def setUp(self):
self.dirname = '_test_xmlrpc'
# set up and open a tracker
self.instance = db_test_base.setupTracker(self.dirname, self.backend)
# open the database
self.db = self.instance.open('admin')
print("props_only default", self.db.security.get_props_only_default())
# Get user id (user4 maybe). Used later to get data from db.
self.joeid = 'user' + self.db.user.create(
username='******',
password=password.Password('random'),
address='*****@*****.**',
realname='Joe Random',
roles='User')
self.db.commit()
self.db.close()
self.db = self.instance.open('joe')
self.db.tx_Source = 'web'
self.db.issue.addprop(tx_Source=hyperdb.String())
self.db.msg.addprop(tx_Source=hyperdb.String())
self.db.post_init()
tx_Source_init(self.db)
self.server = RoundupInstance(self.db, self.instance.actions, None)
def setUp(self):
ActionTestCase.setUp(self)
self.result = []
class AppendResult:
def __init__(inner_self, name):
inner_self.name = name
def __call__(inner_self, *args, **kw):
self.result.append((inner_self.name, args, kw))
if inner_self.name == 'set':
return kw
return '17'
self.client.db.security.hasPermission = true
self.client.classname = 'issue'
self.client.base = 'http://tracker/'
self.client.nodeid = '4711'
self.client.template = 'item'
self.client.db.classes.create = AppendResult('create')
self.client.db.classes.set = AppendResult('set')
self.client.db.classes.getprops = lambda: \
({'messages':hyperdb.Multilink('msg')
,'content':hyperdb.String()
,'files':hyperdb.Multilink('file')
})
self.action = EditItemAction(self.client)
def testTokenizedStringKey(self):
self.client.db.classes.get_transitive_prop = lambda x: hyperdb.String()
self.form.value.append(MiniFieldStorage('foo', 'hello world'))
self.assertFilterEquals('foo')
# The single value gets replaced with the tokenized list.
self.assertEqual([x.value for x in self.form['foo']],
['hello', 'world'])
def setUp(self):
self.dirname = '_test_cgi_form'
# set up and open a tracker
self.instance = db_test_base.setupTracker(self.dirname)
# open the database
self.db = self.instance.open('admin')
self.db.tx_Source = "web"
self.db.user.create(username='******',
address='*****@*****.**',
realname='Bork, Chef',
roles='User')
self.db.user.create(username='******',
address='*****@*****.**',
roles='User',
realname='Contrary, Mary')
self.db.issue.addprop(tx_Source=hyperdb.String())
self.db.msg.addprop(tx_Source=hyperdb.String())
self.db.post_init()
vars = {}
thisdir = os.path.dirname(__file__)
execfile(os.path.join(thisdir, "tx_Source_detector.py"), vars)
vars['init'](self.db)
test = self.instance.backend.Class(self.db,
"test",
string=hyperdb.String(),
number=hyperdb.Number(),
boolean=hyperdb.Boolean(),
link=hyperdb.Link('test'),
multilink=hyperdb.Multilink('test'),
date=hyperdb.Date(),
messages=hyperdb.Multilink('msg'),
interval=hyperdb.Interval())
# compile the labels re
classes = '|'.join(self.db.classes.keys())
self.FV_SPECIAL = re.compile(FormParser.FV_LABELS % classes,
re.VERBOSE)
def getprops(self):
return {
'string': hyperdb.String(),
'number': hyperdb.Number(),
'boolean': hyperdb.Boolean(),
'password': hyperdb.Password(),
'date': hyperdb.Date(),
'interval': hyperdb.Interval(),
'link': hyperdb.Link('test'),
'link2': hyperdb.Link('test2'),
'multilink': hyperdb.Multilink('test'),
'multilink2': hyperdb.Multilink('test2'),
}
def __init__(self, db, classname, **properties):
"""The newly-created class automatically includes the "messages",
"files", "nosy", and "superseder" properties. If the 'properties'
dictionary attempts to specify any of these properties or a
"creation" or "activity" property, a ValueError is raised.
