Show More
| @@ -47,6 +47,7 b' def route_path(name, params=None, **kwar' | |||||
| 47 |
|
47 | |||
| 48 | base_url = { |
|
48 | base_url = { | |
| 49 | 'repos': ADMIN_PREFIX + '/repos', |
|
49 | 'repos': ADMIN_PREFIX + '/repos', | |
|
|
50 | 'repos_data': ADMIN_PREFIX + '/repos_data', | |||
| 50 | 'repo_new': ADMIN_PREFIX + '/repos/new', |
|
51 | 'repo_new': ADMIN_PREFIX + '/repos/new', | |
| 51 | 'repo_create': ADMIN_PREFIX + '/repos/create', |
|
52 | 'repo_create': ADMIN_PREFIX + '/repos/create', | |
| 52 |
|
53 | |||
| @@ -70,11 +71,12 b' def _get_permission_for_user(user, repo)' | |||||
| 70 | @pytest.mark.usefixtures("app") |
|
71 | @pytest.mark.usefixtures("app") | |
| 71 | class TestAdminRepos(object): |
|
72 | class TestAdminRepos(object): | |
| 72 |
|
73 | |||
| 73 | def test_repo_list(self, autologin_user, user_util): |
|
74 | def test_repo_list(self, autologin_user, user_util, xhr_header): | |
| 74 | repo = user_util.create_repo() |
|
75 | repo = user_util.create_repo() | |
| 75 | repo_name = repo.repo_name |
|
76 | repo_name = repo.repo_name | |
| 76 | response = self.app.get( |
|
77 | response = self.app.get( | |
| 77 |
route_path('repos'), status=200 |
|
78 | route_path('repos_data'), status=200, | |
|
|
79 | extra_environ=xhr_header) | |||
| 78 |
|
80 | |||
| 79 | response.mustcontain(repo_name) |
|
81 | response.mustcontain(repo_name) | |
| 80 |
|
82 | |||
| @@ -84,7 +84,7 b' class TestAdminRepositoryGroups(object):' | |||||
| 84 | fixture.create_repo_group('test_repo_group') |
|
84 | fixture.create_repo_group('test_repo_group') | |
| 85 | response = self.app.get(route_path( |
|
85 | response = self.app.get(route_path( | |
| 86 | 'repo_groups_data'), extra_environ=xhr_header) |
|
86 | 'repo_groups_data'), extra_environ=xhr_header) | |
| 87 |
response.mustcontain('" |
|
87 | response.mustcontain('<a href=\\"/{}/_edit\\" title=\\"Edit\\">Edit</a>'.format('test_repo_group')) | |
| 88 | fixture.destroy_repo_group('test_repo_group') |
|
88 | fixture.destroy_repo_group('test_repo_group') | |
| 89 |
|
89 | |||
| 90 | def test_new(self, autologin_user): |
|
90 | def test_new(self, autologin_user): | |
| @@ -546,6 +546,7 b' class TestAdminUsersView(TestController)' | |||||
| 546 | usr = user_util.create_user(auto_cleanup=False) |
|
546 | usr = user_util.create_user(auto_cleanup=False) | |
| 547 | username = usr.username |
|
547 | username = usr.username | |
| 548 | fixture.create_repo(obj_name, cur_user=usr.username) |
|
548 | fixture.create_repo(obj_name, cur_user=usr.username) | |
|
|
549 | Session().commit() | |||
| 549 |
|
550 | |||
| 550 | new_user = Session().query(User)\ |
|
551 | new_user = Session().query(User)\ | |
| 551 | .filter(User.username == username).one() |
|
552 | .filter(User.username == username).one() | |
| @@ -22,7 +22,7 b'' | |||||
| 22 | import pytest |
|
22 | import pytest | |
| 23 |
|
23 | |||
| 24 | import rhodecode |
|
24 | import rhodecode | |
| 25 | from rhodecode.model.db import Repository |
|
25 | from rhodecode.model.db import Repository, RepoGroup, User | |
| 26 | from rhodecode.model.meta import Session |
|
26 | from rhodecode.model.meta import Session | |
| 27 | from rhodecode.model.repo import RepoModel |
|
27 | from rhodecode.model.repo import RepoModel | |
| 28 | from rhodecode.model.repo_group import RepoGroupModel |
|
28 | from rhodecode.model.repo_group import RepoGroupModel | |
