trunk/example.py'), |
|
750 | 715 | params={ |
|
751 | 716 | 'diff1': 'tags/v0.2/example.py@' + commit_id_1, |
|
752 | 717 | 'diff2': commit_id_2, |
|
753 | 718 | }) |
|
754 | 719 | |
|
755 | 720 | response = response.follow() |
|
756 | 721 | response.mustcontain( |
|
757 | 722 | # diff contains this |
|
758 | 723 | "Will print out a useful message on invocation.") |
|
759 | 724 | |
|
760 | 725 | # Note: Expecting that we indicate the user what's being compared |
|
761 | 726 | response.mustcontain("trunk/example.py") |
|
762 | 727 | response.mustcontain("tags/v0.2/example.py") |
|
763 | 728 | |
|
764 | 729 | def test_show_rev_redirects_to_svn_path(self, backend_svn): |
|
765 | 730 | #TODO: check this case |
|
766 | 731 | return |
|
767 | 732 | |
|
768 | 733 | repo = backend_svn['svn-simple-layout'].scm_instance() |
|
769 | 734 | commit_id = repo[-1].raw_id |
|
770 | 735 | |
|
771 | 736 | response = self.app.get( |
|
772 | 737 | route_path('repo_files_diff', |
|
773 | 738 | repo_name=backend_svn.repo_name, |
|
774 | 739 | f_path='trunk/example.py'), |
|
775 | 740 | params={ |
|
776 | 741 | 'diff1': 'branches/argparse/example.py@' + commit_id, |
|
777 | 742 | 'diff2': commit_id, |
|
778 | 743 | }, |
|
779 | 744 | status=302) |
|
780 | 745 | response = response.follow() |
|
781 | 746 | assert response.headers['Location'].endswith( |
|
782 | 747 | 'svn-svn-simple-layout/files/26/branches/argparse/example.py') |
|
783 | 748 | |
|
784 | 749 | def test_show_rev_and_annotate_redirects_to_svn_path(self, backend_svn): |
|
785 | 750 | #TODO: check this case |
|
786 | 751 | return |
|
787 | 752 | |
|
788 | 753 | repo = backend_svn['svn-simple-layout'].scm_instance() |
|
789 | 754 | commit_id = repo[-1].raw_id |
|
790 | 755 | response = self.app.get( |
|
791 | 756 | route_path('repo_files_diff', |
|
792 | 757 | repo_name=backend_svn.repo_name, |
|
793 | 758 | f_path='trunk/example.py'), |
|
794 | 759 | params={ |
|
795 | 760 | 'diff1': 'branches/argparse/example.py@' + commit_id, |
|
796 | 761 | 'diff2': commit_id, |
|
797 | 762 | 'show_rev': 'Show at Revision', |
|
798 | 763 | 'annotate': 'true', |
|
799 | 764 | }, |
|
800 | 765 | status=302) |
|
801 | 766 | response = response.follow() |
|
802 | 767 | assert response.headers['Location'].endswith( |
|
803 | 768 | 'svn-svn-simple-layout/annotate/26/branches/argparse/example.py') |
|
804 | 769 | |
|
805 | 770 | |
|
806 | 771 | @pytest.mark.usefixtures("app", "autologin_user") |
|
807 | 772 | class TestModifyFilesWithWebInterface(object): |
|
808 | 773 | |
|
809 | 774 | def test_add_file_view(self, backend): |
|
810 | 775 | self.app.get( |
|
811 | 776 | route_path('repo_files_add_file', |
|
812 | 777 | repo_name=backend.repo_name, |
|
813 | 778 | commit_id='tip', f_path='/') |
|
814 | 779 | ) |
|
815 | 780 | |
|
816 | 781 | @pytest.mark.xfail_backends("svn", reason="Depends on online editing") |
|
817 | 782 | def test_add_file_into_repo_missing_content(self, backend, csrf_token): |
|
818 | 783 | backend.create_repo() |
|
819 | 784 | filename = 'init.py' |
|
820 | 785 | response = self.app.post( |
|
821 | 786 | route_path('repo_files_create_file', |
|
822 | 787 | repo_name=backend.repo_name, |
|
823 | 788 | commit_id='tip', f_path='/'), |
|
824 | 789 | params={ |
|
825 | 790 | 'content': "", |
|
826 | 791 | 'filename': filename, |
|
827 | 792 | 'csrf_token': csrf_token, |
|
828 | 793 | }, |
|
829 | 794 | status=302) |
|
830 | 795 | expected_msg = 'Successfully committed new file `{}`'.format(os.path.join(filename)) |
|
831 | 796 | assert_session_flash(response, expected_msg) |
|
832 | 797 | |
|
833 | 798 | def test_add_file_into_repo_missing_filename(self, backend, csrf_token): |
|
834 | 799 | commit_id = backend.repo.get_commit().raw_id |
|
835 | 800 | response = self.app.post( |
|
836 | 801 | route_path('repo_files_create_file', |
|
837 | 802 | repo_name=backend.repo_name, |
|
838 | 803 | commit_id=commit_id, f_path='/'), |
|
839 | 804 | params={ |
|
840 | 805 | 'content': "foo", |
|
841 | 806 | 'csrf_token': csrf_token, |
|
842 | 807 | }, |
|
843 | 808 | status=302) |
|
844 | 809 | |
|
845 | 810 | assert_session_flash(response, 'No filename specified') |
|
846 | 811 | |
|
847 | 812 | def test_add_file_into_repo_errors_and_no_commits( |
|
848 | 813 | self, backend, csrf_token): |
|
849 | 814 | repo = backend.create_repo() |
|
850 | 815 | # Create a file with no filename, it will display an error but |
|
851 | 816 | # the repo has no commits yet |
|
852 | 817 | response = self.app.post( |
|
853 | 818 | route_path('repo_files_create_file', |
|
854 | 819 | repo_name=repo.repo_name, |
|
855 | 820 | commit_id='tip', f_path='/'), |
|
856 | 821 | params={ |
|
857 | 822 | 'content': "foo", |
|
858 | 823 | 'csrf_token': csrf_token, |
|
859 | 824 | }, |
|
860 | 825 | status=302) |
|
861 | 826 | |
|
862 | 827 | assert_session_flash(response, 'No filename specified') |
|
863 | 828 | |
|
864 | 829 | # Not allowed, redirect to the summary |
|
865 | 830 | redirected = response.follow() |
|
866 | 831 | summary_url = h.route_path('repo_summary', repo_name=repo.repo_name) |
|
867 | 832 | |
|
868 | 833 | # As there are no commits, displays the summary page with the error of |
|
869 | 834 | # creating a file with no filename |
|
870 | 835 | |
|
871 | 836 | assert redirected.request.path == summary_url |
|
872 | 837 | |
|
873 | 838 | @pytest.mark.parametrize("filename, clean_filename", [ |
