Show More
@@ -1,417 +1,418 b'' | |||
|
1 | 1 | # -*- coding: utf-8 -*- |
|
2 | 2 | |
|
3 | 3 | # Copyright (C) 2010-2016 RhodeCode GmbH |
|
4 | 4 | # |
|
5 | 5 | # This program is free software: you can redistribute it and/or modify |
|
6 | 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
7 | 7 | # (only), as published by the Free Software Foundation. |
|
8 | 8 | # |
|
9 | 9 | # This program is distributed in the hope that it will be useful, |
|
10 | 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
11 | 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
12 | 12 | # GNU General Public License for more details. |
|
13 | 13 | # |
|
14 | 14 | # You should have received a copy of the GNU Affero General Public License |
|
15 | 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
16 | 16 | # |
|
17 | 17 | # This program is dual-licensed. If you wish to learn more about the |
|
18 | 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
19 | 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
20 | 20 | |
|
21 | 21 | import base64 |
|
22 | 22 | |
|
23 | 23 | import mock |
|
24 | 24 | import pytest |
|
25 | 25 | import webtest.app |
|
26 | 26 | |
|
27 | 27 | from rhodecode.lib.caching_query import FromCache |
|
28 | 28 | from rhodecode.lib.hooks_daemon import DummyHooksCallbackDaemon |
|
29 | 29 | from rhodecode.lib.middleware import simplevcs |
|
30 | 30 | from rhodecode.lib.middleware.https_fixup import HttpsFixup |
|
31 | 31 | from rhodecode.lib.middleware.utils import scm_app |
|
32 | 32 | from rhodecode.model.db import User, _hash_key |
|
33 | 33 | from rhodecode.model.meta import Session |
|
34 | 34 | from rhodecode.tests import ( |
|
35 | 35 | HG_REPO, TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
36 | 36 | from rhodecode.tests.lib.middleware import mock_scm_app |
|
37 | 37 | from rhodecode.tests.utils import set_anonymous_access |
|
38 | 38 | |
|
39 | 39 | |
|
40 | 40 | class StubVCSController(simplevcs.SimpleVCS): |
|
41 | 41 | |
|
42 | 42 | SCM = 'hg' |
|
43 | 43 | stub_response_body = tuple() |
|
44 | 44 | |
|
45 | 45 | def __init__(self, *args, **kwargs): |
|
46 | 46 | super(StubVCSController, self).__init__(*args, **kwargs) |
|
47 | 47 | self._action = 'pull' |
|
48 | 48 | self._name = HG_REPO |
|
49 | 49 | self.set_repo_names(None) |
|
50 | 50 | |
|
51 | 51 | def _get_repository_name(self, environ): |
|
52 | 52 | return self._name |
|
53 | 53 | |
|
54 | 54 | def _get_action(self, environ): |
|
55 | 55 | return self._action |
|
56 | 56 | |
|
57 | 57 | def _create_wsgi_app(self, repo_path, repo_name, config): |
|
58 | 58 | def fake_app(environ, start_response): |
|
59 | 59 | start_response('200 OK', []) |
|
60 | 60 | return self.stub_response_body |
|
61 | 61 | return fake_app |
|
62 | 62 | |
|
63 | 63 | def _create_config(self, extras, repo_name): |
|
64 | 64 | return None |
|
65 | 65 | |
|
66 | 66 | |
|
67 | 67 | @pytest.fixture |
|
68 | 68 | def vcscontroller(pylonsapp, config_stub): |
|
69 | 69 | config_stub.testing_securitypolicy() |
|
70 | 70 | config_stub.include('rhodecode.authentication') |
|
71 | 71 | |
|
72 | 72 | set_anonymous_access(True) |
|
73 | 73 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
74 | 74 | app = HttpsFixup(controller, pylonsapp.config) |
