##// END OF EJS Templates
upstream » kallithea
RSS

Clone from https://kallithea-scm.org/repos/kallithea

admin: don't redirect back to the list of users after creating a user...
Mads Kiilerich -
r6118:9b80c2a6 default
parent child Browse files
Show More
Show file before | Show file after | Hide comments
@@ -1,446 +1,445 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2 # This program is free software: you can redistribute it and/or modify
2 # This program is free software: you can redistribute it and/or modify
3 # it under the terms of the GNU General Public License as published by
3 # it under the terms of the GNU General Public License as published by
4 # the Free Software Foundation, either version 3 of the License, or
4 # the Free Software Foundation, either version 3 of the License, or
5 # (at your option) any later version.
5 # (at your option) any later version.
6 #
6 #
7 # This program is distributed in the hope that it will be useful,
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU General Public License for more details.
10 # GNU General Public License for more details.
11 #
11 #
12 # You should have received a copy of the GNU General Public License
12 # You should have received a copy of the GNU General Public License
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14 """
14 """
15 kallithea.controllers.admin.users
15 kallithea.controllers.admin.users
16 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
16 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
17
17
18 Users crud controller for pylons
18 Users crud controller for pylons
19
19
20 This file was forked by the Kallithea project in July 2014.
20 This file was forked by the Kallithea project in July 2014.
21 Original author and date, and relevant copyright and licensing information is below:
21 Original author and date, and relevant copyright and licensing information is below:
22 :created_on: Apr 4, 2010
22 :created_on: Apr 4, 2010
23 :author: marcink
23 :author: marcink
24 :copyright: (c) 2013 RhodeCode GmbH, and others.
24 :copyright: (c) 2013 RhodeCode GmbH, and others.
25 :license: GPLv3, see LICENSE.md for more details.
25 :license: GPLv3, see LICENSE.md for more details.
26 """
26 """
27
27
28 import logging
28 import logging
29 import traceback
29 import traceback
30 import formencode
30 import formencode
31
31
32 from formencode import htmlfill
32 from formencode import htmlfill
33 from pylons import request, tmpl_context as c, url, config
33 from pylons import request, tmpl_context as c, url, config
34 from pylons.i18n.translation import _
34 from pylons.i18n.translation import _
35 from sqlalchemy.sql.expression import func
35 from sqlalchemy.sql.expression import func
36 from webob.exc import HTTPFound, HTTPNotFound
36 from webob.exc import HTTPFound, HTTPNotFound
37
37
38 import kallithea
38 import kallithea
39 from kallithea.lib.exceptions import DefaultUserException, \
39 from kallithea.lib.exceptions import DefaultUserException, \
40 UserOwnsReposException, UserCreationError
40 UserOwnsReposException, UserCreationError
41 from kallithea.lib import helpers as h
41 from kallithea.lib import helpers as h
42 from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator, \
42 from kallithea.lib.auth import LoginRequired, HasPermissionAnyDecorator, \
43 AuthUser
43 AuthUser
44 from kallithea.lib import auth_modules
44 from kallithea.lib import auth_modules
45 from kallithea.lib.auth_modules import auth_internal
45 from kallithea.lib.auth_modules import auth_internal
46 from kallithea.lib.base import BaseController, render
46 from kallithea.lib.base import BaseController, render
47 from kallithea.model.api_key import ApiKeyModel
47 from kallithea.model.api_key import ApiKeyModel
48
48
49 from kallithea.model.db import User, UserEmailMap, UserIpMap, UserToPerm
49 from kallithea.model.db import User, UserEmailMap, UserIpMap, UserToPerm
50 from kallithea.model.forms import UserForm, CustomDefaultPermissionsForm
50 from kallithea.model.forms import UserForm, CustomDefaultPermissionsForm
51 from kallithea.model.user import UserModel
51 from kallithea.model.user import UserModel
52 from kallithea.model.meta import Session
52 from kallithea.model.meta import Session
53 from kallithea.lib.utils import action_logger
53 from kallithea.lib.utils import action_logger
54 from kallithea.lib.compat import json
54 from kallithea.lib.compat import json
55 from kallithea.lib.utils2 import datetime_to_time, safe_int, generate_api_key
55 from kallithea.lib.utils2 import datetime_to_time, safe_int, generate_api_key
56
56
57 log = logging.getLogger(__name__)
57 log = logging.getLogger(__name__)
58
58
59
59
60 class UsersController(BaseController):
60 class UsersController(BaseController):
61 """REST Controller styled on the Atom Publishing Protocol"""
61 """REST Controller styled on the Atom Publishing Protocol"""
62
62
63 @LoginRequired()
63 @LoginRequired()
64 @HasPermissionAnyDecorator('hg.admin')
64 @HasPermissionAnyDecorator('hg.admin')
65 def __before__(self):
65 def __before__(self):
66 super(UsersController, self).__before__()
66 super(UsersController, self).__before__()
67 c.available_permissions = config['available_permissions']
67 c.available_permissions = config['available_permissions']
68 c.EXTERN_TYPE_INTERNAL = kallithea.EXTERN_TYPE_INTERNAL
68 c.EXTERN_TYPE_INTERNAL = kallithea.EXTERN_TYPE_INTERNAL
69
69
70 def index(self, format='html'):
70 def index(self, format='html'):
71 c.users_list = User.query().order_by(User.username) \
71 c.users_list = User.query().order_by(User.username) \
72 .filter(User.username != User.DEFAULT_USER) \
72 .filter(User.username != User.DEFAULT_USER) \
73 .order_by(func.lower(User.username)) \
73 .order_by(func.lower(User.username)) \
74 .all()
74 .all()
75
75
76 users_data = []
76 users_data = []
77 total_records = len(c.users_list)
77 total_records = len(c.users_list)
78 _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup
78 _tmpl_lookup = kallithea.CONFIG['pylons.app_globals'].mako_lookup
79 template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
79 template = _tmpl_lookup.get_template('data_table/_dt_elements.html')
80
80
81 grav_tmpl = '<div class="gravatar">%s</div>'
81 grav_tmpl = '<div class="gravatar">%s</div>'
82
82
83 username = lambda user_id, username: (
83 username = lambda user_id, username: (
84 template.get_def("user_name")
84 template.get_def("user_name")
85 .render(user_id, username, _=_, h=h, c=c))
85 .render(user_id, username, _=_, h=h, c=c))
86
86
87 user_actions = lambda user_id, username: (
87 user_actions = lambda user_id, username: (
88 template.get_def("user_actions")
88 template.get_def("user_actions")
89 .render(user_id, username, _=_, h=h, c=c))
89 .render(user_id, username, _=_, h=h, c=c))
90
90
91 for user in c.users_list:
91 for user in c.users_list:
92 users_data.append({
92 users_data.append({
93 "gravatar": grav_tmpl % h.gravatar(user.email, size=20),
93 "gravatar": grav_tmpl % h.gravatar(user.email, size=20),
94 "raw_name": user.username,
94 "raw_name": user.username,
95 "username": username(user.user_id, user.username),
95 "username": username(user.user_id, user.username),
96 "firstname": h.escape(user.name),
96 "firstname": h.escape(user.name),
97 "lastname": h.escape(user.lastname),
97 "lastname": h.escape(user.lastname),
98 "last_login": h.fmt_date(user.last_login),
98 "last_login": h.fmt_date(user.last_login),
99 "last_login_raw": datetime_to_time(user.last_login),
99 "last_login_raw": datetime_to_time(user.last_login),
100 "active": h.boolicon(user.active),
100 "active": h.boolicon(user.active),
101 "admin": h.boolicon(user.admin),
101 "admin": h.boolicon(user.admin),
102 "extern_type": user.extern_type,
102 "extern_type": user.extern_type,
103 "extern_name": user.extern_name,
103 "extern_name": user.extern_name,
104 "action": user_actions(user.user_id, user.username),
104 "action": user_actions(user.user_id, user.username),
105 })
105 })
106
106
107 c.data = json.dumps({
107 c.data = json.dumps({
108 "totalRecords": total_records,
108 "totalRecords": total_records,
109 "startIndex": 0,
109 "startIndex": 0,
110 "sort": None,
110 "sort": None,
111 "dir": "asc",
111 "dir": "asc",
112 "records": users_data
112 "records": users_data
113 })
113 })
114
114
115 return render('admin/users/users.html')
115 return render('admin/users/users.html')
116
116
117 def create(self):
117 def create(self):
118 c.default_extern_type = auth_internal.KallitheaAuthPlugin.name
118 c.default_extern_type = auth_internal.KallitheaAuthPlugin.name
119 c.default_extern_name = auth_internal.KallitheaAuthPlugin.name
119 c.default_extern_name = auth_internal.KallitheaAuthPlugin.name
120 user_model = UserModel()
120 user_model = UserModel()
121 user_form = UserForm()()
121 user_form = UserForm()()
122 try:
122 try:
123 form_result = user_form.to_python(dict(request.POST))
123 form_result = user_form.to_python(dict(request.POST))
124 user = user_model.create(form_result)
