def test_api_grant_user_permission_to_user_group_by_regular_user( self, name, perm, grant_admin, access_ok, user_util): api_user = UserModel().get_by_username(self.TEST_USER_LOGIN) user = user_util.create_user() group = user_util.create_user_group() # grant the user ability to at least read the group permission = 'usergroup.admin' if grant_admin else 'usergroup.read' user_util.grant_user_permission_to_user_group(group, api_user, permission) id_, params = build_data(self.apikey_regular, 'grant_user_permission_to_user_group', usergroupid=group.users_group_name, userid=user.username, perm=perm) response = api_call(self.app, params) if access_ok: ret = { 'msg': ('Granted perm: `%s` for user: `%s` in user group: `%s`' % (perm, user.username, group.users_group_name)), 'success': True } expected = ret assert_ok(id_, expected, given=response.body) else: expected = 'user group `%s` does not exist' % ( group.users_group_name) assert_error(id_, expected, given=response.body)
def test_api_get_gists_regular_user_with_different_userid(self): id_, params = build_data( self.apikey_regular, 'get_gists', userid=TEST_USER_ADMIN_LOGIN) response = api_call(self.app, params) expected = 'userid is not the same as your user' assert_error(id_, expected, given=response.body)
def test_create_fails_when_no_revisions(self, backend): data = self._prepare_data(backend, source_head='initial') id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'no commits found' assert_error(id_, expected_message, given=response.body)
def test_api_revoke_user_permission_from_user_group_by_regular_user( self, name, grant_admin, access_ok, user_util): user = user_util.create_user() group = user_util.create_user_group() permission = 'usergroup.admin' if grant_admin else 'usergroup.read' user_util.grant_user_permission_to_user_group(group, user, permission) id_, params = build_data(self.apikey_regular, 'revoke_user_permission_from_user_group', usergroupid=group.users_group_name, userid=user.username) response = api_call(self.app, params) if access_ok: expected = { 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (user.username, group.users_group_name), 'success': True } assert_ok(id_, expected, given=response.body) else: expected = 'user group `%s` does not exist' % ( group.users_group_name) assert_error(id_, expected, given=response.body)
def test_api_add_field_to_repo(self, backend): repo = backend.create_repo() repo_name = repo.repo_name id_, params = build_data( self.apikey, 'add_field_to_repo', repoid=repo_name, key='extra_field', label='extra_field_label', description='extra_field_desc') response = api_call(self.app, params) expected = { 'msg': 'Added new repository field `extra_field`', 'success': True, } assert_ok(id_, expected, given=response.body) repo = Repository.get_by_repo_name(repo_name) repo_field = RepositoryField.get_by_key_name('extra_field', repo) _data = repo_field.get_dict() assert _data['field_desc'] == 'extra_field_desc' assert _data['field_key'] == 'extra_field' assert _data['field_label'] == 'extra_field_label' id_, params = build_data( self.apikey, 'add_field_to_repo', repoid=repo_name, key='extra_field', label='extra_field_label', description='extra_field_desc') response = api_call(self.app, params) expected = 'Field with key `extra_field` exists for repo `%s`' % ( repo_name) assert_error(id_, expected, given=response.body)
def test_api_pull_error(self, backend): id_, params = build_data( self.apikey, 'pull', repoid=backend.repo_name) response = api_call(self.app, params) expected = 'Unable to pull changes from `%s`' % (backend.repo_name,) assert_error(id_, expected, given=response.body)
def test_api_missing_non_optional_param_args_bad(self): id_, params = build_data(self.apikey, 'get_repo') params = params.replace('"args": {}', '"args": 1') response = api_call(self.app, params) expected = 'Missing non optional `repoid` arg in JSON DATA' assert_error(id_, expected, given=response.body)