|
75 | 75 | app = webtest.app.TestApp(app) |
|
76 | 76 | |
|
77 | 77 | _remove_default_user_from_query_cache() |
|
78 | 78 | |
|
79 | 79 | # Sanity checks that things are set up correctly |
|
80 | 80 | app.get('/' + HG_REPO, status=200) |
|
81 | 81 | |
|
82 | 82 | app.controller = controller |
|
83 | 83 | return app |
|
84 | 84 | |
|
85 | 85 | |
|
86 | 86 | def _remove_default_user_from_query_cache(): |
|
87 | 87 | user = User.get_default_user(cache=True) |
|
88 | 88 | query = Session().query(User).filter(User.username == user.username) |
|
89 | 89 | query = query.options(FromCache( |
|
90 | 90 | "sql_cache_short", "get_user_%s" % _hash_key(user.username))) |
|
91 | 91 | query.invalidate() |
|
92 | 92 | Session().expire(user) |
|
93 | 93 | |
|
94 | 94 | |
|
95 | 95 | @pytest.fixture |
|
96 | 96 | def disable_anonymous_user(request, pylonsapp): |
|
97 | 97 | set_anonymous_access(False) |
|
98 | 98 | |
|
99 | 99 | @request.addfinalizer |
|
100 | 100 | def cleanup(): |
|
101 | 101 | set_anonymous_access(True) |
|
102 | 102 | |
|
103 | 103 | |
|
104 | 104 | def test_handles_exceptions_during_permissions_checks( |
|
105 | 105 | vcscontroller, disable_anonymous_user): |
|
106 | 106 | user_and_pass = '%s:%s' % (TEST_USER_ADMIN_LOGIN, TEST_USER_ADMIN_PASS) |
|
107 | 107 | auth_password = base64.encodestring(user_and_pass).strip() |
|
108 | 108 | extra_environ = { |
|
109 | 109 | 'AUTH_TYPE': 'Basic', |
|
110 | 110 | 'HTTP_AUTHORIZATION': 'Basic %s' % auth_password, |
|
111 | 111 | 'REMOTE_USER': TEST_USER_ADMIN_LOGIN, |
|
112 | 112 | } |
|
113 | 113 | |
|
114 | 114 | # Verify that things are hooked up correctly |
|
115 | 115 | vcscontroller.get('/', status=200, extra_environ=extra_environ) |
|
116 | 116 | |
|
117 | 117 | # Simulate trouble during permission checks |
|
118 | 118 | with mock.patch('rhodecode.model.db.User.get_by_username', |
|
119 | 119 | side_effect=Exception) as get_user: |
|
120 | 120 | # Verify that a correct 500 is returned and check that the expected |
|
121 | 121 | # code path was hit. |
|
122 | 122 | vcscontroller.get('/', status=500, extra_environ=extra_environ) |
|
123 | 123 | assert get_user.called |
|
124 | 124 | |
|
125 | 125 | |
|
126 | 126 | def test_returns_forbidden_if_no_anonymous_access( |
|
127 | 127 | vcscontroller, disable_anonymous_user): |
|
128 | 128 | vcscontroller.get('/', status=401) |
|
129 | 129 | |
|
130 | 130 | |
|
131 | 131 | class StubFailVCSController(simplevcs.SimpleVCS): |
|
132 | 132 | def _handle_request(self, environ, start_response): |
|
133 | 133 | raise Exception("BOOM") |
|
134 | 134 | |
|
135 | 135 | |
|
136 | 136 | @pytest.fixture(scope='module') |
|
137 | 137 | def fail_controller(pylonsapp): |
|
138 | 138 | controller = StubFailVCSController(pylonsapp, pylonsapp.config, None) |
|
139 | 139 | controller = HttpsFixup(controller, pylonsapp.config) |
|
140 | 140 | controller = webtest.app.TestApp(controller) |
|
141 | 141 | return controller |
|
142 | 142 | |
|
143 | 143 | |
|
144 | 144 | def test_handles_exceptions_as_internal_server_error(fail_controller): |
|
145 | 145 | fail_controller.get('/', status=500) |
|
146 | 146 | |
|
147 | 147 | |
|
148 | 148 | def test_provides_traceback_for_appenlight(fail_controller): |