| @@ -37,6 +37,8 b' fixture = Fixture()' | |||||
| 37 | def route_path(name, **kwargs): |
|
37 | def route_path(name, **kwargs): | |
| 38 | return { |
|
38 | return { | |
| 39 | 'home': '/', |
|
39 | 'home': '/', | |
|
|
40 | 'main_page_repos_data': '/_home_repos', | |||
|
|
41 | 'main_page_repo_groups_data': '/_home_repo_groups', | |||
| 40 | 'repo_group_home': '/{repo_group_name}' |
|
42 | 'repo_group_home': '/{repo_group_name}' | |
| 41 | }[name].format(**kwargs) |
|
43 | }[name].format(**kwargs) | |
| 42 |
|
44 | |||
| @@ -49,9 +51,40 b' class TestHomeController(TestController)' | |||||
| 49 | # if global permission is set |
|
51 | # if global permission is set | |
| 50 | response.mustcontain('New Repository') |
|
52 | response.mustcontain('New Repository') | |
| 51 |
|
53 | |||
|
|
54 | def test_index_grid_repos(self, xhr_header): | |||
|
|
55 | self.log_user() | |||
|
|
56 | response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header) | |||
| 52 | # search for objects inside the JavaScript JSON |
|
57 | # search for objects inside the JavaScript JSON | |
| 53 |
for |
|
58 | for obj in Repository.getAll(): | |
| 54 |
response.mustcontain('" |
|
59 | response.mustcontain('<a href=\\"/{}\\">'.format(obj.repo_name)) | |
|
|
60 | ||||
|
|
61 | def test_index_grid_repo_groups(self, xhr_header): | |||
|
|
62 | self.log_user() | |||
|
|
63 | response = self.app.get(route_path('main_page_repo_groups_data'), | |||
|
|
64 | extra_environ=xhr_header,) | |||
|
|
65 | ||||
|
|
66 | # search for objects inside the JavaScript JSON | |||
|
|
67 | for obj in RepoGroup.getAll(): | |||
|
|
68 | response.mustcontain('<a href=\\"/{}\\">'.format(obj.group_name)) | |||
|
|
69 | ||||
|
|
70 | def test_index_grid_repo_groups_without_access(self, xhr_header, user_util): | |||
|
|
71 | user = user_util.create_user(password='qweqwe') | |||
|
|
72 | group_ok = user_util.create_repo_group(owner=user) | |||
|
|
73 | group_id_ok = group_ok.group_id | |||
|
|
74 | ||||
|
|
75 | group_forbidden = user_util.create_repo_group(owner=User.get_first_super_admin()) | |||
|
|
76 | group_id_forbidden = group_forbidden.group_id | |||
|
|
77 | ||||
|
|
78 | user_util.grant_user_permission_to_repo_group(group_forbidden, user, 'group.none') | |||
|
|
79 | self.log_user(user.username, 'qweqwe') | |||
|
|
80 | ||||
|
|
81 | self.app.get(route_path('main_page_repo_groups_data'), | |||
|
|
82 | extra_environ=xhr_header, | |||
|
|
83 | params={'repo_group_id': group_id_ok}, status=200) | |||
|
|
84 | ||||
|
|
85 | self.app.get(route_path('main_page_repo_groups_data'), | |||
|
|
86 | extra_environ=xhr_header, | |||
|
|
87 | params={'repo_group_id': group_id_forbidden}, status=404) | |||
| 55 |
|
88 | |||
| 56 | def test_index_contains_statics_with_ver(self): |
|
89 | def test_index_contains_statics_with_ver(self): | |
| 57 | from rhodecode.lib.base import calculate_version_hash |
|
90 | from rhodecode.lib.base import calculate_version_hash | |
| @@ -64,9 +97,9 b' class TestHomeController(TestController)' | |||||
| 64 | response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash)) |
|
97 | response.mustcontain('style.css?ver={0}'.format(rhodecode_version_hash)) | |
| 65 | response.mustcontain('scripts.min.js?ver={0}'.format(rhodecode_version_hash)) |
|
98 | response.mustcontain('scripts.min.js?ver={0}'.format(rhodecode_version_hash)) | |
| 66 |
|
99 | |||
| 67 | def test_index_contains_backend_specific_details(self, backend): |