|
874 | 839 | ('/abs/foo', 'abs/foo'), |
|
875 | 840 | ('../rel/foo', 'rel/foo'), |
|
876 | 841 | ('file/../foo/foo', 'file/foo/foo'), |
|
877 | 842 | ]) |
|
878 | 843 | def test_add_file_into_repo_bad_filenames(self, filename, clean_filename, backend, csrf_token): |
|
879 | 844 | repo = backend.create_repo() |
|
880 | 845 | commit_id = repo.get_commit().raw_id |
|
881 | 846 | |
|
882 | 847 | response = self.app.post( |
|
883 | 848 | route_path('repo_files_create_file', |
|
884 | 849 | repo_name=repo.repo_name, |
|
885 | 850 | commit_id=commit_id, f_path='/'), |
|
886 | 851 | params={ |
|
887 | 852 | 'content': "foo", |
|
888 | 853 | 'filename': filename, |
|
889 | 854 | 'csrf_token': csrf_token, |
|
890 | 855 | }, |
|
891 | 856 | status=302) |
|
892 | 857 | |
|
893 | 858 | expected_msg = 'Successfully committed new file `{}`'.format(clean_filename) |
|
894 | 859 | assert_session_flash(response, expected_msg) |
|
895 | 860 | |
|
896 | 861 | @pytest.mark.parametrize("cnt, filename, content", [ |
|
897 | 862 | (1, 'foo.txt', "Content"), |
|
898 | 863 | (2, 'dir/foo.rst', "Content"), |
|
899 | 864 | (3, 'dir/foo-second.rst', "Content"), |
|
900 | 865 | (4, 'rel/dir/foo.bar', "Content"), |
|
901 | 866 | ]) |
|
902 | 867 | def test_add_file_into_empty_repo(self, cnt, filename, content, backend, csrf_token): |
|
903 | 868 | repo = backend.create_repo() |
|
904 | 869 | commit_id = repo.get_commit().raw_id |
|
905 | 870 | response = self.app.post( |
|
906 | 871 | route_path('repo_files_create_file', |
|
907 | 872 | repo_name=repo.repo_name, |
|
908 | 873 | commit_id=commit_id, f_path='/'), |
|
909 | 874 | params={ |
|
910 | 875 | 'content': content, |
|
911 | 876 | 'filename': filename, |
|
912 | 877 | 'csrf_token': csrf_token, |
|
913 | 878 | }, |
|
914 | 879 | status=302) |
|
915 | 880 | |
|
916 | 881 | expected_msg = 'Successfully committed new file `{}`'.format(filename) |
|
917 | 882 | assert_session_flash(response, expected_msg) |
|
918 | 883 | |
|
919 | 884 | def test_edit_file_view(self, backend): |
|
920 | 885 | response = self.app.get( |
|
921 | 886 | route_path('repo_files_edit_file', |
|
922 | 887 | repo_name=backend.repo_name, |
|
923 | 888 | commit_id=backend.default_head_id, |
|
924 | 889 | f_path='vcs/nodes.py'), |
|
925 | 890 | status=200) |
|
926 | 891 | response.mustcontain("Module holding everything related to vcs nodes.") |
|
927 | 892 | |
|
928 | 893 | def test_edit_file_view_not_on_branch(self, backend): |
|
929 | 894 | repo = backend.create_repo() |
|
930 | 895 | backend.ensure_file(b"vcs/nodes.py") |
|
931 | 896 | |
|
932 | 897 | response = self.app.get( |
|
933 | 898 | route_path('repo_files_edit_file', |
|
934 | 899 | repo_name=repo.repo_name, |
|
935 | 900 | commit_id='tip', |
|
936 | 901 | f_path='vcs/nodes.py'), |
|
937 | 902 | status=302) |
|
938 | 903 | assert_session_flash( |
|
939 | 904 | response, 'Cannot modify file. Given commit `tip` is not head of a branch.') |
|
940 | 905 | |
|
941 | 906 | def test_edit_file_view_commit_changes(self, backend, csrf_token): |
|
942 | 907 | repo = backend.create_repo() |
|
943 | 908 | backend.ensure_file(b"vcs/nodes.py", content=b"print 'hello'") |
|
944 | 909 | |
|
945 | 910 | response = self.app.post( |
|
946 | 911 | route_path('repo_files_update_file', |
|
947 | 912 | repo_name=repo.repo_name, |
|
948 | 913 | commit_id=backend.default_head_id, |
|
949 | 914 | f_path='vcs/nodes.py'), |
|
950 | 915 | params={ |
|
951 | 916 | 'content': "print 'hello world'", |
|
952 | 917 | 'message': 'I committed', |
|
953 | 918 | 'filename': "vcs/nodes.py", |
|
954 | 919 | 'csrf_token': csrf_token, |
|
955 | 920 | }, |
|
956 | 921 | status=302) |
|
957 | 922 | assert_session_flash( |
|
958 | 923 | response, 'Successfully committed changes to file `vcs/nodes.py`') |
|
959 | 924 | tip = repo.get_commit(commit_idx=-1) |
|
960 | 925 | assert tip.message == 'I committed' |
|
961 | 926 | |
|
962 | 927 | def test_edit_file_view_commit_changes_default_message(self, backend, |
|
963 | 928 | csrf_token): |
|
964 | 929 | repo = backend.create_repo() |
|
965 | 930 | backend.ensure_file(b"vcs/nodes.py", content=b"print 'hello'") |
|
966 | 931 | |
|
967 | 932 | commit_id = ( |
|
968 | 933 | backend.default_branch_name or |
|
969 | 934 | backend.repo.scm_instance().commit_ids[-1]) |
|
970 | 935 | |
|
971 | 936 | response = self.app.post( |
|
972 | 937 | route_path('repo_files_update_file', |
|
973 | 938 | repo_name=repo.repo_name, |
|
974 | 939 | commit_id=commit_id, |
|
975 | 940 | f_path='vcs/nodes.py'), |
|
976 | 941 | params={ |
|
977 | 942 | 'content': "print 'hello world'", |
|
978 | 943 | 'message': '', |
|
979 | 944 | 'filename': "vcs/nodes.py", |
|
980 | 945 | 'csrf_token': csrf_token, |
|
981 | 946 | }, |
|
982 | 947 | status=302) |
|
983 | 948 | assert_session_flash( |
|
984 | 949 | response, 'Successfully committed changes to file `vcs/nodes.py`') |
|
985 | 950 | tip = repo.get_commit(commit_idx=-1) |
|
986 | 951 | assert tip.message == 'Edited file vcs/nodes.py via RhodeCode Enterprise' |
|
987 | 952 | |
|
988 | 953 | def test_delete_file_view(self, backend): |
|
989 | 954 | self.app.get( |
|
990 | 955 | route_path('repo_files_remove_file', |
|
991 | 956 | repo_name=backend.repo_name, |
|
992 | 957 | commit_id=backend.default_head_id, |
|
993 | 958 | f_path='vcs/nodes.py'), |
|
994 | 959 | status=200) |
|
