Show More
| @@ -1,216 +1,216 | |||
|
|
1 | 1 | from sqlalchemy.orm.exc import NoResultFound |
|
|
2 | 2 | |
|
|
3 | 3 | from rhodecode.tests import * |
|
|
4 | 4 | from rhodecode.model.db import User, Permission |
|
|
5 | 5 | from rhodecode.lib.auth import check_password |
|
|
6 | 6 | from rhodecode.model.user import UserModel |
|
|
7 | 7 | from rhodecode.model import validators |
|
|
8 | 8 | from rhodecode.lib import helpers as h |
|
|
9 | 9 | |
|
|
10 | 10 | |
|
|
11 | 11 | class TestAdminUsersController(TestController): |
|
|
12 | 12 | |
|
|
13 | 13 | def test_index(self): |
|
|
14 | 14 | self.log_user() |
|
|
15 | 15 | response = self.app.get(url('users')) |
|
|
16 | 16 | # Test response... |
|
|
17 | 17 | |
|
|
18 | 18 | def test_index_as_xml(self): |
|
|
19 | 19 | response = self.app.get(url('formatted_users', format='xml')) |
|
|
20 | 20 | |
|
|
21 | 21 | def test_create(self): |
|
|
22 | 22 | self.log_user() |
|
|
23 | 23 | username = 'newtestuser' |
|
|
24 | 24 | password = 'test12' |
|
|
25 | 25 | password_confirmation = password |
|
|
26 | 26 | name = 'name' |
|
|
27 | 27 | lastname = 'lastname' |
|
|
28 | 28 | email = 'mail@mail.com' |
|
|
29 | 29 | |
|
|
30 | 30 | response = self.app.post(url('users'), |
|
|
31 | 31 | {'username': username, |
|
|
32 | 32 | 'password': password, |
|
|
33 | 33 | 'password_confirmation': password_confirmation, |
|
|
34 | 34 | 'firstname': name, |
|
|
35 | 35 | 'active': True, |
|
|
36 | 36 | 'lastname': lastname, |
|
|
37 | 37 | 'email': email}) |
|
|
38 | 38 | |
|
|
39 | 39 | self.checkSessionFlash(response, '''created user %s''' % (username)) |
|
|
40 | 40 | |
|
|
41 | 41 | new_user = self.Session.query(User).\ |
|
|
42 | 42 | filter(User.username == username).one() |
|
|
43 | 43 | |
|
|
44 | 44 | self.assertEqual(new_user.username, username) |
|
|
45 | 45 | self.assertEqual(check_password(password, new_user.password), True) |
|
|
46 | 46 | self.assertEqual(new_user.name, name) |
|
|
47 | 47 | self.assertEqual(new_user.lastname, lastname) |
|
|
48 | 48 | self.assertEqual(new_user.email, email) |
|
|
49 | 49 | |
|
|
50 | 50 | response.follow() |
|
|
51 | 51 | response = response.follow() |
|
|
52 |
response.mustcontain(""" |
|
|
|
52 | response.mustcontain("""newtestuser""") | |
|
|
53 | 53 | |
|
|
54 | 54 | def test_create_err(self): |
|
|
55 | 55 | self.log_user() |
|
|
56 | 56 | username = 'new_user' |
|
|
57 | 57 | password = '' |
|
|
58 | 58 | name = 'name' |
|
|
59 | 59 | lastname = 'lastname' |
|
|
60 | 60 | email = 'errmail.com' |
|
|
61 | 61 | |
|
|
62 | 62 | response = self.app.post(url('users'), {'username': username, |
|
|
63 | 63 | 'password': password, |
|
|
64 | 64 | 'name': name, |
|
|
65 | 65 | 'active': False, |
|
|
66 | 66 | 'lastname': lastname, |
|
|
67 | 67 | 'email': email}) |
|
|
68 | 68 | |
|
|
69 | 69 | msg = validators.ValidUsername(False, {})._messages['system_invalid_username'] |
|
|
70 | 70 | msg = h.html_escape(msg % {'username': 'new_user'}) |
|
|
71 | 71 | response.mustcontain("""<span class="error-message">%s</span>""" % msg) |
|
|
72 | 72 | response.mustcontain("""<span class="error-message">Please enter a value</span>""") |
|
|
73 | 73 | response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""") |
|
|
74 | 74 | |
|
|
75 | 75 | def get_user(): |
|
|
76 | 76 | self.Session.query(User).filter(User.username == username).one() |
|
|
77 | 77 | |
|
|
