test_models.py
715 lines
| 28.4 KiB
| text/x-python
|
PythonLexer
r1538 | import os | |||
r1373 | import unittest | |||
from rhodecode.tests import * | ||||
r1538 | ||||
from rhodecode.model.repos_group import ReposGroupModel | ||||
r1539 | from rhodecode.model.repo import RepoModel | |||
r1713 | from rhodecode.model.db import RepoGroup, User, Notification, UserNotification, \ | |||
r2255 | UsersGroup, UsersGroupMember, Permission, UsersGroupRepoGroupToPerm,\ | |||
Repository | ||||
r1538 | from sqlalchemy.exc import IntegrityError | |||
r1702 | from rhodecode.model.user import UserModel | |||
r1713 | from rhodecode.model.meta import Session | |||
from rhodecode.model.notification import NotificationModel | ||||
from rhodecode.model.users_group import UsersGroupModel | ||||
r1982 | from rhodecode.lib.auth import AuthUser | |||
def _make_group(path, desc='desc', parent_id=None, | ||||
skip_if_exists=False): | ||||
gr = RepoGroup.get_by_group_name(path) | ||||
if gr and skip_if_exists: | ||||
return gr | ||||
gr = ReposGroupModel().create(path, desc, parent_id) | ||||
return gr | ||||
r1538 | ||||
class TestReposGroups(unittest.TestCase): | ||||
def setUp(self): | ||||
r1982 | self.g1 = _make_group('test1', skip_if_exists=True) | |||
r2059 | Session.commit() | |||
r1982 | self.g2 = _make_group('test2', skip_if_exists=True) | |||
r2059 | Session.commit() | |||
r1982 | self.g3 = _make_group('test3', skip_if_exists=True) | |||
r2059 | Session.commit() | |||
r1538 | ||||
def tearDown(self): | ||||
print 'out' | ||||
def __check_path(self, *path): | ||||
r2059 | """ | |||
Checks the path for existance ! | ||||
""" | ||||
r1538 | path = [TESTS_TMP_PATH] + list(path) | |||
path = os.path.join(*path) | ||||
return os.path.isdir(path) | ||||
def _check_folders(self): | ||||
print os.listdir(TESTS_TMP_PATH) | ||||
def __delete_group(self, id_): | ||||
ReposGroupModel().delete(id_) | ||||
def __update_group(self, id_, path, desc='desc', parent_id=None): | ||||
r2059 | form_data = dict( | |||
group_name=path, | ||||
group_description=desc, | ||||
group_parent_id=parent_id, | ||||
perms_updates=[], | ||||
perms_new=[] | ||||
) | ||||
r1538 | gr = ReposGroupModel().update(id_, form_data) | |||
return gr | ||||
def test_create_group(self): | ||||
r1982 | g = _make_group('newGroup') | |||
r1538 | self.assertEqual(g.full_path, 'newGroup') | |||
self.assertTrue(self.__check_path('newGroup')) | ||||
def test_create_same_name_group(self): | ||||
r1982 | self.assertRaises(IntegrityError, lambda:_make_group('newGroup')) | |||
r1749 | Session.rollback() | |||
r1538 | ||||
def test_same_subgroup(self): | ||||
r1982 | sg1 = _make_group('sub1', parent_id=self.g1.group_id) | |||
r1538 | self.assertEqual(sg1.parent_group, self.g1) | |||
self.assertEqual(sg1.full_path, 'test1/sub1') | ||||
self.assertTrue(self.__check_path('test1', 'sub1')) | ||||
r1982 | ssg1 = _make_group('subsub1', parent_id=sg1.group_id) | |||
r1538 | self.assertEqual(ssg1.parent_group, sg1) | |||
self.assertEqual(ssg1.full_path, 'test1/sub1/subsub1') | ||||
self.assertTrue(self.__check_path('test1', 'sub1', 'subsub1')) | ||||
def test_remove_group(self): | ||||
r1982 | sg1 = _make_group('deleteme') | |||
r1538 | self.__delete_group(sg1.group_id) | |||
r1633 | self.assertEqual(RepoGroup.get(sg1.group_id), None) | |||
r1538 | self.assertFalse(self.__check_path('deteteme')) | |||
r1982 | sg1 = _make_group('deleteme', parent_id=self.g1.group_id) | |||
r1538 | self.__delete_group(sg1.group_id) | |||
r1633 | self.assertEqual(RepoGroup.get(sg1.group_id), None) | |||
r1538 | self.assertFalse(self.__check_path('test1', 'deteteme')) | |||
