def test_invalid_perm(self):
self.login_as(self.user)
invalid_perm = randstring(1)
while invalid_perm == 'r':
invalid_perm = randstring(1)
# test add
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = {
"user": self.admin_email,
"path": self.user_folder_path,
"perm": invalid_perm
}
resp = self.client.post(url, data)
self.assertEqual(400, resp.status_code)
invalid_perm = randstring(2)
while invalid_perm == 'rw':
invalid_perm = randstring(2)
# test modify
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = 'user=%s&path=%s&perm=%s' % (self.admin_email, self.user_folder_path, invalid_perm)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(400, resp.status_code)
def setUp(self):
self.login_as(self.admin)
# create group for admin user
self.admin_group_1_name = randstring(6)
self.admin_group_1_id = ccnet_threaded_rpc.create_group(self.admin_group_1_name,
self.admin.email)
# create another group for admin user
self.admin_group_2_name = randstring(6)
self.admin_group_2_id = ccnet_threaded_rpc.create_group(self.admin_group_2_name,
self.admin.email)
# create repo for admin user
self.admin_repo_name = randstring(6)
r = seafile_api.get_repo(self.create_repo(name=self.admin_repo_name,
desc='', username=self.admin.email, passwd=None))
self.admin_repo_id = r.id
# set common user as staff in admin user's group
ccnet_threaded_rpc.group_add_member(self.admin_group_1_id,
self.admin.email, self.user.email)
ccnet_threaded_rpc.group_set_admin(self.admin_group_1_id, self.user.email)
# add common user to admin user's another group
ccnet_threaded_rpc.group_add_member(self.admin_group_2_id,
self.admin.email, self.user.email)
# share admin user's repo to common user
seafile_api.share_repo(self.admin_repo_id, self.admin.email,
self.user.email, 'rw')
def test_rename_file_with_invalid_folder_perm(self):
if not LOCAL_PRO_DEV_ENV:
return
# create a file as old file in user repo sub-folder
old_file_name = randstring(6)
seafile_api.post_empty_file(repo_id=self.repo_id,
parent_dir=self.folder_path, filename=old_file_name,
username=self.user_name)
# share user's repo to admin with 'rw' permission
seafile_api.share_repo(self.repo_id, self.user_name,
self.admin_name, 'rw')
# set sub-folder permisson as 'r' for admin
seafile_api.add_folder_user_perm(self.repo_id,
self.folder_path, 'r', self.admin_name)
# admin can visit old file with 'r' permission
old_file_path = posixpath.join(self.folder_path, old_file_name)
assert seafile_api.check_permission_by_path(self.repo_id,
old_file_path, self.admin_name) == 'r'
# login as admin, then rename a 'r' permission old file
self.login_as(self.admin)
new_name = randstring(6)
data = {'operation': 'rename', 'newname': new_name}
resp = self.client.post(self.url + '?p=' + old_file_path, data)
self.assertEqual(403, resp.status_code)
def test_create_in_encrypted_lib_with_invalid_password(self):
password = randstring(8)
encrypted_repo_id = seafile_api.create_repo(
'encrypted_repo_name', '', self.user_name, password)
dirname = randstring(8)
seafile_api.post_dir(repo_id=encrypted_repo_id,
parent_dir='/', dirname=dirname, username=self.user_name)
self.login_as(self.user)
url = reverse("api2-dir-sub-repo", args=[encrypted_repo_id])
# test invalid password argument
args = "?p=/%s&name=%s&invalid_password=%s" % (dirname, dirname, password)
resp = self.client.get(url + args)
self.assertEqual(400, resp.status_code)
# test wrong password
args = "?p=/%s&name=%s&password=%s" % (dirname, dirname, 'invalid_password')
resp = self.client.get(url + args)
self.assertEqual(400, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['error_msg'] == 'Wrong password'
self.remove_repo(encrypted_repo_id)
def test_invalid_user(self):
self.login_as(self.user)
invalid_user = randstring(6) + '@' + randstring(6) + '.com'
# test add
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = {
"user": invalid_user,
"path": self.user_folder_path,
"perm": self.perm_rw
}
resp = self.client.post(url, data)
