def testMapIdInConfig_DraftMap(self): """Verifies the map ID is added to the map_root always.""" with test_utils.RootLogin(): my_map = test_utils.CreateMap() cfg = maps.GetConfig( test_utils.SetupRequest('/.maps/' + my_map.id), my_map) self.assertEqual(my_map.id, cfg['map_root']['id'])
def testPost_NewUser(self): with test_utils.RootLogin(): self.DoNewUserPost( 'xyz.com', '*****@*****.**', # gets the uid 'recipient' perms.Role.DOMAIN_ADMIN) self.assertEqual({perms.Role.DOMAIN_ADMIN}, perms.GetSubjectsForTarget('xyz.com')['recipient'])
def testGet(self): map_object = test_utils.CreateMap() map_id = map_object.id with test_utils.RootLogin(): response = self.DoGet('/.admin/' + map_id) self.assertTrue('xyz.com' in response.body) self.assertTrue('title' in response.body)
def testGetAccessibleDomains(self): privileged = test_utils.SetupUser(test_utils.Login('privileged')) outsider = test_utils.SetupUser(test_utils.Login('outsider')) with test_utils.RootLogin(): perms.Grant('privileged', perms.Role.DOMAIN_REVIEWER, 'domain-rev.com') perms.Grant('privileged', perms.Role.MAP_CREATOR, 'map-creator.com') perms.Grant('privileged', perms.Role.CATALOG_EDITOR, 'catalog-editor.com') perms.Grant('privileged', perms.Role.DOMAIN_ADMIN, 'domain-admin.com') self.assertRaises(ValueError, perms.GetAccessibleDomains, outsider, 'not-a-domain-role') self.assertEquals({'domain-admin.com'}, perms.GetAccessibleDomains( privileged, perms.Role.DOMAIN_ADMIN)) self.assertEquals({'domain-admin.com', 'catalog-editor.com'}, perms.GetAccessibleDomains( privileged, perms.Role.CATALOG_EDITOR)) self.assertEquals( {'domain-admin.com', 'catalog-editor.com', 'map-creator.com'}, perms.GetAccessibleDomains(privileged, perms.Role.MAP_CREATOR)) self.assertEquals( { 'domain-admin.com', 'catalog-editor.com', 'map-creator.com', 'domain-rev.com' }, perms.GetAccessibleDomains(privileged, perms.Role.DOMAIN_REVIEWER))
def testWipe(self): map_object = test_utils.CreateMap() map_id = map_object.id with test_utils.RootLogin(): self.DoPost('/.admin/' + map_id, 'wipe=1&xsrf_token=XSRF') self.assertEquals(None, model.Map.Get(map_id)) self.assertEquals(None, model.Map.GetDeleted(map_id))
def testGetCardByIdAndTopic(self): self.SetForTest(kmlify, 'FetchData', lambda url, host: KML_DATA) with test_utils.RootLogin(): response = self.DoGet('/.card/%s.t1' % self.map_id) self.assertTrue('Topic 1' in response.body) self.assertTrue('Helsinki' in response.body) self.assertTrue('Columbus' in response.body)
def testPost_NewPermissions(self): with test_utils.RootLogin(): response = self.DoUserPermissionsPost( 'xyz.com', [('insider', 'DOMAIN_ADMIN', False)]) # Should redirect back to the admin page. self.assertTrue('/root/xyz.com/.admin' in response.headers['Location']) self.assertEqual({perms.Role.DOMAIN_ADMIN}, perms.GetSubjectsForTarget('xyz.com')['insider'])
def testDelete(self): map_object = test_utils.CreateMap() map_id = map_object.id with test_utils.RootLogin(): self.DoPost('/.admin/' + map_id, 'delete=1&xsrf_token=XSRF') self.assertTrue(model.Map.GetDeleted(map_id).is_deleted) self.DoPost('/.admin/' + map_id, 'undelete=1&xsrf_token=XSRF') self.assertFalse(model.Map.Get(map_id).is_deleted)
def testPost_SetDomainRole(self): with test_utils.RootLogin(): perms.Grant('xyz.com', perms.Role.DOMAIN_ADMIN, 'xyz.com') perms.Grant('xyz.com', perms.Role.MAP_CREATOR, 'xyz.com') self.DoUserPermissionsPost( 'xyz.com', [], domain_role=perms.Role.CATALOG_EDITOR) self.assertEqual({perms.Role.CATALOG_EDITOR}, perms.GetSubjectsForTarget('xyz.com')['xyz.com'])