def test_rename_single_group(self): | ||||
r1982 | sg1 = _make_group('initial') | |||
r1538 | ||||
new_sg1 = self.__update_group(sg1.group_id, 'after') | ||||
self.assertTrue(self.__check_path('after')) | ||||
r1633 | self.assertEqual(RepoGroup.get_by_group_name('initial'), None) | |||
r1538 | ||||
def test_update_group_parent(self): | ||||
r1982 | sg1 = _make_group('initial', parent_id=self.g1.group_id) | |||
r1538 | ||||
new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g1.group_id) | ||||
self.assertTrue(self.__check_path('test1', 'after')) | ||||
r1633 | self.assertEqual(RepoGroup.get_by_group_name('test1/initial'), None) | |||
r1538 | ||||
new_sg1 = self.__update_group(sg1.group_id, 'after', parent_id=self.g3.group_id) | ||||
self.assertTrue(self.__check_path('test3', 'after')) | ||||
r1633 | self.assertEqual(RepoGroup.get_by_group_name('test3/initial'), None) | |||
r1538 | ||||
new_sg1 = self.__update_group(sg1.group_id, 'hello') | ||||
self.assertTrue(self.__check_path('hello')) | ||||
r1633 | self.assertEqual(RepoGroup.get_by_group_name('hello'), new_sg1) | |||
r1538 | ||||
r1539 | def test_subgrouping_with_repo(self): | |||
r1982 | g1 = _make_group('g1') | |||
g2 = _make_group('g2') | ||||
r1539 | ||||
# create new repo | ||||
form_data = dict(repo_name='john', | ||||
repo_name_full='john', | ||||
fork_name=None, | ||||
description=None, | ||||
repo_group=None, | ||||
private=False, | ||||
repo_type='hg', | ||||
clone_uri=None) | ||||
cur_user = User.get_by_username(TEST_USER_ADMIN_LOGIN) | ||||
r = RepoModel().create(form_data, cur_user) | ||||
self.assertEqual(r.repo_name, 'john') | ||||
# put repo into group | ||||
form_data = form_data | ||||
form_data['repo_group'] = g1.group_id | ||||
form_data['perms_new'] = [] | ||||
form_data['perms_updates'] = [] | ||||
RepoModel().update(r.repo_name, form_data) | ||||
self.assertEqual(r.repo_name, 'g1/john') | ||||
self.__update_group(g1.group_id, 'g1', parent_id=g2.group_id) | ||||
self.assertTrue(self.__check_path('g2', 'g1')) | ||||
# test repo | ||||
r2255 | self.assertEqual(r.repo_name, RepoGroup.url_sep().join(['g2', 'g1', r.just_name])) | |||
r1982 | ||||
r2059 | def test_move_to_root(self): | |||
g1 = _make_group('t11') | ||||
Session.commit() | ||||
r2255 | g2 = _make_group('t22', parent_id=g1.group_id) | |||
r2059 | Session.commit() | |||
r2064 | ||||
r2255 | self.assertEqual(g2.full_path, 't11/t22') | |||
r2059 | self.assertTrue(self.__check_path('t11', 't22')) | |||
r2064 | ||||
r2059 | g2 = self.__update_group(g2.group_id, 'g22', parent_id=None) | |||
Session.commit() | ||||
r2064 | ||||
r2255 | self.assertEqual(g2.group_name, 'g22') | |||
r2059 | # we moved out group from t1 to '' so it's full path should be 'g2' | |||
r2255 | self.assertEqual(g2.full_path, 'g22') | |||
r2059 | self.assertFalse(self.__check_path('t11', 't22')) | |||
self.assertTrue(self.__check_path('g22')) | ||||
r2064 | ||||
r2059 | ||||
r1713 | class TestUser(unittest.TestCase): | |||
r1758 | def __init__(self, methodName='runTest'): | |||
Session.remove() | ||||
super(TestUser, self).__init__(methodName=methodName) | ||||
r1818 | ||||
r1713 | def test_create_and_remove(self): | |||
usr = UserModel().create_or_update(username=u'test_user', password=u'qweqwe', | ||||
email=u'u232@rhodecode.org', | ||||
name=u'u1', lastname=u'u1') | ||||
r1749 | Session.commit() | |||
r1713 | self.assertEqual(User.get_by_username(u'test_user'), usr) | |||
# make users group | ||||
r1734 | users_group = UsersGroupModel().create('some_example_group') | |||
r1749 | Session.commit() | |||
r1734 | ||||