|
149 | 149 | response = fail_controller.get( |
|
150 | 150 | '/', status=500, extra_environ={'appenlight.client': 'fake'}) |
|
151 | 151 | assert 'appenlight.__traceback' in response.request.environ |
|
152 | 152 | |
|
153 | 153 | |
|
154 | 154 | def test_provides_utils_scm_app_as_scm_app_by_default(pylonsapp): |
|
155 | 155 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
156 | 156 | assert controller.scm_app is scm_app |
|
157 | 157 | |
|
158 | 158 | |
|
159 | 159 | def test_allows_to_override_scm_app_via_config(pylonsapp): |
|
160 | 160 | config = pylonsapp.config.copy() |
|
161 | 161 | config['vcs.scm_app_implementation'] = ( |
|
162 | 162 | 'rhodecode.tests.lib.middleware.mock_scm_app') |
|
163 | 163 | controller = StubVCSController(pylonsapp, config, None) |
|
164 | 164 | assert controller.scm_app is mock_scm_app |
|
165 | 165 | |
|
166 | 166 | |
|
167 | 167 | @pytest.mark.parametrize('query_string, expected', [ |
|
168 | 168 | ('cmd=stub_command', True), |
|
169 | 169 | ('cmd=listkeys', False), |
|
170 | 170 | ]) |
|
171 | 171 | def test_should_check_locking(query_string, expected): |
|
172 | 172 | result = simplevcs._should_check_locking(query_string) |
|
173 | 173 | assert result == expected |
|
174 | 174 | |
|
175 | 175 | |
|
176 | 176 | @pytest.mark.backends('git', 'hg') |
|
177 | 177 | class TestShadowRepoExposure(object): |
|
178 | 178 | def test_pull_on_shadow_repo_propagates_to_wsgi_app(self, pylonsapp): |
|
179 | 179 | """ |
|
180 | 180 | Check that a pull action to a shadow repo is propagated to the |
|
181 | 181 | underlying wsgi app. |
|
182 | 182 | """ |
|
183 | 183 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
184 | 184 | controller._check_ssl = mock.Mock() |
|
185 | 185 | controller.is_shadow_repo = True |
|
186 | 186 | controller._action = 'pull' |
|
187 | 187 | controller.stub_response_body = 'dummy body value' |
|
188 | 188 | environ_stub = { |
|
189 | 189 | 'HTTP_HOST': 'test.example.com', |
|
190 | 190 | 'REQUEST_METHOD': 'GET', |
|
191 | 191 | 'wsgi.url_scheme': 'http', |
|
192 | 192 | } |
|
193 | 193 | |
|
194 | 194 | response = controller(environ_stub, mock.Mock()) |
|
195 | 195 | response_body = ''.join(response) |
|
196 | 196 | |
|
197 | 197 | # Assert that we got the response from the wsgi app. |
|
198 | 198 | assert response_body == controller.stub_response_body |
|
199 | 199 | |
|
200 | 200 | def test_push_on_shadow_repo_raises(self, pylonsapp): |
|
201 | 201 | """ |
|
202 | 202 | Check that a push action to a shadow repo is aborted. |
|
203 | 203 | """ |
|
204 | 204 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
205 | 205 | controller._check_ssl = mock.Mock() |
|
206 | 206 | controller.is_shadow_repo = True |
|
207 | 207 | controller._action = 'push' |
|
208 | 208 | controller.stub_response_body = 'dummy body value' |
|
209 | 209 | environ_stub = { |
|
210 | 210 | 'HTTP_HOST': 'test.example.com', |
|
211 | 211 | 'REQUEST_METHOD': 'GET', |
|
212 | 212 | 'wsgi.url_scheme': 'http', |
|
213 | 213 | } |
|
214 | 214 | |
|
215 | 215 | response = controller(environ_stub, mock.Mock()) |
|
216 | 216 | response_body = ''.join(response) |
|
217 | 217 | |
|
218 | 218 | assert response_body != controller.stub_response_body |