def testRedirectDefault(self): """Tests GetDestination with no label parameter.""" self.assertEquals('http://app.com/root/empty', self.DoGet('', 302).headers['Location']) self.assertEquals('http://app.com/root/empty?layers=x', self.DoGet('/?layers=x', 302).headers['Location']) with test_utils.RootLogin(): domains.Domain.Put('xyz.com', default_label='qwerty') self.assertEquals('http://app.com/root/qwerty?layers=x', self.DoGet('/?layers=x', 302).headers['Location']) with test_utils.RootLogin(): domains.Domain.Put('foo.org', default_label='fancy-label') response = self.DoGet('/foo.org/?layers=x', 302) self.assertEquals('http://app.com/root/foo.org/fancy-label?layers=x', response.headers['Location'])
def testMapIdInConfig_PublishedMap(self): with test_utils.RootLogin(): my_map = test_utils.CreateMap() my_entry = model.CatalogEntry.Create(test_utils.PRIMARY_DOMAIN, 'label', my_map) cfg = maps.GetConfig(test_utils.SetupRequest( '/a/%s/label' % test_utils.PRIMARY_DOMAIN), catalog_entry=my_entry) self.assertEqual(my_map.id, cfg['map_root']['id'])
def testRemove(self): """Tests removal of a catalog entry.""" with test_utils.RootLogin(): model.CatalogEntry.Create('xyz.com', 'abc', self.map_object) self.assertNotEqual(None, model.CatalogEntry.Get('xyz.com', 'abc')) with test_utils.Login('owner'): self.DoPost('/xyz.com/.publish', 'label=abc&remove=1&xsrf_token=XSRF') self.assertEquals(None, model.CatalogEntry.Get('xyz.com', 'abc'))
def testMapRegion(self): """Verifies that the 'region' property affects the Maps API URL.""" m1 = test_utils.CreateMap({'title': 'no region'}) m2 = test_utils.CreateMap({'title': 'has region', 'region': 'in'}) with test_utils.RootLogin(): cm_config = maps.GetConfig( test_utils.SetupRequest('/.maps/' + m1.id), m1) self.assertTrue('region=' not in cm_config['maps_api_url']) cm_config = maps.GetConfig( test_utils.SetupRequest('/.maps/' + m2.id), m2) self.assertTrue('region=in' in cm_config['maps_api_url'])
def testDomainAdminRole(self): with test_utils.RootLogin(): perms.Grant('xyz.com', perms.Role.DOMAIN_ADMIN, 'xyz.com') perms.Grant('outside_friend', perms.Role.DOMAIN_ADMIN, 'xyz.com') with test_utils.DomainLogin('insider', 'xyz.com'): self.assertTrue( perms.CheckAccess(perms.Role.DOMAIN_ADMIN, 'xyz.com')) with test_utils.DomainLogin('outside_friend', 'not-xyz.com'): self.assertTrue( perms.CheckAccess(perms.Role.DOMAIN_ADMIN, 'xyz.com')) with test_utils.Login('stranger'): self.assertFalse( perms.CheckAccess(perms.Role.DOMAIN_ADMIN, 'xyz.com')) with test_utils.DomainLogin('stranger_with_ga_domain', 'not-xyz.com'): self.assertFalse( perms.CheckAccess(perms.Role.DOMAIN_ADMIN, 'xyz.com')) with test_utils.RootLogin(): self.assertTrue( perms.CheckAccess(perms.Role.DOMAIN_ADMIN, 'xyz.com'))
def testUserPermissionsPost_NoSuchDomain(self): self.assertIsNone(domains.Domain.Get('nosuchdomain.com')) with test_utils.RootLogin(): # All POSTs other than the "create domain" operation should give a 404. response = self.DoUserPermissionsPost( 'nosuchdomain.com', [('*****@*****.**', perms.Role.DOMAIN_ADMIN, False)], status=404) self.assertIn('nosuchdomain.com', response.body) response = self.DoNewUserPost('nosuchdomain.com', '*****@*****.**', perms.Role.DOMAIN_ADMIN, 404) self.assertIn('nosuchdomain.com', response.body) response = self.DoDomainSettingsPost('nosuchdomain.com', 'empty', False, perms.Role.MAP_VIEWER, 404) self.assertIn('nosuchdomain.com', response.body)
