def set_anonymous_access(enable=True): user = User.get_by_username(User.DEFAULT_USER) user.active = enable Session().add(user) Session().commit() print '\tanonymous access is now:', enable if enable != User.get_by_username(User.DEFAULT_USER).active: raise Exception('Cannot set anonymous access')
def test_user_delete_cascades_ip_whitelist(test_user): sample_ip = '1.1.1.1' uid_map = UserIpMap(user_id=test_user.user_id, ip_addr=sample_ip) Session().add(uid_map) Session().delete(test_user) try: Session().flush() finally: Session().rollback()
def test_user_delete_cascades_permissions_on_repo(backend, test_user): test_repo = backend.create_repo() RepoModel().grant_user_permission(test_repo, test_user, 'repository.write') Session().commit() assert test_user.repo_to_perm UserModel().delete(test_user) Session().commit()
def test_clone_url_encrypted_value(self, backend): repo = backend.create_repo() Session().commit() repo.clone_url = 'https://*****:*****@code.rhodecode.com' Session().add(repo) Session().commit() assert repo.clone_url == 'https://*****:*****@code.rhodecode.com'
def test_add_and_remove_user_from_group(user_regular, user_util): user_group = user_util.create_user_group() assert user_group.members == [] UserGroupModel().add_user_to_group(user_group, user_regular) Session().commit() assert user_group.members[0].user == user_regular UserGroupModel().remove_user_from_group(user_group, user_regular) Session().commit() assert user_group.members == []
def test_remove_repo(self): repo = fixture.create_repo(name='test-repo-1') Session().commit() RepoModel().delete(repo=repo) Session().commit() self.assertEqual(None, Repository.get_by_repo_name(repo_name='test-repo-1'))
def set_anonymous_access(enabled): """(Dis)allows anonymous access depending on parameter `enabled`""" user = User.get_default_user() user.active = enabled Session().add(user) Session().commit() log.info('anonymous access is now: %s', enabled) assert enabled == User.get_default_user().active, ( 'Cannot set anonymous access')
def test_access_expired_gist(self): self.log_user() gist = _create_gist('never-see-me') gist.gist_expires = 0 # 1970 Session().add(gist) Session().commit() response = self.app.get(url('gist', gist_id=gist.gist_access_id), status=404)
def delete_repo_field(self, repo_name, field_id): field = RepositoryField.get_or_404(field_id) try: Session().delete(field) Session().commit() except Exception, e: log.error(traceback.format_exc()) msg = _('An error occurred during removal of field') h.flash(msg, category='error')
def test_remove_repo_repo_raises_exc_when_attached_forks(self): repo = fixture.create_repo(name='test-repo-1') Session().commit() fixture.create_fork(repo.repo_name, 'test-repo-fork-1') Session().commit() self.assertRaises(AttachedForksError, lambda: RepoModel().delete(repo=repo))
def test_revoke_perm(self): perm = Permission.query().all()[0] UserModel().grant_perm(self.u1, perm) Session().commit() self.assertEqual(UserModel().has_perm(self.u1, perm), True) #revoke UserModel().revoke_perm(self.u1, perm) Session().commit() self.assertEqual(UserModel().has_perm(self.u1, perm), False)
def test_user_delete_cascades_permissions_on_user_group( test_user_group, test_user): UserGroupModel().grant_user_permission(test_user_group, test_user, 'usergroup.write') Session().commit() assert test_user.user_group_to_perm Session().delete(test_user) Session().commit()
def test_remove_repo(self, backend): repo = backend.create_repo() Session().commit() RepoModel().delete(repo=repo) Session().commit() repos = ScmModel().repo_scan() assert Repository.get_by_repo_name(repo_name=backend.repo_name) is None assert repo.repo_name not in repos
def _migrate_hash_to_bcrypt(self, username, password, new_hash): new_hash_cypher = _RhodeCodeCryptoBCrypt() # extra checks, so make sure new hash is correct. password_encoded = safe_str(password) if new_hash and new_hash_cypher.hash_check(password_encoded, new_hash): cur_user = User.get_by_username(username) cur_user.password = new_hash Session().add(cur_user) Session().flush() log.info('Migrated user %s hash to bcrypt', cur_user)
def test_show_invalid_source_reference(self, pr_util): pull_request = pr_util.create_pull_request() pull_request.source_ref = 'branch:b:invalid' Session().add(pull_request) Session().commit() self.app.get(url( controller='pullrequests', action='show', repo_name=pull_request.target_repo.scm_instance().name, pull_request_id=str(pull_request.pull_request_id)))