def test_api_grant_user_permission_to_repo_group_by_regular_user( self, name, perm, apply_to_children, grant_admin, access_ok, user_util): user = user_util.create_user() repo_group = user_util.create_repo_group() if grant_admin: test_user = UserModel().get_by_username(self.TEST_USER_LOGIN) user_util.grant_user_permission_to_repo_group( repo_group, test_user, 'group.admin') id_, params = build_data( self.apikey_regular, 'grant_user_permission_to_repo_group', repogroupid=repo_group.name, userid=user.username, perm=perm, apply_to_children=apply_to_children) response = api_call(self.app, params) if access_ok: ret = { 'msg': ( 'Granted perm: `%s` (recursive:%s) for user: `%s`' ' in repo group: `%s`' % ( perm, apply_to_children, user.username, repo_group.name ) ), 'success': True } expected = ret assert_ok(id_, expected, given=response.body) else: expected = 'repository group `%s` does not exist' % ( repo_group.name, ) assert_error(id_, expected, given=response.body)
def test_api_invalidate_cache_error(self, backend): id_, params = build_data( self.apikey, 'invalidate_cache', repoid=backend.repo_name) response = api_call(self.app, params) expected = 'Error occurred during cache invalidation action' assert_error(id_, expected, given=response.body)
def test_api_revoke_user_permission_from_repo_group_by_regular_user( self, name, apply_to_children, grant_admin, access_ok, user_util): user = user_util.create_user() repo_group = user_util.create_repo_group() permission = 'group.admin' if grant_admin else 'group.read' user_util.grant_user_permission_to_repo_group(repo_group, user, permission) id_, params = build_data( self.apikey_regular, 'revoke_user_permission_from_repo_group', repogroupid=repo_group.name, userid=user.username, apply_to_children=apply_to_children, ) response = api_call(self.app, params) if access_ok: expected = { 'msg': ('Revoked perm (recursive:%s) for user: `%s`' ' in repo group: `%s`' % (apply_to_children, user.username, repo_group.name)), 'success': True } assert_ok(id_, expected, given=response.body) else: expected = 'repository group `%s` does not exist' % ( repo_group.name) assert_error(id_, expected, given=response.body)
def test_api_close_pull_request_repo_error(self): id_, params = build_data( self.apikey, 'close_pull_request', repoid=666, pullrequestid=1) response = api_call(self.app, params) expected = 'repository `666` does not exist' assert_error(id_, expected, given=response.body)
def test_api_get_user_with_giving_userid_non_admin(self): id_, params = build_data(self.apikey_regular, 'get_user', userid=self.TEST_USER_LOGIN) response = api_call(self.app, params) expected = 'userid is not the same as your user' assert_error(id_, expected, given=response.body)
def test_api_get_repo_not_existing(self): id_, params = build_data( self.apikey, 'get_repo', repoid='no-such-repo') response = api_call(self.app, params) ret = 'repository `%s` does not exist' % 'no-such-repo' expected = ret assert_error(id_, expected, given=response.body)
def test_api_lock_repo_lock_aquire_non_admin_not_his_repo(self, backend): id_, params = build_data(self.apikey_regular, 'lock', repoid=backend.repo_name, locked=True) response = api_call(self.app, params) expected = 'repository `%s` does not exist' % (backend.repo_name, ) assert_error(id_, expected, given=response.body)
def test_api_delete_gist_regular_user_no_permission(self, gist_util): gist_id = gist_util.create_gist().gist_access_id id_, params = build_data(self.apikey_regular, 'delete_gist', gistid=gist_id) response = api_call(self.app, params) expected = 'gist `%s` does not exist' % (gist_id, ) assert_error(id_, expected, given=response.body)
def test_api_create_user_group_regular_user_no_permission(self): group_name = 'some_new_group' id_, params = build_data(self.apikey_regular, 'create_user_group', group_name=group_name) response = api_call(self.app, params) expected = "Access was denied to this resource." assert_error(id_, expected, given=response.body)
def test_create_fails_with_wrong_repo(self, backend, data_key): repo_name = 'fake-repo' data = self._prepare_data(backend) data[data_key] = repo_name id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'repository `{}` does not exist'.format(repo_name) assert_error(id_, expected_message, given=response.body)
def test_api_invalidate_cache_regular_user_no_permission(self, backend): self._set_cache(backend.repo_name) id_, params = build_data( self.apikey_regular, 'invalidate_cache', repoid=backend.repo_name) response = api_call(self.app, params) expected = "repository `%s` does not exist" % (backend.repo_name,) assert_error(id_, expected, given=response.body)