r1713 | UsersGroupModel().add_user_to_group(users_group, usr) | |||
r1749 | Session.commit() | |||
r1713 | ||||
self.assertEqual(UsersGroup.get(users_group.users_group_id), users_group) | ||||
self.assertEqual(UsersGroupMember.query().count(), 1) | ||||
UserModel().delete(usr.user_id) | ||||
r1749 | Session.commit() | |||
r1713 | ||||
self.assertEqual(UsersGroupMember.query().all(), []) | ||||
r1539 | ||||
r1702 | class TestNotifications(unittest.TestCase): | |||
r1713 | def __init__(self, methodName='runTest'): | |||
r1758 | Session.remove() | |||
r1713 | self.u1 = UserModel().create_or_update(username=u'u1', | |||
password=u'qweqwe', | ||||
email=u'u1@rhodecode.org', | ||||
r1734 | name=u'u1', lastname=u'u1') | |||
Session.commit() | ||||
self.u1 = self.u1.user_id | ||||
r1713 | self.u2 = UserModel().create_or_update(username=u'u2', | |||
password=u'qweqwe', | ||||
email=u'u2@rhodecode.org', | ||||
r1734 | name=u'u2', lastname=u'u3') | |||
Session.commit() | ||||
self.u2 = self.u2.user_id | ||||
r1713 | self.u3 = UserModel().create_or_update(username=u'u3', | |||
password=u'qweqwe', | ||||
email=u'u3@rhodecode.org', | ||||
r1734 | name=u'u3', lastname=u'u3') | |||
Session.commit() | ||||
self.u3 = self.u3.user_id | ||||
r1713 | super(TestNotifications, self).__init__(methodName=methodName) | |||
r1702 | ||||
r1713 | def _clean_notifications(self): | |||
for n in Notification.query().all(): | ||||
r1749 | Session.delete(n) | |||
r1713 | ||||
r1749 | Session.commit() | |||
r1713 | self.assertEqual(Notification.query().all(), []) | |||
r1702 | ||||
r1758 | def tearDown(self): | |||
self._clean_notifications() | ||||
r1702 | ||||
def test_create_notification(self): | ||||
r1713 | self.assertEqual([], Notification.query().all()) | |||
self.assertEqual([], UserNotification.query().all()) | ||||
r1702 | usrs = [self.u1, self.u2] | |||
r1713 | notification = NotificationModel().create(created_by=self.u1, | |||
r1712 | subject=u'subj', body=u'hi there', | |||
r1709 | recipients=usrs) | |||
r1749 | Session.commit() | |||
r1713 | u1 = User.get(self.u1) | |||
u2 = User.get(self.u2) | ||||
u3 = User.get(self.u3) | ||||
r1712 | notifications = Notification.query().all() | |||
self.assertEqual(len(notifications), 1) | ||||
r1702 | unotification = UserNotification.query()\ | |||
.filter(UserNotification.notification == notification).all() | ||||
r1712 | ||||
r1713 | self.assertEqual(notifications[0].recipients, [u1, u2]) | |||
r1709 | self.assertEqual(notification.notification_id, | |||
notifications[0].notification_id) | ||||
r1702 | self.assertEqual(len(unotification), len(usrs)) | |||
r1713 | self.assertEqual([x.user.user_id for x in unotification], usrs) | |||
r1702 | def test_user_notifications(self): | |||
r1713 | self.assertEqual([], Notification.query().all()) | |||
self.assertEqual([], UserNotification.query().all()) | ||||
notification1 = NotificationModel().create(created_by=self.u1, | ||||
subject=u'subj', body=u'hi there1', | ||||
r1709 | recipients=[self.u3]) | |||
r1749 | Session.commit() | |||
r1713 | notification2 = NotificationModel().create(created_by=self.u1, | |||
subject=u'subj', body=u'hi there2', | ||||
r1709 | recipients=[self.u3]) | |||
r1749 | Session.commit() | |||
u3 = Session.query(User).get(self.u3) | ||||
r1713 | ||||
self.assertEqual(sorted([x.notification for x in u3.notifications]), | ||||
sorted([notification2, notification1])) | ||||
r1702 | ||||
def test_delete_notifications(self): | ||||
r1713 | self.assertEqual([], Notification.query().all()) | |||
self.assertEqual([], UserNotification.query().all()) | ||||
notification = NotificationModel().create(created_by=self.u1, | ||||