78 | 78 | self.assertRaises(NoResultFound, get_user), 'found user in database' |
|
|
79 | 79 | |
|
|
80 | 80 | def test_new(self): |
|
|
81 | 81 | self.log_user() |
|
|
82 | 82 | response = self.app.get(url('new_user')) |
|
|
83 | 83 | |
|
|
84 | 84 | def test_new_as_xml(self): |
|
|
85 | 85 | response = self.app.get(url('formatted_new_user', format='xml')) |
|
|
86 | 86 | |
|
|
87 | 87 | @parameterized.expand([('firstname', 'new_username'), |
|
|
88 | 88 | ('lastname', 'new_username'), |
|
|
89 | 89 | ('admin', True), |
|
|
90 | 90 | ('admin', False), |
|
|
91 | 91 | ('ldap_dn', 'test'), |
|
|
92 | 92 | ('ldap_dn', None), |
|
|
93 | 93 | ('active', False), |
|
|
94 | 94 | ('active', True), |
|
|
95 | 95 | ('email', 'some@email.com'), |
|
|
96 | 96 | ]) |
|
|
97 | 97 | def test_update(self, name, expected): |
|
|
98 | 98 | self.log_user() |
|
|
99 | 99 | uname = 'testme' |
|
|
100 | 100 | usr = UserModel().create_or_update(username=uname, password='qweqwe', |
|
|
101 | 101 | email='testme@rhodecod.org') |
|
|
102 | 102 | self.Session().commit() |
|
|
103 | 103 | params = usr.get_api_data() |
|
|
104 | 104 | params.update({name: expected}) |
|
|
105 | 105 | params.update({'password_confirmation': ''}) |
|
|
106 | 106 | params.update({'new_password': ''}) |
|
|
107 | 107 | if name == 'email': |
|
|
108 | 108 | params['emails'] = [expected] |
|
|
109 | 109 | if name == 'ldap_dn': |
|
|
110 | 110 | #cannot update this via form |
|
|
111 | 111 | params['ldap_dn'] = None |
|
|
112 | 112 | try: |
|
|
113 | 113 | response = self.app.put(url('user', id=usr.user_id), params) |
|
|
114 | 114 | |
|
|
115 | 115 | self.checkSessionFlash(response, '''User updated successfully''') |
|
|
116 | 116 | |
|
|
117 | 117 | updated_user = User.get_by_username(uname) |
|
|
118 | 118 | updated_params = updated_user.get_api_data() |
|
|
119 | 119 | updated_params.update({'password_confirmation': ''}) |
|
|
120 | 120 | updated_params.update({'new_password': ''}) |
|
|
121 | 121 | |
|
|
122 | 122 | self.assertEqual(params, updated_params) |
|
|
123 | 123 | |
|
|
124 | 124 | finally: |
|
|
125 | 125 | UserModel().delete('testme') |
|
|
126 | 126 | |
|
|
127 | 127 | def test_update_browser_fakeout(self): |
|
|
128 | 128 | response = self.app.post(url('user', id=1), params=dict(_method='put')) |
|
|
129 | 129 | |
|
|
130 | 130 | def test_delete(self): |
|
|
131 | 131 | self.log_user() |
|
|
132 | 132 | username = 'newtestuserdeleteme' |
|
|
133 | 133 | password = 'test12' |
|
|
134 | 134 | name = 'name' |
|
|
135 | 135 | lastname = 'lastname' |
|
|
136 | 136 | email = 'todeletemail@mail.com' |
|
|
137 | 137 | |
|
|
138 | 138 | response = self.app.post(url('users'), {'username': username, |
|
|
139 | 139 | 'password': password, |
|
|
140 | 140 | 'password_confirmation': password, |
|
|
141 | 141 | 'firstname': name, |
|
|
142 | 142 | 'active': True, |
|
|
143 | 143 | 'lastname': lastname, |
|
|
144 | 144 | 'email': email}) |
|
|
145 | 145 | |
|
|
146 | 146 | response = response.follow() |
|
|
147 | 147 | |
|
|
148 | 148 | new_user = self.Session.query(User)\ |
|
|
149 | 149 | .filter(User.username == username).one() |
|
|
150 | 150 | response = self.app.delete(url('user', id=new_user.user_id)) |
|
|
151 | 151 | |
|
|
152 | 152 | self.assertTrue("""successfully deleted user""" in |
|
|
153 | 153 | response.session['flash'][0]) |
|
|
154 | 154 | |
|
|