124 user = user_model.create(form_result)
125 usr = form_result['username']
125 action_logger(self.authuser, 'admin_created_user:%s' % user.username,
126 action_logger(self.authuser, 'admin_created_user:%s' % usr,
127 None, self.ip_addr, self.sa)
126 None, self.ip_addr, self.sa)
128 h.flash(h.literal(_('Created user %s') % h.link_to(h.escape(usr), url('edit_user', id=user.user_id))),
127 h.flash(_('Created user %s') % user.username,
129 category='success')
128 category='success')
130 Session().commit()
129 Session().commit()
131 except formencode.Invalid as errors:
130 except formencode.Invalid as errors:
132 return htmlfill.render(
131 return htmlfill.render(
133 render('admin/users/user_add.html'),
132 render('admin/users/user_add.html'),
134 defaults=errors.value,
133 defaults=errors.value,
135 errors=errors.error_dict or {},
134 errors=errors.error_dict or {},
136 prefix_error=False,
135 prefix_error=False,
137 encoding="UTF-8",
136 encoding="UTF-8",
138 force_defaults=False)
137 force_defaults=False)
139 except UserCreationError as e:
138 except UserCreationError as e:
140 h.flash(e, 'error')
139 h.flash(e, 'error')
141 except Exception:
140 except Exception:
142 log.error(traceback.format_exc())
141 log.error(traceback.format_exc())
143 h.flash(_('Error occurred during creation of user %s') \
142 h.flash(_('Error occurred during creation of user %s') \
144 % request.POST.get('username'), category='error')
143 % request.POST.get('username'), category='error')
145 raise HTTPFound(location=url('users'))
144 raise HTTPFound(location=url('edit_user', id=user.user_id))
146
145
147 def new(self, format='html'):
146 def new(self, format='html'):
148 c.default_extern_type = auth_internal.KallitheaAuthPlugin.name
147 c.default_extern_type = auth_internal.KallitheaAuthPlugin.name
149 c.default_extern_name = auth_internal.KallitheaAuthPlugin.name
148 c.default_extern_name = auth_internal.KallitheaAuthPlugin.name
150 return render('admin/users/user_add.html')
149 return render('admin/users/user_add.html')
151
150
152 def update(self, id):
151 def update(self, id):
153 user_model = UserModel()
152 user_model = UserModel()
154 user = user_model.get(id)
153 user = user_model.get(id)
155 _form = UserForm(edit=True, old_data={'user_id': id,
154 _form = UserForm(edit=True, old_data={'user_id': id,
156 'email': user.email})()
155 'email': user.email})()
157 form_result = {}
156 form_result = {}
158 try:
157 try:
159 form_result = _form.to_python(dict(request.POST))
158 form_result = _form.to_python(dict(request.POST))
160 skip_attrs = ['extern_type', 'extern_name',
159 skip_attrs = ['extern_type', 'extern_name',
161 ] + auth_modules.get_managed_fields(user)
160 ] + auth_modules.get_managed_fields(user)
162
161
163 user_model.update(id, form_result, skip_attrs=skip_attrs)
162 user_model.update(id, form_result, skip_attrs=skip_attrs)
164 usr = form_result['username']
163 usr = form_result['username']
165 action_logger(self.authuser, 'admin_updated_user:%s' % usr,
164 action_logger(self.authuser, 'admin_updated_user:%s' % usr,
166 None, self.ip_addr, self.sa)
165 None, self.ip_addr, self.sa)
167 h.flash(_('User updated successfully'), category='success')
166 h.flash(_('User updated successfully'), category='success')
168 Session().commit()
167 Session().commit()
169 except formencode.Invalid as errors:
168 except formencode.Invalid as errors:
170 defaults = errors.value
169 defaults = errors.value
171 e = errors.error_dict or {}
170 e = errors.error_dict or {}
172 defaults.update({
171 defaults.update({
173 'create_repo_perm': user_model.has_perm(id,
172 'create_repo_perm': user_model.has_perm(id,
174 'hg.create.repository'),
173 'hg.create.repository'),
175 'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
174 'fork_repo_perm': user_model.has_perm(id, 'hg.fork.repository'),
176 })
175 })
177 return htmlfill.render(
176 return htmlfill.render(
178 self._render_edit_profile(user),
177 self._render_edit_profile(user),
179 defaults=defaults,
178 defaults=defaults,
180 errors=e,
179 errors=e,
181 prefix_error=False,
180 prefix_error=False,
182 encoding="UTF-8",
181 encoding="UTF-8",
183 force_defaults=False)
182 force_defaults=False)
184 except Exception:
183 except Exception:
185 log.error(traceback.format_exc())
184 log.error(traceback.format_exc())
186 h.flash(_('Error occurred during update of user %s') \
185 h.flash(_('Error occurred during update of user %s') \
187 % form_result.get('username'), category='error')
186 % form_result.get('username'), category='error')
188 raise HTTPFound(location=url('edit_user', id=id))
187 raise HTTPFound(location=url('edit_user', id=id))
189
188
190 def delete(self, id):
189 def delete(self, id):
191 usr = User.get_or_404(id)
190 usr = User.get_or_404(id)
192 try:
191 try:
193 UserModel().delete(usr)
192 UserModel().delete(usr)
194 Session().commit()
193 Session().commit()
195 h.flash(_('Successfully deleted user'), category='success')
194 h.flash(_('Successfully deleted user'), category='success')
196 except (UserOwnsReposException, DefaultUserException) as e:
195 except (UserOwnsReposException, DefaultUserException) as e:
197 h.flash(e, category='warning')
196 h.flash(e, category='warning')
198 except Exception:
197 except Exception:
199 log.error(traceback.format_exc())
198 log.error(traceback.format_exc())
200 h.flash(_('An error occurred during deletion of user'),
199 h.flash(_('An error occurred during deletion of user'),
201 category='error')
200 category='error')
202 raise HTTPFound(location=url('users'))
201 raise HTTPFound(location=url('users'))
203
202
204 def _get_user_or_raise_if_default(self, id):
203 def _get_user_or_raise_if_default(self, id):
205 try:
204 try:
206 return User.get_or_404(id, allow_default=False)
205 return User.get_or_404(id, allow_default=False)
207 except DefaultUserException:
206 except DefaultUserException:
208 h.flash(_("The default user cannot be edited"), category='warning')
207 h.flash(_("The default user cannot be edited"), category='warning')
209 raise HTTPNotFound
208 raise HTTPNotFound
210
209
211 def _render_edit_profile(self, user):
210 def _render_edit_profile(self, user):
212 c.user = user
211 c.user = user
213 c.active = 'profile'
212 c.active = 'profile'
214 c.perm_user = AuthUser(dbuser=user)
213 c.perm_user = AuthUser(dbuser=user)
215 c.ip_addr = self.ip_addr
214 c.ip_addr = self.ip_addr
216 managed_fields = auth_modules.get_managed_fields(user)
215 managed_fields = auth_modules.get_managed_fields(user)
217 c.readonly = lambda n: 'readonly' if n in managed_fields else None
216 c.readonly = lambda n: 'readonly' if n in managed_fields else None
218 return render('admin/users/user_edit.html')
217 return render('admin/users/user_edit.html')
219
218
220 def edit(self, id, format='html'):
219 def edit(self, id, format='html'):
221 user = self._get_user_or_raise_if_default(id)
220 user = self._get_user_or_raise_if_default(id)
222 defaults = user.get_dict()
221 defaults = user.get_dict()
223
222
224 return htmlfill.render(
223 return htmlfill.render(
225 self._render_edit_profile(user),
224 self._render_edit_profile(user),
226 defaults=defaults,
225 defaults=defaults,
227 encoding="UTF-8",
226 encoding="UTF-8",
228 force_defaults=False)
227 force_defaults=False)
229
228
230 def edit_advanced(self, id):
229 def edit_advanced(self, id):
231 c.user = self._get_user_or_raise_if_default(id)
230 c.user = self._get_user_or_raise_if_default(id)
232 c.active = 'advanced'
231 c.active = 'advanced'
233 c.perm_user = AuthUser(user_id=id)
232 c.perm_user = AuthUser(user_id=id)
234 c.ip_addr = self.ip_addr
233 c.ip_addr = self.ip_addr
235
234
236 umodel = UserModel()
235 umodel = UserModel()
237 defaults = c.user.get_dict()
236 defaults = c.user.get_dict()
238 defaults.update({
237 defaults.update({
239 'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
238 'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
240 'create_user_group_perm': umodel.has_perm(c.user,
239 'create_user_group_perm': umodel.has_perm(c.user,
241 'hg.usergroup.create.true'),
240 'hg.usergroup.create.true'),
242 'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
241 'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
243 })
242 })
244 return htmlfill.render(
243 return htmlfill.render(
245 render('admin/users/user_edit.html'),
244 render('admin/users/user_edit.html'),
246 defaults=defaults,
245 defaults=defaults,
247 encoding="UTF-8",
246 encoding="UTF-8",
248 force_defaults=False)
247 force_defaults=False)
249
248
250 def edit_api_keys(self, id):
249 def edit_api_keys(self, id):
251 c.user = self._get_user_or_raise_if_default(id)
250 c.user = self._get_user_or_raise_if_default(id)
252 c.active = 'api_keys'
251 c.active = 'api_keys'
253 show_expired = True
252 show_expired = True
254 c.lifetime_values = [
253 c.lifetime_values = [
255 (str(-1), _('Forever')),
254 (str(-1), _('Forever')),
256 (str(5), _('5 minutes')),
255 (str(5), _('5 minutes')),