|
219 | 219 | # Assert that a 406 error is returned. |
|
220 | 220 | assert '406 Not Acceptable' in response_body |
|
221 | 221 | |
|
222 | 222 | def test_set_repo_names_no_shadow(self, pylonsapp): |
|
223 | 223 | """ |
|
224 | 224 | Check that the set_repo_names method sets all names to the one returned |
|
225 | 225 | by the _get_repository_name method on a request to a non shadow repo. |
|
226 | 226 | """ |
|
227 | 227 | environ_stub = {} |
|
228 | 228 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
229 | 229 | controller._name = 'RepoGroup/MyRepo' |
|
230 | 230 | controller.set_repo_names(environ_stub) |
|
231 | 231 | assert not controller.is_shadow_repo |
|
232 | 232 | assert (controller.url_repo_name == |
|
233 | 233 | controller.acl_repo_name == |
|
234 | 234 | controller.vcs_repo_name == |
|
235 | 235 | controller._get_repository_name(environ_stub)) |
|
236 | 236 | |
|
237 | 237 | def test_set_repo_names_with_shadow(self, pylonsapp, pr_util): |
|
238 | 238 | """ |
|
239 | 239 | Check that the set_repo_names method sets correct names on a request |
|
240 | 240 | to a shadow repo. |
|
241 | 241 | """ |
|
242 | 242 | from rhodecode.model.pull_request import PullRequestModel |
|
243 | 243 | |
|
244 | 244 | pull_request = pr_util.create_pull_request() |
|
245 | 245 | shadow_url = '{target}/pull-request/{pr_id}/repository'.format( |
|
246 | 246 | target=pull_request.target_repo.repo_name, |
|
247 | 247 | pr_id=pull_request.pull_request_id) |
|
248 | 248 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
249 | 249 | controller._name = shadow_url |
|
250 | 250 | controller.set_repo_names({}) |
|
251 | 251 | |
|
252 | 252 | # Get file system path to shadow repo for assertions. |
|
253 | 253 | workspace_id = PullRequestModel()._workspace_id(pull_request) |
|
254 | 254 | target_vcs = pull_request.target_repo.scm_instance() |
|
255 | 255 | vcs_repo_name = target_vcs._get_shadow_repository_path( |
|
256 | 256 | workspace_id) |
|
257 | 257 | |
|
258 | 258 | assert controller.vcs_repo_name == vcs_repo_name |
|
259 | 259 | assert controller.url_repo_name == shadow_url |
|
260 | 260 | assert controller.acl_repo_name == pull_request.target_repo.repo_name |
|
261 | 261 | assert controller.is_shadow_repo |
|
262 | 262 | |
|
263 | 263 | def test_set_repo_names_with_shadow_but_missing_pr( |
|
264 | 264 | self, pylonsapp, pr_util): |
|
265 | 265 | """ |
|
266 | 266 | Checks that the set_repo_names method enforces matching target repos |
|
267 | 267 | and pull request IDs. |
|
268 | 268 | """ |
|
269 | 269 | pull_request = pr_util.create_pull_request() |
|
270 | 270 | shadow_url = '{target}/pull-request/{pr_id}/repository'.format( |
|
271 | 271 | target=pull_request.target_repo.repo_name, |
|
272 | 272 | pr_id=999999999) |
|
273 | 273 | controller = StubVCSController(pylonsapp, pylonsapp.config, None) |
|
274 | 274 | controller._name = shadow_url |
|
275 | 275 | controller.set_repo_names({}) |
|
276 | 276 | |
|
277 | 277 | assert not controller.is_shadow_repo |
|
278 | 278 | assert (controller.url_repo_name == |
|
279 | 279 | controller.acl_repo_name == |
|
280 | 280 | controller.vcs_repo_name) |
|
281 | 281 | |
|
282 | 282 | |
|
283 | @pytest.mark.usefixtures('db') | |
