##// END OF EJS Templates
grids: fixed tests and added one for permissions to repository group.
marcink -
r4151:f04de416 default
parent child Browse files
Show More
@@ -47,6 +47,7 b' def route_path(name, params=None, **kwar'
47 47
48 48 base_url = {
49 49 'repos': ADMIN_PREFIX + '/repos',
50 'repos_data': ADMIN_PREFIX + '/repos_data',
50 51 'repo_new': ADMIN_PREFIX + '/repos/new',
51 52 'repo_create': ADMIN_PREFIX + '/repos/create',
52 53
@@ -70,11 +71,12 b' def _get_permission_for_user(user, repo)'
70 71 @pytest.mark.usefixtures("app")
71 72 class TestAdminRepos(object):
72 73
73 def test_repo_list(self, autologin_user, user_util):
74 def test_repo_list(self, autologin_user, user_util, xhr_header):
74 75 repo = user_util.create_repo()
75 76 repo_name = repo.repo_name
76 77 response = self.app.get(
77 route_path('repos'), status=200)
78 route_path('repos_data'), status=200,
79 extra_environ=xhr_header)
78 80
79 81 response.mustcontain(repo_name)
80 82
@@ -84,7 +84,7 b' class TestAdminRepositoryGroups(object):'
84 84 fixture.create_repo_group('test_repo_group')
85 85 response = self.app.get(route_path(
86 86 'repo_groups_data'), extra_environ=xhr_header)
87 response.mustcontain('"name_raw": "test_repo_group"')
87 response.mustcontain('<a href=\\"/{}/_edit\\" title=\\"Edit\\">Edit</a>'.format('test_repo_group'))
88 88 fixture.destroy_repo_group('test_repo_group')
89 89
90 90 def test_new(self, autologin_user):
@@ -546,6 +546,7 b' class TestAdminUsersView(TestController)'
546 546 usr = user_util.create_user(auto_cleanup=False)
547 547 username = usr.username
548 548 fixture.create_repo(obj_name, cur_user=usr.username)
549 Session().commit()
549 550
550 551 new_user = Session().query(User)\
551 552 .filter(User.username == username).one()
@@ -22,7 +22,7 b''
22 22 import pytest
23 23
24 24 import rhodecode
25 from rhodecode.model.db import Repository
25 from rhodecode.model.db import Repository, RepoGroup, User
26 26 from rhodecode.model.meta import Session
27 27 from rhodecode.model.repo import RepoModel
28 28 from rhodecode.model.repo_group import RepoGroupModel
@@ -37,6 +37,8 b' fixture = Fixture()'
37 37 def route_path(name, **kwargs):
38 38 return {
39 39 'home': '/',
40 'main_page_repos_data': '/_home_repos',
41 'main_page_repo_groups_data': '/_home_repo_groups',
40 42 'repo_group_home': '/{repo_group_name}'
41 43 }[name].format(**kwargs)
42 44
@@ -49,9 +51,40 b' class TestHomeController(TestController)'
49 51 # if global permission is set
50 52 response.mustcontain('New Repository')
51 53
54 def test_index_grid_repos(self, xhr_header):
55 self.log_user()
56 response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header)
52 57 # search for objects inside the JavaScript JSON
53 for repo in Repository.getAll():
54 response.mustcontain('"name_raw": "%s"' % repo.repo_name)
58 for obj in Repository.getAll():
59 response.mustcontain('<a href=\\"/{}\\">'.format(obj.repo_name))
60
61 def test_index_grid_repo_groups(self, xhr_header):
62 self.log_user()
63 response = self.app.get(route_path('main_page_repo_groups_data'),
64 extra_environ=xhr_header,)
65
66 # search for objects inside the JavaScript JSON
67 for obj in RepoGroup.getAll():
68 response.mustcontain('<a href=\\"/{}\\">'.format(obj.group_name))
69
70 def test_index_grid_repo_groups_without_access(self, xhr_header, user_util):
71 user = user_util.create_user(password='qweqwe')
72 group_ok = user_util.create_repo_group(owner=user)
73 group_id_ok = group_ok.group_id
74
75 group_forbidden = user_util.create_repo_group(owner=User.get_first_super_admin())
76 group_id_forbidden = group_forbidden.group_id
77
78 user_util.grant_user_permission_to_repo_group(group_forbidden, user, 'group.none')
79 self.log_user(user.username, 'qweqwe')
80
81 self.app.get(route_path('main_page_repo_groups_data'),
82 extra_environ=xhr_header,
83 params={'repo_group_id': group_id_ok}, status=200)
84
85 self.app.get(route_path('main_page_repo_groups_data'),
86 extra_environ=xhr_header,
87 params={'repo_group_id': group_id_forbidden}, status=404)
55 88
56 89 def test_index_contains_statics_with_ver(self):
57 90 from rhodecode.lib.base import calculate_version_hash
@@ -64,9 +97,9 b' class TestHomeController(TestController)'
64 97 response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash))
65 98 response.mustcontain('scripts.min.js?ver={0}'.format(rhodecode_version_hash))
66 99
