Ejemplo n.º 1
0
 def testRemoveUser(self):
     mock_user = Mock()
     mock_user.is_admin = True
     user.add("foo", email="[email protected]", password="******")
     foo = user.User("foo")
     foo.remove()
     self.assert_("foo" not in [x for x in user.list(mock_user)])
Ejemplo n.º 2
0
 def testListUsersNonAdmin(self):
     mock_user = Mock()
     mock_user.is_admin = False
     mock_user.name = "foo"
     user.add("foo", email="[email protected]", password="******")
     users = sorted([x for x in user.list(mock_user)])
     self.assertEquals(users, ["foo"])
Ejemplo n.º 3
0
    def testAddMember(self):
        from submin.models import user
        user.add("testUser", email="[email protected]", password="******")
        group.add("testGroup")
        u = user.User("testUser")
        g = group.Group("testGroup")

        g.add_member(u)
        self.assert_("testUser" in g.members())
Ejemplo n.º 4
0
	def testAddMember(self):
		from submin.models import user
		user.add("testUser", email="[email protected]", password="******")
		group.add("testGroup")
		u = user.User("testUser")
		g = group.Group("testGroup")

		g.add_member(u)
		self.assert_("testUser" in g.members())
Ejemplo n.º 5
0
 def testRemoveMember(self):
     from submin.models import user
     user.add("testUser1", email="[email protected]", password="******")
     user.add("testUser2", email="[email protected]", password="******")
     group.add("testGroup")
     u1 = user.User("testUser1")
     u2 = user.User("testUser2")
     g = group.Group("testGroup")
     g.add_member(u1)
     g.add_member(u2)
     g.remove_member(u2)
     self.assert_("testUser2" not in g.members())
Ejemplo n.º 6
0
	def testRemoveMember(self):
		from submin.models import user
		user.add("testUser1", email="[email protected]", password="******")
		user.add("testUser2", email="[email protected]", password="******")
		group.add("testGroup")
		u1 = user.User("testUser1")
		u2 = user.User("testUser2")
		g = group.Group("testGroup")
		g.add_member(u1)
		g.add_member(u2)
		g.remove_member(u2)
		self.assert_("testUser2" not in g.members())
Ejemplo n.º 7
0
def external_sync():
    """Synchronizes external users"""
    from submin.models import user

    errormsgs = []
    if options.value('enabled_external', 'no') == 'no':
        errormsgs.append('external is not enabled')
        return {'errormsgs': errormsgs, 'success': False}

    group = LDAPGroup(options.value('external_passwd'),
                      options.value('external_user'))
    if not group:
        errormsgs.append('cannot connect to LDAP server')
        return {'errormsgs': errormsgs, 'success': False}

    group_members = group.members
    if not group_members:
        errormsgs.append('cannot find LDAP group or its members')
        return {'errormsgs': errormsgs, 'success': False}

    user_list = user.list(user.FakeAdminUser())

    for username in group_members:
        email = group_members[username]['email']
        fullname = group_members[username]['fullname']

        if not validate_username(username):
            errormsgs.append(InvalidUsername(username))
            continue

        if not validate_email(email):
            errormsgs.append(InvalidEmail(email))
            continue

        if not validate_fullname(fullname):
            errormsgs.append(InvalidFullname(fullname))
            fullname = username

        if username not in user_list:  # A new user
            user.add(username=username, email=email, send_mail=False)
            user.User(username).fullname = fullname
        else:
            u = user.User(username)  # Update fullname and email if necessary
            if (u.email, u.fullname) != (email, fullname):
                u.email = email
                u.fullname = fullname

    return {'errormsgs': errormsgs, 'success': True}
Ejemplo n.º 8
0
 def setUp(self):
     self.submin_env = Path(tempfile.mkdtemp(prefix="submin-unittest"))
     conf_dir = self.submin_env + "conf"
     svn_dir = self.submin_env + "svn"
     os.mkdir(conf_dir)
     os.mkdir(svn_dir)
     mock_settings.base_dir = self.submin_env
     storage.open(mock_settings)
     storage.database_evolve()
     options.set_value("svn_authz_file", conf_dir + "authz")  # needed for export
     options.set_value("svn_dir", svn_dir)  # needed for export
     options.set_value("git_dir", self.submin_env + "git")
     options.set_value("vcs_plugins", "svn, git")
     self.tmp_dirs = []
     user.add("test", email="[email protected]", password="******")
     self.u = user.User("test")
Ejemplo n.º 9
0
    def write_users(self, config):
        from submin.models import user