r1712 | subject=u'title', body=u'hi there3', | |||
r1709 | recipients=[self.u3, self.u1, self.u2]) | |||
r1749 | Session.commit() | |||
r1702 | notifications = Notification.query().all() | |||
self.assertTrue(notification in notifications) | ||||
Notification.delete(notification.notification_id) | ||||
r1749 | Session.commit() | |||
r1702 | ||||
notifications = Notification.query().all() | ||||
self.assertFalse(notification in notifications) | ||||
un = UserNotification.query().filter(UserNotification.notification | ||||
== notification).all() | ||||
self.assertEqual(un, []) | ||||
r1713 | ||||
def test_delete_association(self): | ||||
self.assertEqual([], Notification.query().all()) | ||||
self.assertEqual([], UserNotification.query().all()) | ||||
notification = NotificationModel().create(created_by=self.u1, | ||||
subject=u'title', body=u'hi there3', | ||||
recipients=[self.u3, self.u1, self.u2]) | ||||
r1749 | Session.commit() | |||
r1713 | ||||
unotification = UserNotification.query()\ | ||||
.filter(UserNotification.notification == | ||||
notification)\ | ||||
.filter(UserNotification.user_id == self.u3)\ | ||||
.scalar() | ||||
self.assertEqual(unotification.user_id, self.u3) | ||||
NotificationModel().delete(self.u3, | ||||
notification.notification_id) | ||||
r1749 | Session.commit() | |||
r1713 | ||||
r1733 | u3notification = UserNotification.query()\ | |||
r1713 | .filter(UserNotification.notification == | |||
notification)\ | ||||
.filter(UserNotification.user_id == self.u3)\ | ||||
.scalar() | ||||
r1733 | self.assertEqual(u3notification, None) | |||
# notification object is still there | ||||
self.assertEqual(Notification.query().all(), [notification]) | ||||
#u1 and u2 still have assignments | ||||
u1notification = UserNotification.query()\ | ||||
.filter(UserNotification.notification == | ||||
notification)\ | ||||
.filter(UserNotification.user_id == self.u1)\ | ||||
.scalar() | ||||
self.assertNotEqual(u1notification, None) | ||||
u2notification = UserNotification.query()\ | ||||
.filter(UserNotification.notification == | ||||
notification)\ | ||||
.filter(UserNotification.user_id == self.u2)\ | ||||
.scalar() | ||||
self.assertNotEqual(u2notification, None) | ||||
r1713 | def test_notification_counter(self): | |||
self._clean_notifications() | ||||
self.assertEqual([], Notification.query().all()) | ||||
self.assertEqual([], UserNotification.query().all()) | ||||
NotificationModel().create(created_by=self.u1, | ||||
subject=u'title', body=u'hi there_delete', | ||||
recipients=[self.u3, self.u1]) | ||||
r1749 | Session.commit() | |||
r1713 | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u1), 1) | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u2), 0) | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u3), 1) | ||||
notification = NotificationModel().create(created_by=self.u1, | ||||
subject=u'title', body=u'hi there3', | ||||
recipients=[self.u3, self.u1, self.u2]) | ||||
r1749 | Session.commit() | |||
r1713 | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u1), 2) | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u2), 1) | ||||
self.assertEqual(NotificationModel() | ||||
.get_unread_cnt_for_user(self.u3), 2) | ||||
r1758 | ||||
r1982 | ||||
r1758 | class TestUsers(unittest.TestCase): | |||
def __init__(self, methodName='runTest'): | ||||
super(TestUsers, self).__init__(methodName=methodName) | ||||
def setUp(self): | ||||
self.u1 = UserModel().create_or_update(username=u'u1', | ||||
password=u'qweqwe', | ||||
email=u'u1@rhodecode.org', | ||||
r1818 | name=u'u1', lastname=u'u1') | |||
r1758 | ||||
def tearDown(self): | ||||
