def test_add_rule_for_new_user(self):
with session.begin():
data_setup.create_user(user_name=u'marple')
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
# grant edit_policy permission to marple user
pane = b.find_element_by_id('access-policy')
pane.find_element_by_xpath('.//input[@placeholder="Username"]')\
.send_keys('marple\n')
find_policy_checkbox(b, 'marple', 'Edit this policy').click()
check_policy_row_is_dirty(b, 'marple')
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath(
'.//span[@class="sync-status" and not(node())]')
check_policy_row_is_not_dirty(b, 'marple')
# refresh to check it has been persisted
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
self.assertTrue(
find_policy_checkbox(b, 'marple',
'Edit this policy').is_selected())
def test_group_not_in_cache(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# type the group name before it exists
with session.begin():
self.assertEquals(
Group.query.filter_by(group_name=u'anotherbeatles').first(),
None)
group_input = pane.find_element_by_xpath(
'.//input[@placeholder="Group name"]')
group_input.send_keys('anotherbeatles')
# group is created
with session.begin():
data_setup.create_group(group_name=u'anotherbeatles')
# type it again
group_input.clear()
group_input.send_keys('anotherbeatles')
# suggestion should appear
pane.find_element_by_xpath('.//div[@class="tt-suggestion" and '
'contains(string(.), "anotherbeatles")]')
group_input.send_keys('\n')
find_policy_checkbox(b, 'anotherbeatles', 'Edit this policy')
def test_empty_policy(self):
with session.begin():
self.system.custom_access_policy.rules[:] = []
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View')
for checkbox in pane.find_elements_by_xpath('.//input[@type="checkbox"]'):
self.assertFalse(checkbox.is_selected())
def test_empty_policy(self):
with session.begin():
self.pool.access_policy.rules[:] = []
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View')
for checkbox in pane.find_elements_by_xpath('.//input[@type="checkbox"]'):
self.assertFalse(checkbox.is_selected())
def check_checkboxes(self):
b = self.browser
pane = self.browser.find_element_by_id('access-policy')
# corresponds to the rules added in setUp
pane.find_element_by_xpath('.//table/tbody[1]/tr[1]/th[text()="Group"]')
self.assertTrue(find_policy_checkbox(b, 'detectives', 'Edit system details') \
.is_selected())
self.assertTrue(find_policy_checkbox(b, 'sidekicks', 'Loan to self').is_selected())
pane.find_element_by_xpath('.//table/tbody[2]/tr[1]/th[text()="User"]')
self.assertTrue(find_policy_checkbox(b, 'poirot', 'Control power').is_selected())
self.assertTrue(find_policy_checkbox(b, 'hastings', 'Loan to anyone').is_selected())
self.assertTrue(find_policy_checkbox(b, 'Everybody', 'Reserve').is_selected())
def test_empty_policy(self):
with session.begin():
self.pool.access_policy.rules[:] = []
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View')
for checkbox in pane.find_elements_by_xpath(
'.//input[@type="checkbox"]'):
self.assertFalse(checkbox.is_selected())
def check_checkboxes(self):
b = self.browser
pane = self.browser.find_element_by_id('access-policy')
# corresponds to the rules added in setUp
pane.find_element_by_xpath('.//table/tbody[1]/tr[1]/th[text()="Group"]')
self.assertTrue(find_policy_checkbox(b, 'pdetectives', 'Edit system details') \
.is_selected())
self.assertTrue(find_policy_checkbox(b, 'psidekicks', 'Loan to self').is_selected())
pane.find_element_by_xpath('.//table/tbody[2]/tr[1]/th[text()="User"]')
self.assertTrue(find_policy_checkbox(b, 'anotherpoirot', 'Control power').is_selected())
self.assertTrue(find_policy_checkbox(b, 'anotherhastings', 'Loan to anyone').is_selected())
self.assertTrue(find_policy_checkbox(b, 'Everybody', 'Reserve').is_selected())
def test_add_rule_for_nonexistent_user(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
pane.find_element_by_xpath('.//input[@placeholder="Username"]')\
.send_keys('this_user_does_not_exist\n')
find_policy_checkbox(b, 'this_user_does_not_exist', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and '
'contains(string(.), "No such user")]')
def test_add_rule_for_nonexistent_user(self):
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
pane.find_element_by_xpath('.//input[@placeholder="Username"]')\
.send_keys('this_user_does_not_exist\n')
find_policy_checkbox(b, 'this_user_does_not_exist', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and '
'contains(string(.), "No such user")]')
def test_add_rule(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
# grant loan_any permission to anotherpoirot user
pane = b.find_element_by_id('access-policy')
checkbox = find_policy_checkbox(b, 'anotherpoirot', 'Loan to anyone')
self.assertFalse(checkbox.is_selected())
checkbox.click()
check_policy_row_is_dirty(b, 'anotherpoirot')
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
check_policy_row_is_not_dirty(b, 'anotherpoirot')
# refresh to check it is persisted
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
self.assertTrue(find_policy_checkbox(b, 'anotherpoirot', 'Loan to anyone').is_selected())
def test_add_rule(self):
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
# grant loan_any permission to poirot user
pane = b.find_element_by_id('access-policy')
checkbox = find_policy_checkbox(b, 'poirot', 'Loan to anyone')
self.assertFalse(checkbox.is_selected())
checkbox.click()
check_policy_row_is_dirty(b, 'poirot')
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
check_policy_row_is_not_dirty(b, 'poirot')
# refresh to check it is persisted
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
self.assertTrue(find_policy_checkbox(b, 'poirot', 'Loan to anyone').is_selected())