def test_revoke_perm(test_user): perm = Permission.query().all()[0] UserModel().grant_perm(test_user, perm) Session().commit() assert UserModel().has_perm(test_user, perm) # revoke UserModel().revoke_perm(test_user, perm) Session().commit() assert not UserModel().has_perm(test_user, perm)
def prepare(self, request, pylonsapp): for x in ChangesetComment.query().all(): Session().delete(x) Session().commit() for x in Notification.query().all(): Session().delete(x) Session().commit() request.addfinalizer(self.cleanup)
def test_user_delete_cascades_permissions_on_repo_group( test_repo_group, test_user): RepoGroupModel().grant_user_permission(test_repo_group, test_user, 'group.write') Session().commit() assert test_user.repo_group_to_perm Session().delete(test_user) Session().commit()
def test_forgot_password(self): response = self.app.get( url(controller='login', action='password_reset')) self.assertEqual(response.status, '200 OK') username = '******' password = '******' email = '*****@*****.**' name = 'passwd' lastname = 'reset' new = User() new.username = username new.password = password new.email = email new.name = name new.lastname = lastname new.api_key = generate_api_key(username) Session().add(new) Session().commit() response = self.app.post( url(controller='login', action='password_reset'), { 'email': email, }) self.checkSessionFlash(response, 'Your password reset link was sent') response = response.follow() # BAD KEY key = "bad" response = self.app.get( url(controller='login', action='password_reset_confirmation', key=key)) self.assertEqual(response.status, '302 Found') self.assertTrue(response.location.endswith(url('reset_password'))) # GOOD KEY key = User.get_by_username(username).api_key response = self.app.get( url(controller='login', action='password_reset_confirmation', key=key)) self.assertEqual(response.status, '302 Found') self.assertTrue(response.location.endswith(url('login_home'))) self.checkSessionFlash(response, ('Your password reset was successful, ' 'new password has been sent to your email')) response = response.follow()
def test_update_of_ancestor_reference(self, backend, csrf_token): commits = [ {'message': 'ancestor'}, {'message': 'change'}, {'message': 'change-2'}, {'message': 'ancestor-new', 'parents': ['ancestor']}, {'message': 'change-rebased'}, ] commit_ids = backend.create_master_repo(commits) target = backend.create_repo(heads=['ancestor']) source = backend.create_repo(heads=['change']) # create pr from a in source to A in target pull_request = PullRequest() pull_request.source_repo = source # TODO: johbo: Make sure that we write the source ref this way! pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( branch=backend.default_branch_name, commit_id=commit_ids['change']) pull_request.target_repo = target # TODO: johbo: Target ref should be branch based, since tip can jump # from branch to branch pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( branch=backend.default_branch_name, commit_id=commit_ids['ancestor']) pull_request.revisions = [commit_ids['change']] pull_request.title = u"Test" pull_request.description = u"Description" pull_request.author = UserModel().get_by_username( TEST_USER_ADMIN_LOGIN) Session().add(pull_request) Session().commit() pull_request_id = pull_request.pull_request_id # target has ancestor - ancestor-new # source has ancestor - ancestor-new - change-rebased backend.pull_heads(target, heads=['ancestor-new']) backend.pull_heads(source, heads=['change-rebased']) # update PR self.app.post( url(controller='pullrequests', action='update', repo_name=target.repo_name, pull_request_id=str(pull_request_id)), params={'update_commits': 'true', '_method': 'put', 'csrf_token': csrf_token}, status=200) # Expect the target reference to be updated correctly pull_request = PullRequest.get(pull_request_id) assert pull_request.revisions == [commit_ids['change-rebased']] expected_target_ref = 'branch:{branch}:{commit_id}'.format( branch=backend.default_branch_name, commit_id=commit_ids['ancestor-new']) assert pull_request.target_ref == expected_target_ref
