def test_is_repo_committer_external_committer_restricted_not_member(self):
""" Test is_repo_committer in pagure with EXTERNAL_COMMITTER
configured to give access the provenpackager just for one repo
"""
repo = pagure.lib.query._get_project(self.session, 'test')
g = munch.Munch()
g.fas_user = tests.FakeUser()
g.authenticated = True
g.session = self.session
with mock.patch('flask.g', g):
output = pagure.utils.is_repo_committer(repo)
self.assertFalse(output)
def test_api_update_custom_fields(self):
""" Test updating custom fields on a ticket. """
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.post('/api/0/test/issue/1/custom', data={})
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
data, {
u'error':
u'The issue tracker of this project is read-only',
u'error_code': u'ETRACKERREADONLY'
})
def test_plugin_mail_page(self):
""" Test the default page of the pagure hook plugin. """
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.get('/test/settings/Pagure')
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
self.assertIn('<title>Settings Pagure - test - Pagure</title>',
output_text)
self.assertIn(
'<input class="form-check-input mt-2" id="active" name="active" '
'type="checkbox" value="y">', output_text)
def test_drop_tags(self):
""" Test dropping a ticket tag.
"""
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.post('/test/droptag/', data={})
self.assertEqual(output.status_code, 401)
output_text = output.get_data(as_text=True)
self.assertIn('<title>Unauthorized :\'( - Pagure</title>',
output_text)
self.assertIn(
'<p>The issue tracker for this project is read-only</p>',
output_text)
def test_is_repo_committer_external_committer_generic_no_member(self):
""" Test is_repo_committer in pagure with EXTERNAL_COMMITTER
configured to give access to all the provenpackager, but the user
is not one.
"""
repo = pagure.lib._get_project(self.session, 'test')
user = tests.FakeUser()
g = munch.Munch()
g.fas_user = user
with mock.patch('pagure.flask.g', g):
output = pagure.is_repo_committer(repo)
self.assertFalse(output)
def test_admin_index(self):
""" Test the admin_index endpoint. """
output = self.app.get('/admin')
self.assertEqual(output.status_code, 302)
user = tests.FakeUser()
with tests.user_set(pagure.APP, user):
output = self.app.get('/admin', follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue(
'<li class="error">Access restricted</li>' in output.data)
user = tests.FakeUser(username='******',
groups=pagure.APP.config['ADMIN_GROUP'])
with tests.user_set(pagure.APP, user):
output = self.app.get('/admin', follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertTrue('<h2>Admin section</h2>' in output.data)
self.assertTrue('Re-generate gitolite ACLs file' in output.data)
self.assertTrue(
'Re-generate ssh authorized_key file' in output.data)
def test_is_repo_committer_external_committer_excluding_one(self):
""" Test is_repo_committer in pagure with EXTERNAL_COMMITTER
configured to give access to all the provenpackager but for this
one repo
"""
repo = pagure.lib._get_project(self.session, 'test')
g = munch.Munch()
g.fas_user = tests.FakeUser()
g.fas_user.groups.append('provenpackager')
with mock.patch('pagure.flask.g', g):
output = pagure.is_repo_committer(repo)
self.assertFalse(output)
def test_star_project_invalid_star(self):
""" Test the star_project endpoint for invalid star """
user = tests.FakeUser()
user.username = "******"
with tests.user_set(self.app.application, user):
csrf_token = self.get_csrf()
data = {"csrf_token": csrf_token}
output = self.app.post("/test/star/2",
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 400)
self._check_star_count(data=data, stars=0)
def test_delete_fork_when_fork_and_project_off(self):
""" Test the delete_repo endpoint for a fork when deleting fork and
project is forbidden.
"""
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.post(
'/fork/pingou/test/delete', follow_redirects=True)
self.assertEqual(output.status_code, 404)
projects = pagure.lib.search_projects(self.session)
self.assertEqual(len(projects), 4)
def test_star_project_no_csrf(self):
""" Test the star_project endpoint for the case when there
is no CSRF token given """
user = tests.FakeUser()
user.username = '******'
with tests.user_set(self.app.application, user):
data = {}
output = self.app.post('/test/star/1',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 400)
def test_issue_list_admin(self):
""" Test the list of issues when user is an admin of the project.
"""
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.get('/test/issues')
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
self.assertIn(
'<title>Issues - test - Pagure</title>', output_text)
self.assertIn(
'<span class="fa fa-fw fa-exclamation-circle"></span> 2 Open Issues\n', output_text)
def test_is_repo_committer_logged_in_in_ticket_group(self):
""" Test is_repo_committer in pagure with the appropriate user logged
in. """
# Create group
msg = pagure.lib.query.add_group(
self.session,
group_name="packager",
display_name="packager",
description="The Fedora packager groups",
group_type="user",
user="******",
is_admin=False,
blacklist=[],
)
self.session.commit()
self.assertEqual(msg, "User `pingou` added to the group `packager`.")