self.assertEqual(404, resp.status_code)
# test modify
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = 'user=%s&path=%s&perm=%s' % (invalid_user, self.user_folder_path, self.perm_rw)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
# test delete
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = 'user=%s&path=%s' % (invalid_user, self.user_folder_path)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
def create_user(self):
username = '******' % randstring(20)
password = randstring(20)
data = {'password': password}
self.admin_put(urljoin(ACCOUNTS_URL, username),
data=data,
expected=201)
return _User(username, password)
def setUp(self):
self.user_name = self.user.username
self.tmp_email = '*****@*****.**' % randstring(10)
self.password = randstring(10)
self.url = reverse('api-v2.1-admin-user', args=[self.tmp_email])
ccnet_api.add_emailuser(self.tmp_email, self.password, 0, 0)
self.clear_cache()
def test_can_not_transfer_repo_to_unregistered_user(self):
self.login_as(self.user)
url = reverse("api2-repo-owner", args=[self.user_repo_id])
unregistered_user = '******' % (randstring(6), randstring(6))
data = 'owner=%s' % unregistered_user
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
def setUp(self):
self.user_email = self.user.username
self.admin_email = self.admin.username
tmp_admin_email = '%s@%s.com' % (randstring(6), randstring(6))
ccnet_api.add_emailuser(tmp_admin_email, randstring(6), 1, 1)
self.tmp_admin_email = tmp_admin_email
AdminRole.objects.all().delete()
def test_can_not_transfer_repo_to_unregistered_user(self):
self.login_as(self.user)
url = reverse("api2-repo-owner", args=[self.user_repo_id])
unregistered_user = '******' % (randstring(6), randstring(6))
data = 'owner=%s' % unregistered_user
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
def test_unshare_with_unregistered_user(self):
self.share_folder_to_user_and_group()
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.delete(
'/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s'
% (self.repo.id, self.folder, unregistered_user))
self.assertEqual(200, resp.status_code)
def test_modify_shared_repo_with_unregistered_user(self):
self._add_shared_items()
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.post(
'/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s'
% (self.repo.id, self.folder, unregistered_user),
{'permission': 'r'})
self.assertEqual(400, resp.status_code)
def setUp(self):
self.login_as(self.admin)
self.user_name = self.user.username
self.admin_name = self.admin.username
self.group_id = self.group.id
self.repo_id = self.repo.repo_id
self.new_user = '******' % (randstring(6), randstring(6))
self.library_url = reverse('api-v2.1-admin-library',
args=[self.repo_id])
self.admin_log_url = reverse('api-v2.1-admin-admin-logs')
def test_can_not_create_if_not_admin(self):
if not LOCAL_PRO_DEV_ENV:
return
self.login_as(self.user)
email = '%s@%s.com' % (randstring(6), randstring(6))
data = {'email': email, 'password': randstring(6)}
resp = self.client.post(self.org_users_url, data)
self.assertEqual(403, resp.status_code)
def test_can_not_create_by_other_punctuation(self):
self.login_as(self.admin)
url = reverse('api-v2.1-admin-groups')
other_punctuation = """!"#$%&()*+,/:;<=>?@[\]^`{|}~"""
group_name = randstring(2) + random.choice(
other_punctuation) + randstring(2)
data = {'group_name': group_name, 'group_owner': self.user.email}
resp = self.client.post(url, data)
self.assertEqual(400, resp.status_code)
def setUp(self):
org_name = randstring(6)
org_url_prefix = randstring(6)
tmp_user = self.create_user(email='%s@%s.com' %
(randstring(6), randstring(6)))
org_creator = tmp_user.username
org_id = ccnet_api.create_org(org_name, org_url_prefix, org_creator)
self.org = ccnet_api.get_org_by_id(org_id)
self.url = reverse('api-v2.1-admin-organization',
args=[self.org.org_id])
self.login_as(self.admin)
def test_can_create_by_limit_punctuation(self):
limit_punctuation = """-'_."""