def testPost_MultipleChangesDontInterfere(self): with test_utils.RootLogin(): # Demote insider to MAP_CREATOR; revoke all permissions for outsider; # add recipient as a catalog editor self.DoUserPermissionsPost( 'xyz.com', [('insider', perms.Role.MAP_CREATOR, False), ('outsider', perms.Role.DOMAIN_ADMIN, True)], new_user=('*****@*****.**', perms.Role.CATALOG_EDITOR), domain_role=perms.Role.DOMAIN_ADMIN) new_perms = perms.GetSubjectsForTarget('xyz.com') self.assertEqual({perms.Role.MAP_CREATOR}, new_perms['insider']) self.assertNotIn('outsider', new_perms) self.assertEqual({perms.Role.CATALOG_EDITOR}, new_perms['recipient']) self.assertEqual({perms.Role.DOMAIN_ADMIN}, new_perms['xyz.com'])
def testInitialDomainRole(self): # Start with no initial_domain_role for our domain. with test_utils.RootLogin(): domains.Domain.Put('xyz.com', initial_domain_role=perms.Role.NONE) perms.Grant('creator', perms.Role.MAP_CREATOR, 'xyz.com') # Newly created maps should get a domain_role of perms.Role.NONE. with test_utils.Login('creator'): response = self.DoPost('/xyz.com/.create', 'xsrf_token=XSRF', 302) map_object = model.Map.Get( response.headers['Location'].split('/')[-1]) self.assertEquals(perms.Role.NONE, map_object.domain_role) # Now set the initial_domain_role for xyz.com. with test_utils.RootLogin(): domains.Domain.Put('xyz.com', initial_domain_role=perms.Role.MAP_EDITOR) # Newly created maps should pick up the new domain_role. with test_utils.Login('creator'): response = self.DoPost('/xyz.com/.create', 'xsrf_token=XSRF', 302) map_object = model.Map.Get( response.headers['Location'].split('/')[-1]) self.assertEquals(perms.Role.MAP_EDITOR, map_object.domain_role)
def testGetMapPickerItems(self): """Tests GetMapPickerItems().""" with test_utils.RootLogin(): model.CatalogEntryModel(key_name='foo.com:m1', domain='foo.com', label='m1', title='Map 1', is_listed=True).put() model.CatalogEntryModel(key_name='primary.com:m2', domain='primary.com', label='m2', title='Map 2', is_listed=True).put() self.assertEquals([{ 'title': 'Map 1', 'url': '/root/foo.com/m1' }], maps.GetMapPickerItems('foo.com', '/root')) self.assertEquals([{ 'title': 'Map 2', 'url': '/root/m2' }], maps.GetMapPickerItems('primary.com', '/root'))
def testDomainRoles(self): """Verifies that domain access permissions restrict actions correctly.""" with test_utils.RootLogin(): domains.Domain.Put('foo.com', initial_domain_role=perms.Role.MAP_OWNER) m = model.Map.Create({}, 'foo.com') # Verify that a user in foo.com gets the domain role for foo.com. with test_utils.DomainLogin('insider', 'foo.com'): self.assertEquals( {'MAP_OWNER', 'MAP_EDITOR', 'MAP_REVIEWER', 'MAP_VIEWER'}, GetRolesForMap(m)) m.model.domain_role = perms.Role.MAP_EDITOR self.assertEquals({'MAP_EDITOR', 'MAP_REVIEWER', 'MAP_VIEWER'}, GetRolesForMap(m)) m.model.domain_role = perms.Role.MAP_REVIEWER self.assertEquals({'MAP_REVIEWER', 'MAP_VIEWER'}, GetRolesForMap(m)) m.model.domain_role = perms.Role.MAP_VIEWER self.assertEquals({'MAP_VIEWER'}, GetRolesForMap(m))
def testDiff(self): """Test that a map's versions are diffed against new maproot JSON.""" saved_map = {'id': 'random_id_1', 'a': 'b', 'c': 'd'} new_map = {'id': 'random_id_1', 'a': 'b', 'x': 'y'} catalog_map = {'id': 'random_id_1', 'x': 'y', 'c': 'd'} # Create a saved map and a catalog entry to diff against. with test_utils.RootLogin(): map_object = model.Map.Create(catalog_map, 'xyz.com', owners=['owner']) model.CatalogEntry.Create('xyz.com', 'Published', map_object) map_object.PutNewVersion(saved_map) # Exercise the diff endpoint. saved_diff = 'saved