|
283 | 284 | @mock.patch.multiple( |
|
284 | 285 | 'Pyro4.config', SERVERTYPE='multiplex', POLLTIMEOUT=0.01) |
|
285 | 286 | class TestGenerateVcsResponse: |
|
286 | 287 | |
|
287 | 288 | def test_ensures_that_start_response_is_called_early_enough(self): |
|
288 | 289 | self.call_controller_with_response_body(iter(['a', 'b'])) |
|
289 | 290 | assert self.start_response.called |
|
290 | 291 | |
|
291 | 292 | def test_invalidates_cache_after_body_is_consumed(self): |
|
292 | 293 | result = self.call_controller_with_response_body(iter(['a', 'b'])) |
|
293 | 294 | assert not self.was_cache_invalidated() |
|
294 | 295 | # Consume the result |
|
295 | 296 | list(result) |
|
296 | 297 | assert self.was_cache_invalidated() |
|
297 | 298 | |
|
298 | 299 | @mock.patch('rhodecode.lib.middleware.simplevcs.HTTPLockedRC') |
|
299 | 300 | def test_handles_locking_exception(self, http_locked_rc): |
|
300 | 301 | result = self.call_controller_with_response_body( |
|
301 | 302 | self.raise_result_iter(vcs_kind='repo_locked')) |
|
302 | 303 | assert not http_locked_rc.called |
|
303 | 304 | # Consume the result |
|
304 | 305 | list(result) |
|
305 | 306 | assert http_locked_rc.called |
|
306 | 307 | |
|
307 | 308 | @mock.patch('rhodecode.lib.middleware.simplevcs.HTTPRequirementError') |
|
308 | 309 | def test_handles_requirement_exception(self, http_requirement): |
|
309 | 310 | result = self.call_controller_with_response_body( |
|
310 | 311 | self.raise_result_iter(vcs_kind='requirement')) |
|
311 | 312 | assert not http_requirement.called |
|
312 | 313 | # Consume the result |
|
313 | 314 | list(result) |
|
314 | 315 | assert http_requirement.called |
|
315 | 316 | |
|
316 | 317 | @mock.patch('rhodecode.lib.middleware.simplevcs.HTTPLockedRC') |
|
317 | 318 | def test_handles_locking_exception_in_app_call(self, http_locked_rc): |
|
318 | 319 | app_factory_patcher = mock.patch.object( |
|
319 | 320 | StubVCSController, '_create_wsgi_app') |
|
320 | 321 | with app_factory_patcher as app_factory: |
|
321 | 322 | app_factory().side_effect = self.vcs_exception() |
|
322 | 323 | result = self.call_controller_with_response_body(['a']) |
|
323 | 324 | list(result) |
|
324 | 325 | assert http_locked_rc.called |
|
325 | 326 | |
|
326 | 327 | def test_raises_unknown_exceptions(self): |
|
327 | 328 | result = self.call_controller_with_response_body( |
|
328 | 329 | self.raise_result_iter(vcs_kind='unknown')) |
|
329 | 330 | with pytest.raises(Exception): |
|
330 | 331 | list(result) |
|
331 | 332 | |
|
332 | 333 | def test_prepare_callback_daemon_is_called(self): |
|
333 | 334 | def side_effect(extras): |
|
334 | 335 | return DummyHooksCallbackDaemon(), extras |
|
335 | 336 | |
|
336 | 337 | prepare_patcher = mock.patch.object( |
|
337 | 338 | StubVCSController, '_prepare_callback_daemon') |
|
338 | 339 | with prepare_patcher as prepare_mock: |
|
339 | 340 | prepare_mock.side_effect = side_effect |
|
340 | 341 | self.call_controller_with_response_body(iter(['a', 'b'])) |
|
341 | 342 | assert prepare_mock.called |
|
342 | 343 | assert prepare_mock.call_count == 1 |
|
343 | 344 | |
|
344 | 345 | def call_controller_with_response_body(self, response_body): |
|
345 | 346 | settings = { |
|