257 (str(60), _('1 hour')),
256 (str(60), _('1 hour')),
258 (str(60 * 24), _('1 day')),
257 (str(60 * 24), _('1 day')),
259 (str(60 * 24 * 30), _('1 month')),
258 (str(60 * 24 * 30), _('1 month')),
260 ]
259 ]
261 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
260 c.lifetime_options = [(c.lifetime_values, _("Lifetime"))]
262 c.user_api_keys = ApiKeyModel().get_api_keys(c.user.user_id,
261 c.user_api_keys = ApiKeyModel().get_api_keys(c.user.user_id,
263 show_expired=show_expired)
262 show_expired=show_expired)
264 defaults = c.user.get_dict()
263 defaults = c.user.get_dict()
265 return htmlfill.render(
264 return htmlfill.render(
266 render('admin/users/user_edit.html'),
265 render('admin/users/user_edit.html'),
267 defaults=defaults,
266 defaults=defaults,
268 encoding="UTF-8",
267 encoding="UTF-8",
269 force_defaults=False)
268 force_defaults=False)
270
269
271 def add_api_key(self, id):
270 def add_api_key(self, id):
272 c.user = self._get_user_or_raise_if_default(id)
271 c.user = self._get_user_or_raise_if_default(id)
273
272
274 lifetime = safe_int(request.POST.get('lifetime'), -1)
273 lifetime = safe_int(request.POST.get('lifetime'), -1)
275 description = request.POST.get('description')
274 description = request.POST.get('description')
276 ApiKeyModel().create(c.user.user_id, description, lifetime)
275 ApiKeyModel().create(c.user.user_id, description, lifetime)
277 Session().commit()
276 Session().commit()
278 h.flash(_("API key successfully created"), category='success')
277 h.flash(_("API key successfully created"), category='success')
279 raise HTTPFound(location=url('edit_user_api_keys', id=c.user.user_id))
278 raise HTTPFound(location=url('edit_user_api_keys', id=c.user.user_id))
280
279
281 def delete_api_key(self, id):
280 def delete_api_key(self, id):
282 c.user = self._get_user_or_raise_if_default(id)
281 c.user = self._get_user_or_raise_if_default(id)
283
282
284 api_key = request.POST.get('del_api_key')
283 api_key = request.POST.get('del_api_key')
285 if request.POST.get('del_api_key_builtin'):
284 if request.POST.get('del_api_key_builtin'):
286 user = User.get(c.user.user_id)
285 user = User.get(c.user.user_id)
287 if user is not None:
286 if user is not None:
288 user.api_key = generate_api_key()
287 user.api_key = generate_api_key()
289 Session().add(user)
288 Session().add(user)
290 Session().commit()
289 Session().commit()
291 h.flash(_("API key successfully reset"), category='success')
290 h.flash(_("API key successfully reset"), category='success')
292 elif api_key:
291 elif api_key:
293 ApiKeyModel().delete(api_key, c.user.user_id)
292 ApiKeyModel().delete(api_key, c.user.user_id)
294 Session().commit()
293 Session().commit()
295 h.flash(_("API key successfully deleted"), category='success')
294 h.flash(_("API key successfully deleted"), category='success')
296
295
297 raise HTTPFound(location=url('edit_user_api_keys', id=c.user.user_id))
296 raise HTTPFound(location=url('edit_user_api_keys', id=c.user.user_id))
298
297
299 def update_account(self, id):
298 def update_account(self, id):
300 pass
299 pass
301
300
302 def edit_perms(self, id):
301 def edit_perms(self, id):
303 c.user = self._get_user_or_raise_if_default(id)
302 c.user = self._get_user_or_raise_if_default(id)
304 c.active = 'perms'
303 c.active = 'perms'
305 c.perm_user = AuthUser(user_id=id)
304 c.perm_user = AuthUser(user_id=id)
306 c.ip_addr = self.ip_addr
305 c.ip_addr = self.ip_addr
307
306
308 umodel = UserModel()
307 umodel = UserModel()
309 defaults = c.user.get_dict()
308 defaults = c.user.get_dict()
310 defaults.update({
309 defaults.update({
311 'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
310 'create_repo_perm': umodel.has_perm(c.user, 'hg.create.repository'),
312 'create_user_group_perm': umodel.has_perm(c.user,
311 'create_user_group_perm': umodel.has_perm(c.user,
313 'hg.usergroup.create.true'),
312 'hg.usergroup.create.true'),
314 'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
313 'fork_repo_perm': umodel.has_perm(c.user, 'hg.fork.repository'),
315 })
314 })
316 return htmlfill.render(
315 return htmlfill.render(
317 render('admin/users/user_edit.html'),
316 render('admin/users/user_edit.html'),
318 defaults=defaults,
317 defaults=defaults,
319 encoding="UTF-8",
318 encoding="UTF-8",
320 force_defaults=False)
319 force_defaults=False)
321
320
322 def update_perms(self, id):
321 def update_perms(self, id):
323 user = self._get_user_or_raise_if_default(id)
322 user = self._get_user_or_raise_if_default(id)
324
323
325 try:
324 try:
326 form = CustomDefaultPermissionsForm()()
325 form = CustomDefaultPermissionsForm()()
327 form_result = form.to_python(request.POST)
326 form_result = form.to_python(request.POST)
328
327
329 inherit_perms = form_result['inherit_default_permissions']
328 inherit_perms = form_result['inherit_default_permissions']
330 user.inherit_default_permissions = inherit_perms
329 user.inherit_default_permissions = inherit_perms
331 Session().add(user)
330 Session().add(user)
332 user_model = UserModel()
331 user_model = UserModel()
333
332
334 defs = UserToPerm.query() \
333 defs = UserToPerm.query() \
335 .filter(UserToPerm.user == user) \
334 .filter(UserToPerm.user == user) \
336 .all()
335 .all()
337 for ug in defs:
336 for ug in defs:
338 Session().delete(ug)
337 Session().delete(ug)
339
338
340 if form_result['create_repo_perm']:
339 if form_result['create_repo_perm']:
341 user_model.grant_perm(id, 'hg.create.repository')
340 user_model.grant_perm(id, 'hg.create.repository')
342 else:
341 else:
343 user_model.grant_perm(id, 'hg.create.none')
342 user_model.grant_perm(id, 'hg.create.none')
344 if form_result['create_user_group_perm']:
343 if form_result['create_user_group_perm']:
345 user_model.grant_perm(id, 'hg.usergroup.create.true')
344 user_model.grant_perm(id, 'hg.usergroup.create.true')
346 else:
345 else:
347 user_model.grant_perm(id, 'hg.usergroup.create.false')
346 user_model.grant_perm(id, 'hg.usergroup.create.false')
348 if form_result['fork_repo_perm']:
347 if form_result['fork_repo_perm']:
349 user_model.grant_perm(id, 'hg.fork.repository')
348 user_model.grant_perm(id, 'hg.fork.repository')
350 else:
349 else:
351 user_model.grant_perm(id, 'hg.fork.none')
350 user_model.grant_perm(id, 'hg.fork.none')
352 h.flash(_("Updated permissions"), category='success')
351 h.flash(_("Updated permissions"), category='success')
353 Session().commit()
352 Session().commit()
354 except Exception:
353 except Exception:
355 log.error(traceback.format_exc())
354 log.error(traceback.format_exc())
356 h.flash(_('An error occurred during permissions saving'),
355 h.flash(_('An error occurred during permissions saving'),
357 category='error')
356 category='error')
358 raise HTTPFound(location=url('edit_user_perms', id=id))
357 raise HTTPFound(location=url('edit_user_perms', id=id))
359
358
360 def edit_emails(self, id):
359 def edit_emails(self, id):
361 c.user = self._get_user_or_raise_if_default(id)
360 c.user = self._get_user_or_raise_if_default(id)
362 c.active = 'emails'
361 c.active = 'emails'
363 c.user_email_map = UserEmailMap.query() \
362 c.user_email_map = UserEmailMap.query() \
364 .filter(UserEmailMap.user == c.user).all()
363 .filter(UserEmailMap.user == c.user).all()
365
364
366 defaults = c.user.get_dict()
365 defaults = c.user.get_dict()
367 return htmlfill.render(
366 return htmlfill.render(
368 render('admin/users/user_edit.html'),
367 render('admin/users/user_edit.html'),
369 defaults=defaults,
368 defaults=defaults,
370 encoding="UTF-8",
369 encoding="UTF-8",
371 force_defaults=False)
370 force_defaults=False)
372
371
373 def add_email(self, id):
372 def add_email(self, id):
374 user = self._get_user_or_raise_if_default(id)
373 user = self._get_user_or_raise_if_default(id)
375 email = request.POST.get('new_email')
374 email = request.POST.get('new_email')
376 user_model = UserModel()
375 user_model = UserModel()
377
376
378 try:
377 try:
379 user_model.add_extra_email(id, email)
378 user_model.add_extra_email(id, email)
380 Session().commit()
379 Session().commit()
381 h.flash(_("Added email %s to user") % email, category='success')
380 h.flash(_("Added email %s to user") % email, category='success')
382 except formencode.Invalid as error:
381 except formencode.Invalid as error:
383 msg = error.error_dict['email']
382 msg = error.error_dict['email']
384 h.flash(msg, category='error')
383 h.flash(msg, category='error')
385 except Exception:
384 except Exception:
386 log.error(traceback.format_exc())
385 log.error(traceback.format_exc())
387 h.flash(_('An error occurred during email saving'),
386 h.flash(_('An error occurred during email saving'),
388 category='error')
387 category='error')
389 raise HTTPFound(location=url('edit_user_emails', id=id))
388 raise HTTPFound(location=url('edit_user_emails', id=id))
390
389
391 def delete_email(self, id):
390 def delete_email(self, id):
392 user = self._get_user_or_raise_if_default(id)