# Add user to group
group = pagure.lib.query.search_groups(self.session,
group_name="packager")
msg = pagure.lib.query.add_user_to_group(
self.session,
username="******",
group=group,
user="******",
is_admin=True,
)
self.session.commit()
self.assertEqual(msg, "User `foo` added to the group `packager`.")
# Add group packager to project test
project = pagure.lib.query._get_project(self.session, "test")
msg = pagure.lib.query.add_group_to_project(
self.session,
project=project,
new_group="packager",
user="******",
access="ticket",
)
self.session.commit()
self.assertEqual(msg, "Group added")
repo = pagure.lib.query._get_project(self.session, "test")
g = munch.Munch()
g.fas_user = tests.FakeUser(username="******")
g.authenticated = True
g.session = self.session
with mock.patch("flask.g", g):
output = pagure.utils.is_repo_committer(repo)
self.assertFalse(output)
def test_confirm_email(self, ast):
""" Test the confirm_email endpoint. """
output = self.app.get('/settings/email/confirm/foobar')
self.assertEqual(output.status_code, 302)
ast.return_value = False
# Add a pending email to pingou
userobj = pagure.lib.search_user(self.session, username='******')
self.assertEqual(len(userobj.emails), 2)
email_pend = pagure.lib.model.UserEmailPending(
user_id=userobj.id,
email='[email protected]',
token='abcdef',
)
self.session.add(email_pend)
self.session.commit()
user = tests.FakeUser()
user.username = '******'
with tests.user_set(pagure.APP, user):
# Wrong token
output = self.app.get(
'/settings/email/confirm/foobar', follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertIn(
'<div class="card-header">\n Basic Information\n'
' </div>', output.data)
self.assertIn(
'</button>\n No email associated with this token.',
output.data)
# Confirm email
output = self.app.get(
'/settings/email/confirm/abcdef', follow_redirects=True)
self.assertEqual(output.status_code, 200)
self.assertIn(
'<div class="card-header">\n Basic Information\n'
' </div>', output.data)
self.assertIn(
'</button>\n Email validated',
output.data)
userobj = pagure.lib.search_user(self.session, username='******')
self.assertEqual(len(userobj.emails), 3)
ast.return_value = True
output = self.app.get('/settings/email/confirm/foobar')
self.assertEqual(output.status_code, 302)
def test_plugin_mirror_invalid_target(self):
""" Test the setting up the mirror plugin when there are the target
provided is invalid.
"""
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
csrf_token = self.get_csrf()
data = {
'csrf_token': csrf_token,
'active': True,
'target': 'https://host.org/target',
}
# With the git repo
output = self.app.post('/test/settings/Mirroring',
data=data,
follow_redirects=True)
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
self.assertIn('<title>Settings Mirroring - test - Pagure</title>',
output_text)
if self.get_wtforms_version() >= (2, 2):
self.assertIn(
'<div class="col-sm-10">\n '
'<input class="form-control pl-0" id="target" name="target" '
'required type="text" value="https://host.org/target">\n'
' </div>\n '
'</div>\n <div class="alert alert-danger">Invalid '
'input.</div>', output_text)
else:
self.assertIn(
'<div class="col-sm-10">\n '
'<input class="form-control pl-0" id="target" name="target" '
'type="text" value="https://host.org/target">\n </div>\n '
'</div>\n <div class="alert alert-danger">Invalid '
'input.</div>', output_text)
output = self.app.get('/test/settings/Mirroring', data=data)
output_text = output.get_data(as_text=True)
self.assertIn('<title>Settings Mirroring - test - Pagure</title>',
output_text)
self.assertIn(
'<input class="form-check-input mt-2" id="active" name="active" '
'type="checkbox" value="y">', output_text)
self.assertFalse(
os.path.exists(
os.path.join(self.path, 'repos', 'test.git', 'hooks',
'post-receive.mirror')))
def test_index_admin_access_while_commit(self):
""" Test the index endpoint filter for admin access only when user
is an committer. """
tests.create_projects(self.session)
# Add a 3rd project just for foo
item = pagure.lib.model.Project(
user_id=2, # foo
name="test3",
description="test project #3 with a very long description",
hook_token="aaabbbeeefff",
)
self.session.add(item)
self.session.commit()
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
# Before
output = self.app.get("/dashboard/projects?acl=commit")
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
self.assertIn(
'<h4 class="font-weight-bold mb-0">My Projects</h4>\n'
' <span class="btn btn-outline-secondary disabled'
' opacity-100 border-0 ml-auto font-weight-bold">1 Projects</span>\n',
output_text,
)
# Add foo to test with commit level
project = pagure.lib.query._get_project(self.session, "test")
msg = pagure.lib.query.add_user_to_project(
self.session,
project=project,
new_user="******",
user="******",
access="commit",
)
self.session.commit()
self.assertEqual(msg, "User added")
# After
output = self.app.get("/dashboard/projects?acl=commit")
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
# The total number no longer changes
self.assertIn(
'<h4 class="font-weight-bold mb-0">My Projects</h4>\n'
' <span class="btn btn-outline-secondary disabled'
' opacity-100 border-0 ml-auto font-weight-bold">2 Projects</span>\n',
output_text,
)
def test_view_issue_author(self):
""" Test accessing a private ticket when user opened the ticket.