|
100 | def test_index_contains_backend_specific_details(self, backend, xhr_header): | |
| 68 | self.log_user() |
|
101 | self.log_user() | |
| 69 |
response = self.app.get(route_path(' |
|
102 | response = self.app.get(route_path('main_page_repos_data'), extra_environ=xhr_header) | |
| 70 | tip = backend.repo.get_commit().raw_id |
|
103 | tip = backend.repo.get_commit().raw_id | |
| 71 |
|
104 | |||
| 72 | # html in javascript variable: |
|
105 | # html in javascript variable: | |
| @@ -81,25 +114,44 b' class TestHomeController(TestController)' | |||||
| 81 | response = self.app.get(route_path('home'), status=302) |
|
114 | response = self.app.get(route_path('home'), status=302) | |
| 82 | assert 'login' in response.location |
|
115 | assert 'login' in response.location | |
| 83 |
|
116 | |||
| 84 |
def test_index_page_on_groups(self, autologin_user, |
|
117 | def test_index_page_on_groups_with_wrong_group_id(self, autologin_user, xhr_header): | |
| 85 | response = self.app.get(route_path('repo_group_home', repo_group_name='gr1')) |
|
118 | group_id = 918123 | |
| 86 | response.mustcontain("gr1/repo_in_group") |
|
119 | self.app.get( | |
|
|
120 | route_path('main_page_repo_groups_data'), | |||
|
|
121 | params={'repo_group_id': group_id}, | |||
|
|
122 | status=404, extra_environ=xhr_header) | |||
| 87 |
|
123 | |||
| 88 | def test_index_page_on_group_with_trailing_slash( |
|
124 | def test_index_page_on_groups(self, autologin_user, user_util, xhr_header): | |
| 89 | self, autologin_user, repo_group): |
|
125 | gr = user_util.create_repo_group() | |
| 90 | response = self.app.get(route_path('repo_group_home', repo_group_name='gr1') + '/') |
|
126 | repo = user_util.create_repo(parent=gr) | |
| 91 | response.mustcontain("gr1/repo_in_group") |
|
127 | repo_name = repo.repo_name | |
|
|
128 | group_id = gr.group_id | |||
|
|
129 | ||||
|
|
130 | response = self.app.get(route_path( | |||
|
|
131 | 'repo_group_home', repo_group_name=gr.group_name)) | |||
|
|
132 | response.mustcontain('d.repo_group_id = {}'.format(group_id)) | |||
| 92 |
|
133 | |||
| 93 | @pytest.fixture(scope='class') |
|
134 | response = self.app.get( | |
| 94 | def repo_group(self, request): |
|
135 | route_path('main_page_repos_data'), | |
| 95 | gr = fixture.create_repo_group('gr1') |
|
136 | params={'repo_group_id': group_id}, | |
| 96 | fixture.create_repo(name='gr1/repo_in_group', repo_group=gr) |
|
137 | extra_environ=xhr_header,) | |
|
|
138 | response.mustcontain(repo_name) | |||
| 97 |
|
139 | |||
| 98 | @request.addfinalizer |
|
140 | def test_index_page_on_group_with_trailing_slash(self, autologin_user, user_util, xhr_header): | |
| 99 | def cleanup(): |
|
141 | gr = user_util.create_repo_group() | |
| 100 | RepoModel().delete('gr1/repo_in_group') |
|
142 | repo = user_util.create_repo(parent=gr) | |
| 101 | RepoGroupModel().delete(repo_group='gr1', force_delete=True) |
|
143 | repo_name = repo.repo_name | |
| 102 | Session().commit() |
|
144 | group_id = gr.group_id | |
|
|
145 | ||||
|
|
146 | response = self.app.get(route_path( | |||
|
|
147 | 'repo_group_home', repo_group_name=gr.group_name+'/')) | |||
|
|
148 | response.mustcontain('d.repo_group_id = {}'.format(group_id)) | |||
|
|
149 | ||||
|
|
150 | response = self.app.get( | |||
|
|
151 | route_path('main_page_repos_data'), | |||
|
|
152 | params={'repo_group_id': group_id}, | |||