391 user = self._get_user_or_raise_if_default(id)
393 email_id = request.POST.get('del_email_id')
392 email_id = request.POST.get('del_email_id')
394 user_model = UserModel()
393 user_model = UserModel()
395 user_model.delete_extra_email(id, email_id)
394 user_model.delete_extra_email(id, email_id)
396 Session().commit()
395 Session().commit()
397 h.flash(_("Removed email from user"), category='success')
396 h.flash(_("Removed email from user"), category='success')
398 raise HTTPFound(location=url('edit_user_emails', id=id))
397 raise HTTPFound(location=url('edit_user_emails', id=id))
399
398
400 def edit_ips(self, id):
399 def edit_ips(self, id):
401 c.user = self._get_user_or_raise_if_default(id)
400 c.user = self._get_user_or_raise_if_default(id)
402 c.active = 'ips'
401 c.active = 'ips'
403 c.user_ip_map = UserIpMap.query() \
402 c.user_ip_map = UserIpMap.query() \
404 .filter(UserIpMap.user == c.user).all()
403 .filter(UserIpMap.user == c.user).all()
405
404
406 c.inherit_default_ips = c.user.inherit_default_permissions
405 c.inherit_default_ips = c.user.inherit_default_permissions
407 c.default_user_ip_map = UserIpMap.query() \
406 c.default_user_ip_map = UserIpMap.query() \
408 .filter(UserIpMap.user == User.get_default_user()).all()
407 .filter(UserIpMap.user == User.get_default_user()).all()
409
408
410 defaults = c.user.get_dict()
409 defaults = c.user.get_dict()
411 return htmlfill.render(
410 return htmlfill.render(
412 render('admin/users/user_edit.html'),
411 render('admin/users/user_edit.html'),
413 defaults=defaults,
412 defaults=defaults,
414 encoding="UTF-8",
413 encoding="UTF-8",
415 force_defaults=False)
414 force_defaults=False)
416
415
417 def add_ip(self, id):
416 def add_ip(self, id):
418 ip = request.POST.get('new_ip')
417 ip = request.POST.get('new_ip')
419 user_model = UserModel()
418 user_model = UserModel()
420
419
421 try:
420 try:
422 user_model.add_extra_ip(id, ip)
421 user_model.add_extra_ip(id, ip)
423 Session().commit()
422 Session().commit()
424 h.flash(_("Added IP address %s to user whitelist") % ip, category='success')
423 h.flash(_("Added IP address %s to user whitelist") % ip, category='success')
425 except formencode.Invalid as error:
424 except formencode.Invalid as error:
426 msg = error.error_dict['ip']
425 msg = error.error_dict['ip']
427 h.flash(msg, category='error')
426 h.flash(msg, category='error')
428 except Exception:
427 except Exception:
429 log.error(traceback.format_exc())
428 log.error(traceback.format_exc())
430 h.flash(_('An error occurred while adding IP address'),
429 h.flash(_('An error occurred while adding IP address'),
431 category='error')
430 category='error')
432
431
433 if 'default_user' in request.POST:
432 if 'default_user' in request.POST:
434 raise HTTPFound(location=url('admin_permissions_ips'))
433 raise HTTPFound(location=url('admin_permissions_ips'))
435 raise HTTPFound(location=url('edit_user_ips', id=id))
434 raise HTTPFound(location=url('edit_user_ips', id=id))
436
435
437 def delete_ip(self, id):
436 def delete_ip(self, id):
438 ip_id = request.POST.get('del_ip_id')
437 ip_id = request.POST.get('del_ip_id')
439 user_model = UserModel()
438 user_model = UserModel()
440 user_model.delete_extra_ip(id, ip_id)
439 user_model.delete_extra_ip(id, ip_id)
441 Session().commit()
440 Session().commit()
442 h.flash(_("Removed IP address from user whitelist"), category='success')
441 h.flash(_("Removed IP address from user whitelist"), category='success')
443
442
444 if 'default_user' in request.POST:
443 if 'default_user' in request.POST:
445 raise HTTPFound(location=url('admin_permissions_ips'))
444 raise HTTPFound(location=url('admin_permissions_ips'))
446 raise HTTPFound(location=url('edit_user_ips', id=id))
445 raise HTTPFound(location=url('edit_user_ips', id=id))
Show file before | Show file after | Hide comments
@@ -1,602 +1,602 b''
1 # -*- coding: utf-8 -*-
1 # -*- coding: utf-8 -*-
2 # This program is free software: you can redistribute it and/or modify
2 # This program is free software: you can redistribute it and/or modify
3 # it under the terms of the GNU General Public License as published by
3 # it under the terms of the GNU General Public License as published by
4 # the Free Software Foundation, either version 3 of the License, or
4 # the Free Software Foundation, either version 3 of the License, or
5 # (at your option) any later version.
5 # (at your option) any later version.
6 #
6 #
7 # This program is distributed in the hope that it will be useful,
7 # This program is distributed in the hope that it will be useful,
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 # GNU General Public License for more details.
10 # GNU General Public License for more details.
11 #
11 #
12 # You should have received a copy of the GNU General Public License
12 # You should have received a copy of the GNU General Public License
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
13 # along with this program. If not, see <http://www.gnu.org/licenses/>.
14
14
15 from sqlalchemy.orm.exc import NoResultFound, ObjectDeletedError
15 from sqlalchemy.orm.exc import NoResultFound, ObjectDeletedError
16
16
17 import pytest
17 import pytest
18 from kallithea.tests import *
18 from kallithea.tests import *
19 from kallithea.tests.fixture import Fixture
19 from kallithea.tests.fixture import Fixture
20 from kallithea.controllers.admin.users import UsersController
20 from kallithea.controllers.admin.users import UsersController
21 from kallithea.model.db import User, Permission, UserIpMap, UserApiKeys
21 from kallithea.model.db import User, Permission, UserIpMap, UserApiKeys
22 from kallithea.lib.auth import check_password
22 from kallithea.lib.auth import check_password
23 from kallithea.model.user import UserModel
23 from kallithea.model.user import UserModel
24 from kallithea.model import validators
24 from kallithea.model import validators
25 from kallithea.lib import helpers as h
25 from kallithea.lib import helpers as h
26 from kallithea.model.meta import Session
26 from kallithea.model.meta import Session
27 from webob.exc import HTTPNotFound
27 from webob.exc import HTTPNotFound
28
28
29 fixture = Fixture()
29 fixture = Fixture()
30
30
31 @pytest.yield_fixture
31 @pytest.yield_fixture
32 def user_and_repo_group_fail():
32 def user_and_repo_group_fail():
33 username = 'repogrouperr'
33 username = 'repogrouperr'
34 groupname = u'repogroup_fail'
34 groupname = u'repogroup_fail'
35 user = fixture.create_user(name=username)
35 user = fixture.create_user(name=username)
36 repo_group = fixture.create_repo_group(name=groupname, cur_user=username)
36 repo_group = fixture.create_repo_group(name=groupname, cur_user=username)
37 yield user, repo_group
37 yield user, repo_group
38 # cleanup
38 # cleanup
39 try:
39 try:
40 fixture.destroy_repo_group(repo_group)
40 fixture.destroy_repo_group(repo_group)
41 except ObjectDeletedError:
41 except ObjectDeletedError:
42 # delete already succeeded in test body
42 # delete already succeeded in test body
43 pass
43 pass
44
44
45 class TestAdminUsersController(TestController):
45 class TestAdminUsersController(TestController):
46 test_user_1 = 'testme'
46 test_user_1 = 'testme'
47
47
48 @classmethod
48 @classmethod
49 def teardown_class(cls):
49 def teardown_class(cls):
50 if User.get_by_username(cls.test_user_1):
50 if User.get_by_username(cls.test_user_1):
51 UserModel().delete(cls.test_user_1)
51 UserModel().delete(cls.test_user_1)
52 Session().commit()
52 Session().commit()
53
53
54 def test_index(self):
54 def test_index(self):
55 self.log_user()
55 self.log_user()
56 response = self.app.get(url('users'))
56 response = self.app.get(url('users'))
57 # Test response...
57 # Test response...
58
58
59 def test_create(self):
59 def test_create(self):
60 self.log_user()
60 self.log_user()
61 username = 'newtestuser'
61 username = 'newtestuser'
62 password = 'test12'
62 password = 'test12'
63 password_confirmation = password
63 password_confirmation = password
64 name = u'name'
64 name = u'name'
65 lastname = u'lastname'
65 lastname = u'lastname'
66 email = 'mail@example.com'
66 email = 'mail@example.com'
67
67
68 response = self.app.post(url('users'),
68 response = self.app.post(url('users'),
69 {'username': username,
69 {'username': username,
70 'password': password,
70 'password': password,
71 'password_confirmation': password_confirmation,
71 'password_confirmation': password_confirmation,
72 'firstname': name,
72 'firstname': name,
73 'active': True,
73 'active': True,
74 'lastname': lastname,
74 'lastname': lastname,
75 'extern_name': 'internal',
75 'extern_name': 'internal',
76 'extern_type': 'internal',
76 'extern_type': 'internal',
77 'email': email,
77 'email': email,
78 '_authentication_token': self.authentication_token()})
78 '_authentication_token': self.authentication_token()})
79 # 302 Found
80 # The resource was found at http://localhost/_admin/users/5/edit; you should be redirected automatically.