346 | 347 | 'base_path': 'fake_base_path', |
|
347 | 348 | 'vcs.hooks.protocol': 'http', |
|
348 | 349 | 'vcs.hooks.direct_calls': False, |
|
349 | 350 | } |
|
350 | 351 | controller = StubVCSController(None, settings, None) |
|
351 | 352 | controller._invalidate_cache = mock.Mock() |
|
352 | 353 | controller.stub_response_body = response_body |
|
353 | 354 | self.start_response = mock.Mock() |
|
354 | 355 | result = controller._generate_vcs_response( |
|
355 | 356 | environ={}, start_response=self.start_response, |
|
356 | 357 | repo_path='fake_repo_path', |
|
357 | 358 | repo_name='fake_repo_name', |
|
358 | 359 | extras={}, action='push') |
|
359 | 360 | self.controller = controller |
|
360 | 361 | return result |
|
361 | 362 | |
|
362 | 363 | def raise_result_iter(self, vcs_kind='repo_locked'): |
|
363 | 364 | """ |
|
364 | 365 | Simulates an exception due to a vcs raised exception if kind vcs_kind |
|
365 | 366 | """ |
|
366 | 367 | raise self.vcs_exception(vcs_kind=vcs_kind) |
|
367 | 368 | yield "never_reached" |
|
368 | 369 | |
|
369 | 370 | def vcs_exception(self, vcs_kind='repo_locked'): |
|
370 | 371 | locked_exception = Exception('TEST_MESSAGE') |
|
371 | 372 | locked_exception._vcs_kind = vcs_kind |
|
372 | 373 | return locked_exception |
|
373 | 374 | |
|
374 | 375 | def was_cache_invalidated(self): |
|
375 | 376 | return self.controller._invalidate_cache.called |
|
376 | 377 | |
|
377 | 378 | |
|
378 | 379 | class TestInitializeGenerator: |
|
379 | 380 | |
|
380 | 381 | def test_drains_first_element(self): |
|
381 | 382 | gen = self.factory(['__init__', 1, 2]) |
|
382 | 383 | result = list(gen) |
|
383 | 384 | assert result == [1, 2] |
|
384 | 385 | |
|
385 | 386 | @pytest.mark.parametrize('values', [ |
|
386 | 387 | [], |
|
387 | 388 | [1, 2], |
|
388 | 389 | ]) |
|
389 | 390 | def test_raises_value_error(self, values): |
|
390 | 391 | with pytest.raises(ValueError): |
|
391 | 392 | self.factory(values) |
|
392 | 393 | |
|
393 | 394 | @simplevcs.initialize_generator |
|
394 | 395 | def factory(self, iterable): |
|
395 | 396 | for elem in iterable: |
|
396 | 397 | yield elem |
|
397 | 398 | |
|
398 | 399 | |
|
399 | 400 | class TestPrepareHooksDaemon(object): |
|
400 | 401 | def test_calls_imported_prepare_callback_daemon(self, app_settings): |
|
401 | 402 | expected_extras = {'extra1': 'value1'} |
|
402 | 403 | daemon = DummyHooksCallbackDaemon() |
|
403 | 404 | |
|
404 | 405 | controller = StubVCSController(None, app_settings, None) |
|
405 | 406 | prepare_patcher = mock.patch.object( |
|
406 | 407 | simplevcs, 'prepare_callback_daemon', |
|
407 | 408 | return_value=(daemon, expected_extras)) |
|
408 | 409 | with prepare_patcher as prepare_mock: |
|
409 | 410 | callback_daemon, extras = controller._prepare_callback_daemon( |
|
410 | 411 | expected_extras.copy()) |
|
411 | 412 | prepare_mock.assert_called_once_with( |
|
412 | 413 | expected_extras, |
|
413 | 414 | protocol=app_settings['vcs.hooks.protocol'], |
|
414 | 415 | use_direct_calls=app_settings['vcs.hooks.direct_calls']) |
|
415 | 416 | |
|
416 | 417 | assert callback_daemon == daemon |
|
417 | 418 | assert extras == extras |
General Comments 0
You need to be logged in to leave comments.
Login now