def test_remove_self_edit_policy_permission(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# grant anotherpoirot edit_policy permission
find_policy_checkbox(b, 'anotherpoirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
logout(b)
login(b, user='******', password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# remove self edit_policy permission
find_policy_checkbox(b, 'anotherpoirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# the widget should be readonly
pane.find_element_by_xpath('.//table[not(.//input[@type="checkbox" and not(@disabled)])]')
pane.find_element_by_xpath('.//table[not(.//input[@type="text"])]')
def test_secret_system(self):
with session.begin():
user = data_setup.create_user(password='******')
system = data_setup.create_system()
pool = data_setup.create_system_pool()
pool.systems.append(system)
system.active_access_policy = pool.access_policy
b = self.browser
login(b)
self.go_to_pool_edit(system_pool=pool, tab='System Access Policy')
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
logout(b)
self.go_to_pool_edit(system_pool=pool, tab='Systems')
b.find_element_by_xpath('//div[@id="systems" and '
'not(.//a/text()="%s")]' % system.fqdn)
b.find_element_by_xpath('//li/em[contains(text(), "system with restricted visibility")]')
login(b, user.user_name, password='******')
self.go_to_pool_edit(system_pool=pool, tab='Systems')
# user has no access to see the system
b.find_element_by_xpath('//li/em[contains(text(), "system with restricted visibility")]')
def test_remove_self_edit_policy_permission(self):
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# grant poirot edit_policy permission
find_policy_checkbox(b, 'poirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
logout(b)
login(b, user='******', password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
# remove self edit_policy permission
find_policy_checkbox(b, 'poirot', 'Edit this policy').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
# the widget should be readonly
pane.find_element_by_xpath('.//table[not(.//input[@type="checkbox" and not(@disabled)])]')
pane.find_element_by_xpath('.//table[not(.//input[@type="text"])]')
def test_group_not_in_cache(self):
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
pane = b.find_element_by_id('access-policy')
# type the group name before it exists
with session.begin():
self.assertEquals(Group.query.filter_by(group_name=u'anotherbeatles').first(), None)
group_input = pane.find_element_by_xpath('.//input[@placeholder="Group name"]')
group_input.send_keys('anotherbeatles')
# group is created
with session.begin():
data_setup.create_group(group_name=u'anotherbeatles')
# type it again
group_input.clear()
group_input.send_keys('anotherbeatles')
# suggestion should appear
pane.find_element_by_xpath('.//div[@class="tt-suggestion" and '
'contains(string(.), "anotherbeatles")]')
group_input.send_keys('\n')
find_policy_checkbox(b, 'anotherbeatles', 'Edit this policy')
def test_add_rule_for_new_user(self):
with session.begin():
data_setup.create_user(user_name=u'marple')
b = self.browser
login(b, user=self.pool_owner.user_name, password='******')
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
# grant edit_policy permission to marple user
pane = b.find_element_by_id('access-policy')
pane.find_element_by_xpath('.//input[@placeholder="Username"]')\
.send_keys('marple\n')
find_policy_checkbox(b, 'marple', 'Edit this policy').click()
check_policy_row_is_dirty(b, 'marple')
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
check_policy_row_is_not_dirty(b, 'marple')
# refresh to check it has been persisted
self.go_to_pool_edit()
b.find_element_by_link_text('System Access Policy').click()
self.assertTrue(find_policy_checkbox(b, 'marple', 'Edit this policy').is_selected())
def test_secret_system(self):
with session.begin():
user = data_setup.create_user(password='******')
system = data_setup.create_system()
pool = data_setup.create_system_pool()
pool.systems.append(system)
system.active_access_policy = pool.access_policy
b = self.browser
login(b)
self.go_to_pool_edit(system_pool=pool, tab='System Access Policy')
pane = b.find_element_by_id('access-policy')
find_policy_checkbox(b, 'Everybody', 'View').click()
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
logout(b)
self.go_to_pool_edit(system_pool=pool, tab='Systems')
b.find_element_by_xpath('//div[@id="systems" and '
'not(.//a/text()="%s")]' % system.fqdn)
b.find_element_by_xpath(
'//li/em[contains(text(), "system with restricted visibility")]')
login(b, user.user_name, password='******')
self.go_to_pool_edit(system_pool=pool, tab='Systems')
# user has no access to see the system
b.find_element_by_xpath(
'//li/em[contains(text(), "system with restricted visibility")]')
def test_remove_rule(self):
b = self.browser
login(b, user=self.system_owner.user_name, password='******')
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
# revoke loan_self permission from sidekicks group
pane = b.find_element_by_id('access-policy')
checkbox = find_policy_checkbox(b, 'sidekicks', 'Loan to self')
self.assertTrue(checkbox.is_selected())
checkbox.click()
check_policy_row_is_dirty(b, 'sidekicks')
pane.find_element_by_xpath('.//button[text()="Save changes"]').click()
pane.find_element_by_xpath('.//span[@class="sync-status" and not(node())]')
# "sidekicks" row is completely absent now due to having no permissions
check_policy_row_is_absent(b, 'sidekicks')
# refresh to check it is persisted
b.get(get_server_base() + 'view/%s/' % self.system.fqdn)
b.find_element_by_link_text('Access Policy').click()
pane = b.find_element_by_id('access-policy')
self.assertNotIn('sidekicks', pane.text)