995 | 960 | |
|
996 | 961 | def test_delete_file_view_not_on_branch(self, backend): |
|
997 | 962 | repo = backend.create_repo() |
|
998 | 963 | backend.ensure_file(b'vcs/nodes.py') |
|
999 | 964 | |
|
1000 | 965 | response = self.app.get( |
|
1001 | 966 | route_path('repo_files_remove_file', |
|
1002 | 967 | repo_name=repo.repo_name, |
|
1003 | 968 | commit_id='tip', |
|
1004 | 969 | f_path='vcs/nodes.py'), |
|
1005 | 970 | status=302) |
|
1006 | 971 | assert_session_flash( |
|
1007 | 972 | response, 'Cannot modify file. Given commit `tip` is not head of a branch.') |
|
1008 | 973 | |
|
1009 | 974 | def test_delete_file_view_commit_changes(self, backend, csrf_token): |
|
1010 | 975 | repo = backend.create_repo() |
|
1011 | 976 | backend.ensure_file(b"vcs/nodes.py") |
|
1012 | 977 | |
|
1013 | 978 | response = self.app.post( |
|
1014 | 979 | route_path('repo_files_delete_file', |
|
1015 | 980 | repo_name=repo.repo_name, |
|
1016 | 981 | commit_id=backend.default_head_id, |
|
1017 | 982 | f_path='vcs/nodes.py'), |
|
1018 | 983 | params={ |
|
1019 | 984 | 'message': 'i committed', |
|
1020 | 985 | 'csrf_token': csrf_token, |
|
1021 | 986 | }, |
|
1022 | 987 | status=302) |
|
1023 | 988 | assert_session_flash( |
|
1024 | 989 | response, 'Successfully deleted file `vcs/nodes.py`') |
|
1025 | 990 | |
|
1026 | 991 | |
|
1027 | 992 | @pytest.mark.usefixtures("app") |
|
1028 | 993 | class TestFilesViewOtherCases(object): |
|
1029 | 994 | |
|
1030 | 995 | def test_access_empty_repo_redirect_to_summary_with_alert_write_perms( |
|
1031 | 996 | self, backend_stub, autologin_regular_user, user_regular, |
|
1032 | 997 | user_util): |
|
1033 | 998 | |
|
1034 | 999 | repo = backend_stub.create_repo() |
|
1035 | 1000 | user_util.grant_user_permission_to_repo( |
|
1036 | 1001 | repo, user_regular, 'repository.write') |
|
1037 | 1002 | response = self.app.get( |
|
1038 | 1003 | route_path('repo_files', |
|
1039 | 1004 | repo_name=repo.repo_name, |
|
1040 | 1005 | commit_id='tip', f_path='/')) |
|
1041 | 1006 | |
|
1042 | 1007 | repo_file_add_url = route_path( |
|
1043 | 1008 | 'repo_files_add_file', |
|
1044 | 1009 | repo_name=repo.repo_name, |
|
1045 | 1010 | commit_id=0, f_path='') |
|
1046 | 1011 | add_new = f'<a class="alert-link" href="{repo_file_add_url}">add a new file</a>' |
|
1047 | 1012 | |
|
1048 | 1013 | repo_file_upload_url = route_path( |
|
1049 | 1014 | 'repo_files_upload_file', |
|
1050 | 1015 | repo_name=repo.repo_name, |
|
1051 | 1016 | commit_id=0, f_path='') |
|
1052 | 1017 | upload_new = f'<a class="alert-link" href="{repo_file_upload_url}">upload a new file</a>' |
|
1053 | 1018 | |
|
1054 | 1019 | assert_session_flash( |
|
1055 | 1020 | response, |
|
1056 | 1021 | 'There are no files yet. Click here to %s or %s.' % (add_new, upload_new) |
|
1057 | 1022 | ) |
|
1058 | 1023 | |
|
1059 | 1024 | def test_access_empty_repo_redirect_to_summary_with_alert_no_write_perms( |
|
1060 | 1025 | self, backend_stub, autologin_regular_user): |
|
1061 | 1026 | repo = backend_stub.create_repo() |
|
1062 | 1027 | # init session for anon user |
|
1063 | 1028 | route_path('repo_summary', repo_name=repo.repo_name) |
|
1064 | 1029 | |
|
1065 | 1030 | repo_file_add_url = route_path( |
|
1066 | 1031 | 'repo_files_add_file', |
|
1067 | 1032 | repo_name=repo.repo_name, |
|
1068 | 1033 | commit_id=0, f_path='') |
|
1069 | 1034 | |
|
1070 | 1035 | response = self.app.get( |
|
1071 | 1036 | route_path('repo_files', |
|
1072 | 1037 | repo_name=repo.repo_name, |
|
1073 | 1038 | commit_id='tip', f_path='/')) |
|
1074 | 1039 | |
|
1075 | 1040 | assert_session_flash(response, no_=repo_file_add_url) |
|
1076 | 1041 | |
|
1077 | 1042 | @pytest.mark.parametrize('file_node', [ |
|
1078 | 1043 | b'archive/file.zip', |
|
1079 | 1044 | b'diff/my-file.txt', |
|
1080 | 1045 | b'render.py', |
|
1081 | 1046 | b'render', |
|
1082 | 1047 | b'remove_file', |
|
1083 | 1048 | b'remove_file/to-delete.txt', |
|
1084 | 1049 | ]) |
|
1085 | 1050 | def test_file_names_equal_to_routes_parts(self, backend, file_node): |
|
1086 | 1051 | backend.create_repo() |
|
1087 | 1052 | backend.ensure_file(file_node) |
|
1088 | 1053 | |
|
1089 | 1054 | self.app.get( |
|
1090 | 1055 | route_path('repo_files', |
|
1091 | 1056 | repo_name=backend.repo_name, |
|
1092 | 1057 | commit_id='tip', f_path=safe_str(file_node)), |
|
1093 | 1058 | status=200) |
|
1094 | 1059 | |
|
1095 | 1060 | |
|
1096 | 1061 | class TestAdjustFilePathForSvn(object): |
|
1097 | 1062 | """ |
|
1098 | 1063 | SVN specific adjustments of node history in RepoFilesView. |
|
1099 | 1064 | """ |
|
1100 | 1065 | |
|
1101 | 1066 | def test_returns_path_relative_to_matched_reference(self): |
|
1102 | 1067 | repo = self._repo(branches=['trunk']) |
|
1103 | 1068 | self.assert_file_adjustment('trunk/file', 'file', repo) |
|
1104 | 1069 | |
|
1105 | 1070 | def test_does_not_modify_file_if_no_reference_matches(self): |
|
1106 | 1071 | repo = self._repo(branches=['trunk']) |
|
1107 | 1072 | self.assert_file_adjustment('notes/file', 'notes/file', repo) |
|
1108 | 1073 | |
|
1109 | 1074 | def test_does_not_adjust_partial_directory_names(self): |
|
1110 | 1075 | repo = self._repo(branches=['trun']) |
|
1111 | 1076 | self.assert_file_adjustment('trunk/file', 'trunk/file', repo) |
|
1112 | 1077 | |
|
1113 | 1078 | def test_is_robust_to_patterns_which_prefix_other_patterns(self): |
|