def test_repo_group_user_as_user_group_member(self): # create Group1 self.g1 = fixture.create_group('group1', skip_if_exists=True) a1_auth = AuthUser(user_id=self.anon.user_id) self.assertEqual(a1_auth.permissions['repositories_groups'], {u'group1': u'group.read'}) # set default permission to none ReposGroupModel().grant_user_permission(repos_group=self.g1, user=self.anon, perm='group.none') # make group self.ug1 = UserGroupModel().create('G1') # add user to group UserGroupModel().add_user_to_group(self.ug1, self.u1) Session().commit() # check if user is in the group membrs = [ x.user_id for x in UserGroupModel().get(self.ug1.users_group_id).members ] self.assertEqual(membrs, [self.u1.user_id]) # add some user to that group # check his permissions a1_auth = AuthUser(user_id=self.anon.user_id) self.assertEqual(a1_auth.permissions['repositories_groups'], {u'group1': u'group.none'}) u1_auth = AuthUser(user_id=self.u1.user_id) self.assertEqual(u1_auth.permissions['repositories_groups'], {u'group1': u'group.none'}) # grant ug1 read permissions for ReposGroupModel().grant_users_group_permission(repos_group=self.g1, group_name=self.ug1, perm='group.read') Session().commit() # check if the obj = Session().query(UserGroupRepoGroupToPerm)\ .filter(UserGroupRepoGroupToPerm.group == self.g1)\ .filter(UserGroupRepoGroupToPerm.users_group == self.ug1)\ .scalar() self.assertEqual(obj.permission.permission_name, 'group.read') a1_auth = AuthUser(user_id=self.anon.user_id) self.assertEqual(a1_auth.permissions['repositories_groups'], {u'group1': u'group.none'}) u1_auth = AuthUser(user_id=self.u1.user_id) self.assertEqual(u1_auth.permissions['repositories_groups'], {u'group1': u'group.read'})
def _update_patterns(self, form, repo_settings): for uid in form['delete_patterns']: repo_settings.delete_entries(uid) for pattern in form['patterns']: for setting, value, type_ in pattern: sett = repo_settings.create_or_update_setting( setting, value, type_) Session().add(sett) Session().commit()
def test_value_is_set(self, repo_stub): model = VcsSettingsModel(repo=repo_stub.repo_name) model.inherit_global_settings = False setting = model.repo_settings.get_setting_by_name( VcsSettingsModel.INHERIT_SETTINGS) try: assert setting.app_settings_type == 'bool' assert setting.app_settings_value is False finally: Session().delete(setting) Session().commit()
def disable_locking(pylonsapp): r = Repository.get_by_repo_name(GIT_REPO) Repository.unlock(r) r.enable_locking = False Session().add(r) Session().commit() r = Repository.get_by_repo_name(HG_REPO) Repository.unlock(r) r.enable_locking = False Session().add(r) Session().commit()
def update_global_perms(self, user_group_id): """PUT /users_perm/user_group_id: Update an existing item""" # url('users_group_perm', user_group_id=ID, method='put') user_group_id = safe_int(user_group_id) user_group = UserGroup.get_or_404(user_group_id) c.active = 'global_perms' try: # first stage that verifies the checkbox _form = UserIndividualPermissionsForm() form_result = _form.to_python(dict(request.POST)) inherit_perms = form_result['inherit_default_permissions'] user_group.inherit_default_permissions = inherit_perms Session().add(user_group) if not inherit_perms: # only update the individual ones if we un check the flag _form = UserPermissionsForm( [x[0] for x in c.repo_create_choices], [x[0] for x in c.repo_create_on_write_choices], [x[0] for x in c.repo_group_create_choices], [x[0] for x in c.user_group_create_choices], [x[0] for x in c.fork_choices], [x[0] for x in c.inherit_default_permission_choices])() form_result = _form.to_python(dict(request.POST)) form_result.update( {'perm_user_group_id': user_group.users_group_id}) PermissionModel().update_user_group_permissions(form_result) Session().commit() h.flash(_('User Group global permissions updated successfully'), category='success') except formencode.Invalid as errors: defaults = errors.value c.user_group = user_group return htmlfill.render( render('admin/user_groups/user_group_edit.html'), defaults=defaults, errors=errors.error_dict or {}, prefix_error=False, encoding="UTF-8", force_defaults=False) except Exception: log.exception("Exception during permissions saving") h.flash(_('An error occurred during permissions saving'), category='error') return redirect( url('edit_user_group_global_perms', user_group_id=user_group_id))