diff' catalog_diff = 'catalog diff' html_diff = self.mox.CreateMock(difflib.HtmlDiff) self.mox.StubOutWithMock(difflib, 'HtmlDiff') difflib.HtmlDiff(wrapcolumn=mox.IgnoreArg()).AndReturn(html_diff) html_diff.make_file(diff.ToNormalizedJson(saved_map).splitlines(), diff.ToNormalizedJson(new_map).splitlines(), fromdesc='Saved', todesc='Current', context=mox.IgnoreArg()).AndReturn(saved_diff) html_diff.make_file(diff.ToNormalizedJson(catalog_map).splitlines(), diff.ToNormalizedJson(new_map).splitlines(), fromdesc='xyz.com/Published', todesc='Current', context=mox.IgnoreArg()).AndReturn(catalog_diff) self.mox.ReplayAll() with test_utils.Login('owner'): self.DoPost('/.diff/' + map_object.id, { 'new_json': json.dumps(new_map), 'xsrf_token': 'XSRF' })
def testGet(self): """Tests the map listing page.""" with test_utils.RootLogin(): domains.Domain.Put('cows.net') domains.Domain.Put('dogs.org') m1 = model.Map.Create({'title': 'Moo'}, 'cows.net', viewers=['viewer']) m2 = model.Map.Create({'title': 'Arf'}, 'dogs.org', viewers=['viewer']) with test_utils.Login('viewer'): result = self.DoGet('/.maps').body self.assertTrue('Moo' in result, result) self.assertTrue('.maps/' + m1.id in result, result) self.assertTrue('Arf' in result, result) self.assertTrue('.maps/' + m2.id in result, result) result = self.DoGet('/dogs.org/.maps').body self.assertTrue('Moo' not in result, result) self.assertTrue('.maps/' + m1.id not in result, result) self.assertTrue('Arf' in result, result) self.assertTrue('.maps/' + m2.id in result, result)
def testPost_DeleteUser(self): with test_utils.RootLogin(): self.DoUserPermissionsPost('xyz.com', [('outsider', 'DOMAIN_ADMIN', True)]) self.assertNotIn('outsider', perms.GetSubjectsForTarget('xyz.com'))
def testGet_NoSuchDomain(self): self.assertIsNone(domains.Domain.Get('nosuchdomain.com')) with test_utils.RootLogin(): response = self.DoGet(AdminUrl('nosuchdomain.com'), 404) self.assertIn('nosuchdomain.com', response.status)
def testGeneralAdminGet(self): with test_utils.Login('manager'): self.DoGet('/.admin', 403) # only allowed for ADMIN users with test_utils.RootLogin(): self.DoGet('/.admin')
def testNavigate(self): with test_utils.RootLogin(): response = self.DoGet('/.admin?map=http://app.com/root/.maps/x', 302) self.assertEquals( 'http://app.com/root/.admin/x', response.headers['Location'])
def testDomainSettingsPost_NoInitialDomainRole(self): with test_utils.RootLogin(): domains.Domain.Put('xyz.com', initial_domain_role=perms.Role.MAP_EDITOR) self.DoDomainSettingsPost('xyz.com', 'label', False, perms.Role.NONE) self.assertEqual( perms.Role.NONE, domains.Domain.Get('xyz.com').initial_domain_role)
def testCreateDomain_DomainAlreadyExists(self): with test_utils.RootLogin(): domains.Domain.Put('foo.com') response = self.DoCreateDomainPost('foo.com', 403) self.assertIn('foo.com', response.status)
def testPost_NonexistentDomain(self): self.assertIsNone(domains.Domain.Get('bar.com')) with test_utils.RootLogin(): self.DoNewUserPost('bar.com', '*****@*****.**', perms.Role.DOMAIN_ADMIN, 404)
def testPost_NewUserInvalidEmail(self): with test_utils.RootLogin(): response = self.DoNewUserPost( 'xyz.com', 'bad@email@address', perms.Role.DOMAIN_ADMIN, 400) self.assertIn('bad@email@address', response.body)
def testPost_SetDomainRoleNone(self): with test_utils.RootLogin(): perms.Grant('xyz.com', perms.Role.CATALOG_EDITOR, 'xyz.com') self.DoUserPermissionsPost('xyz.com', [], domain_role=perms.Role.NONE) self.assertNotIn('xyz.com', perms.GetSubjectsForTarget('xyz.com'))