|
|
153 | extra_environ=xhr_header, ) | |||
|
|
154 | response.mustcontain(repo_name) | |||
| 103 |
|
155 | |||
| 104 | @pytest.mark.parametrize("name, state", [ |
|
156 | @pytest.mark.parametrize("name, state", [ | |
| 105 | ('Disabled', False), |
|
157 | ('Disabled', False), | |
| @@ -29,7 +29,7 b' from rhodecode.apps._base import BaseApp' | |||||
| 29 | from rhodecode.lib import helpers as h |
|
29 | from rhodecode.lib import helpers as h | |
| 30 | from rhodecode.lib.auth import ( |
|
30 | from rhodecode.lib.auth import ( | |
| 31 | LoginRequired, NotAnonymous, HasRepoGroupPermissionAnyDecorator, CSRFRequired, |
|
31 | LoginRequired, NotAnonymous, HasRepoGroupPermissionAnyDecorator, CSRFRequired, | |
| 32 | HasRepoGroupPermissionAny) |
|
32 | HasRepoGroupPermissionAny, AuthUser) | |
| 33 | from rhodecode.lib.codeblocks import filenode_as_lines_tokens |
|
33 | from rhodecode.lib.codeblocks import filenode_as_lines_tokens | |
| 34 | from rhodecode.lib.index import searcher_from_config |
|
34 | from rhodecode.lib.index import searcher_from_config | |
| 35 | from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int |
|
35 | from rhodecode.lib.utils2 import safe_unicode, str2bool, safe_int | |
| @@ -723,7 +723,7 b' class HomeView(BaseAppView, DataGridAppV' | |||||
| 723 |
|
723 | |||
| 724 | if repo_group_id: |
|
724 | if repo_group_id: | |
| 725 | group = RepoGroup.get_or_404(repo_group_id) |
|
725 | group = RepoGroup.get_or_404(repo_group_id) | |
| 726 | _perms = ['group.read', 'group.write', 'group.admin'] |
|
726 | _perms = AuthUser.repo_group_read_perms | |
| 727 | if not HasRepoGroupPermissionAny(*_perms)( |
|
727 | if not HasRepoGroupPermissionAny(*_perms)( | |
| 728 | group.group_name, 'user is allowed to list repo group children'): |
|
728 | group.group_name, 'user is allowed to list repo group children'): | |
| 729 | raise HTTPNotFound() |
|
729 | raise HTTPNotFound() | |
| @@ -740,7 +740,7 b' class HomeView(BaseAppView, DataGridAppV' | |||||
| 740 |
|
740 | |||
| 741 | if repo_group_id: |
|
741 | if repo_group_id: | |
| 742 | group = RepoGroup.get_or_404(repo_group_id) |
|
742 | group = RepoGroup.get_or_404(repo_group_id) | |
| 743 | _perms = ['group.read', 'group.write', 'group.admin'] |
|
743 | _perms = AuthUser.repo_group_read_perms | |
| 744 | if not HasRepoGroupPermissionAny(*_perms)( |
|
744 | if not HasRepoGroupPermissionAny(*_perms)( | |
| 745 | group.group_name, 'user is allowed to list repo group children'): |
|
745 | group.group_name, 'user is allowed to list repo group children'): | |
| 746 | raise HTTPNotFound() |
|
746 | raise HTTPNotFound() | |
| @@ -748,8 +748,7 b' class HomeView(BaseAppView, DataGridAppV' | |||||
| 748 | return self._main_page_repos_data(repo_group_id) |
|
748 | return self._main_page_repos_data(repo_group_id) | |
| 749 |
|
749 | |||
| 750 | @LoginRequired() |
|
750 | @LoginRequired() | |
| 751 | @HasRepoGroupPermissionAnyDecorator( |
|
751 | @HasRepoGroupPermissionAnyDecorator(*AuthUser.repo_group_read_perms) | |
| 752 | 'group.read', 'group.write', 'group.admin') |
|
|||
| 753 | @view_config( |
|
752 | @view_config( | |
| 754 | route_name='repo_group_home', request_method='GET', |
|
753 | route_name='repo_group_home', request_method='GET', | |
| 755 | renderer='rhodecode:templates/index_repo_group.mako') |
|
754 | renderer='rhodecode:templates/index_repo_group.mako') | |