79
81
80 self.checkSessionFlash(response, '''Created user <a href="/_admin/users/''')
82 self.checkSessionFlash(response, '''Created user %s''' % username)
81 self.checkSessionFlash(response, '''/edit">%s</a>''' % (username))
83
84 response = response.follow()
85 response.mustcontain("""%s user settings""" % username) # in <title>
82
86
83 new_user = Session().query(User). \
87 new_user = Session().query(User). \
84 filter(User.username == username).one()
88 filter(User.username == username).one()
85
89
86 assert new_user.username == username
90 assert new_user.username == username
87 assert check_password(password, new_user.password) == True
91 assert check_password(password, new_user.password) == True
88 assert new_user.name == name
92 assert new_user.name == name
89 assert new_user.lastname == lastname
93 assert new_user.lastname == lastname
90 assert new_user.email == email
94 assert new_user.email == email
91
95
92 response.follow()
93 response = response.follow()
94 response.mustcontain("""newtestuser""")
95
96 def test_create_err(self):
96 def test_create_err(self):
97 self.log_user()
97 self.log_user()
98 username = 'new_user'
98 username = 'new_user'
99 password = ''
99 password = ''
100 name = u'name'
100 name = u'name'
101 lastname = u'lastname'
101 lastname = u'lastname'
102 email = 'errmail.example.com'
102 email = 'errmail.example.com'
103
103
104 response = self.app.post(url('users'), {'username': username,
104 response = self.app.post(url('users'), {'username': username,
105 'password': password,
105 'password': password,
106 'name': name,
106 'name': name,
107 'active': False,
107 'active': False,
108 'lastname': lastname,
108 'lastname': lastname,
109 'email': email,
109 'email': email,
110 '_authentication_token': self.authentication_token()})
110 '_authentication_token': self.authentication_token()})
111
111
112 msg = validators.ValidUsername(False, {})._messages['system_invalid_username']
112 msg = validators.ValidUsername(False, {})._messages['system_invalid_username']
113 msg = h.html_escape(msg % {'username': 'new_user'})
113 msg = h.html_escape(msg % {'username': 'new_user'})
114 response.mustcontain("""<span class="error-message">%s</span>""" % msg)
114 response.mustcontain("""<span class="error-message">%s</span>""" % msg)
115 response.mustcontain("""<span class="error-message">Please enter a value</span>""")
115 response.mustcontain("""<span class="error-message">Please enter a value</span>""")
116 response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")
116 response.mustcontain("""<span class="error-message">An email address must contain a single @</span>""")
117
117
118 def get_user():
118 def get_user():
119 Session().query(User).filter(User.username == username).one()
119 Session().query(User).filter(User.username == username).one()
120
120
121 with pytest.raises(NoResultFound):
121 with pytest.raises(NoResultFound):
122 get_user(), 'found user in database'
122 get_user(), 'found user in database'
123
123
124 def test_new(self):
124 def test_new(self):
125 self.log_user()
125 self.log_user()
126 response = self.app.get(url('new_user'))
126 response = self.app.get(url('new_user'))
127
127
128 @parametrize('name,attrs',
128 @parametrize('name,attrs',
129 [('firstname', {'firstname': 'new_username'}),
129 [('firstname', {'firstname': 'new_username'}),
130 ('lastname', {'lastname': 'new_username'}),
130 ('lastname', {'lastname': 'new_username'}),
131 ('admin', {'admin': True}),
131 ('admin', {'admin': True}),
132 ('admin', {'admin': False}),
132 ('admin', {'admin': False}),
133 ('extern_type', {'extern_type': 'ldap'}),
133 ('extern_type', {'extern_type': 'ldap'}),
134 ('extern_type', {'extern_type': None}),
134 ('extern_type', {'extern_type': None}),
135 ('extern_name', {'extern_name': 'test'}),
135 ('extern_name', {'extern_name': 'test'}),
136 ('extern_name', {'extern_name': None}),
136 ('extern_name', {'extern_name': None}),
137 ('active', {'active': False}),
137 ('active', {'active': False}),
138 ('active', {'active': True}),
138 ('active', {'active': True}),
139 ('email', {'email': 'someemail@example.com'}),
139 ('email', {'email': 'someemail@example.com'}),
140 # ('new_password', {'new_password': 'foobar123',
140 # ('new_password', {'new_password': 'foobar123',
141 # 'password_confirmation': 'foobar123'})
141 # 'password_confirmation': 'foobar123'})
142 ])
142 ])
143 def test_update(self, name, attrs):
143 def test_update(self, name, attrs):
144 self.log_user()
144 self.log_user()
145 usr = fixture.create_user(self.test_user_1, password='qweqwe',
145 usr = fixture.create_user(self.test_user_1, password='qweqwe',
146 email='testme@example.com',
146 email='testme@example.com',
147 extern_type='internal',
147 extern_type='internal',
148 extern_name=self.test_user_1,
148 extern_name=self.test_user_1,
149 skip_if_exists=True)
149 skip_if_exists=True)
150 Session().commit()
150 Session().commit()
151 params = usr.get_api_data(True)
151 params = usr.get_api_data(True)
152 params.update({'password_confirmation': ''})
152 params.update({'password_confirmation': ''})
153 params.update({'new_password': ''})
153 params.update({'new_password': ''})
154 params.update(attrs)
154 params.update(attrs)
155 if name == 'email':
155 if name == 'email':
156 params['emails'] = [attrs['email']]
156 params['emails'] = [attrs['email']]
157 if name == 'extern_type':
157 if name == 'extern_type':
158 #cannot update this via form, expected value is original one
158 #cannot update this via form, expected value is original one
159 params['extern_type'] = "internal"
159 params['extern_type'] = "internal"
160 if name == 'extern_name':
160 if name == 'extern_name':
161 #cannot update this via form, expected value is original one
161 #cannot update this via form, expected value is original one
162 params['extern_name'] = self.test_user_1
162 params['extern_name'] = self.test_user_1
163 # special case since this user is not
163 # special case since this user is not
164 # logged in yet his data is not filled
164 # logged in yet his data is not filled
165 # so we use creation data
165 # so we use creation data
166
166
167 params.update({'_authentication_token': self.authentication_token()})
167 params.update({'_authentication_token': self.authentication_token()})
168 response = self.app.post(url('update_user', id=usr.user_id), params)
168 response = self.app.post(url('update_user', id=usr.user_id), params)
169 self.checkSessionFlash(response, 'User updated successfully')
169 self.checkSessionFlash(response, 'User updated successfully')
170 params.pop('_authentication_token')
170 params.pop('_authentication_token')
171
171
172 updated_user = User.get_by_username(self.test_user_1)
172 updated_user = User.get_by_username(self.test_user_1)
173 updated_params = updated_user.get_api_data(True)
173 updated_params = updated_user.get_api_data(True)
174 updated_params.update({'password_confirmation': ''})
174 updated_params.update({'password_confirmation': ''})
175 updated_params.update({'new_password': ''})
175 updated_params.update({'new_password': ''})
176
176
177 assert params == updated_params
177 assert params == updated_params
178
178
179 def test_delete(self):
179 def test_delete(self):
180 self.log_user()
180 self.log_user()
181 username = 'newtestuserdeleteme'
181 username = 'newtestuserdeleteme'
182
182
183 fixture.create_user(name=username)
183 fixture.create_user(name=username)
184
184
185 new_user = Session().query(User) \
185 new_user = Session().query(User) \
186 .filter(User.username == username).one()
186 .filter(User.username == username).one()
187 response = self.app.post(url('delete_user', id=new_user.user_id),
187 response = self.app.post(url('delete_user', id=new_user.user_id),
188 params={'_authentication_token': self.authentication_token()})
188 params={'_authentication_token': self.authentication_token()})
189
189
190 self.checkSessionFlash(response, 'Successfully deleted user')
190 self.checkSessionFlash(response, 'Successfully deleted user')
191
191
192 def test_delete_repo_err(self):
192 def test_delete_repo_err(self):
193 self.log_user()
193 self.log_user()
194 username = 'repoerr'
194 username = 'repoerr'
195 reponame = u'repoerr_fail'
195 reponame = u'repoerr_fail'
196
196
197 fixture.create_user(name=username)
197 fixture.create_user(name=username)
198 fixture.create_repo(name=reponame, cur_user=username)
198 fixture.create_repo(name=reponame, cur_user=username)
199
199
200 new_user = Session().query(User) \
200 new_user = Session().query(User) \
201 .filter(User.username == username).one()
201 .filter(User.username == username).one()
202 response = self.app.post(url('delete_user', id=new_user.user_id),
202 response = self.app.post(url('delete_user', id=new_user.user_id),
203 params={'_authentication_token': self.authentication_token()})
203 params={'_authentication_token': self.authentication_token()})
204 self.checkSessionFlash(response, 'User "%s" still '
204 self.checkSessionFlash(response, 'User "%s" still '
205 'owns 1 repositories and cannot be removed. '
205 'owns 1 repositories and cannot be removed. '
206 'Switch owners or remove those repositories: '
206 'Switch owners or remove those repositories: '
207 '%s' % (username, reponame))
207 '%s' % (username, reponame))
208
208
209 response = self.app.post(url('delete_repo', repo_name=reponame),
209 response = self.app.post(url('delete_repo', repo_name=reponame),
210 params={'_authentication_token': self.authentication_token()})
210 params={'_authentication_token': self.authentication_token()})
211 self.checkSessionFlash(response, 'Deleted repository %s' % reponame)
211 self.checkSessionFlash(response, 'Deleted repository %s' % reponame)
212
212
213 response = self.app.post(url('delete_user', id=new_user.user_id),
213 response = self.app.post(url('delete_user', id=new_user.user_id),
214 params={'_authentication_token': self.authentication_token()})
214 params={'_authentication_token': self.authentication_token()})
215 self.checkSessionFlash(response, 'Successfully deleted user')
215 self.checkSessionFlash(response, 'Successfully deleted user')
216
216
217 def test_delete_repo_group_err(self, user_and_repo_group_fail):
217 def test_delete_repo_group_err(self, user_and_repo_group_fail):
218 self.log_user()
218 self.log_user()
219 username = 'repogrouperr'
219 username = 'repogrouperr'
220 groupname = u'repogroup_fail'
220 groupname = u'repogroup_fail'
221
221
222 new_user = Session().query(User) \
222 new_user = Session().query(User) \
223 .filter(User.username == username).one()
223 .filter(User.username == username).one()
224 response = self.app.post(url('delete_user', id=new_user.user_id),
224 response = self.app.post(url('delete_user', id=new_user.user_id),
225 params={'_authentication_token': self.authentication_token()})
225 params={'_authentication_token': self.authentication_token()})
226 self.checkSessionFlash(response, 'User "%s" still '
226 self.checkSessionFlash(response, 'User "%s" still '
227 'owns 1 repository groups and cannot be removed. '
227 'owns 1 repository groups and cannot be removed. '
228 'Switch owners or remove those repository groups: '
228 'Switch owners or remove those repository groups: '
229 '%s' % (username, groupname))
229 '%s' % (username, groupname))
230
230
231 # Relevant _if_ the user deletion succeeded to make sure we can render groups without owner
231 # Relevant _if_ the user deletion succeeded to make sure we can render groups without owner
232 # rg = RepoGroup.get_by_group_name(group_name=groupname)
232 # rg = RepoGroup.get_by_group_name(group_name=groupname)
233 # response = self.app.get(url('repos_groups', id=rg.group_id))
233 # response = self.app.get(url('repos_groups', id=rg.group_id))
234
234
235 response = self.app.post(url('delete_repo_group', group_name=groupname),
235 response = self.app.post(url('delete_repo_group', group_name=groupname),
236 params={'_authentication_token': self.authentication_token()})
236 params={'_authentication_token': self.authentication_token()})
237 self.checkSessionFlash(response, 'Removed repository group %s' % groupname)
237 self.checkSessionFlash(response, 'Removed repository group %s' % groupname)
238
238
239 response = self.app.post(url('delete_user', id=new_user.user_id),
239 response = self.app.post(url('delete_user', id=new_user.user_id),
240 params={'_authentication_token': self.authentication_token()})
240 params={'_authentication_token': self.authentication_token()})
241 self.checkSessionFlash(response, 'Successfully deleted user')
241 self.checkSessionFlash(response, 'Successfully deleted user')
242
242
243 def test_delete_user_group_err(self):
243 def test_delete_user_group_err(self):
244 self.log_user()
244 self.log_user()
245 username = 'usergrouperr'
245 username = 'usergrouperr'
246 groupname = u'usergroup_fail'
246 groupname = u'usergroup_fail'
247
247
248 fixture.create_user(name=username)
248 fixture.create_user(name=username)
249 ug = fixture.create_user_group(name=groupname, cur_user=username)
249 ug = fixture.create_user_group(name=groupname, cur_user=username)
250
250
251 new_user = Session().query(User) \
251 new_user = Session().query(User) \
252 .filter(User.username == username).one()
252 .filter(User.username == username).one()
253 response = self.app.post(url('delete_user', id=new_user.user_id),
253 response = self.app.post(url('delete_user', id=new_user.user_id),
254 params={'_authentication_token': self.authentication_token()})
254 params={'_authentication_token': self.authentication_token()})
255 self.checkSessionFlash(response, 'User "%s" still '
255 self.checkSessionFlash(response, 'User "%s" still '
256 'owns 1 user groups and cannot be removed. '
256 'owns 1 user groups and cannot be removed. '
257 'Switch owners or remove those user groups: '
257 'Switch owners or remove those user groups: '
258 '%s' % (username, groupname))
258 '%s' % (username, groupname))
259
259
260 # TODO: why do this fail?
