Ejemplo n.º 1
0
    def test_maintainers(self):
        project = utils.create_project()

        requested_url = reverse('project-detail', kwargs={
            'project_id': project.linkname})

        response = self.client.get(requested_url)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.context['maintainers']), 0)

        utils.create_maintainer(project=project)

        response = self.client.get(requested_url)
        self.assertEqual(response.status_code, 200)
        self.assertEqual(len(response.context['maintainers']), 1)
Ejemplo n.º 2
0
    def test_delegate_change_valid(self):
        delegate = create_maintainer(self.project)

        self._test_delegate_change(str(delegate.pk))

        for patch in [Patch.objects.get(pk=p.pk) for p in self.patches]:
            self.assertEqual(patch.delegate, delegate)
Ejemplo n.º 3
0
 def setUp(self):
     super(TestCheckAPI, self).setUp()
     project = create_project()
     self.user = create_maintainer(project)
     self.patch = create_patch(project=project)
     self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id])
     self.urlbase += 'checks/'
Ejemplo n.º 4
0
    def test_update(self):
        """Ensure updates can be performed by maintainers."""
        project = create_project()
        patch = create_patch(project=project)
        state = create_state()

        # anonymous user
        resp = self.client.patch(self.api_url(patch.id), {'state': state.name})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        # authenticated user
        user = create_user()
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(patch.id), {'state': state.name})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        # maintainer
        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(patch.id), {
            'state': state.name, 'delegate': user.id})
        self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
        self.assertEqual(Patch.objects.get(id=patch.id).state, state)
        self.assertEqual(Patch.objects.get(id=patch.id).delegate, user)

        # (who can unset fields too)
        # we need to send as JSON due to https://stackoverflow.com/q/30677216/
        resp = self.client.patch(self.api_url(patch.id), {'delegate': None},
                                 format='json')
        self.assertEqual(status.HTTP_200_OK, resp.status_code, resp)
        self.assertIsNone(Patch.objects.get(id=patch.id).delegate)
Ejemplo n.º 5
0
 def setUp(self):
     super(TestCheckAPI, self).setUp()
     self.patch = create_patches()[0]
     self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id])
     self.urlbase += 'checks/'
     defaults.project.save()
     self.user = create_maintainer(defaults.project)
Ejemplo n.º 6
0
    def test_update(self):
        """Ensure updates can be performed by maintainers."""
        project = create_project()
        data = {'web_url': 'TEST'}

        # an anonymous user
        resp = self.client.patch(self.api_url(project.id), data)
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        # a normal user
        user = create_user()
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id), data)
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        # a maintainer
        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id), data)
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertEqual(resp.data['web_url'], 'TEST')

        # ...with the exception of some read-only fields
        resp = self.client.patch(self.api_url(project.id), {
            'link_name': 'test'})
        # NOTE(stephenfin): This actually returns HTTP 200 due to
        # https://github.com/encode/django-rest-framework/issues/1655
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertNotEqual(resp.data['link_name'], 'test')
Ejemplo n.º 7
0
 def test_delete(self):
     """Ensure deletions are rejected."""
     user = create_maintainer(defaults.project)
     user.is_superuser = True
     user.save()
     self.client.force_authenticate(user=user)
     resp = self.client.delete(self.api_url(self.patches[0].id))
     self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
     self.assertEqual(1, Patch.objects.all().count())
Ejemplo n.º 8
0
 def setUp(self):
     self.url = self.live_server_url + reverse('xmlrpc')
     # url is of the form http://localhost:PORT/PATH
     # strip the http and replace it with the username/passwd of a user.
     self.project = utils.create_project()
     self.user = utils.create_maintainer(self.project)
     self.url = ('http://%s:%[email protected]' + self.url[7:]) % (self.user.username,
                                                    self.user.username)
     self.rpc = xmlrpc_client.Server(self.url)
Ejemplo n.º 9
0
    def test_list_authenticated(self):
        """List projects as an authenticated user."""
        project = create_project()
        user = create_maintainer(project)

        self.client.force_authenticate(user=user)
        resp = self.client.get(self.api_url())
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertEqual(1, len(resp.data))
        self.assertSerialized(project, resp.data[0])
Ejemplo n.º 10
0
    def test_update(self):
        """Ensure updates are allowed."""
        user = create_maintainer()
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'})
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertSerialized(user, resp.data)
Ejemplo n.º 11
0
    def test_delete(self):
        """Ensure deletions are rejected."""
        # Even an admin can't remove a project
        project = create_project()

        user = create_maintainer(project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)
        resp = self.client.delete(self.api_url(project.id))
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
        self.assertEqual(1, Project.objects.all().count())
Ejemplo n.º 12
0
    def test_update_readonly_field(self):
        """Update read-only fields."""
        project = create_project()