perm = Permission.query().all() | ||||
for p in perm: | ||||
UserModel().revoke_perm(self.u1, p) | ||||
r1818 | ||||
r1758 | UserModel().delete(self.u1) | |||
Session.commit() | ||||
def test_add_perm(self): | ||||
perm = Permission.query().all()[0] | ||||
UserModel().grant_perm(self.u1, perm) | ||||
Session.commit() | ||||
self.assertEqual(UserModel().has_perm(self.u1, perm), True) | ||||
def test_has_perm(self): | ||||
perm = Permission.query().all() | ||||
for p in perm: | ||||
has_p = UserModel().has_perm(self.u1, p) | ||||
self.assertEqual(False, has_p) | ||||
def test_revoke_perm(self): | ||||
perm = Permission.query().all()[0] | ||||
UserModel().grant_perm(self.u1, perm) | ||||
Session.commit() | ||||
self.assertEqual(UserModel().has_perm(self.u1, perm), True) | ||||
#revoke | ||||
UserModel().revoke_perm(self.u1, perm) | ||||
Session.commit() | ||||
r1982 | self.assertEqual(UserModel().has_perm(self.u1, perm), False) | |||
class TestPermissions(unittest.TestCase): | ||||
def __init__(self, methodName='runTest'): | ||||
super(TestPermissions, self).__init__(methodName=methodName) | ||||
def setUp(self): | ||||
self.u1 = UserModel().create_or_update( | ||||
username=u'u1', password=u'qweqwe', | ||||
email=u'u1@rhodecode.org', name=u'u1', lastname=u'u1' | ||||
) | ||||
r2124 | self.u2 = UserModel().create_or_update( | |||
username=u'u2', password=u'qweqwe', | ||||
email=u'u2@rhodecode.org', name=u'u2', lastname=u'u2' | ||||
) | ||||
self.anon = User.get_by_username('default') | ||||
r1982 | self.a1 = UserModel().create_or_update( | |||
username=u'a1', password=u'qweqwe', | ||||
email=u'a1@rhodecode.org', name=u'a1', lastname=u'a1', admin=True | ||||
) | ||||
Session.commit() | ||||
def tearDown(self): | ||||
r2124 | if hasattr(self, 'test_repo'): | |||
RepoModel().delete(repo=self.test_repo) | ||||
r1982 | UserModel().delete(self.u1) | |||
r2124 | UserModel().delete(self.u2) | |||
r1982 | UserModel().delete(self.a1) | |||
if hasattr(self, 'g1'): | ||||
ReposGroupModel().delete(self.g1.group_id) | ||||
if hasattr(self, 'g2'): | ||||
ReposGroupModel().delete(self.g2.group_id) | ||||
if hasattr(self, 'ug1'): | ||||
UsersGroupModel().delete(self.ug1, force=True) | ||||
Session.commit() | ||||
def test_default_perms_set(self): | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
perms = { | ||||
'repositories_groups': {}, | ||||
'global': set([u'hg.create.repository', u'repository.read', | ||||
u'hg.register.manual_activate']), | ||||
'repositories': {u'vcs_test_hg': u'repository.read'} | ||||
} | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
perms['repositories'][HG_REPO]) | ||||
new_perm = 'repository.write' | ||||
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm) | ||||
Session.commit() | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], new_perm) | ||||
def test_default_admin_perms_set(self): | ||||
a1_auth = AuthUser(user_id=self.a1.user_id) | ||||
perms = { | ||||
'repositories_groups': {}, | ||||
'global': set([u'hg.admin']), | ||||
'repositories': {u'vcs_test_hg': u'repository.admin'} | ||||
} | ||||
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO], | ||||
perms['repositories'][HG_REPO]) | ||||
new_perm = 'repository.write' | ||||
RepoModel().grant_user_permission(repo=HG_REPO, user=self.a1, perm=new_perm) | ||||
Session.commit() | ||||
# cannot really downgrade admins permissions !? they still get's set as | ||||
# admin ! | ||||
u1_auth = AuthUser(user_id=self.a1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
perms['repositories'][HG_REPO]) | ||||
def test_default_group_perms(self): | ||||