1114 | 1079 | repo = self._repo(branches=['trunk', 'trunk/new', 'trunk/old']) |
|
1115 | 1080 | self.assert_file_adjustment('trunk/new/file', 'file', repo) |
|
1116 | 1081 | |
|
1117 | 1082 | def assert_file_adjustment(self, f_path, expected, repo): |
|
1118 | 1083 | result = RepoFilesView.adjust_file_path_for_svn(f_path, repo) |
|
1119 | 1084 | assert result == expected |
|
1120 | 1085 | |
|
1121 | 1086 | def _repo(self, branches=None): |
|
1122 | 1087 | repo = mock.Mock() |
|
1123 | 1088 | repo.branches = OrderedDict((name, '0') for name in branches or []) |
|
1124 | 1089 | repo.tags = {} |
|
1125 | 1090 | return repo |
@@ -1,334 +1,317 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.tests import TestController, assert_session_flash, HG_FORK, GIT_FORK |
|
23 | 23 | |
|
24 | 24 | from rhodecode.tests.fixture import Fixture |
|
25 | 25 | from rhodecode.lib import helpers as h |
|
26 | 26 | |
|
27 | 27 | from rhodecode.model.db import Repository |
|
28 | 28 | from rhodecode.model.repo import RepoModel |
|
29 | 29 | from rhodecode.model.user import UserModel |
|
30 | 30 | from rhodecode.model.meta import Session |
|
31 | ||
|
32 | fixture = Fixture() | |
|
31 | from rhodecode.tests.routes import route_path | |
|
33 | 32 | |
|
34 | 33 | |
|
35 | def route_path(name, params=None, **kwargs): | |
|
36 | import urllib.request | |
|
37 | import urllib.parse | |
|
38 | import urllib.error | |
|
39 | ||
|
40 | base_url = { | |
|
41 | 'repo_summary': '/{repo_name}', | |
|
42 | 'repo_creating_check': '/{repo_name}/repo_creating_check', | |
|
43 | 'repo_fork_new': '/{repo_name}/fork', | |
|
44 | 'repo_fork_create': '/{repo_name}/fork/create', | |
|
45 | 'repo_forks_show_all': '/{repo_name}/forks', | |
|
46 | 'repo_forks_data': '/{repo_name}/forks/data', | |
|
47 | }[name].format(**kwargs) | |
|
48 | ||
|
49 | if params: | |
|
50 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
51 | return base_url | |
|
34 | fixture = Fixture() | |
|
52 | 35 | |
|
53 | 36 | |
|
54 | 37 | FORK_NAME = { |
|
55 | 38 | 'hg': HG_FORK, |
|
56 | 39 | 'git': GIT_FORK |
|
57 | 40 | } |
|
58 | 41 | |
|
59 | 42 | |
|
60 | 43 | @pytest.mark.skip_backends('svn') |
|
61 | 44 | class TestRepoForkViewTests(TestController): |
|
62 | 45 | |
|
63 | 46 | def test_show_forks(self, backend, xhr_header): |
|
64 | 47 | self.log_user() |
|
65 | 48 | response = self.app.get( |
|
66 | 49 | route_path('repo_forks_data', repo_name=backend.repo_name), |
|
67 | 50 | extra_environ=xhr_header) |
|
68 | 51 | |
|
69 | 52 | assert response.json == {u'data': [], u'draw': None, |
|
70 | 53 | u'recordsFiltered': 0, u'recordsTotal': 0} |
|
71 | 54 | |
|
72 | 55 | def test_no_permissions_to_fork_page(self, backend, user_util): |
|
73 | 56 | user = user_util.create_user(password='qweqwe') |
|
74 | 57 | user_id = user.user_id |
|
75 | 58 | self.log_user(user.username, 'qweqwe') |
|
76 | 59 | |
|
77 | 60 | user_model = UserModel() |
|
78 | 61 | user_model.revoke_perm(user_id, 'hg.fork.repository') |
|
79 | 62 | user_model.grant_perm(user_id, 'hg.fork.none') |
|
80 | 63 | u = UserModel().get(user_id) |
|
81 | 64 | u.inherit_default_permissions = False |
|
82 | 65 | Session().commit() |
|
83 | 66 | # try create a fork |
|
84 | 67 | self.app.get( |
|
85 | 68 | route_path('repo_fork_new', repo_name=backend.repo_name), |
|
86 | 69 | status=404) |
|
87 | 70 | |
|
88 | 71 | def test_no_permissions_to_fork_submit(self, backend, csrf_token, user_util): |
|
89 | 72 | user = user_util.create_user(password='qweqwe') |
|
90 | 73 | user_id = user.user_id |
|
91 | 74 | self.log_user(user.username, 'qweqwe') |
|
92 | 75 | |
|
93 | 76 | user_model = UserModel() |
|
94 | 77 | user_model.revoke_perm(user_id, 'hg.fork.repository') |
|
95 | 78 | user_model.grant_perm(user_id, 'hg.fork.none') |
|
96 | 79 | u = UserModel().get(user_id) |
|
97 | 80 | u.inherit_default_permissions = False |
|
98 | 81 | Session().commit() |
|
99 | 82 | # try create a fork |
|
100 | 83 | self.app.post( |
|
101 | 84 | route_path('repo_fork_create', repo_name=backend.repo_name), |
|
102 | 85 | {'csrf_token': csrf_token}, |
|
103 | 86 | status=404) |
|
104 | 87 | |
|
105 | 88 | def test_fork_missing_data(self, autologin_user, backend, csrf_token): |
|
106 | 89 | # try create a fork |
|
107 | 90 | response = self.app.post( |
|
108 | 91 | route_path('repo_fork_create', repo_name=backend.repo_name), |
|
109 | 92 | {'csrf_token': csrf_token}, |
|
110 | 93 | status=200) |
|
111 | 94 | # test if html fill works fine |
|
112 | 95 | response.mustcontain('Missing value') |
|
113 | 96 | |
|
114 | 97 | def test_create_fork_page(self, autologin_user, backend): |
|
115 | 98 | self.app.get( |
|
116 | 99 | route_path('repo_fork_new', repo_name=backend.repo_name), |
|
117 | 100 | status=200) |
|
118 | 101 | |
|
119 | 102 | def test_create_and_show_fork( |
|
120 | 103 | self, autologin_user, backend, csrf_token, xhr_header): |
|
121 | 104 | |
|
122 | 105 | # create a fork |
|
123 | 106 | fork_name = FORK_NAME[backend.alias] |
|
124 | 107 | description = 'fork of vcs test' |
|
125 | 108 | repo_name = backend.repo_name |
|
126 | 109 | source_repo = Repository.get_by_repo_name(repo_name) |
|
127 | 110 | creation_args = { |
|
128 | 111 | 'repo_name': fork_name, |
|
129 | 112 | 'repo_group': '', |
|
130 | 113 | 'fork_parent_id': source_repo.repo_id, |
|
131 | 114 | 'repo_type': backend.alias, |
|
132 | 115 | 'description': description, |