| @@ -93,7 +93,7 b' class TestLoginController(object):' | |||||
| 93 | session = response.get_session_from_response() |
|
93 | session = response.get_session_from_response() | |
| 94 | username = session['rhodecode_user'].get('username') |
|
94 | username = session['rhodecode_user'].get('username') | |
| 95 | assert username == 'test_admin' |
|
95 | assert username == 'test_admin' | |
| 96 |
response.mustcontain(' |
|
96 | response.mustcontain('logout') | |
| 97 |
|
97 | |||
| 98 | def test_login_regular_ok(self): |
|
98 | def test_login_regular_ok(self): | |
| 99 | response = self.app.post(route_path('login'), |
|
99 | response = self.app.post(route_path('login'), | |
| @@ -104,8 +104,7 b' class TestLoginController(object):' | |||||
| 104 | session = response.get_session_from_response() |
|
104 | session = response.get_session_from_response() | |
| 105 | username = session['rhodecode_user'].get('username') |
|
105 | username = session['rhodecode_user'].get('username') | |
| 106 | assert username == 'test_regular' |
|
106 | assert username == 'test_regular' | |
| 107 |
|
107 | response.mustcontain('logout') | ||
| 108 | response.mustcontain('/%s' % HG_REPO) |
|
|||
| 109 |
|
108 | |||
| 110 | def test_login_regular_forbidden_when_super_admin_restriction(self): |
|
109 | def test_login_regular_forbidden_when_super_admin_restriction(self): | |
| 111 | from rhodecode.authentication.plugins.auth_rhodecode import RhodeCodeAuthPlugin |
|
110 | from rhodecode.authentication.plugins.auth_rhodecode import RhodeCodeAuthPlugin | |
| @@ -225,7 +224,7 b' class TestLoginController(object):' | |||||
| 225 | session = response.get_session_from_response() |
|
224 | session = response.get_session_from_response() | |
| 226 | username = session['rhodecode_user'].get('username') |
|
225 | username = session['rhodecode_user'].get('username') | |
| 227 | assert username == temp_user |
|
226 | assert username == temp_user | |
| 228 |
response.mustcontain(' |
|
227 | response.mustcontain('logout') | |
| 229 |
|
228 | |||
| 230 | # new password should be bcrypted, after log-in and transfer |
|
229 | # new password should be bcrypted, after log-in and transfer | |
| 231 | user = User.get_by_username(temp_user) |
|
230 | user = User.get_by_username(temp_user) | |
| @@ -33,6 +33,8 b' def route_path(name, params=None, **kwar' | |||||
| 33 | 'admin_home': ADMIN_PREFIX, |
|
33 | 'admin_home': ADMIN_PREFIX, | |
| 34 | 'repos': |
|
34 | 'repos': | |
| 35 | ADMIN_PREFIX + '/repos', |
|
35 | ADMIN_PREFIX + '/repos', | |
|
|
36 | 'repos_data': | |||
|
|
37 | ADMIN_PREFIX + '/repos_data', | |||
| 36 | 'repo_groups': |
|
38 | 'repo_groups': | |
| 37 | ADMIN_PREFIX + '/repo_groups', |
|
39 | ADMIN_PREFIX + '/repo_groups', | |
| 38 | 'repo_groups_data': |
|
40 | 'repo_groups_data': | |
| @@ -62,8 +64,9 b' class TestAdminDelegatedUser(TestControl' | |||||
| 62 | # user doesn't have any access to resources so main admin page should 404 |
|
64 | # user doesn't have any access to resources so main admin page should 404 | |
| 63 | self.app.get(route_path('admin_home'), status=404) |
|
65 | self.app.get(route_path('admin_home'), status=404) | |
| 64 |
|
66 | |||
| 65 |
response = self.app.get(route_path('repos'), |
|
67 | response = self.app.get(route_path('repos_data'), | |
| 66 | response.mustcontain('data: []') |
|
68 | status=200, extra_environ=xhr_header) | |
|
|
69 | assert response.json['data'] == [] | |||
| 67 |