        # get filename
        htpasswd_file = config.get('svn', 'access_file')
        userprop_file = config.get('svn', 'userprop_file')

        # read files
        htpasswd = open(htpasswd_file).readlines()
        userprop = self.read_ini(userprop_file)

        from submin.models.user import FakeAdminUser

        # fake an admin user
        fake_admin = FakeAdminUser()

        # add users
        for line in htpasswd:
            (username, md5_password) = line.strip('\n').split(':')
            try:
                # This is a hack. We need to supply an email-address and
                # if we don't supply a password, user.add() will try to send
                # an email. Both email and password will be set later.
                u = user.add(username,
                             email="[email protected]",
                             password=md5_password,
                             origin='submin2-admin')
            except UserExistsError:
                u = user.User(username)

            u.set_md5_password(md5_password)

            if userprop.has_section(username):
                if userprop.has_option(username, 'email'):
                    u.email = userprop.get(username, 'email')
                if userprop.has_option(username, 'notifications_allowed'):
                    allowed = userprop.get(username, 'notifications_allowed')
                    allowed = [x.strip() for x in allowed.split(',')]

                    enabled = []
                    if userprop.has_option(username, 'notifications_enabled'):
                        enabled = userprop.get(username,
                                               'notifications_enabled')
                        enabled = [x.strip() for x in enabled.split(',')]

                    repositories = []
                    for repos in allowed:
                        repos_enabled = False
                        if repos in enabled:
                            repos_enabled = True
                        repositories.append({
                            'name': repos,
                            'vcs': 'svn',  # since Submin 1.2 only support svn
                            'enabled': repos_enabled
                        })

                    u.set_notifications(repositories, fake_admin)
Ejemplo n.º 10
0
	def write_users(self, config):
		from submin.models import user

		# get filename
		htpasswd_file = config.get('svn', 'access_file')
		userprop_file = config.get('svn', 'userprop_file')

		# read files
		htpasswd = file(htpasswd_file).readlines()
		userprop = self.read_ini(userprop_file)

		from submin.models.user import FakeAdminUser

		# fake an admin user
		fake_admin = FakeAdminUser()

		# add users
		for line in htpasswd:
			(username, md5_password) = line.strip('\n').split(':')
			try:
				# This is a hack. We need to supply an email-address and
				# if we don't supply a password, user.add() will try to send
				# an email. Both email and password will be set later.
				u = user.add(username, email="[email protected]", password=md5_password, origin='submin2-admin')
			except UserExistsError:
				u = user.User(username)

			u.set_md5_password(md5_password)

			if userprop.has_section(username):
				if userprop.has_option(username, 'email'):
					u.email = userprop.get(username, 'email')
				if userprop.has_option(username, 'notifications_allowed'):
					allowed = userprop.get(username, 'notifications_allowed')
					allowed = [x.strip() for x in allowed.split(',')]

					enabled = []
					if userprop.has_option(username, 'notifications_enabled'):
						enabled = userprop.get(username, 'notifications_enabled')
						enabled =  [x.strip() for x in enabled.split(',')]

					repositories = {}
					for repos in allowed:
						repos_enabled = False
						if repos in enabled:
							repos_enabled = True
						repositories[repos] = {'allowed': True, 'enabled': repos_enabled}

					# add notifications
					for repos, details in repositories.iteritems():
						allowed = False
						enabled = False
						if details['allowed']:
							allowed = True
						if details['enabled']:
							enabled = True
						u.set_notification(repos, allowed, enabled, fake_admin)
Ejemplo n.º 11
0
    def add(self, req, path, localvars):
        import re

        base_url = options.url_path('base_url_submin')
        username = ''
        email = ''
        fullname = ''

        if not req.post or not req.post['username'] \
            or not req.post['email']    \
            or not req.post['fullname']:
            return self.showAddForm(req, username, email, fullname)

        username = req.post.get('username').strip()
        email = req.post.get('email').strip()
        fullname = req.post.get('fullname').strip()
        send_mail = 'send_password' in req.post