"""
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.get('/test/issue/1')
self.assertEqual(output.status_code, 200)
self.assertIn(
u'div class="projectinfo m-t-1 m-b-1">\ntest project #1'
u' </div>', output.data)
self.assertIn(
u'<title>Issue #1: Test issue #1 - test - Pagure</title>',
output.data)
def test_delete_button_present(self):
""" Test that the delete button is present when deletions are
allowed.
"""
user = tests.FakeUser(username='******')
with tests.user_set(pagure.APP, user):
output = self.app.get('/test/settings')
self.assertEqual(output.status_code, 200)
self.assertIn('<form action="/test/delete"', output.data)
self.assertIn(' Delete the test project', output.data)
projects = pagure.lib.search_projects(self.session)
self.assertEqual(len(projects), 4)
def test_get_ticket_template_no_csrf(self):
""" Test the get_ticket_template endpoint when the project has no
templates.
"""
user = tests.FakeUser()
with tests.user_set(self.app.application, user):
output = self.app.post('/pv/test/issue/template')
self.assertEqual(output.status_code, 400)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(data, {
"code": "ERROR",
"message": "Invalid input submitted"
})
def test_plugin_mail_page(self):
""" Test the default page of the pagure hook plugin. """
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
output = self.app.get('/test/settings/Pagure')
self.assertEqual(output.status_code, 200)
self.assertIn(
'<div class="projectinfo m-t-1 m-b-1">\n'
'test project #1 </div>', output.data)
self.assertTrue('<h3>Pagure settings</h3>' in output.data)
self.assertTrue(
'<input class="form-control" id="active" name="active" '
'type="checkbox" value="y">' in output.data)
def test_new_issue_no_template(self):
""" Test the new_issue endpoint when the project has no templates.
"""
user = tests.FakeUser()
with tests.user_set(self.app.application, user):
output = self.app.get("/test/new_issue")
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
self.assertIn(
'<h4 class="font-weight-bold mb-4">New Issue</h4>\n',
output_text,
)
self.assertNotIn("Issue Templates", output_text)
def test_edit_tag(self):
""" Test editing a ticket tag.
"""
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
output = self.app.post("/test/tag/tag1/edit", data={})
self.assertEqual(output.status_code, 401)
output_text = output.get_data(as_text=True)
self.assertIn("<title>Unauthorized :'( - Pagure</title>",
output_text)
self.assertIn(
"<p>The issue tracker for this project is read-only</p>",
output_text,
)
def test_is_repo_committer_external_committer_restricting_to_one(self):
""" Test is_repo_committer in pagure with EXTERNAL_COMMITTER
configured to give access the provenpackager just for one repo
"""
repo = pagure.lib.query._get_project(self.session, "test")
g = munch.Munch()
g.fas_user = tests.FakeUser(username="******")
g.authenticated = True
g.fas_user.groups.append("provenpackager")
g.session = self.session
with mock.patch("flask.g", g):
output = pagure.utils.is_repo_committer(repo)
self.assertTrue(output)
def test_plugin_pagure_ticket_activate_w_no_repo(self):
""" Test the pagure_ticket plugin on/off endpoint. """
shutil.rmtree(os.path.join(self.path, "repos", "test.git"))
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
# Try re-activate hook w/o the git repo
data = {"csrf_token": self.csrf_token, "active": "y"}
output = self.app.post(
"/test/settings/Prevent creating new branches by git push",
data=data,
)
self.assertEqual(output.status_code, 404)
def test_api_update_custom_field(self):
""" Test updating a specific custom fields on a ticket. """
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
output = self.app.post("/api/0/test/issue/1/custom/foo", data={})
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
data,
{
"error": "The issue tracker of this project is read-only",
"error_code": "ETRACKERREADONLY",
},
)
def test_index_fork_without_parent(self):
""" Test the index view: forks should display either their parent
project or mention that it was deleted. """
tests.create_projects(self.session)
# Add a 3rd project just for foo
item = pagure.lib.model.Project(
user_id=2, # foo
name='test3',
description='test project #3',
hook_token='aaabbbeeefff',
is_fork=True,
parent_id=1,
)
self.session.add(item)
self.session.commit()