|
70 | |||
| 68 | response = self.app.get(route_path('repo_groups_data'), |
|
71 | response = self.app.get(route_path('repo_groups_data'), | |
| 69 | status=200, extra_environ=xhr_header) |
|
72 | status=200, extra_environ=xhr_header) | |
| @@ -97,16 +100,17 b' class TestAdminDelegatedUser(TestControl' | |||||
| 97 | assert_response.element_contains('td.delegated-admin-user-groups', '1') |
|
100 | assert_response.element_contains('td.delegated-admin-user-groups', '1') | |
| 98 |
|
101 | |||
| 99 | # admin interfaces have visible elements |
|
102 | # admin interfaces have visible elements | |
| 100 |
response = self.app.get(route_path('repos'), |
|
103 | response = self.app.get(route_path('repos_data'), | |
| 101 | response.mustcontain('"name_raw": "{}"'.format(repo_name)) |
|
104 | extra_environ=xhr_header, status=200) | |
|
|
105 | response.mustcontain('<a href=\\"/{}\\">'.format(repo_name)) | |||
| 102 |
|
106 | |||
| 103 | response = self.app.get(route_path('repo_groups_data'), |
|
107 | response = self.app.get(route_path('repo_groups_data'), | |
| 104 | extra_environ=xhr_header, status=200) |
|
108 | extra_environ=xhr_header, status=200) | |
| 105 |
response.mustcontain('" |
|
109 | response.mustcontain('<a href=\\"/{}\\">'.format(repo_group_name)) | |
| 106 |
|
110 | |||
| 107 | response = self.app.get(route_path('user_groups_data'), |
|
111 | response = self.app.get(route_path('user_groups_data'), | |
| 108 | extra_environ=xhr_header, status=200) |
|
112 | extra_environ=xhr_header, status=200) | |
| 109 |
response.mustcontain('" |
|
113 | response.mustcontain('<a href=\\"/_profile_user_group/{}\\">'.format(user_group_name)) | |
| 110 |
|
114 | |||
| 111 | def test_regular_user_can_see_admin_interfaces_if_admin_perm( |
|
115 | def test_regular_user_can_see_admin_interfaces_if_admin_perm( | |
| 112 | self, user_util, xhr_header): |
|
116 | self, user_util, xhr_header): | |
| @@ -140,13 +144,14 b' class TestAdminDelegatedUser(TestControl' | |||||
| 140 | assert_response.element_contains('td.delegated-admin-user-groups', '1') |
|
144 | assert_response.element_contains('td.delegated-admin-user-groups', '1') | |
| 141 |
|
145 | |||
| 142 | # admin interfaces have visible elements |
|
146 | # admin interfaces have visible elements | |
| 143 |
response = self.app.get(route_path('repos'), |
|
147 | response = self.app.get(route_path('repos_data'), | |
| 144 | response.mustcontain('"name_raw": "{}"'.format(repo_name)) |
|
148 | extra_environ=xhr_header, status=200) | |
|
|
149 | response.mustcontain('<a href=\\"/{}\\">'.format(repo_name)) | |||
| 145 |
|
150 | |||
| 146 | response = self.app.get(route_path('repo_groups_data'), |
|
151 | response = self.app.get(route_path('repo_groups_data'), | |
| 147 | extra_environ=xhr_header, status=200) |
|
152 | extra_environ=xhr_header, status=200) | |
| 148 |
response.mustcontain('" |
|
153 | response.mustcontain('<a href=\\"/{}\\">'.format(repo_group_name)) | |
| 149 |
|
154 | |||
| 150 | response = self.app.get(route_path('user_groups_data'), |
|
155 | response = self.app.get(route_path('user_groups_data'), | |
| 151 | extra_environ=xhr_header, status=200) |
|
156 | extra_environ=xhr_header, status=200) | |
| 152 |
response.mustcontain('" |
|
157 | response.mustcontain('<a href=\\"/_profile_user_group/{}\\">'.format(user_group_name)) | |
General Comments 0
You need to be logged in to leave comments.
Login now