155 | 155 | def test_delete_browser_fakeout(self): |
|
|
156 | 156 | response = self.app.post(url('user', id=1), |
|
|
157 | 157 | params=dict(_method='delete')) |
|
|
158 | 158 | |
|
|
159 | 159 | def test_show(self): |
|
|
160 | 160 | response = self.app.get(url('user', id=1)) |
|
|
161 | 161 | |
|
|
162 | 162 | def test_show_as_xml(self): |
|
|
163 | 163 | response = self.app.get(url('formatted_user', id=1, format='xml')) |
|
|
164 | 164 | |
|
|
165 | 165 | def test_edit(self): |
|
|
166 | 166 | self.log_user() |
|
|
167 | 167 | user = User.get_by_username(TEST_USER_ADMIN_LOGIN) |
|
|
168 | 168 | response = self.app.get(url('edit_user', id=user.user_id)) |
|
|
169 | 169 | |
|
|
170 | 170 | def test_add_perm_create_repo(self): |
|
|
171 | 171 | self.log_user() |
|
|
172 | 172 | perm_none = Permission.get_by_key('hg.create.none') |
|
|
173 | 173 | perm_create = Permission.get_by_key('hg.create.repository') |
|
|
174 | 174 | |
|
|
175 | 175 | user = User.get_by_username(TEST_USER_REGULAR_LOGIN) |
|
|
176 | 176 | |
|
|
177 | 177 | #User should have None permission on creation repository |
|
|
178 | 178 | self.assertEqual(UserModel().has_perm(user, perm_none), False) |
|
|
179 | 179 | self.assertEqual(UserModel().has_perm(user, perm_create), False) |
|
|
180 | 180 | |
|
|
181 | 181 | response = self.app.post(url('user_perm', id=user.user_id), |
|
|
182 | 182 | params=dict(_method='put', |
|
|
183 | 183 | create_repo_perm=True)) |
|
|
184 | 184 | |
|
|
185 | 185 | perm_none = Permission.get_by_key('hg.create.none') |
|
|
186 | 186 | perm_create = Permission.get_by_key('hg.create.repository') |
|
|
187 | 187 | |
|
|
188 | 188 | user = User.get_by_username(TEST_USER_REGULAR_LOGIN) |
|
|
189 | 189 | #User should have None permission on creation repository |
|
|
190 | 190 | self.assertEqual(UserModel().has_perm(user, perm_none), False) |
|
|
191 | 191 | self.assertEqual(UserModel().has_perm(user, perm_create), True) |
|
|
192 | 192 | |
|
|
193 | 193 | def test_revoke_perm_create_repo(self): |
|
|
194 | 194 | self.log_user() |
|
|
195 | 195 | perm_none = Permission.get_by_key('hg.create.none') |
|
|
196 | 196 | perm_create = Permission.get_by_key('hg.create.repository') |
|
|
197 | 197 | |
|
|
198 | 198 | user = User.get_by_username(TEST_USER_REGULAR2_LOGIN) |
|
|
199 | 199 | |
|
|
200 | 200 | #User should have None permission on creation repository |
|
|
201 | 201 | self.assertEqual(UserModel().has_perm(user, perm_none), False) |
|
|
202 | 202 | self.assertEqual(UserModel().has_perm(user, perm_create), False) |
|
|
203 | 203 | |
|
|
204 | 204 | response = self.app.post(url('user_perm', id=user.user_id), |
|
|
205 | 205 | params=dict(_method='put')) |
|
|
206 | 206 | |
|
|
207 | 207 | perm_none = Permission.get_by_key('hg.create.none') |
|
|
208 | 208 | perm_create = Permission.get_by_key('hg.create.repository') |
|
|
209 | 209 | |
|
|
210 | 210 | user = User.get_by_username(TEST_USER_REGULAR2_LOGIN) |
|
|
211 | 211 | #User should have None permission on creation repository |
|
|
212 | 212 | self.assertEqual(UserModel().has_perm(user, perm_none), True) |
|
|
213 | 213 | self.assertEqual(UserModel().has_perm(user, perm_create), False) |
|
|
214 | 214 | |
|
|
215 | 215 | def test_edit_as_xml(self): |
|
|
216 | 216 | response = self.app.get(url('formatted_edit_user', id=1, format='xml')) |
General Comments 0
You need to be logged in to leave comments.
Login now