new_group_name = randstring(2) + random.choice(limit_punctuation) + randstring(2)
resp = self.client.post(self.url, {'name': new_group_name})
self.assertEqual(201, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['name'] == new_group_name
assert json_resp['owner'] == self.user.email
self.remove_group(json_resp['id'])
def test_unshare_repo_with_unregistered_user(self):
self._add_shared_items()
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
self.repo.id,
self.folder,
unregistered_user
))
self.assertEqual(200, resp.status_code)
def test_add_remove_group_with_blank_and_hyphen(self):
data = {'group_name': randstring(4) + '-' + randstring(4) + ' ' + randstring(4)}
info = self.put(GROUPS_URL, data=data).json()
self.assertTrue(info['success'])
group_id = info['group_id']
self.assertGreater(group_id, 0)
url = urljoin(GROUPS_URL, str(group_id))
self.delete(url)
# check group is really removed
groups = self.get(GROUPS_URL).json()['groups']
for group in groups:
self.assertNotEqual(group['id'], group_id)
def test_create_with_unexisted_user(self):
self.login_as(self.admin)
repo_name = randstring(6)
repo_owner = '*****@*****.**' % randstring(6)
data = {
'name': repo_name,
'owner': repo_owner,
}
resp = self.client.post(self.libraries_url, data)
self.assertEqual(404, resp.status_code)
def test_delete_invalid_user(self):
if not LOCAL_PRO_DEV_ENV:
return
not_existed_user = '******' % (randstring(6), randstring(6))
self.login_as(self.admin)
url = reverse('api-v2.1-admin-org-user',
args=[self.org_id, not_existed_user])
resp = self.client.delete(url)
self.assertEqual(404, resp.status_code)
def test_create_with_invalid_org_id(self):
if not LOCAL_PRO_DEV_ENV:
return
self.login_as(self.admin)
invalid_org_users_url = reverse('api-v2.1-admin-org-users', args=[0])
email = '%s@%s.com' % (randstring(6), randstring(6))
data = {'email': email, 'password': randstring(6)}
resp = self.client.post(invalid_org_users_url, data)
self.assertEqual(400, resp.status_code)
def test_can_get_dir_detail(self):
seafile_api.post_dir(self.repo_id, self.folder_path, randstring(3),
self.user_name)
seafile_api.post_empty_file(self.repo_id, self.folder_path,
randstring(3), self.user_name)
self.login_as(self.user)
resp = self.client.get(self.url + '?path=%s' % self.folder_path)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['name'] == self.folder_name
def test_create_with_user_number_over_limit(self, mock_user_number_over_limit):
if not LOCAL_PRO_DEV_ENV:
return
mock_user_number_over_limit.return_value = True
self.login_as(self.admin)
email = '%s@%s.com' % (randstring(6), randstring(6))
data = {'email': email, 'password': randstring(6)}
resp = self.client.post(self.org_users_url, data)
self.assertEqual(403, resp.status_code)
def test_add_user_form_email_invalid_for_exceed_limit(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = True
user_info = {
'email': '%s@%s.com' % (randstring(10), randstring(10)),
'role': DEFAULT_USER,
'password1': 'password',
'password2': 'password',
}
f = AddUserForm(data = user_info)
assert 'The number of users exceeds the limit.' in str(f['email'].errors)
def test_add_user_form_is_valid(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
'email': '%s@%s.com' % (randstring(10), randstring(10)),
'role': DEFAULT_USER,
'password1': 'password',
'password2': 'password',
}
f = AddUserForm(data=user_info)
self.assertTrue(f.is_valid())
def test_modify_shared_repo_with_unregistered_user(self):
self._add_shared_items()
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
self.repo.id,
self.folder,
unregistered_user), {
'permission': 'r'
}
)
self.assertEqual(400, resp.status_code)
def setUp(self):
self.user_name = self.user.username
self.admin_name = self.admin.username
if LOCAL_PRO_DEV_ENV:
self.org_name = randstring(6)
self.org_url_prefix = randstring(6)
tmp_user = self.create_user(email='%s@%s.com' % (randstring(6), randstring(6)))
self.org_creator = tmp_user.username
self.org_id = ccnet_api.create_org(self.org_name,
self.org_url_prefix, self.org_creator)
self.org_users_url = reverse('api-v2.1-admin-org-users',
args=[self.org_id])
def test_add_user_form_email_invalid_for_exceed_limit(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = True
user_info = {
'email':'%s@%s.com' % (randstring(10), randstring(10)) ,
'role': DEFAULT_USER,
'password1':'password',
'password2':'password',
}
f = AddUserForm(data = user_info)