        # check these before we add the user, the rest is checked when adding
        try:
            validators.validate_email(email)
            validators.validate_fullname(fullname)
        except validators.InvalidEmail:
            return self.showAddForm(req, username, email, fullname,
                                    'Email is not valid')
        except validators.InvalidFullname:
            return self.showAddForm(req, username, email, fullname,
                                    'Invalid characters in full name')

        if username == '':
            return self.showAddForm(req, username, email, fullname,
                                    'Username not supplied')

        if email == '':
            return self.showAddForm(req, username, email, fullname,
                                    'Email must be supplied')

        try:
            u = user.add(username,
                         email,
                         send_mail=send_mail,
                         origin=req.remote_address)
            u.fullname = fullname
        except IOError:
            return ErrorResponse('File permission denied', request=req)
        except UserExistsError:
            return self.showAddForm(req, username, email, fullname,
                                    'User %s already exists' % username)
        except validators.InvalidUsername:
            return self.showAddForm(req, username, email, fullname,
                                    'Invalid characters in username')

        url = base_url + '/users/show/' + username
        return Redirect(url, req)
Ejemplo n.º 12
0
	def add(self, req, path, localvars):
		import re

		base_url = options.url_path('base_url_submin')
		username = ''
		email = ''
		fullname = ''

		if not req.post or not req.post['username'] \
						or not req.post['email']    \
						or not req.post['fullname']:
			return self.showAddForm(req, username, email, fullname)

		username = req.post.get('username').strip()
		email = req.post.get('email').strip()
		fullname = req.post.get('fullname').strip()
		send_mail = 'send_password' in req.post

		# check these before we add the user, the rest is checked when adding
		try:
			validators.validate_email(email)
			validators.validate_fullname(fullname)
		except validators.InvalidEmail:
			return self.showAddForm(req, username, email, fullname,
				'Email is not valid')
		except validators.InvalidFullname:
			return self.showAddForm(req, username, email, fullname,
				'Invalid characters in full name')

		if username == '':
			return self.showAddForm(req, username, email, fullname,
				'Username not supplied')

		if email == '':
			return self.showAddForm(req, username, email, fullname,
				'Email must be supplied')

		try:
			u = user.add(username, email, send_mail=send_mail, origin=req.remote_address)
			u.fullname = fullname
		except IOError:
			return ErrorResponse('File permission denied', request=req)
		except UserExistsError:
			return self.showAddForm(req, username, email, fullname,
				'User %s already exists' % username)
		except validators.InvalidUsername:
			return self.showAddForm(req, username, email, fullname,
				'Invalid characters in username')

		url = base_url + '/users/show/' + username
		return Redirect(url, req)
Ejemplo n.º 13
0
	def testListRepositoriesAll(self):
		"""Test listRepositories, which checks for valid permissions of repositories"""
		self._createRepos([x['name'] for x in self.repositories])
		mock_admin = Mock()
		mock_admin.is_admin = True
		u = user.add('bar', '[email protected]', send_mail=False)
		g = group.add('baz') # no members in this group
		g = group.add('quux')
		g.add_member(u)
		permissions.add('foo', 'svn', '/', 'bar', 'user', 'r')
		permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw')
		# 'bar' is not part of group 'baz', so 'example' should not be listed
		permissions.add('example', 'svn', '/', 'baz', 'group', 'r')

		result = repository.Repository.list(u)
		copy = self.repositories[:]
		copy = sorted([d for d in self.repositories if d.get('name') == 'foo' or d.get('name') == 'subdirs'])
		self.assertEquals(result, copy)
Ejemplo n.º 14
0
    def testListRepositoriesAll(self):
        """Test listRepositories, which checks for valid permissions of repositories"""
        self._createRepos([x['name'] for x in self.repositories])
        mock_admin = Mock()
        mock_admin.is_admin = True
        u = user.add('bar', '[email protected]', send_mail=False)
        g = group.add('baz')  # no members in this group
        g = group.add('quux')
        g.add_member(u)
        permissions.add('foo', 'svn', '/', 'bar', 'user', 'r')
        permissions.add('subdirs', 'svn', '/trunk', 'quux', 'group', 'rw')
        # 'bar' is not part of group 'baz', so 'example' should not be listed
        permissions.add('example', 'svn', '/', 'baz', 'group', 'r')

        result = repository.Repository.list(u)
        copy = self.repositories[:]
        copy = sorted([
            d for d in self.repositories
            if d.get('name') == 'foo' or d.get('name') == 'subdirs'
        ])
        self.assertEquals(result, copy)
Ejemplo n.º 15
0
	def create_env(self):
		"""This is called when all info is gathered"""
		for key, value in self.defaults.iteritems():
			if key not in self.init_vars:
				self.init_vars[key] = value

		try:
			self.create_dir(self.env)
			self.create_dir(self.init_vars['svn_dir'])
			self.create_dir(self.init_vars['git_dir'])
			self.create_dir(self.init_vars['conf_dir'])
			self.create_dir(self.init_vars['trac_dir'])
			self.create_dir(self.init_vars['hooks_dir'])
			self.create_dir(Path('auth'))
		except OSError:
			return # already printed error message

		self.sa.execute(['config', 'defaults'])