260 # TODO: why do this fail?
261 #response = self.app.delete(url('delete_users_group', id=groupname))
261 #response = self.app.delete(url('delete_users_group', id=groupname))
262 #self.checkSessionFlash(response, 'Removed user group %s' % groupname)
262 #self.checkSessionFlash(response, 'Removed user group %s' % groupname)
263
263
264 fixture.destroy_user_group(ug.users_group_id)
264 fixture.destroy_user_group(ug.users_group_id)
265
265
266 response = self.app.post(url('delete_user', id=new_user.user_id),
266 response = self.app.post(url('delete_user', id=new_user.user_id),
267 params={'_authentication_token': self.authentication_token()})
267 params={'_authentication_token': self.authentication_token()})
268 self.checkSessionFlash(response, 'Successfully deleted user')
268 self.checkSessionFlash(response, 'Successfully deleted user')
269
269
270 def test_edit(self):
270 def test_edit(self):
271 self.log_user()
271 self.log_user()
272 user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
272 user = User.get_by_username(TEST_USER_ADMIN_LOGIN)
273 response = self.app.get(url('edit_user', id=user.user_id))
273 response = self.app.get(url('edit_user', id=user.user_id))
274
274
275 def test_add_perm_create_repo(self):
275 def test_add_perm_create_repo(self):
276 self.log_user()
276 self.log_user()
277 perm_none = Permission.get_by_key('hg.create.none')
277 perm_none = Permission.get_by_key('hg.create.none')
278 perm_create = Permission.get_by_key('hg.create.repository')
278 perm_create = Permission.get_by_key('hg.create.repository')
279
279
280 user = UserModel().create_or_update(username='dummy', password='qwe',
280 user = UserModel().create_or_update(username='dummy', password='qwe',
281 email='dummy', firstname=u'a',
281 email='dummy', firstname=u'a',
282 lastname=u'b')
282 lastname=u'b')
283 Session().commit()
283 Session().commit()
284 uid = user.user_id
284 uid = user.user_id
285
285
286 try:
286 try:
287 #User should have None permission on creation repository
287 #User should have None permission on creation repository
288 assert UserModel().has_perm(user, perm_none) == False
288 assert UserModel().has_perm(user, perm_none) == False
289 assert UserModel().has_perm(user, perm_create) == False
289 assert UserModel().has_perm(user, perm_create) == False
290
290
291 response = self.app.post(url('edit_user_perms_update', id=uid),
291 response = self.app.post(url('edit_user_perms_update', id=uid),
292 params=dict(create_repo_perm=True,
292 params=dict(create_repo_perm=True,
293 _authentication_token=self.authentication_token()))
293 _authentication_token=self.authentication_token()))
294
294
295 perm_none = Permission.get_by_key('hg.create.none')
295 perm_none = Permission.get_by_key('hg.create.none')
296 perm_create = Permission.get_by_key('hg.create.repository')
296 perm_create = Permission.get_by_key('hg.create.repository')
297
297
298 #User should have None permission on creation repository
298 #User should have None permission on creation repository
299 assert UserModel().has_perm(uid, perm_none) == False
299 assert UserModel().has_perm(uid, perm_none) == False
300 assert UserModel().has_perm(uid, perm_create) == True
300 assert UserModel().has_perm(uid, perm_create) == True
301 finally:
301 finally:
302 UserModel().delete(uid)
302 UserModel().delete(uid)
303 Session().commit()
303 Session().commit()
304
304
305 def test_revoke_perm_create_repo(self):
305 def test_revoke_perm_create_repo(self):
306 self.log_user()
306 self.log_user()
307 perm_none = Permission.get_by_key('hg.create.none')
307 perm_none = Permission.get_by_key('hg.create.none')
308 perm_create = Permission.get_by_key('hg.create.repository')
308 perm_create = Permission.get_by_key('hg.create.repository')
309
309
310 user = UserModel().create_or_update(username='dummy', password='qwe',
310 user = UserModel().create_or_update(username='dummy', password='qwe',
311 email='dummy', firstname=u'a',
311 email='dummy', firstname=u'a',
312 lastname=u'b')
312 lastname=u'b')
313 Session().commit()
313 Session().commit()
314 uid = user.user_id
314 uid = user.user_id
315
315
316 try:
316 try:
317 #User should have None permission on creation repository
317 #User should have None permission on creation repository
318 assert UserModel().has_perm(user, perm_none) == False
318 assert UserModel().has_perm(user, perm_none) == False
319 assert UserModel().has_perm(user, perm_create) == False
319 assert UserModel().has_perm(user, perm_create) == False
320
320
321 response = self.app.post(url('edit_user_perms_update', id=uid),
321 response = self.app.post(url('edit_user_perms_update', id=uid),
322 params=dict(_authentication_token=self.authentication_token()))
322 params=dict(_authentication_token=self.authentication_token()))
323
323
324 perm_none = Permission.get_by_key('hg.create.none')
324 perm_none = Permission.get_by_key('hg.create.none')
325 perm_create = Permission.get_by_key('hg.create.repository')
325 perm_create = Permission.get_by_key('hg.create.repository')
326
326
327 #User should have None permission on creation repository
327 #User should have None permission on creation repository
328 assert UserModel().has_perm(uid, perm_none) == True
328 assert UserModel().has_perm(uid, perm_none) == True
329 assert UserModel().has_perm(uid, perm_create) == False
329 assert UserModel().has_perm(uid, perm_create) == False
330 finally:
330 finally:
331 UserModel().delete(uid)
331 UserModel().delete(uid)
332 Session().commit()
332 Session().commit()
333
333
334 def test_add_perm_fork_repo(self):
334 def test_add_perm_fork_repo(self):
335 self.log_user()
335 self.log_user()
336 perm_none = Permission.get_by_key('hg.fork.none')
336 perm_none = Permission.get_by_key('hg.fork.none')
337 perm_fork = Permission.get_by_key('hg.fork.repository')
337 perm_fork = Permission.get_by_key('hg.fork.repository')
338
338
339 user = UserModel().create_or_update(username='dummy', password='qwe',
339 user = UserModel().create_or_update(username='dummy', password='qwe',
340 email='dummy', firstname=u'a',
340 email='dummy', firstname=u'a',
341 lastname=u'b')
341 lastname=u'b')
342 Session().commit()
342 Session().commit()
343 uid = user.user_id
343 uid = user.user_id
344
344
345 try:
345 try:
346 #User should have None permission on creation repository
346 #User should have None permission on creation repository
347 assert UserModel().has_perm(user, perm_none) == False
347 assert UserModel().has_perm(user, perm_none) == False
348 assert UserModel().has_perm(user, perm_fork) == False
348 assert UserModel().has_perm(user, perm_fork) == False
349
349
350 response = self.app.post(url('edit_user_perms_update', id=uid),
350 response = self.app.post(url('edit_user_perms_update', id=uid),
351 params=dict(create_repo_perm=True,
351 params=dict(create_repo_perm=True,
352 _authentication_token=self.authentication_token()))
352 _authentication_token=self.authentication_token()))
353
353
354 perm_none = Permission.get_by_key('hg.create.none')
354 perm_none = Permission.get_by_key('hg.create.none')
355 perm_create = Permission.get_by_key('hg.create.repository')
355 perm_create = Permission.get_by_key('hg.create.repository')
356
356
357 #User should have None permission on creation repository
357 #User should have None permission on creation repository
358 assert UserModel().has_perm(uid, perm_none) == False
358 assert UserModel().has_perm(uid, perm_none) == False
359 assert UserModel().has_perm(uid, perm_create) == True
359 assert UserModel().has_perm(uid, perm_create) == True
360 finally:
360 finally:
361 UserModel().delete(uid)
361 UserModel().delete(uid)
362 Session().commit()
362 Session().commit()
363
363
364 def test_revoke_perm_fork_repo(self):
364 def test_revoke_perm_fork_repo(self):
365 self.log_user()
365 self.log_user()
366 perm_none = Permission.get_by_key('hg.fork.none')
366 perm_none = Permission.get_by_key('hg.fork.none')
367 perm_fork = Permission.get_by_key('hg.fork.repository')
367 perm_fork = Permission.get_by_key('hg.fork.repository')
368
368
369 user = UserModel().create_or_update(username='dummy', password='qwe',
369 user = UserModel().create_or_update(username='dummy', password='qwe',
370 email='dummy', firstname=u'a',
370 email='dummy', firstname=u'a',
371 lastname=u'b')
371 lastname=u'b')
372 Session().commit()
372 Session().commit()
373 uid = user.user_id
373 uid = user.user_id
374
374
375 try:
375 try:
376 #User should have None permission on creation repository
376 #User should have None permission on creation repository
377 assert UserModel().has_perm(user, perm_none) == False
377 assert UserModel().has_perm(user, perm_none) == False
378 assert UserModel().has_perm(user, perm_fork) == False
378 assert UserModel().has_perm(user, perm_fork) == False