assert 'The number of users exceeds the limit.' in str(f['email'].errors)
def test_share_folder_to_unregistered_user(self):
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.put(
'/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
self.folder),
"share_type=user&username=%s" % unregistered_user,
'application/x-www-form-urlencoded',
)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert len(json_resp['failed']) == 1
assert unregistered_user in json_resp['failed'][0]['email']
def test_add_user_form_is_valid(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
'email':'%s@%s.com' % (randstring(10), randstring(10)) ,
'role': DEFAULT_USER,
'password1':'password',
'password2':'password',
}
f = AddUserForm(data = user_info)
self.assertTrue(f.is_valid())
def test_share_with_unregistered_user(self):
self.login_as(self.user)
unregistered_user = '******' % (randstring(6), randstring(6))
resp = self.client.put(
'/api2/repos/%s/dir/shared_items/?p=%s' %
(self.repo.id, self.folder),
"share_type=user&username=%s" % unregistered_user,
'application/x-www-form-urlencoded',
)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert len(json_resp['failed']) == 1
assert unregistered_user in json_resp['failed'][0]['email']
def test_can_create(self):
if not LOCAL_PRO_DEV_ENV:
return
self.login_as(self.admin)
email = '%s@%s.com' % (randstring(6), randstring(6))
data = {'email': email, 'password': randstring(6)}
resp = self.client.post(self.org_users_url, data)
json_resp = json.loads(resp.content)
self.assertEqual(200, resp.status_code)
assert json_resp['email'] == email
def test_registration_form_is_valid(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
'email': '%s@%s.com' % (randstring(10), randstring(10)),
'userid': randstring(40),
'password1': 'password',
'password2': 'password',
}
f = RegistrationForm(data=user_info)
self.assertTrue(f.is_valid())
def test_can_not_delete_if_not_admin(self):
if not LOCAL_PRO_DEV_ENV:
return
email = '%s@%s.com' % (randstring(6), randstring(6))
self.create_user(email=email)
ccnet_api.add_org_user(self.org_id, email, 0)
assert ccnet_api.org_user_exists(self.org_id, email) == 1
self.login_as(self.user)
url = reverse('api-v2.1-admin-org-user', args=[self.org_id, email])
resp = self.client.delete(url)
self.assertEqual(403, resp.status_code)
def create_file(self, repo, fname=None):
fname = fname or ("文件 %s.txt" % randstring())
furl = repo.get_filepath_url("/" + fname)
data = {"operation": "create"}
res = self.post(furl, data=data, expected=201)
self.assertEqual(res.text, '"success"')
return fname, furl
def _add_file_shared_link_with_password(self):
password = randstring(6)
uls = FileShare.objects.create_file_link(self.user.username,
self.repo.id, self.file,
password)
return (uls.token, password)
def test_delete_file_with_invalid_folder_perm(self):
if not LOCAL_PRO_DEV_ENV:
return
# create a file in user repo sub-folder
file_name = randstring(6)
seafile_api.post_empty_file(repo_id=self.repo_id,
parent_dir=self.folder_path, filename=file_name,
username=self.user_name)
# share user's repo to admin with 'rw' permission
seafile_api.share_repo(self.repo_id, self.user_name,
self.admin_name, 'rw')
# set sub-folder permisson as 'r' for admin
seafile_api.add_folder_user_perm(self.repo_id,
self.folder_path, 'r', self.admin_name)
# admin can visit file with 'r' permission
file_path = posixpath.join(self.folder_path, file_name)
assert seafile_api.check_permission_by_path(self.repo_id,
file_path, self.admin_name) == 'r'
# login as admin, then delete a 'r' permission file
self.login_as(self.admin)
resp = self.client.delete(self.url + '?p=' + file_path,
{}, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)
def setUp(self):
self.tmp_user = self.create_user('*****@*****.**' % randstring(4),
is_staff=False)
assert len(Profile.objects.all()) == 0
self.url = reverse('edit_profile')
self.login_as(self.tmp_user)
def test_can_add_with_blank_and_hyphen(self):
resp = self.client.post(
reverse("group_add"),
{"group_name": "test-group %s" % randstring(6)},
HTTP_X_REQUESTED_WITH="XMLHttpRequest",
)
assert json.loads(resp.content)["success"] is True
def _add_file_shared_link_with_password(self):
password = randstring(6)
uls = FileShare.objects.create_file_link(self.user.username,
self.repo.id, self.file,
password)
return (uls.token, password)
def create_dir(self, repo):
data = {'operation': 'mkdir'}
dpath = '/目录 %s' % randstring()
durl = repo.get_dirpath_url(dpath)