        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id), {
            'link_name': 'test'})
        # NOTE(stephenfin): This actually returns HTTP 200 due to
        # https://github.com/encode/django-rest-framework/issues/1655
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertNotEqual(resp.data['link_name'], 'test')
Ejemplo n.º 13
0
    def test_create(self):
        """Ensure creations are rejected."""
        project = create_project()

        user = create_maintainer(project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)
        resp = self.client.post(
            self.api_url(),
            {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
Ejemplo n.º 14
0
    def test_create_delete(self):
        """Ensure creations and deletions and not allowed."""
        user = create_maintainer()
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.post(self.api_url(user.id), {'email': '[email protected]'})
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        resp = self.client.delete(self.api_url(user.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
Ejemplo n.º 15
0
 def setUp(self):
     defaults.project.save()
     self.user = create_maintainer(defaults.project)
     self.client.login(username=self.user.username,
                       password=self.user.username)
     self.properties_form_id = 'patchform-properties'
     self.url = reverse('patch-list', args=[defaults.project.linkname])
     self.base_data = {
         'action': 'Update', 'project': str(defaults.project.id),
         'form': 'patchlistform', 'archived': '*', 'delegate': '*',
         'state': '*'}
     self.patches = create_patches(3)
Ejemplo n.º 16
0
    def test_update_invalid(self):
        """Ensure we handle invalid Patch states."""
        project = create_project()
        state = create_state()
        patch = create_patch(project=project, state=state)
        user = create_maintainer(project)

        # invalid state
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(patch.id), {'state': 'foobar'})
        self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
        self.assertContains(resp, 'Expected one of: %s.' % state.name,
                            status_code=status.HTTP_400_BAD_REQUEST)
Ejemplo n.º 17
0
    def test_update_maintainer(self):
        """Update project as maintainer.

        Ensure updates can only be performed by maintainers.
        """
        project = create_project()
        data = {'web_url': 'https://example.com/test'}

        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id), data)
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertEqual(resp.data['web_url'], 'https://example.com/test')
Ejemplo n.º 18
0
    def test_readonly(self):
        user = create_maintainer()
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.delete(self.api_url(1))
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        resp = self.client.patch(self.api_url(1), {'email': '[email protected]'})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)

        resp = self.client.post(self.api_url(), {'email': '[email protected]'})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
Ejemplo n.º 19
0
    def test_create_update_delete(self):
        user = create_maintainer()
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.post(self.api_url(), {'name': 'test series'})
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        resp = self.client.patch(self.api_url(), {'name': 'test series'})
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        resp = self.client.delete(self.api_url())
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
Ejemplo n.º 20
0
    def test_update(self):
        """Ensure updates can be performed maintainers."""
        # A maintainer can update
        user = create_maintainer(defaults.project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(self.patches[0].id),
                                 {'state': 2})
        self.assertEqual(status.HTTP_200_OK, resp.status_code)

        # A normal user can't
        user = create_user()
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(self.patches[0].id),
                                 {'state': 2})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
Ejemplo n.º 21
0
    def test_delete(self):
        """Ensure deletions are always rejected."""
        project = create_project()
        patch = create_patch(project=project)

        # anonymous user
        resp = self.client.delete(self.api_url(patch.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        # superuser
        user = create_maintainer(project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)
        resp = self.client.delete(self.api_url(patch.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
Ejemplo n.º 22
0
    def test_delete(self):
        """Ensure deletions are rejected."""
        project = create_project()

        # an anonymous user
        resp = self.client.delete(self.api_url(project.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        # a super user
        user = create_maintainer(project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)
        resp = self.client.delete(self.api_url(project.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
        self.assertEqual(1, Project.objects.all().count())
Ejemplo n.º 23
0
    def test_create(self):
        """Ensure creations are rejected."""
        project = create_project()
        data = {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'}

        # an anonymous user
        resp = self.client.post(self.api_url(), data)
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        # a superuser
        user = create_maintainer(project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)
        resp = self.client.post(self.api_url(), data)
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
Ejemplo n.º 24
0
    def test_update_invalid_delegate(self):
        """Update patch with invalid fields.