379
379
380 response = self.app.post(url('edit_user_perms_update', id=uid),
380 response = self.app.post(url('edit_user_perms_update', id=uid),
381 params=dict(_authentication_token=self.authentication_token()))
381 params=dict(_authentication_token=self.authentication_token()))
382
382
383 perm_none = Permission.get_by_key('hg.create.none')
383 perm_none = Permission.get_by_key('hg.create.none')
384 perm_create = Permission.get_by_key('hg.create.repository')
384 perm_create = Permission.get_by_key('hg.create.repository')
385
385
386 #User should have None permission on creation repository
386 #User should have None permission on creation repository
387 assert UserModel().has_perm(uid, perm_none) == True
387 assert UserModel().has_perm(uid, perm_none) == True
388 assert UserModel().has_perm(uid, perm_create) == False
388 assert UserModel().has_perm(uid, perm_create) == False
389 finally:
389 finally:
390 UserModel().delete(uid)
390 UserModel().delete(uid)
391 Session().commit()
391 Session().commit()
392
392
393 def test_ips(self):
393 def test_ips(self):
394 self.log_user()
394 self.log_user()
395 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
395 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
396 response = self.app.get(url('edit_user_ips', id=user.user_id))
396 response = self.app.get(url('edit_user_ips', id=user.user_id))
397 response.mustcontain('All IP addresses are allowed')
397 response.mustcontain('All IP addresses are allowed')
398
398
399 @parametrize('test_name,ip,ip_range,failure', [
399 @parametrize('test_name,ip,ip_range,failure', [
400 ('127/24', '127.0.0.1/24', '127.0.0.0 - 127.0.0.255', False),
400 ('127/24', '127.0.0.1/24', '127.0.0.0 - 127.0.0.255', False),
401 ('10/32', '10.0.0.10/32', '10.0.0.10 - 10.0.0.10', False),
401 ('10/32', '10.0.0.10/32', '10.0.0.10 - 10.0.0.10', False),
402 ('0/16', '0.0.0.0/16', '0.0.0.0 - 0.0.255.255', False),
402 ('0/16', '0.0.0.0/16', '0.0.0.0 - 0.0.255.255', False),
403 ('0/8', '0.0.0.0/8', '0.0.0.0 - 0.255.255.255', False),
403 ('0/8', '0.0.0.0/8', '0.0.0.0 - 0.255.255.255', False),
404 ('127_bad_mask', '127.0.0.1/99', '127.0.0.1 - 127.0.0.1', True),
404 ('127_bad_mask', '127.0.0.1/99', '127.0.0.1 - 127.0.0.1', True),
405 ('127_bad_ip', 'foobar', 'foobar', True),
405 ('127_bad_ip', 'foobar', 'foobar', True),
406 ])
406 ])
407 def test_add_ip(self, test_name, ip, ip_range, failure, auto_clear_ip_permissions):
407 def test_add_ip(self, test_name, ip, ip_range, failure, auto_clear_ip_permissions):
408 self.log_user()
408 self.log_user()
409 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
409 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
410 user_id = user.user_id
410 user_id = user.user_id
411
411
412 response = self.app.post(url('edit_user_ips_update', id=user_id),
412 response = self.app.post(url('edit_user_ips_update', id=user_id),
413 params=dict(new_ip=ip, _authentication_token=self.authentication_token()))
413 params=dict(new_ip=ip, _authentication_token=self.authentication_token()))
414
414
415 if failure:
415 if failure:
416 self.checkSessionFlash(response, 'Please enter a valid IPv4 or IPv6 address')
416 self.checkSessionFlash(response, 'Please enter a valid IPv4 or IPv6 address')
417 response = self.app.get(url('edit_user_ips', id=user_id))
417 response = self.app.get(url('edit_user_ips', id=user_id))
418 response.mustcontain(no=[ip])
418 response.mustcontain(no=[ip])
419 response.mustcontain(no=[ip_range])
419 response.mustcontain(no=[ip_range])
420
420
421 else:
421 else:
422 response = self.app.get(url('edit_user_ips', id=user_id))
422 response = self.app.get(url('edit_user_ips', id=user_id))
423 response.mustcontain(ip)
423 response.mustcontain(ip)
424 response.mustcontain(ip_range)
424 response.mustcontain(ip_range)
425
425
426 def test_delete_ip(self, auto_clear_ip_permissions):
426 def test_delete_ip(self, auto_clear_ip_permissions):
427 self.log_user()
427 self.log_user()
428 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
428 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
429 user_id = user.user_id
429 user_id = user.user_id
430 ip = '127.0.0.1/32'
430 ip = '127.0.0.1/32'
431 ip_range = '127.0.0.1 - 127.0.0.1'
431 ip_range = '127.0.0.1 - 127.0.0.1'
432 new_ip = UserModel().add_extra_ip(user_id, ip)
432 new_ip = UserModel().add_extra_ip(user_id, ip)
433 Session().commit()
433 Session().commit()
434 new_ip_id = new_ip.ip_id
434 new_ip_id = new_ip.ip_id
435
435
436 response = self.app.get(url('edit_user_ips', id=user_id))
436 response = self.app.get(url('edit_user_ips', id=user_id))
437 response.mustcontain(ip)
437 response.mustcontain(ip)
438 response.mustcontain(ip_range)
438 response.mustcontain(ip_range)
439
439
440 self.app.post(url('edit_user_ips_delete', id=user_id),
440 self.app.post(url('edit_user_ips_delete', id=user_id),
441 params=dict(del_ip_id=new_ip_id, _authentication_token=self.authentication_token()))
441 params=dict(del_ip_id=new_ip_id, _authentication_token=self.authentication_token()))
442
442
443 response = self.app.get(url('edit_user_ips', id=user_id))
443 response = self.app.get(url('edit_user_ips', id=user_id))
444 response.mustcontain('All IP addresses are allowed')
444 response.mustcontain('All IP addresses are allowed')
445 response.mustcontain(no=[ip])
445 response.mustcontain(no=[ip])
446 response.mustcontain(no=[ip_range])
446 response.mustcontain(no=[ip_range])
447
447
448 def test_api_keys(self):
448 def test_api_keys(self):
449 self.log_user()
449 self.log_user()
450
450
451 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
451 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
452 response = self.app.get(url('edit_user_api_keys', id=user.user_id))
452 response = self.app.get(url('edit_user_api_keys', id=user.user_id))
453 response.mustcontain(user.api_key)
453 response.mustcontain(user.api_key)
454 response.mustcontain('Expires: Never')
454 response.mustcontain('Expires: Never')
455
455
456 @parametrize('desc,lifetime', [
456 @parametrize('desc,lifetime', [
457 ('forever', -1),
457 ('forever', -1),
458 ('5mins', 60*5),
458 ('5mins', 60*5),
459 ('30days', 60*60*24*30),
459 ('30days', 60*60*24*30),
460 ])
460 ])
461 def test_add_api_keys(self, desc, lifetime):
461 def test_add_api_keys(self, desc, lifetime):
462 self.log_user()
462 self.log_user()
463 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
463 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
464 user_id = user.user_id
464 user_id = user.user_id
465
465
466 response = self.app.post(url('edit_user_api_keys_update', id=user_id),
466 response = self.app.post(url('edit_user_api_keys_update', id=user_id),
467 {'description': desc, 'lifetime': lifetime, '_authentication_token': self.authentication_token()})
467 {'description': desc, 'lifetime': lifetime, '_authentication_token': self.authentication_token()})
468 self.checkSessionFlash(response, 'API key successfully created')
468 self.checkSessionFlash(response, 'API key successfully created')
469 try:
469 try:
470 response = response.follow()
470 response = response.follow()
471 user = User.get(user_id)
471 user = User.get(user_id)
472 for api_key in user.api_keys:
472 for api_key in user.api_keys:
473 response.mustcontain(api_key)
473 response.mustcontain(api_key)
474 finally:
474 finally:
475 for api_key in UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all():
475 for api_key in UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all():
476 Session().delete(api_key)
476 Session().delete(api_key)
477 Session().commit()
477 Session().commit()
478
478
479 def test_remove_api_key(self):
479 def test_remove_api_key(self):
480 self.log_user()
480 self.log_user()
481 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
481 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
482 user_id = user.user_id
482 user_id = user.user_id
483
483
484 response = self.app.post(url('edit_user_api_keys_update', id=user_id),
484 response = self.app.post(url('edit_user_api_keys_update', id=user_id),
485 {'description': 'desc', 'lifetime': -1, '_authentication_token': self.authentication_token()})
485 {'description': 'desc', 'lifetime': -1, '_authentication_token': self.authentication_token()})
486 self.checkSessionFlash(response, 'API key successfully created')
486 self.checkSessionFlash(response, 'API key successfully created')
487 response = response.follow()
487 response = response.follow()
488
488
489 #now delete our key
489 #now delete our key
490 keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
490 keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
491 assert 1 == len(keys)
491 assert 1 == len(keys)
492
492
493 response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