res = self.post(durl, data=data, expected=201)
self.assertEqual(res.text, u'"success"')
return dpath, durl
def test_rename_folder_with_invalid_folder_perm(self):
if not LOCAL_PRO_DEV_ENV:
return
# share user's repo to admin with 'rw' permission
seafile_api.share_repo(self.repo_id, self.user_name,
self.admin_name, 'rw')
# set sub-folder permisson as 'r' for admin
seafile_api.add_folder_user_perm(self.repo_id,
self.folder_path, 'r', self.admin_name)
# admin can visit sub-folder with 'r' permission
assert seafile_api.check_permission_by_path(self.repo_id,
self.folder_path, self.admin_name) == 'r'
# login as admin, then rename a 'r' permission folder
self.login_as(self.admin)
new_name = randstring(6)
data = {'operation': 'rename', 'newname': new_name}
resp = self.client.post(self.url + '?p=' + self.folder_path, data)
self.assertEqual(403, resp.status_code)
def setUp(self):
self.tmp_user = self.create_user('*****@*****.**' % randstring(4),
is_staff=False)
assert len(Profile.objects.all()) == 0
self.url = reverse('edit_profile')
self.login_as(self.tmp_user)
def create_file(self, repo, fname=None):
fname = fname or ('文件 %s.txt' % randstring())
furl = repo.get_filepath_url('/' + fname)
data = {'operation': 'create'}
res = self.post(furl, data=data, expected=201)
self.assertEqual(res.text, '"success"')
return fname, furl
def test_registration_form_email_invalid(self,
mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
# invalid email without `@`
'email': '%s%s.com' % (randstring(10), randstring(10)),
'userid': randstring(40),
'password1': 'password',
'password2': 'password',
}
f = RegistrationForm(data=user_info)
assert 'Enter a valid email address.' in str(f['email'].errors)
def test_registration_form_email_invalid_for_exceed_limit(
self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = True
user_info = {
'email': '%s@%s.com' % (randstring(10), randstring(10)),
'userid': randstring(40),
'password1': 'password',
'password2': 'password',
}
f = RegistrationForm(data=user_info)
assert 'The number of users exceeds the limit.' in str(
f['email'].errors)
def test_registration_form_userid_invalid(self,
mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
'email': '%s@%s.com' % (randstring(10), randstring(10)),
# invalid userid length < 40
'userid': randstring(10),
'password1': 'password',
'password2': 'password',
}
f = RegistrationForm(data=user_info)
assert 'Invalid user id.' in str(f['userid'].errors)
def test_invalid_path(self):
self.login_as(self.user)
invalid_path = randstring(6)
# test delete
url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
data = 'group_id=%s&folder_path=%s' % (self.group_id, invalid_path)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
# test modify
url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, invalid_path, self.perm_rw)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
# test add
url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
data = {
"group_id": self.group_id,
"folder_path": invalid_path,
"permission": self.perm_rw
}
resp = self.client.post(url, data)
self.assertEqual(404, resp.status_code)
def test_add_user_form_password_invalid(self, mock_user_number_over_limit):
mock_user_number_over_limit.return_value = False
user_info = {
'email':'%s@%s.com' % (randstring(10), randstring(10)) ,
'role': DEFAULT_USER,
# invalid password
'password1':'password1',
'password2':'password2',
}
f = AddUserForm(data = user_info)
# to escape `'`
assert escape("The two passwords didn't match.") in str(f.errors)
def test_invalid_path(self):
self.login_as(self.user)
invalid_path = randstring(6)
# test add
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = {
"user_email": self.admin_email,
"folder_path": invalid_path,
"permission": self.perm_rw
}
resp = self.client.post(url, data)
self.assertEqual(404, resp.status_code)
# test modify
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = 'user_email=%s&folder_path=%s&permission=%s' % (
self.admin_email, invalid_path, self.perm_rw)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
# test delete
url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id])
data = 'user_email=%s&folder_path=%s' % (self.admin_email,
invalid_path)
resp = self.client.delete(url, data,
'application/x-www-form-urlencoded')
self.assertEqual(404, resp.status_code)
def test_create_encrypted_repo(self):
"""Test create an encrypted repo with the secure keys generated on client
side.