		# check http_base
		p = self.init_vars['http_base']
		if str(p) == "":
			self.init_vars['http_base'] = Path("/")

		# write changes to config
		from submin.models import options

		default_options = {
			'base_url_submin': self._get_url('submin_url'),
			'base_url_svn': self._get_url('svn_url'),
			'base_url_trac': self._get_url('trac_url'),
			'http_vhost': self.init_vars['http_vhost'],
			'auth_type': 'sql',
			'svn_dir': str(self.init_vars['svn_dir']),
			'git_dir': str(self.init_vars['git_dir']),
			'trac_dir': str(self.init_vars['trac_dir']),
			'svn_authz_file': str(self.init_vars['authz']),
			'smtp_from': self.init_vars['smtp_from'],
			'commit_email_from': self.init_vars['commit_email_from'],
		}
		for (key, value) in default_options.iteritems():
			options.set_value(key, value)

		# add a user
		from submin.models import user
		
		if self.init_vars['create_user'] == "yes":
			# add an admin user
			u = user.add('admin', self.email, send_mail=False)
			u.is_admin = True
			try:
				u.prepare_password_reset('submin2-admin')
			except SendEmailError as e:
				print 'WARNING: Could not send an e-mail, please install a mail server'
				print 'WARNING: You can request a password reset for "admin" on the login page'

		self.sa.execute(['upgrade', 'hooks', 'no-fix-unixperms'])
		self.sa.execute(['unixperms', 'fix'])
		if 'apache' in self.init_vars['enable_features']:
			self.sa.execute(['apacheconf', 'create', 'all'])
		if 'nginx' in self.init_vars['enable_features']:
			self.sa.execute(['nginxconf', 'create', 'all'])
		if 'trac' in self.init_vars['enable_features']:
			self.sa.execute(['trac', 'init'])
Ejemplo n.º 16
0
    def create_env(self):
        """This is called when all info is gathered"""
        for key, value in self.defaults.items():
            if key not in self.init_vars:
                self.init_vars[key] = value

        try:
            self.create_dir(self.env)
            self.create_dir(self.init_vars['svn_dir'])
            self.create_dir(self.init_vars['git_dir'])
            self.create_dir(self.init_vars['conf_dir'])
            self.create_dir(self.init_vars['trac_dir'])
            self.create_dir(self.init_vars['hooks_dir'])
            self.create_dir(Path('auth'))
        except OSError:
            return  # already printed error message

        self.sa.execute(['config', 'defaults'])

        # check http_base
        p = self.init_vars['http_base']
        if str(p) == "":
            self.init_vars['http_base'] = Path("/")

        # write changes to config
        from submin.models import options

        default_options = {
            'base_url_submin': self._get_url('submin_url'),
            'base_url_svn': self._get_url('svn_url'),
            'base_url_trac': self._get_url('trac_url'),
            'http_vhost': self.init_vars['http_vhost'],
            'auth_type': 'sql',
            'svn_dir': str(self.init_vars['svn_dir']),
            'git_dir': str(self.init_vars['git_dir']),
            'trac_dir': str(self.init_vars['trac_dir']),
            'svn_authz_file': str(self.init_vars['authz']),
            'smtp_from': self.init_vars['smtp_from'],
            'commit_email_from': self.init_vars['commit_email_from'],
        }
        for (key, value) in default_options.items():
            options.set_value(key, value)

        # add a user
        from submin.models import user

        if self.init_vars['create_user'] == "yes":
            # add an admin user
            u = user.add('admin', self.email, send_mail=False)
            u.is_admin = True
            try:
                u.prepare_password_reset('submin2-admin')
            except SendEmailError as e:
                print(
                    'WARNING: Could not send an e-mail, please install a mail server'
                )
                print(
                    'WARNING: You can request a password reset for "admin" on the login page'
                )

        self.sa.execute(['upgrade', 'hooks', 'no-fix-unixperms'])
        self.sa.execute(['unixperms', 'fix'])
        if 'apache' in self.init_vars['enable_features']:
            self.sa.execute(['apacheconf', 'create', 'all'])
        if 'nginx' in self.init_vars['enable_features']:
            self.sa.execute(['nginxconf', 'create', 'all'])
        if 'trac' in self.init_vars['enable_features']:
            self.sa.execute(['trac', 'init'])
Ejemplo n.º 17
0
 def testListUsersAdmin(self):
     mock_user = Mock()
     mock_user.is_admin = True
     user.add("foo", email="[email protected]", password="******")
     users = sorted([x for x in user.list(mock_user)])
     self.assertEquals(users, ["foo", "test"])