67 def test_index_contains_backend_specific_details(self, backend):
100 def test_index_contains_backend_specific_details(self, backend, xhr_header):
68 101 self.log_user()
69 response = self.app.get(route_path('home'))
102 response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header)
70 103 tip = backend.repo.get_commit().raw_id
71 104
72 105 # html in javascript variable:
@@ -81,25 +114,44 b' class TestHomeController(TestController)'
81 114 response = self.app.get(route_path('home'), status=302)
82 115 assert 'login' in response.location
83 116
84 def test_index_page_on_groups(self, autologin_user, repo_group):
85 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1'))
86 response.mustcontain("gr1/repo_in_group")
117 def test_index_page_on_groups_with_wrong_group_id(self, autologin_user, xhr_header):
118 group_id = 918123
119 self.app.get(
120 route_path('main_page_repo_groups_data'),
121 params={'repo_group_id': group_id},
122 status=404, extra_environ=xhr_header)
87 123
88 def test_index_page_on_group_with_trailing_slash(
89 self, autologin_user, repo_group):
90 response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/')
91 response.mustcontain("gr1/repo_in_group")
124 def test_index_page_on_groups(self, autologin_user, user_util, xhr_header):
125 gr = user_util.create_repo_group()
126 repo = user_util.create_repo(parent=gr)
127 repo_name = repo.repo_name
128 group_id = gr.group_id
129
130 response = self.app.get(route_path(
131 'repo_group_home', repo_group_name=gr.group_name))
132 response.mustcontain('d.repo_group_id = {}'.format(group_id))
92 133
93 @pytest.fixture(scope='class')
94 def repo_group(self, request):
95 gr = fixture.create_repo_group('gr1')
96 fixture.create_repo(name='gr1/repo_in_group', repo_group=gr)
134 response = self.app.get(
135 route_path('main_page_repos_data'),
136 params={'repo_group_id': group_id},
137 extra_environ=xhr_header,)
138 response.mustcontain(repo_name)
97 139
98 @request.addfinalizer
99 def cleanup():
100 RepoModel().delete('gr1/repo_in_group')
101 RepoGroupModel().delete(repo_group='gr1', force_delete=True)
102 Session().commit()
140 def test_index_page_on_group_with_trailing_slash(self, autologin_user, user_util, xhr_header):
141 gr = user_util.create_repo_group()
142 repo = user_util.create_repo(parent=gr)
143 repo_name = repo.repo_name
144 group_id = gr.group_id
145
146 response = self.app.get(route_path(
147 'repo_group_home', repo_group_name=gr.group_name+'/'))
148 response.mustcontain('d.repo_group_id = {}'.format(group_id))
149
150 response = self.app.get(
151 route_path('main_page_repos_data'),
152 params={'repo_group_id': group_id},
153 extra_environ=xhr_header, )
154 response.mustcontain(repo_name)
103 155
104 156 @pytest.mark.parametrize("name, state", [
105 157 ('Disabled', False),
@@ -29,7 +29,7 b' from rhodecode.apps._base import BaseApp'
29 29 from rhodecode.lib import helpers as h
30 30 from rhodecode.lib.auth import (
31 31 LoginRequired, NotAnonymous, HasRepoGroupPermissionAnyDecorator, CSRFRequired,
32 HasRepoGroupPermissionAny)
32 HasRepoGroupPermissionAny, AuthUser)
33 33 from rhodecode.lib.codeblocks import filenode_as_lines_tokens
34 34 from rhodecode.lib.index import searcher_from_config
35 35 from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int
@@ -723,7 +723,7 b' class HomeView(BaseAppView, DataGridAppV'
723 723
724 724 if repo_group_id:
725 725 group = RepoGroup.get_or_404(repo_group_id)
726 _perms = ['group.read', 'group.write', 'group.admin']
726 _perms = AuthUser.repo_group_read_perms
727 727 if not HasRepoGroupPermissionAny(*_perms)(
728 728 group.group_name, 'user is allowed to list repo group children'):
729 729 raise HTTPNotFound()
@@ -740,7 +740,7 b' class HomeView(BaseAppView, DataGridAppV'
740 740
741 741 if repo_group_id:
742 742 group = RepoGroup.get_or_404(repo_group_id)
743 _perms = ['group.read', 'group.write', 'group.admin']
743 _perms = AuthUser.repo_group_read_perms
744 744 if not HasRepoGroupPermissionAny(*_perms)(
745 745 group.group_name, 'user is allowed to list repo group children'):
746 746 raise HTTPNotFound()
@@ -748,8 +748,7 b' class HomeView(BaseAppView, DataGridAppV'
748 748 return self._main_page_repos_data(repo_group_id)
749 749
750 750 @LoginRequired()
751 @HasRepoGroupPermissionAnyDecorator(
752 'group.read', 'group.write', 'group.admin')
751 @HasRepoGroupPermissionAnyDecorator(*AuthUser.repo_group_read_perms)
753 752 @view_config(