|
133 | 116 | 'private': 'False', |
|
134 | 117 | 'csrf_token': csrf_token, |
|
135 | 118 | } |
|
136 | 119 | |
|
137 | 120 | self.app.post( |
|
138 | 121 | route_path('repo_fork_create', repo_name=repo_name), creation_args) |
|
139 | 122 | |
|
140 | 123 | response = self.app.get( |
|
141 | 124 | route_path('repo_forks_data', repo_name=repo_name), |
|
142 | 125 | extra_environ=xhr_header) |
|
143 | 126 | |
|
144 | 127 | assert response.json['data'][0]['fork_name'] == \ |
|
145 | 128 | """<a href="/%s">%s</a>""" % (fork_name, fork_name) |
|
146 | 129 | |
|
147 | 130 | # remove this fork |
|
148 | 131 | fixture.destroy_repo(fork_name) |
|
149 | 132 | |
|
150 | 133 | def test_fork_create(self, autologin_user, backend, csrf_token): |
|
151 | 134 | fork_name = FORK_NAME[backend.alias] |
|
152 | 135 | description = 'fork of vcs test' |
|
153 | 136 | repo_name = backend.repo_name |
|
154 | 137 | source_repo = Repository.get_by_repo_name(repo_name) |
|
155 | 138 | creation_args = { |
|
156 | 139 | 'repo_name': fork_name, |
|
157 | 140 | 'repo_group': '', |
|
158 | 141 | 'fork_parent_id': source_repo.repo_id, |
|
159 | 142 | 'repo_type': backend.alias, |
|
160 | 143 | 'description': description, |
|
161 | 144 | 'private': 'False', |
|
162 | 145 | 'csrf_token': csrf_token, |
|
163 | 146 | } |
|
164 | 147 | self.app.post( |
|
165 | 148 | route_path('repo_fork_create', repo_name=repo_name), creation_args) |
|
166 | 149 | repo = Repository.get_by_repo_name(FORK_NAME[backend.alias]) |
|
167 | 150 | assert repo.fork.repo_name == backend.repo_name |
|
168 | 151 | |
|
169 | 152 | # run the check page that triggers the flash message |
|
170 | 153 | response = self.app.get( |
|
171 | 154 | route_path('repo_creating_check', repo_name=fork_name)) |
|
172 | 155 | # test if we have a message that fork is ok |
|
173 | 156 | assert_session_flash(response, |
|
174 | 157 | 'Forked repository %s as <a href="/%s">%s</a>' % ( |
|
175 | 158 | repo_name, fork_name, fork_name)) |
|
176 | 159 | |
|
177 | 160 | # test if the fork was created in the database |
|
178 | 161 | fork_repo = Session().query(Repository)\ |
|
179 | 162 | .filter(Repository.repo_name == fork_name).one() |
|
180 | 163 | |
|
181 | 164 | assert fork_repo.repo_name == fork_name |
|
182 | 165 | assert fork_repo.fork.repo_name == repo_name |
|
183 | 166 | |
|
184 | 167 | # test if the repository is visible in the list ? |
|
185 | 168 | response = self.app.get( |
|
186 | 169 | h.route_path('repo_summary', repo_name=fork_name)) |
|
187 | 170 | response.mustcontain(fork_name) |
|
188 | 171 | response.mustcontain(backend.alias) |
|
189 | 172 | response.mustcontain('Fork of') |
|
190 | 173 | response.mustcontain('<a href="/%s">%s</a>' % (repo_name, repo_name)) |
|
191 | 174 | |
|
192 | 175 | def test_fork_create_into_group(self, autologin_user, backend, csrf_token): |
|
193 | 176 | group = fixture.create_repo_group('vc') |
|
194 | 177 | group_id = group.group_id |
|
195 | 178 | fork_name = FORK_NAME[backend.alias] |
|
196 | 179 | fork_name_full = 'vc/%s' % fork_name |
|
197 | 180 | description = 'fork of vcs test' |
|
198 | 181 | repo_name = backend.repo_name |
|
199 | 182 | source_repo = Repository.get_by_repo_name(repo_name) |
|
200 | 183 | creation_args = { |
|
201 | 184 | 'repo_name': fork_name, |
|
202 | 185 | 'repo_group': group_id, |
|
203 | 186 | 'fork_parent_id': source_repo.repo_id, |
|
204 | 187 | 'repo_type': backend.alias, |
|
205 | 188 | 'description': description, |
|
206 | 189 | 'private': 'False', |
|
207 | 190 | 'csrf_token': csrf_token, |
|
208 | 191 | } |
|
209 | 192 | self.app.post( |
|
210 | 193 | route_path('repo_fork_create', repo_name=repo_name), creation_args) |
|
211 | 194 | repo = Repository.get_by_repo_name(fork_name_full) |
|
212 | 195 | assert repo.fork.repo_name == backend.repo_name |
|
213 | 196 | |
|
214 | 197 | # run the check page that triggers the flash message |
|
215 | 198 | response = self.app.get( |
|
216 | 199 | route_path('repo_creating_check', repo_name=fork_name_full)) |
|
217 | 200 | # test if we have a message that fork is ok |
|
218 | 201 | assert_session_flash(response, |
|
219 | 202 | 'Forked repository %s as <a href="/%s">%s</a>' % ( |
|
220 | 203 | repo_name, fork_name_full, fork_name_full)) |
|
221 | 204 | |
|
222 | 205 | # test if the fork was created in the database |
|
223 | 206 | fork_repo = Session().query(Repository)\ |
|
224 | 207 | .filter(Repository.repo_name == fork_name_full).one() |
|
225 | 208 | |
|
226 | 209 | assert fork_repo.repo_name == fork_name_full |
|
227 | 210 | assert fork_repo.fork.repo_name == repo_name |
|
228 | 211 | |
|
229 | 212 | # test if the repository is visible in the list ? |
|
230 | 213 | response = self.app.get( |
|
231 | 214 | h.route_path('repo_summary', repo_name=fork_name_full)) |
|
232 | 215 | response.mustcontain(fork_name_full) |
|
233 | 216 | response.mustcontain(backend.alias) |
|
234 | 217 | |
|
235 | 218 | response.mustcontain('Fork of') |
|
236 | 219 | response.mustcontain('<a href="/%s">%s</a>' % (repo_name, repo_name)) |
|
237 | 220 | |
|
238 | 221 | fixture.destroy_repo(fork_name_full) |
|
239 | 222 | fixture.destroy_repo_group(group_id) |
|
240 | 223 | |
|
241 | 224 | def test_fork_read_permission(self, backend, xhr_header, user_util): |
|
242 | 225 | user = user_util.create_user(password='qweqwe') |
|
243 | 226 | user_id = user.user_id |