        Ensure we handle invalid Patch updates.
        """
        project = create_project()
        state = create_state()
        patch = create_patch(project=project, state=state)
        user_a = create_maintainer(project)
        user_b = create_user()

        self.client.force_authenticate(user=user_a)
        resp = self.client.patch(self.api_url(patch.id),
                                 {'delegate': user_b.id})
        self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code)
        self.assertContains(resp, "User '%s' is not a maintainer" % user_b,
                            status_code=status.HTTP_400_BAD_REQUEST)
Ejemplo n.º 25
0
    def test_create_update_delete(self):
        """Ensure creates, updates and deletes aren't allowed"""
        user = create_maintainer()
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.post(self.api_url(), {'name': 'Test'})
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        series = create_series()

        resp = self.client.patch(self.api_url(series.id), {'name': 'Test'})
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)

        resp = self.client.delete(self.api_url(series.id))
        self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
Ejemplo n.º 26
0
    def test_list(self):
        """Validate we can list the default test project."""
        project = create_project()

        # anonymous user
        resp = self.client.get(self.api_url())
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertEqual(1, len(resp.data))
        self.assertSerialized(project, resp.data[0])

        # maintainer
        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.get(self.api_url())
        self.assertEqual(status.HTTP_200_OK, resp.status_code)
        self.assertEqual(1, len(resp.data))
        self.assertSerialized(project, resp.data[0])
Ejemplo n.º 27
0
    def test_update(self):
        """Ensure updates can be performed maintainers."""
        project = create_project()

        # A maintainer can update
        user = create_maintainer(project)
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id),
                                 {'linkname': 'TEST'})
        self.assertEqual(status.HTTP_200_OK, resp.status_code)

        # A normal user can't
        user = create_user()
        self.client.force_authenticate(user=user)
        resp = self.client.patch(self.api_url(project.id),
                                 {'linkname': 'TEST'})
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
Ejemplo n.º 28
0
    def setUp(self):
        self.project = create_project()
        self.user = create_maintainer(self.project)
        self.patches = create_patches(3, project=self.project)

        self.client.login(username=self.user.username,
                          password=self.user.username)

        self.url = reverse('patch-list', args=[self.project.linkname])
        self.base_data = {
            'action': 'Update',
            'project': str(self.project.id),
            'form': 'patchlistform',
            'archived': '*',
            'delegate': '*',
            'state': '*'
        }
Ejemplo n.º 29
0
    def test_create(self):
        """Ensure creations are rejected."""
        patch = {
            'project': defaults.project.id,
            'submitter': defaults.patch_author_person.id,
            'msgid': make_msgid(),
            'name': 'test-create-patch',
            'diff': 'patch diff',
        }

        user = create_maintainer(defaults.project)
        user.is_superuser = True
        user.save()
        self.client.force_authenticate(user=user)

        resp = self.client.post(self.api_url(), patch)
        self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
Ejemplo n.º 30
0
 def setUp(self):
     defaults.project.save()
     self.user = create_maintainer(defaults.project)
     self.client.login(username = self.user.username,
             password = self.user.username)
     self.properties_form_id = 'patchform-properties'
     self.url = reverse(
         'patchwork.views.patch.list', args = [defaults.project.linkname])
     self.base_data = {
         'action': 'Update', 'project': str(defaults.project.id),
         'form': 'patchlistform', 'archived': '*', 'delegate': '*',
         'state': '*'}
     self.patches = []
     for name in ['patch one', 'patch two', 'patch three']:
         patch = Patch(project = defaults.project, msgid = name,
                         name = name, content = '',
                         submitter = Person.objects.get(user = self.user))
         patch.save()
         self.patches.append(patch)