##// END OF EJS Templates
Implemented #738 Giving a user WRITE+ permissions on folder should not allow repo creation in root folder....
Implemented #738 Giving a user WRITE+ permissions on folder should not allow repo creation in root folder. user can create repos only if he got explicitly permission for creating repos globally, or have WRITE+ permission on a group. Then he can create repositories inside this group

File last commit:

r3224:8b8edfc2 beta
r3333:06988438 beta
Show More
test_settings.py
60 lines | 2.7 KiB | text/x-python | PythonLexer
renamed project to rhodecode
r547 from rhodecode.tests import *
added test for setting repo as private which should set perm => None for default user
r3219 from rhodecode.model.db import UserRepoToPerm, Repository, User, Permission
from rhodecode.model.meta import Session
def _get_permission_for_user(user, repo):
perm = UserRepoToPerm.query()\
.filter(UserRepoToPerm.repository ==
Repository.get_by_repo_name(repo))\
.filter(UserRepoToPerm.user == User.get_by_username(user))\
.all()
return perm
renamed project to rhodecode
r547
class TestSettingsController(TestController):
def test_index(self):
self.log_user()
response = self.app.get(url(controller='settings', action='index',
Tests rewrite for 1.2 added some globals configs to make tests easier....
r688 repo_name=HG_REPO))
renamed project to rhodecode
r547 # Test response...
added test for setting repo as private which should set perm => None for default user
r3219
def test_set_private_flag_sets_default_to_none(self):
self.log_user()
#initially repository perm should be read
perm = _get_permission_for_user(user='default', repo=HG_REPO)
self.assertTrue(len(perm), 1)
self.assertEqual(perm[0].permission.permission_name, 'repository.read')
self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)
response = self.app.put(url('repo', repo_name=HG_REPO),
_get_repo_create_params(repo_private=1,
repo_name=HG_REPO,
user=TEST_USER_ADMIN_LOGIN))
self.checkSessionFlash(response,
msg='Repository %s updated successfully' % (HG_REPO))
self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, True)
#now the repo default permission should be None
perm = _get_permission_for_user(user='default', repo=HG_REPO)
self.assertTrue(len(perm), 1)
self.assertEqual(perm[0].permission.permission_name, 'repository.none')
response = self.app.put(url('repo', repo_name=HG_REPO),
_get_repo_create_params(repo_private=False,
repo_name=HG_REPO,
user=TEST_USER_ADMIN_LOGIN))
self.checkSessionFlash(response,
msg='Repository %s updated successfully' % (HG_REPO))
self.assertEqual(Repository.get_by_repo_name(HG_REPO).private, False)
#we turn off private now the repo default permission should stay None
perm = _get_permission_for_user(user='default', repo=HG_REPO)
self.assertTrue(len(perm), 1)
self.assertEqual(perm[0].permission.permission_name, 'repository.none')
#update this permission back
perm[0].permission = Permission.get_by_key('repository.read')
Session().add(perm[0])
Session().commit()