|
244 | 227 | self.log_user(user.username, 'qweqwe') |
|
245 | 228 | |
|
246 | 229 | # create a fake fork |
|
247 | 230 | fork = user_util.create_repo(repo_type=backend.alias) |
|
248 | 231 | source = user_util.create_repo(repo_type=backend.alias) |
|
249 | 232 | repo_name = source.repo_name |
|
250 | 233 | |
|
251 | 234 | fork.fork_id = source.repo_id |
|
252 | 235 | fork_name = fork.repo_name |
|
253 | 236 | Session().commit() |
|
254 | 237 | |
|
255 | 238 | forks = Repository.query()\ |
|
256 | 239 | .filter(Repository.repo_type == backend.alias)\ |
|
257 | 240 | .filter(Repository.fork_id == source.repo_id).all() |
|
258 | 241 | assert 1 == len(forks) |
|
259 | 242 | |
|
260 | 243 | # set read permissions for this |
|
261 | 244 | RepoModel().grant_user_permission( |
|
262 | 245 | repo=forks[0], user=user_id, perm='repository.read') |
|
263 | 246 | Session().commit() |
|
264 | 247 | |
|
265 | 248 | response = self.app.get( |
|
266 | 249 | route_path('repo_forks_data', repo_name=repo_name), |
|
267 | 250 | extra_environ=xhr_header) |
|
268 | 251 | |
|
269 | 252 | assert response.json['data'][0]['fork_name'] == \ |
|
270 | 253 | """<a href="/%s">%s</a>""" % (fork_name, fork_name) |
|
271 | 254 | |
|
272 | 255 | def test_fork_none_permission(self, backend, xhr_header, user_util): |
|
273 | 256 | user = user_util.create_user(password='qweqwe') |
|
274 | 257 | user_id = user.user_id |
|
275 | 258 | self.log_user(user.username, 'qweqwe') |
|
276 | 259 | |
|
277 | 260 | # create a fake fork |
|
278 | 261 | fork = user_util.create_repo(repo_type=backend.alias) |
|
279 | 262 | source = user_util.create_repo(repo_type=backend.alias) |
|
280 | 263 | repo_name = source.repo_name |
|
281 | 264 | |
|
282 | 265 | fork.fork_id = source.repo_id |
|
283 | 266 | |
|
284 | 267 | Session().commit() |
|
285 | 268 | |
|
286 | 269 | forks = Repository.query()\ |
|
287 | 270 | .filter(Repository.repo_type == backend.alias)\ |
|
288 | 271 | .filter(Repository.fork_id == source.repo_id).all() |
|
289 | 272 | assert 1 == len(forks) |
|
290 | 273 | |
|
291 | 274 | # set none |
|
292 | 275 | RepoModel().grant_user_permission( |
|
293 | 276 | repo=forks[0], user=user_id, perm='repository.none') |
|
294 | 277 | Session().commit() |
|
295 | 278 | |
|
296 | 279 | # fork shouldn't be there |
|
297 | 280 | response = self.app.get( |
|
298 | 281 | route_path('repo_forks_data', repo_name=repo_name), |
|
299 | 282 | extra_environ=xhr_header) |
|
300 | 283 | |
|
301 | 284 | assert response.json == {u'data': [], u'draw': None, |
|
302 | 285 | u'recordsFiltered': 0, u'recordsTotal': 0} |
|
303 | 286 | |
|
304 | 287 | @pytest.mark.parametrize('url_type', [ |
|
305 | 288 | 'repo_fork_new', |
|
306 | 289 | 'repo_fork_create' |
|
307 | 290 | ]) |
|
308 | 291 | def test_fork_is_forbidden_on_archived_repo(self, backend, xhr_header, user_util, url_type): |
|
309 | 292 | user = user_util.create_user(password='qweqwe') |
|
310 | 293 | self.log_user(user.username, 'qweqwe') |
|
311 | 294 | |
|
312 | 295 | # create a temporary repo |
|
313 | 296 | source = user_util.create_repo(repo_type=backend.alias) |
|
314 | 297 | repo_name = source.repo_name |
|
315 | 298 | repo = Repository.get_by_repo_name(repo_name) |
|
316 | 299 | repo.archived = True |
|
317 | 300 | Session().commit() |
|
318 | 301 | |
|
319 | 302 | response = self.app.get( |
|
320 | 303 | route_path(url_type, repo_name=repo_name), status=302) |
|
321 | 304 | |
|
322 | 305 | msg = 'Action not supported for archived repository.' |
|
323 | 306 | assert_session_flash(response, msg) |
|
324 | 307 | |
|
325 | 308 | |
|
326 | 309 | class TestSVNFork(TestController): |
|
327 | 310 | @pytest.mark.parametrize('route_name', [ |
|
328 | 311 | 'repo_fork_create', 'repo_fork_new' |
|
329 | 312 | ]) |
|
330 | 313 | def test_fork_redirects(self, autologin_user, backend_svn, route_name): |
|
331 | 314 | |
|
332 | 315 | self.app.get(route_path( |
|
333 | 316 | route_name, repo_name=backend_svn.repo_name), |
|
334 | 317 | status=404) |
@@ -1,150 +1,134 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.lib.hash_utils import md5_safe |
|
23 | 23 | from rhodecode.model.db import Repository |
|
24 | 24 | from rhodecode.model.meta import Session |
|
25 | 25 | from rhodecode.model.settings import SettingsModel, IssueTrackerSettingsModel |
|
26 | ||
|
27 | ||
|
28 | def route_path(name, params=None, **kwargs): | |
|
29 | import urllib.request | |
|
30 | import urllib.parse | |
|
31 | import urllib.error | |
|
26 | from rhodecode.tests.routes import route_path | |
|
32 | 27 | |
|
33 | base_url = { | |
|
34 | 'repo_summary': '/{repo_name}', | |
|
35 | 'edit_repo_issuetracker': '/{repo_name}/settings/issue_trackers', | |
|
36 | 'edit_repo_issuetracker_test': '/{repo_name}/settings/issue_trackers/test', | |
|
37 | 'edit_repo_issuetracker_delete': '/{repo_name}/settings/issue_trackers/delete', | |
|
38 | 'edit_repo_issuetracker_update': '/{repo_name}/settings/issue_trackers/update', | |
|
39 | }[name].format(**kwargs) | |
|
40 | ||
|
41 | if params: | |
|
42 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
43 | return base_url | |
|
44 | 28 | |
|
45 | 29 | |
|
46 | 30 | @pytest.mark.usefixtures("app") |
|
47 | 31 | class TestRepoIssueTracker(object): |
|
48 | 32 | def test_issuetracker_index(self, autologin_user, backend): |
|
49 | 33 | repo = backend.create_repo() |
|