493 response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
494 {'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})
494 {'del_api_key': keys[0].api_key, '_authentication_token': self.authentication_token()})
495 self.checkSessionFlash(response, 'API key successfully deleted')
495 self.checkSessionFlash(response, 'API key successfully deleted')
496 keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
496 keys = UserApiKeys.query().filter(UserApiKeys.user_id == user_id).all()
497 assert 0 == len(keys)
497 assert 0 == len(keys)
498
498
499 def test_reset_main_api_key(self):
499 def test_reset_main_api_key(self):
500 self.log_user()
500 self.log_user()
501 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
501 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
502 user_id = user.user_id
502 user_id = user.user_id
503 api_key = user.api_key
503 api_key = user.api_key
504 response = self.app.get(url('edit_user_api_keys', id=user_id))
504 response = self.app.get(url('edit_user_api_keys', id=user_id))
505 response.mustcontain(api_key)
505 response.mustcontain(api_key)
506 response.mustcontain('Expires: Never')
506 response.mustcontain('Expires: Never')
507
507
508 response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
508 response = self.app.post(url('edit_user_api_keys_delete', id=user_id),
509 {'del_api_key_builtin': api_key, '_authentication_token': self.authentication_token()})
509 {'del_api_key_builtin': api_key, '_authentication_token': self.authentication_token()})
510 self.checkSessionFlash(response, 'API key successfully reset')
510 self.checkSessionFlash(response, 'API key successfully reset')
511 response = response.follow()
511 response = response.follow()
512 response.mustcontain(no=[api_key])
512 response.mustcontain(no=[api_key])
513
513
514
514
515 class TestAdminUsersController_unittest(object):
515 class TestAdminUsersController_unittest(object):
516 """ Unit tests for the users controller """
516 """ Unit tests for the users controller """
517
517
518 def test_get_user_or_raise_if_default(self, monkeypatch):
518 def test_get_user_or_raise_if_default(self, monkeypatch):
519 # flash complains about an non-existing session
519 # flash complains about an non-existing session
520 def flash_mock(*args, **kwargs):
520 def flash_mock(*args, **kwargs):
521 pass
521 pass
522 monkeypatch.setattr(h, 'flash', flash_mock)
522 monkeypatch.setattr(h, 'flash', flash_mock)
523
523
524 u = UsersController()
524 u = UsersController()
525 # a regular user should work correctly
525 # a regular user should work correctly
526 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
526 user = User.get_by_username(TEST_USER_REGULAR_LOGIN)
527 assert u._get_user_or_raise_if_default(user.user_id) == user
527 assert u._get_user_or_raise_if_default(user.user_id) == user
528 # the default user should raise
528 # the default user should raise
529 with pytest.raises(HTTPNotFound):
529 with pytest.raises(HTTPNotFound):
530 u._get_user_or_raise_if_default(User.get_default_user().user_id)
530 u._get_user_or_raise_if_default(User.get_default_user().user_id)
531
531
532
532
533 class TestAdminUsersControllerForDefaultUser(TestController):
533 class TestAdminUsersControllerForDefaultUser(TestController):
534 """
534 """
535 Edit actions on the default user are not allowed.
535 Edit actions on the default user are not allowed.
536 Validate that they throw a 404 exception.
536 Validate that they throw a 404 exception.
537 """
537 """
538 def test_edit_default_user(self):
538 def test_edit_default_user(self):
539 self.log_user()
539 self.log_user()
540 user = User.get_default_user()
540 user = User.get_default_user()
541 response = self.app.get(url('edit_user', id=user.user_id), status=404)
541 response = self.app.get(url('edit_user', id=user.user_id), status=404)
542
542
543 def test_edit_advanced_default_user(self):
543 def test_edit_advanced_default_user(self):
544 self.log_user()
544 self.log_user()
545 user = User.get_default_user()
545 user = User.get_default_user()
546 response = self.app.get(url('edit_user_advanced', id=user.user_id), status=404)
546 response = self.app.get(url('edit_user_advanced', id=user.user_id), status=404)
547
547
548 # API keys
548 # API keys
549 def test_edit_api_keys_default_user(self):
549 def test_edit_api_keys_default_user(self):
550 self.log_user()
550 self.log_user()
551 user = User.get_default_user()
551 user = User.get_default_user()
552 response = self.app.get(url('edit_user_api_keys', id=user.user_id), status=404)
552 response = self.app.get(url('edit_user_api_keys', id=user.user_id), status=404)
553
553
554 def test_add_api_keys_default_user(self):
554 def test_add_api_keys_default_user(self):
555 self.log_user()
555 self.log_user()
556 user = User.get_default_user()
556 user = User.get_default_user()
557 response = self.app.post(url('edit_user_api_keys_update', id=user.user_id),
557 response = self.app.post(url('edit_user_api_keys_update', id=user.user_id),
558 {'_authentication_token': self.authentication_token()}, status=404)
558 {'_authentication_token': self.authentication_token()}, status=404)
559
559
560 def test_delete_api_keys_default_user(self):
560 def test_delete_api_keys_default_user(self):
561 self.log_user()
561 self.log_user()
562 user = User.get_default_user()
562 user = User.get_default_user()
563 response = self.app.post(url('edit_user_api_keys_delete', id=user.user_id),
563 response = self.app.post(url('edit_user_api_keys_delete', id=user.user_id),
564 {'_authentication_token': self.authentication_token()}, status=404)
564 {'_authentication_token': self.authentication_token()}, status=404)
565
565
566 # Permissions
566 # Permissions
567 def test_edit_perms_default_user(self):
567 def test_edit_perms_default_user(self):
568 self.log_user()
568 self.log_user()
569 user = User.get_default_user()
569 user = User.get_default_user()
570 response = self.app.get(url('edit_user_perms', id=user.user_id), status=404)
570 response = self.app.get(url('edit_user_perms', id=user.user_id), status=404)
571
571
572 def test_update_perms_default_user(self):
572 def test_update_perms_default_user(self):
573 self.log_user()
573 self.log_user()
574 user = User.get_default_user()
574 user = User.get_default_user()
575 response = self.app.post(url('edit_user_perms_update', id=user.user_id),
575 response = self.app.post(url('edit_user_perms_update', id=user.user_id),
576 {'_authentication_token': self.authentication_token()}, status=404)
576 {'_authentication_token': self.authentication_token()}, status=404)
577
577
578 # Emails
578 # Emails
579 def test_edit_emails_default_user(self):
579 def test_edit_emails_default_user(self):
580 self.log_user()
580 self.log_user()
581 user = User.get_default_user()
581 user = User.get_default_user()
582 response = self.app.get(url('edit_user_emails', id=user.user_id), status=404)
582 response = self.app.get(url('edit_user_emails', id=user.user_id), status=404)
583
583
584 def test_add_emails_default_user(self):
584 def test_add_emails_default_user(self):
585 self.log_user()
585 self.log_user()
586 user = User.get_default_user()
586 user = User.get_default_user()
587 response = self.app.post(url('edit_user_emails_update', id=user.user_id),
587 response = self.app.post(url('edit_user_emails_update', id=user.user_id),
588 {'_authentication_token': self.authentication_token()}, status=404)
588 {'_authentication_token': self.authentication_token()}, status=404)
589
589
590 def test_delete_emails_default_user(self):
590 def test_delete_emails_default_user(self):
591 self.log_user()
591 self.log_user()
592 user = User.get_default_user()
592 user = User.get_default_user()
593 response = self.app.post(url('edit_user_emails_delete', id=user.user_id),
593 response = self.app.post(url('edit_user_emails_delete', id=user.user_id),
594 {'_authentication_token': self.authentication_token()}, status=404)
594 {'_authentication_token': self.authentication_token()}, status=404)
595
595
596 # IP addresses
596 # IP addresses
597 # Add/delete of IP addresses for the default user is used to maintain
597 # Add/delete of IP addresses for the default user is used to maintain
598 # the global IP whitelist and thus allowed. Only 'edit' is forbidden.
598 # the global IP whitelist and thus allowed. Only 'edit' is forbidden.
599 def test_edit_ip_default_user(self):
599 def test_edit_ip_default_user(self):
600 self.log_user()
600 self.log_user()
601 user = User.get_default_user()
601 user = User.get_default_user()
602 response = self.app.get(url('edit_user_ips', id=user.user_id), status=404)
602 response = self.app.get(url('edit_user_ips', id=user.user_id), status=404)
General Comments 0
You need to be logged in to leave comments. Login now