def test_api_update_user_group_exception_occurred(self, user_util): user_group = user_util.create_user_group() group_name = user_group.users_group_name id_, params = build_data(self.apikey, 'update_user_group', usergroupid=group_name) response = api_call(self.app, params) expected = 'failed to update user group `%s`' % (group_name, ) assert_error(id_, expected, given=response.body)
def test_api_get_gist_private_gist_without_permission(self, gist_util): gist = gist_util.create_gist() gist_id = gist.gist_access_id id_, params = build_data( self.apikey_regular, 'get_gist', gistid=gist_id, ) response = api_call(self.app, params) expected = 'gist `%s` does not exist' % (gist_id,) assert_error(id_, expected, given=response.body)
def test_api_rescann_error(self): id_, params = build_data( self.apikey, 'rescan_repos', ) response = api_call(self.app, params) expected = 'Error occurred during rescan repositories action' assert_error(id_, expected, given=response.body)
def test_create_fails_when_the_reviewer_is_not_found(self, backend): data = self._prepare_data(backend) reviewers = ['somebody'] data['reviewers'] = reviewers id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'user `somebody` does not exist' assert_error(id_, expected_message, given=response.body)
def test_cannot_create_with_reviewers_in_wrong_format(self, backend): data = self._prepare_data(backend) reviewers = ','.join([TEST_USER_REGULAR_LOGIN, TEST_USER_ADMIN_LOGIN]) data['reviewers'] = reviewers id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'reviewers should be specified as a list' assert_error(id_, expected_message, given=response.body)
def test_api_create_user_group_exception_occurred(self): group_name = 'exception_happens' id_, params = build_data(self.apikey, 'create_user_group', group_name=group_name) response = api_call(self.app, params) expected = 'failed to create group `%s`' % (group_name, ) assert_error(id_, expected, given=response.body)
def test_api_update_user_default_user(self): usr = User.get_default_user() id_, params = build_data(self.apikey, 'update_user', userid=usr.user_id) response = api_call(self.app, params) expected = 'editing default user is forbidden' assert_error(id_, expected, given=response.body)
def test_api_get_pull_request_pull_request_error(self): id_, params = build_data(self.apikey, 'get_pull_request', repoid=1, pullrequestid=666) response = api_call(self.app, params) expected = 'pull request `666` does not exist' assert_error(id_, expected, given=response.body)
def test_api_create_user_with_existing_email(self): id_, params = build_data( self.apikey, 'create_user', username=TEST_USER_ADMIN_LOGIN + 'new', email=TEST_USER_REGULAR_EMAIL, password='******') response = api_call(self.app, params) expected = "email `%s` already exist" % (TEST_USER_REGULAR_EMAIL,) assert_error(id_, expected, given=response.body)
def test_create_fails_with_non_existing_ref(self, backend, data_key): commit_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa10' ref = self._get_full_ref(backend, commit_id) data = self._prepare_data(backend) data[data_key] = ref id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'Ref `{}` does not exist'.format(ref) assert_error(id_, expected_message, given=response.body)
def test_api_remove_user_from_user_group_exception_occurred( self, user_util): user, group = user_util.create_user_with_group() id_, params = build_data( self.apikey, 'remove_user_from_user_group', usergroupid=group.users_group_name, userid=user.username) response = api_call(self.app, params) expected = 'failed to remove member from user group `%s`' % ( group.users_group_name) assert_error(id_, expected, given=response.body)
def test_create_fails_with_non_existing_branch(self, backend, data_key): branch_name = 'test-branch' data = self._prepare_data(backend) data[data_key] = "branch:{}".format(branch_name) id_, params = build_data(self.apikey_regular, 'create_pull_request', **data) response = api_call(self.app, params) expected_message = 'The specified branch `{}` does not exist'.format( branch_name) assert_error(id_, expected_message, given=response.body)