50 | 34 | response = self.app.get(route_path('edit_repo_issuetracker', |
|
51 | 35 | repo_name=repo.repo_name)) |
|
52 | 36 | assert response.status_code == 200 |
|
53 | 37 | |
|
54 | 38 | def test_add_and_test_issuetracker_patterns( |
|
55 | 39 | self, autologin_user, backend, csrf_token, request, xhr_header): |
|
56 | 40 | pattern = 'issuetracker_pat' |
|
57 | 41 | another_pattern = pattern+'1' |
|
58 | 42 | post_url = route_path( |
|
59 | 43 | 'edit_repo_issuetracker_update', repo_name=backend.repo.repo_name) |
|
60 | 44 | post_data = { |
|
61 | 45 | 'new_pattern_pattern_0': pattern, |
|
62 | 46 | 'new_pattern_url_0': 'http://url', |
|
63 | 47 | 'new_pattern_prefix_0': 'prefix', |
|
64 | 48 | 'new_pattern_description_0': 'description', |
|
65 | 49 | 'new_pattern_pattern_1': another_pattern, |
|
66 | 50 | 'new_pattern_url_1': '/url1', |
|
67 | 51 | 'new_pattern_prefix_1': 'prefix1', |
|
68 | 52 | 'new_pattern_description_1': 'description1', |
|
69 | 53 | 'csrf_token': csrf_token |
|
70 | 54 | } |
|
71 | 55 | self.app.post(post_url, post_data, status=302) |
|
72 | 56 | self.settings_model = IssueTrackerSettingsModel(repo=backend.repo) |
|
73 | 57 | settings = self.settings_model.get_repo_settings() |
|
74 | 58 | self.uid = md5_safe(pattern) |
|
75 | 59 | assert settings[self.uid]['pat'] == pattern |
|
76 | 60 | self.another_uid = md5_safe(another_pattern) |
|
77 | 61 | assert settings[self.another_uid]['pat'] == another_pattern |
|
78 | 62 | |
|
79 | 63 | # test pattern |
|
80 | 64 | data = {'test_text': 'example of issuetracker_pat replacement', |
|
81 | 65 | 'csrf_token': csrf_token} |
|
82 | 66 | response = self.app.post( |
|
83 | 67 | route_path('edit_repo_issuetracker_test', |
|
84 | 68 | repo_name=backend.repo.repo_name), |
|
85 | 69 | extra_environ=xhr_header, params=data) |
|
86 | 70 | |
|
87 | 71 | assert response.text == \ |
|
88 | 72 | 'example of <a class="tooltip issue-tracker-link" href="http://url" title="description">prefix</a> replacement' |
|
89 | 73 | |
|
90 | 74 | @request.addfinalizer |
|
91 | 75 | def cleanup(): |
|
92 | 76 | self.settings_model.delete_entries(self.uid) |
|
93 | 77 | self.settings_model.delete_entries(self.another_uid) |
|
94 | 78 | |
|
95 | 79 | def test_edit_issuetracker_pattern( |
|
96 | 80 | self, autologin_user, backend, csrf_token, request): |
|
97 | 81 | entry_key = 'issuetracker_pat_' |
|
98 | 82 | pattern = 'issuetracker_pat2' |
|
99 | 83 | old_pattern = 'issuetracker_pat' |
|
100 | 84 | old_uid = md5_safe(old_pattern) |
|
101 | 85 | |
|
102 | 86 | sett = SettingsModel(repo=backend.repo).create_or_update_setting( |
|
103 | 87 | entry_key+old_uid, old_pattern, 'unicode') |
|
104 | 88 | Session().add(sett) |
|
105 | 89 | Session().commit() |
|
106 | 90 | post_url = route_path( |
|
107 | 91 | 'edit_repo_issuetracker_update', repo_name=backend.repo.repo_name) |
|
108 | 92 | post_data = { |
|
109 | 93 | 'new_pattern_pattern_0': pattern, |
|
110 | 94 | 'new_pattern_url_0': '/url', |
|
111 | 95 | 'new_pattern_prefix_0': 'prefix', |
|
112 | 96 | 'new_pattern_description_0': 'description', |
|
113 | 97 | 'uid': old_uid, |
|
114 | 98 | 'csrf_token': csrf_token |
|
115 | 99 | } |
|
116 | 100 | self.app.post(post_url, post_data, status=302) |
|
117 | 101 | self.settings_model = IssueTrackerSettingsModel(repo=backend.repo) |
|
118 | 102 | settings = self.settings_model.get_repo_settings() |
|
119 | 103 | self.uid = md5_safe(pattern) |
|
120 | 104 | assert settings[self.uid]['pat'] == pattern |
|
121 | 105 | with pytest.raises(KeyError): |
|
122 | 106 | key = settings[old_uid] |
|
123 | 107 | |
|
124 | 108 | @request.addfinalizer |
|
125 | 109 | def cleanup(): |
|
126 | 110 | self.settings_model.delete_entries(self.uid) |
|
127 | 111 | |
|
128 | 112 | def test_delete_issuetracker_pattern( |
|
129 | 113 | self, autologin_user, backend, csrf_token, settings_util, xhr_header): |
|
130 | 114 | repo = backend.create_repo() |
|
131 | 115 | repo_name = repo.repo_name |
|
132 | 116 | entry_key = 'issuetracker_pat_' |
|
133 | 117 | pattern = 'issuetracker_pat3' |
|
134 | 118 | uid = md5_safe(pattern) |
|
135 | 119 | settings_util.create_repo_rhodecode_setting( |
|
136 | 120 | repo=backend.repo, name=entry_key+uid, |
|
137 | 121 | value=entry_key, type_='unicode', cleanup=False) |
|
138 | 122 | |
|
139 | 123 | self.app.post( |
|
140 | 124 | route_path( |
|
141 | 125 | 'edit_repo_issuetracker_delete', |
|
142 | 126 | repo_name=backend.repo.repo_name), |
|
143 | 127 | { |
|
144 | 128 | 'uid': uid, |
|
145 | 129 | 'csrf_token': csrf_token, |
|
146 | 130 | '': '' |
|
147 | 131 | }, extra_environ=xhr_header, status=200) |
|
148 | 132 | settings = IssueTrackerSettingsModel( |
|
149 | 133 | repo=Repository.get_by_repo_name(repo_name)).get_repo_settings() |
|
150 | 134 | assert 'rhodecode_%s%s' % (entry_key, uid) not in settings |
@@ -1,75 +1,55 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | import mock | |
|
21 | 20 | import pytest |
|
22 | 21 | |
|
23 | from rhodecode.lib.utils2 import str2bool | |
|
24 | from rhodecode.lib.vcs.exceptions import RepositoryRequirementError | |
|
25 | 22 | from rhodecode.model.db import Repository, UserRepoToPerm, Permission, User |
|
26 | from rhodecode.model.meta import Session | |
|
27 | from rhodecode.tests import ( | |
|
28 | TEST_USER_ADMIN_LOGIN, TEST_USER_REGULAR_LOGIN, assert_session_flash) | |
|
23 | ||
|