user = tests.FakeUser(username='******')
with tests.user_set(self.app.application, user):
# Before
output = self.app.get('/')
self.assertEqual(output.status_code, 200)
self.assertIn(
'My Forks <span class="label label-default">1</span>',
output.data)
segment = output.data.split('My Forks')[1].split('My Groups')[0]
self.assertRegexpMatches(
segment,
r'foo/test3(\s*<[^>]+?>\s*)*?forked from(\s*<[^>]+?>\s*)*?test'
)
# Delete the parent (or fake it)
proj = pagure.lib._get_project(self.session, 'test3', user='******')
proj.parent_id = None
self.session.add(proj)
self.session.commit()
# Check page again
output = self.app.get('/')
self.assertEqual(output.status_code, 200)
self.assertIn(
'My Forks <span class="label label-default">1</span>',
output.data)
segment = output.data.split('My Forks')[1].split('My Groups')[0]
self.assertRegexpMatches(
segment,
r'foo/test3(\s*<[^>]+?>\s*)*?forked from a deleted repository'
)
def test_is_repo_committer_external_committer_generic_member(self):
""" Test is_repo_committer in pagure with EXTERNAL_COMMITTER
configured to give access to all the provenpackager, and the user
is one
"""
repo = pagure.lib._get_project(self.session, 'test')
g = munch.Munch()
g.fas_user = tests.FakeUser()
g.fas_user.groups.append('provenpackager')
g.authenticated = True
with mock.patch('pagure.flask_app.flask.g', g):
output = pagure.utils.is_repo_committer(repo)
self.assertTrue(output)
def test_pr_edit_pull_request_post_author_no_csrf_token(self):
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
data = {
"title": "New title",
"initial_comment": "New initial comment",
"allow_rebase": False,
}
output = self.app.post(
"/test/pull-request/1/edit", data=data, follow_redirects=True
)
self.assertEqual(output.status_code, 200)
output_text = output.get_data(as_text=True)
# Without CSRF token, we finish again on the form with new
# values.
self.assertIn(
"<title>Edit PR#1: PR from the feature branch - test - "
"Pagure</title>",
output_text,
)
if self.get_wtforms_version() >= (2, 2):
self.assertIn(
'<input class="form-control" id="title" name="title" '
'required type="text" value="New title">',
output_text,
)
else:
self.assertIn(
'<input class="form-control" id="title" name="title" '
'type="text" value="New title">',
output_text,
)
self.assertIn(
'<textarea class="form-control width-100per" '
'id="initial_comment"\n '
'name="initial_comment">New initial comment</textarea>',
output_text,
)
self.assertIn(
'<input id="allow_rebase" name="allow_rebase" type="checkbox"'
' value="y" checked>',
output_text,
)
request = pagure.lib.query.search_pull_requests(
self.session, project_id=1, requestid=1
)
# DB model has not been changed
self.assertEqual("PR from the feature branch", request.title)
self.assertEqual(None, request.initial_comment)
self.assertEqual(True, request.allow_rebase)
def test_star_project_invalid_star(self):
""" Test the star_project endpoint for invalid star """
user = tests.FakeUser()
user.username = '******'
with tests.user_set(pagure.APP, user):
csrf_token = self.get_csrf()
data = {
'csrf_token': csrf_token,
}
output = self.app.post(
'/test/star/2', data=data, follow_redirects=True)
self.assertEqual(output.status_code, 400)
self._check_star_count(data=data, stars=0)
def test_admin_session_timedout(self, session, g, flash):
""" Test the call to admin_session_timedout. """
lifetime = pagure.config.config.get("ADMIN_SESSION_LIFETIME",
datetime.timedelta(minutes=15))
td1 = datetime.timedelta(minutes=1)
# session already expired
user = tests.FakeUser(username="******")
user.login_time = datetime.datetime.utcnow() - lifetime - td1
g.fas_user = user
self.assertTrue(pagure.flask_app.admin_session_timedout())
# session did not expire
user.login_time = datetime.datetime.utcnow() - lifetime + td1
g.fas_user = user
self.assertFalse(pagure.flask_app.admin_session_timedout())
def test_api_subscribe_issue(self):
""" Test subscribing to a ticket. """
user = tests.FakeUser(username="******")
with tests.user_set(self.app.application, user):
output = self.app.post("/api/0/test/issue/1/subscribe", data={})
self.assertEqual(output.status_code, 401)
data = json.loads(output.get_data(as_text=True))
self.assertEqual(
data,
{
"error": "The issue tracker of this project is read-only",
"error_code": "ETRACKERREADONLY",
},
)