"""
repo_id = str(uuid.uuid4())
password = randstring(16)
enc_version = 2
enc_info = seafile_api.generate_magic_and_random_key(enc_version, repo_id, password)
data = {
'name': 'enc-test',
'repo_id': repo_id,
'enc_version': enc_version,
'magic': enc_info.magic,
'random_key': enc_info.random_key,
}
res = self.post(REPOS_URL, data=data)
repo = res.json()
assert repo['repo_id'] == repo_id
assert repo['encrypted']
assert repo['magic'] == enc_info.magic
assert repo['random_key'] == enc_info.random_key
# validate the password on server
set_password_url = apiurl('/api2/repos/{}/'.format(repo['repo_id']))
self.post(set_password_url, data={'password': password})
# do some file operation
self.create_file(repo['repo_id'])
def test_search_invalid_user(self):
self.login_as(self.admin)
invalid_user = randstring(20)
resp = self.client.get(reverse('user_search') + '?email=%s' % invalid_user)
self.assertEqual(200, resp.status_code)
self.assertTemplateUsed('sysadmin/user_search.html')
self.assertContains(resp, invalid_user)
def create_repo(self):
repo_name = '测试-test-repo-%s' % randstring(6)
data = {
'name': repo_name,
'desc': 'just for test - 测试用资料库',
}
repo = self.post(REPOS_URL, data=data).json()
repo_id = repo['repo_id']
return _Repo(repo_id)
def test_rename_file(self):
with self.get_tmp_repo() as repo:
name, furl = self.create_file(repo)
data = {
'operation': 'rename',
'newname': name + randstring(),
}
res = self.post(furl, data=data)
self.assertRegexpMatches(res.text, r'"http(.*)"')
def test_can_add(self):
self.client.post(reverse("auth_login"), {"username": self.user.username, "password": "******"})
resp = self.client.post(
reverse("group_add"),
{"group_name": "test_group_%s" % randstring(6)},
HTTP_X_REQUESTED_WITH="XMLHttpRequest",
)
assert json.loads(resp.content)["success"] is True
def test_can_create_in_encrypted_lib(self):
password = randstring(8)
encrypted_repo_id = seafile_api.create_repo(
'encrypted_repo_name', '', self.user_name, password)
dirname = randstring(8)
seafile_api.post_dir(repo_id=encrypted_repo_id,
parent_dir='/', dirname=dirname, username=self.user_name)
self.login_as(self.user)
url = reverse("api2-dir-sub-repo", args=[encrypted_repo_id])
args = "?p=/%s&name=%s&password=%s" % (dirname, dirname, password)
resp = self.client.get(url + args)
json_resp = json.loads(resp.content)
assert len(json_resp['sub_repo_id']) == 36
self.remove_repo(encrypted_repo_id)
def test_get_with_email_is_not_admin(self, mock_has_permission):
mock_has_permission.return_value = True
tmp_user_email = '%s@%s.com' % (randstring(6), randstring(6))
ccnet_api.add_emailuser(tmp_user_email, randstring(6), 0, 1)
tmp_user = User.objects.get(email=tmp_user_email)
assert not tmp_user.is_staff
self.login_as(self.admin)
url = reverse('api-v2.1-admin-admin-role') + '?email=%s' % tmp_user_email
resp = self.client.get(url)
self.assertEqual(403, resp.status_code)
json_resp = json.loads(resp.content)
assert 'must be an administrator' in json_resp['error_msg']
self.remove_user(tmp_user_email)