29 | 24 | from rhodecode.tests.fixture import Fixture |
|
25 | from rhodecode.tests.routes import route_path | |
|
30 | 26 | |
|
31 | 27 | fixture = Fixture() |
|
32 | 28 | |
|
33 | 29 | |
|
34 | def route_path(name, params=None, **kwargs): | |
|
35 | import urllib.request | |
|
36 | import urllib.parse | |
|
37 | import urllib.error | |
|
38 | ||
|
39 | base_url = { | |
|
40 | 'edit_repo_maintenance': '/{repo_name}/settings/maintenance', | |
|
41 | 'edit_repo_maintenance_execute': '/{repo_name}/settings/maintenance/execute', | |
|
42 | ||
|
43 | }[name].format(**kwargs) | |
|
44 | ||
|
45 | if params: | |
|
46 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
47 | return base_url | |
|
48 | ||
|
49 | ||
|
50 | 30 | def _get_permission_for_user(user, repo): |
|
51 | 31 | perm = UserRepoToPerm.query()\ |
|
52 | 32 | .filter(UserRepoToPerm.repository == |
|
53 | 33 | Repository.get_by_repo_name(repo))\ |
|
54 | 34 | .filter(UserRepoToPerm.user == User.get_by_username(user))\ |
|
55 | 35 | .all() |
|
56 | 36 | return perm |
|
57 | 37 | |
|
58 | 38 | |
|
59 | 39 | @pytest.mark.usefixtures('autologin_user', 'app') |
|
60 | 40 | class TestAdminRepoMaintenance(object): |
|
61 | 41 | @pytest.mark.parametrize('urlname', [ |
|
62 | 42 | 'edit_repo_maintenance', |
|
63 | 43 | ]) |
|
64 | 44 | def test_show_page(self, urlname, app, backend): |
|
65 | 45 | app.get(route_path(urlname, repo_name=backend.repo_name), status=200) |
|
66 | 46 | |
|
67 | 47 | def test_execute_maintenance_for_repo_hg(self, app, backend_hg, autologin_user, xhr_header): |
|
68 | 48 | repo_name = backend_hg.repo_name |
|
69 | 49 | |
|
70 | 50 | response = app.get( |
|
71 | 51 | route_path('edit_repo_maintenance_execute', |
|
72 | 52 | repo_name=repo_name,), |
|
73 | 53 | extra_environ=xhr_header) |
|
74 | 54 | |
|
75 | 55 | assert "HG Verify repo" in ''.join(response.json) |
@@ -1,78 +1,64 b'' | |||
|
1 | 1 | |
|
2 | 2 | # Copyright (C) 2010-2023 RhodeCode GmbH |
|
3 | 3 | # |
|
4 | 4 | # This program is free software: you can redistribute it and/or modify |
|
5 | 5 | # it under the terms of the GNU Affero General Public License, version 3 |
|
6 | 6 | # (only), as published by the Free Software Foundation. |
|
7 | 7 | # |
|
8 | 8 | # This program is distributed in the hope that it will be useful, |
|
9 | 9 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
10 | 10 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
11 | 11 | # GNU General Public License for more details. |
|
12 | 12 | # |
|
13 | 13 | # You should have received a copy of the GNU Affero General Public License |
|
14 | 14 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
15 | 15 | # |
|
16 | 16 | # This program is dual-licensed. If you wish to learn more about the |
|
17 | 17 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
18 | 18 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
19 | 19 | |
|
20 | 20 | import pytest |
|
21 | 21 | |
|
22 | 22 | from rhodecode.tests.utils import permission_update_data_generator |
|
23 | ||
|
24 | ||
|
25 | def route_path(name, params=None, **kwargs): | |
|
26 | import urllib.request | |
|
27 | import urllib.parse | |
|
28 | import urllib.error | |
|
29 | ||
|
30 | base_url = { | |
|
31 | 'edit_repo_perms': '/{repo_name}/settings/permissions' | |
|
32 | # update is the same url | |
|
33 | }[name].format(**kwargs) | |
|
34 | ||
|
35 | if params: | |
|
36 | base_url = '{}?{}'.format(base_url, urllib.parse.urlencode(params)) | |
|
37 | return base_url | |
|
23 | from rhodecode.tests.routes import route_path | |
|
38 | 24 | |
|
39 | 25 | |
|
40 | 26 | @pytest.mark.usefixtures("app") |
|
41 | 27 | class TestRepoPermissionsView(object): |
|
42 | 28 | |
|
43 | 29 | def test_edit_perms_view(self, user_util, autologin_user): |
|
44 | 30 | repo = user_util.create_repo() |
|
45 | 31 | self.app.get( |
|
46 | 32 | route_path('edit_repo_perms', |
|
47 | 33 | repo_name=repo.repo_name), status=200) |
|
48 | 34 | |
|
49 | 35 | def test_update_permissions(self, csrf_token, user_util): |
|
50 | 36 | repo = user_util.create_repo() |
|
51 | 37 | repo_name = repo.repo_name |
|
52 | 38 | user = user_util.create_user() |
|
53 | 39 | user_id = user.user_id |
|
54 | 40 | username = user.username |
|
55 | 41 | |
|
56 | 42 | # grant new |
|
57 | 43 | form_data = permission_update_data_generator( |
|
58 | 44 | csrf_token, |
|
59 | 45 | default='repository.write', |
|
60 | 46 | grant=[(user_id, 'repository.write', username, 'user')]) |
|
61 | 47 | |
|
62 | 48 | response = self.app.post( |
|
63 | 49 | route_path('edit_repo_perms', |
|
64 | 50 | repo_name=repo_name), form_data).follow() |
|
65 | 51 | |
|
66 | 52 | assert 'Repository access permissions updated' in response |
|
67 | 53 | |
|
68 | 54 | # revoke given |
|
69 | 55 | form_data = permission_update_data_generator( |
|
70 | 56 | csrf_token, |
|
71 | 57 | default='repository.read', |
|
72 | 58 | revoke=[(user_id, 'user')]) |
|
73 | 59 | |
|
74 | 60 | response = self.app.post( |
|
75 | 61 | route_path('edit_repo_perms', |
|
76 | 62 | repo_name=repo_name), form_data).follow() |
|
77 | 63 | |
|
78 | 64 | assert 'Repository access permissions updated' in response |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
|
1 | NO CONTENT: modified file | |
The requested commit or file is too big and content was truncated. Show full diff |
General Comments 0
You need to be logged in to leave comments.
Login now