754 753 route_name='repo_group_home', request_method='GET',
755 754 renderer='rhodecode:templates/index_repo_group.mako')
@@ -93,7 +93,7 b' class TestLoginController(object):'
93 93 session = response.get_session_from_response()
94 94 username = session['rhodecode_user'].get('username')
95 95 assert username == 'test_admin'
96 response.mustcontain('/%s' % HG_REPO)
96 response.mustcontain('logout')
97 97
98 98 def test_login_regular_ok(self):
99 99 response = self.app.post(route_path('login'),
@@ -104,8 +104,7 b' class TestLoginController(object):'
104 104 session = response.get_session_from_response()
105 105 username = session['rhodecode_user'].get('username')
106 106 assert username == 'test_regular'
107
108 response.mustcontain('/%s' % HG_REPO)
107 response.mustcontain('logout')
109 108
110 109 def test_login_regular_forbidden_when_super_admin_restriction(self):
111 110 from rhodecode.authentication.plugins.auth_rhodecode import RhodeCodeAuthPlugin
@@ -225,7 +224,7 b' class TestLoginController(object):'
225 224 session = response.get_session_from_response()
226 225 username = session['rhodecode_user'].get('username')
227 226 assert username == temp_user
228 response.mustcontain('/%s' % HG_REPO)
227 response.mustcontain('logout')
229 228
230 229 # new password should be bcrypted, after log-in and transfer
231 230 user = User.get_by_username(temp_user)
@@ -33,6 +33,8 b' def route_path(name, params=None, **kwar'
33 33 'admin_home': ADMIN_PREFIX,
34 34 'repos':
35 35 ADMIN_PREFIX + '/repos',
36 'repos_data':
37 ADMIN_PREFIX + '/repos_data',
36 38 'repo_groups':
37 39 ADMIN_PREFIX + '/repo_groups',
38 40 'repo_groups_data':
@@ -62,8 +64,9 b' class TestAdminDelegatedUser(TestControl'
62 64 # user doesn't have any access to resources so main admin page should 404
63 65 self.app.get(route_path('admin_home'), status=404)
64 66
65 response = self.app.get(route_path('repos'), status=200)
66 response.mustcontain('data: []')
67 response = self.app.get(route_path('repos_data'),
68 status=200, extra_environ=xhr_header)
69 assert response.json['data'] == []
67 70
68 71 response = self.app.get(route_path('repo_groups_data'),
69 72 status=200, extra_environ=xhr_header)
@@ -97,16 +100,17 b' class TestAdminDelegatedUser(TestControl'
97 100 assert_response.element_contains('td.delegated-admin-user-groups', '1')
98 101
99 102 # admin interfaces have visible elements
100 response = self.app.get(route_path('repos'), status=200)
101 response.mustcontain('"name_raw": "{}"'.format(repo_name))
103 response = self.app.get(route_path('repos_data'),
104 extra_environ=xhr_header, status=200)
105 response.mustcontain('<a href=\\"/{}\\">'.format(repo_name))
102 106
103 107 response = self.app.get(route_path('repo_groups_data'),
104 108 extra_environ=xhr_header, status=200)
105 response.mustcontain('"name_raw": "{}"'.format(repo_group_name))
109 response.mustcontain('<a href=\\"/{}\\">'.format(repo_group_name))
106 110
107 111 response = self.app.get(route_path('user_groups_data'),
108 112 extra_environ=xhr_header, status=200)
109 response.mustcontain('"name_raw": "{}"'.format(user_group_name))
113 response.mustcontain('<a href=\\"/_profile_user_group/{}\\">'.format(user_group_name))
110 114
111 115 def test_regular_user_can_see_admin_interfaces_if_admin_perm(
112 116 self, user_util, xhr_header):
@@ -140,13 +144,14 b' class TestAdminDelegatedUser(TestControl'
140 144 assert_response.element_contains('td.delegated-admin-user-groups', '1')
141 145
142 146 # admin interfaces have visible elements
143 response = self.app.get(route_path('repos'), status=200)
144 response.mustcontain('"name_raw": "{}"'.format(repo_name))
147 response = self.app.get(route_path('repos_data'),
148 extra_environ=xhr_header, status=200)
149 response.mustcontain('<a href=\\"/{}\\">'.format(repo_name))
145 150
146 151 response = self.app.get(route_path('repo_groups_data'),
147 152 extra_environ=xhr_header, status=200)
148 response.mustcontain('"name_raw": "{}"'.format(repo_group_name))
153 response.mustcontain('<a href=\\"/{}\\">'.format(repo_group_name))
149 154
150 155 response = self.app.get(route_path('user_groups_data'),
151 156 extra_environ=xhr_header, status=200)
152 response.mustcontain('"name_raw": "{}"'.format(user_group_name))
157 response.mustcontain('<a href=\\"/_profile_user_group/{}\\">'.format(user_group_name))
General Comments 0
You need to be logged in to leave comments. Login now