self.g1 = _make_group('test1', skip_if_exists=True) | ||||
self.g2 = _make_group('test2', skip_if_exists=True) | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
perms = { | ||||
'repositories_groups': {u'test1': 'group.read', u'test2': 'group.read'}, | ||||
'global': set([u'hg.create.repository', u'repository.read', u'hg.register.manual_activate']), | ||||
'repositories': {u'vcs_test_hg': u'repository.read'} | ||||
} | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
perms['repositories'][HG_REPO]) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
perms['repositories_groups']) | ||||
def test_default_admin_group_perms(self): | ||||
self.g1 = _make_group('test1', skip_if_exists=True) | ||||
self.g2 = _make_group('test2', skip_if_exists=True) | ||||
a1_auth = AuthUser(user_id=self.a1.user_id) | ||||
perms = { | ||||
'repositories_groups': {u'test1': 'group.admin', u'test2': 'group.admin'}, | ||||
'global': set(['hg.admin']), | ||||
'repositories': {u'vcs_test_hg': 'repository.admin'} | ||||
} | ||||
self.assertEqual(a1_auth.permissions['repositories'][HG_REPO], | ||||
perms['repositories'][HG_REPO]) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
perms['repositories_groups']) | ||||
def test_propagated_permission_from_users_group(self): | ||||
# make group | ||||
self.ug1 = UsersGroupModel().create('G1') | ||||
# add user to group | ||||
UsersGroupModel().add_user_to_group(self.ug1, self.u1) | ||||
# set permission to lower | ||||
new_perm = 'repository.none' | ||||
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, perm=new_perm) | ||||
Session.commit() | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
new_perm) | ||||
# grant perm for group this should override permission from user | ||||
new_perm = 'repository.write' | ||||
RepoModel().grant_users_group_permission(repo=HG_REPO, | ||||
group_name=self.ug1, | ||||
perm=new_perm) | ||||
# check perms | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
perms = { | ||||
'repositories_groups': {}, | ||||
'global': set([u'hg.create.repository', u'repository.read', | ||||
u'hg.register.manual_activate']), | ||||
'repositories': {u'vcs_test_hg': u'repository.read'} | ||||
} | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
new_perm) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
perms['repositories_groups']) | ||||
def test_propagated_permission_from_users_group_lower_weight(self): | ||||
# make group | ||||
self.ug1 = UsersGroupModel().create('G1') | ||||
# add user to group | ||||
UsersGroupModel().add_user_to_group(self.ug1, self.u1) | ||||
# set permission to lower | ||||
new_perm_h = 'repository.write' | ||||
RepoModel().grant_user_permission(repo=HG_REPO, user=self.u1, | ||||
perm=new_perm_h) | ||||
Session.commit() | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
new_perm_h) | ||||
# grant perm for group this should NOT override permission from user | ||||
# since it's lower than granted | ||||
new_perm_l = 'repository.read' | ||||
RepoModel().grant_users_group_permission(repo=HG_REPO, | ||||
group_name=self.ug1, | ||||
perm=new_perm_l) | ||||
# check perms | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
perms = { | ||||
'repositories_groups': {}, | ||||
'global': set([u'hg.create.repository', u'repository.read', | ||||
u'hg.register.manual_activate']), | ||||
'repositories': {u'vcs_test_hg': u'repository.write'} | ||||
} | ||||
self.assertEqual(u1_auth.permissions['repositories'][HG_REPO], | ||||
new_perm_h) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
perms['repositories_groups']) | ||||
r2124 | ||||
def test_repo_in_group_permissions(self): | ||||