def test_update_source_revision(self, backend, csrf_token): commits = [ {'message': 'ancestor'}, {'message': 'change'}, {'message': 'change-2'}, ] commit_ids = backend.create_master_repo(commits) target = backend.create_repo(heads=['ancestor']) source = backend.create_repo(heads=['change']) # create pr from a in source to A in target pull_request = PullRequest() pull_request.source_repo = source # TODO: johbo: Make sure that we write the source ref this way! pull_request.source_ref = 'branch:{branch}:{commit_id}'.format( branch=backend.default_branch_name, commit_id=commit_ids['change']) pull_request.target_repo = target pull_request.target_ref = 'branch:{branch}:{commit_id}'.format( branch=backend.default_branch_name, commit_id=commit_ids['ancestor']) pull_request.revisions = [commit_ids['change']] pull_request.title = u"Test" pull_request.description = u"Description" pull_request.author = UserModel().get_by_username( TEST_USER_ADMIN_LOGIN) Session().add(pull_request) Session().commit() pull_request_id = pull_request.pull_request_id # source has ancestor - change - change-2 backend.pull_heads(source, heads=['change-2']) # update PR self.app.post( url(controller='pullrequests', action='update', repo_name=target.repo_name, pull_request_id=str(pull_request_id)), params={'update_commits': 'true', '_method': 'put', 'csrf_token': csrf_token}) # check that we have now both revisions pull_request = PullRequest.get(pull_request_id) assert pull_request.revisions == [ commit_ids['change-2'], commit_ids['change']] # TODO: johbo: this should be a test on its own response = self.app.get(url( controller='pullrequests', action='index', repo_name=target.repo_name)) assert response.status_int == 200 assert 'Pull request updated to' in response.body assert 'with 1 added, 0 removed commits.' in response.body
def cleanup(): defaults = SettingsModel().get_all_settings() entries = [name for name in defaults if ( (self.uid in name) or (self.another_uid) in name)] start = len(self.RC_PREFIX) for del_key in entries: # TODO: anderson: get_by_name needs name without prefix entry = SettingsModel().get_setting_by_name(del_key[start:]) Session().delete(entry) Session().commit()
def _destroy_project_tree(test_u1_id): Session.remove() repos_group = RepoGroup.get_by_group_name(group_name='g0') for el in reversed(repos_group.recursive_groups_and_repos()): if isinstance(el, Repository): RepoModel().delete(el) elif isinstance(el, RepoGroup): ReposGroupModel().delete(el, force_delete=True) u = User.get(test_u1_id) Session().delete(u) Session().commit()
def setUp(self): r = Repository.get_by_repo_name(GIT_REPO) Repository.unlock(r) r.enable_locking = False Session().add(r) Session().commit() r = Repository.get_by_repo_name(HG_REPO) Repository.unlock(r) r.enable_locking = False Session().add(r) Session().commit()
def reset_password(self, data): from rhodecode.lib.celerylib import tasks, run_task from rhodecode.model.notification import EmailNotificationModel from rhodecode.lib import auth user_email = data['email'] pre_db = True try: user = User.get_by_email(user_email) new_passwd = auth.PasswordGenerator().gen_password( 12, auth.PasswordGenerator.ALPHABETS_BIG_SMALL) if user: user.password = auth.get_crypt_password(new_passwd) # also force this user to reset his password ! user.update_userdata(force_password_change=True) Session().add(user) Session().commit() log.info('change password for %s', user_email) if new_passwd is None: raise Exception('unable to generate new password') pre_db = False email_kwargs = { 'new_password': new_passwd, 'user': user, 'email': user_email, 'date': datetime.datetime.now() } (subject, headers, email_body, email_body_plaintext) = EmailNotificationModel().render_email( EmailNotificationModel.TYPE_PASSWORD_RESET_CONFIRMATION, **email_kwargs) recipients = [user_email] action_logger_generic( 'sent new password to user: {} with email: {}'.format( user, user_email), namespace='security.password_reset') run_task(tasks.send_email, recipients, subject, email_body_plaintext, email_body) except Exception: log.error('Failed to update user password') log.error(traceback.format_exc()) if pre_db: # we rollback only if local db stuff fails. If it goes into # run_task, we're pass rollback state this wouldn't work then Session().rollback() return True