self.g1 = _make_group('group1', skip_if_exists=True) | ||||
self.g2 = _make_group('group2', skip_if_exists=True) | ||||
Session.commit() | ||||
# both perms should be read ! | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.read', u'group2': u'group.read'}) | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.read', u'group2': u'group.read'}) | ||||
#Change perms to none for both groups | ||||
ReposGroupModel().grant_user_permission(repos_group=self.g1, | ||||
user=self.anon, | ||||
perm='group.none') | ||||
ReposGroupModel().grant_user_permission(repos_group=self.g2, | ||||
user=self.anon, | ||||
perm='group.none') | ||||
r2129 | ||||
r2124 | u1_auth = AuthUser(user_id=self.u1.user_id) | |||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
# add repo to group | ||||
form_data = { | ||||
'repo_name':HG_REPO, | ||||
r2255 | 'repo_name_full':RepoGroup.url_sep().join([self.g1.group_name,HG_REPO]), | |||
r2124 | 'repo_type':'hg', | |||
'clone_uri':'', | ||||
'repo_group':self.g1.group_id, | ||||
'description':'desc', | ||||
'private':False | ||||
} | ||||
self.test_repo = RepoModel().create(form_data, cur_user=self.u1) | ||||
Session.commit() | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
#grant permission for u2 ! | ||||
ReposGroupModel().grant_user_permission(repos_group=self.g1, | ||||
user=self.u2, | ||||
perm='group.read') | ||||
ReposGroupModel().grant_user_permission(repos_group=self.g2, | ||||
user=self.u2, | ||||
perm='group.read') | ||||
Session.commit() | ||||
self.assertNotEqual(self.u1, self.u2) | ||||
#u1 and anon should have not change perms while u2 should ! | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
u2_auth = AuthUser(user_id=self.u2.user_id) | ||||
self.assertEqual(u2_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.read', u'group2': u'group.read'}) | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none', u'group2': u'group.none'}) | ||||
r2129 | ||||
def test_repo_group_user_as_user_group_member(self): | ||||
# create Group1 | ||||
self.g1 = _make_group('group1', skip_if_exists=True) | ||||
Session.commit() | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.read'}) | ||||
# set default permission to none | ||||
ReposGroupModel().grant_user_permission(repos_group=self.g1, | ||||
user=self.anon, | ||||
perm='group.none') | ||||
# make group | ||||
self.ug1 = UsersGroupModel().create('G1') | ||||
# add user to group | ||||
UsersGroupModel().add_user_to_group(self.ug1, self.u1) | ||||
Session.commit() | ||||
# check if user is in the group | ||||
membrs = [x.user_id for x in UsersGroupModel().get(self.ug1.users_group_id).members] | ||||
self.assertEqual(membrs, [self.u1.user_id]) | ||||
# add some user to that group | ||||
# check his permissions | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none'}) | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none'}) | ||||
# grant ug1 read permissions for | ||||
ReposGroupModel().grant_users_group_permission(repos_group=self.g1, | ||||
group_name=self.ug1, | ||||
perm='group.read') | ||||
Session.commit() | ||||
# check if the | ||||
obj = Session.query(UsersGroupRepoGroupToPerm)\ | ||||
.filter(UsersGroupRepoGroupToPerm.group == self.g1)\ | ||||
.filter(UsersGroupRepoGroupToPerm.users_group == self.ug1)\ | ||||
.scalar() | ||||
self.assertEqual(obj.permission.permission_name, 'group.read') | ||||
a1_auth = AuthUser(user_id=self.anon.user_id) | ||||
self.assertEqual(a1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.none'}) | ||||
u1_auth = AuthUser(user_id=self.u1.user_id) | ||||
self.assertEqual(u1_auth.permissions['repositories_groups'], | ||||
{u'group1': u'group.read'}) | ||||