"""
if 'title' not in properties:
properties['title'] = hyperdb.String(indexme='yes')
if 'messages' not in properties:
properties['messages'] = hyperdb.Multilink("msg")
if 'files' not in properties:
properties['files'] = hyperdb.Multilink("file")
if 'nosy' not in properties:
# note: journalling is turned off as it really just wastes
# space. this behaviour may be overridden in an instance
properties['nosy'] = hyperdb.Multilink("user", do_journal="no")
if 'superseder' not in properties:
properties['superseder'] = hyperdb.Multilink(classname)
Class.__init__(self, db, classname, **properties)
def setUp(self):
self.dirname = '_test_cgi_form'
# set up and open a tracker
self.instance = db_test_base.setupTracker(self.dirname)
# open the database
self.db = self.instance.open('admin')
self.db.user.create(username='******', address='*****@*****.**',
realname='Bork, Chef', roles='User')
self.db.user.create(username='******', address='*****@*****.**',
roles='User', realname='Contrary, Mary')
test = self.instance.backend.Class(self.db, "test",
string=hyperdb.String(), number=hyperdb.Number(),
boolean=hyperdb.Boolean(), link=hyperdb.Link('test'),
multilink=hyperdb.Multilink('test'), date=hyperdb.Date(),
interval=hyperdb.Interval())
# compile the labels re
classes = '|'.join(self.db.classes.keys())
self.FV_SPECIAL = re.compile(FormParser.FV_LABELS%classes,
re.VERBOSE)
def testStringKey(self):
self.client.db.classes.getprops = lambda: {'foo': hyperdb.String()}
self.form.value.append(MiniFieldStorage('foo', 'hello'))
self.assertFilterEquals('foo')
def testSearchPermission(self):
# this checks if we properly check for search permissions
self.db.security.permissions = {}
self.db.security.addRole(name='User')
self.db.security.addRole(name='Project')
self.db.security.addPermissionToRole('User', 'Web Access')
self.db.security.addPermissionToRole('Project', 'Web Access')
# Allow viewing department
p = self.db.security.addPermission(name='View', klass='department')
self.db.security.addPermissionToRole('User', p)
# Allow viewing interesting things (but not department) on iss
# But users might only view issues where they are on nosy
# (so in the real world the check method would be better)
p = self.db.security.addPermission(name='View',
klass='iss',
properties=("title", "status"),
check=lambda x, y, z: True)
self.db.security.addPermissionToRole('User', p)
# Allow all relevant roles access to stat
p = self.db.security.addPermission(name='View', klass='stat')
self.db.security.addPermissionToRole('User', p)
self.db.security.addPermissionToRole('Project', p)
# Allow role "Project" access to whole iss
p = self.db.security.addPermission(name='View', klass='iss')
self.db.security.addPermissionToRole('Project', p)
department = self.instance.backend.Class(self.db,
"department",
name=hyperdb.String())
status = self.instance.backend.Class(self.db,
"stat",
name=hyperdb.String())
issue = self.instance.backend.Class(
self.db,
"iss",
title=hyperdb.String(),
status=hyperdb.Link('stat'),
department=hyperdb.Link('department'))
d1 = department.create(name='d1')
d2 = department.create(name='d2')
open = status.create(name='open')
closed = status.create(name='closed')
issue.create(title='i1', status=open, department=d2)
issue.create(title='i2', status=open, department=d1)
issue.create(title='i2', status=closed, department=d1)
chef = self.db.user.lookup('Chef')
mary = self.db.user.lookup('mary')
self.db.user.set(chef, roles='User, Project')
perm = self.db.security.hasPermission
search = self.db.security.hasSearchPermission
self.assert_(perm('View', chef, 'iss', 'department', '1'))
self.assert_(perm('View', chef, 'iss', 'department', '2'))
self.assert_(perm('View', chef, 'iss', 'department', '3'))
self.assert_(search(chef, 'iss', 'department'))
self.assert_(not perm('View', mary, 'iss', 'department'))
self.assert_(perm('View', mary, 'iss', 'status'))
# Conditionally allow view of whole iss (check is False here,
# this might check for department owner in the real world)
p = self.db.security.addPermission(name='View',
klass='iss',
check=lambda x, y, z: False)
self.db.security.addPermissionToRole('User', p)
self.assert_(perm('View', mary, 'iss', 'department'))
self.assert_(not perm('View', mary, 'iss', 'department', '1'))
self.assert_(not search(mary, 'iss', 'department'))
self.assert_(perm('View', mary, 'iss', 'status'))
self.assert_(not search(mary, 'iss', 'status'))
# Allow user to search for iss.status
p = self.db.security.addPermission(name='Search',
klass='iss',
properties=("status", ))
self.db.security.addPermissionToRole('User', p)
self.assert_(search(mary, 'iss', 'status'))
dep = {
'@action': 'search',
'columns': 'id',
'@filter': 'department',
'department': '1'
}
stat = {
'@action': 'search',
'columns': 'id',
'@filter': 'status',
'status': '1'
}
depsort = {'@action': 'search', 'columns': 'id', '@sort': 'department'}
depgrp = {'@action': 'search', 'columns': 'id', '@group': 'department'}
# Filter on department ignored for role 'User':
cl = self._make_client(dep,
classname='iss',
nodeid=None,
userid=mary,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['1', '2', '3'])
# Filter on department works for role 'Project':
cl = self._make_client(dep,
classname='iss',
nodeid=None,
userid=chef,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['2', '3'])
# Filter on status works for all:
cl = self._make_client(stat,
classname='iss',
nodeid=None,
userid=mary,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['1', '2'])
cl = self._make_client(stat,
classname='iss',
nodeid=None,
userid=chef,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['1', '2'])
# Sorting and grouping for class Project works:
cl = self._make_client(depsort,
classname='iss',
nodeid=None,
userid=chef,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['2', '3', '1'])
cl = self._make_client(depgrp,
classname='iss',
nodeid=None,
userid=chef,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['2', '3', '1'])
# Sorting and grouping for class User fails:
cl = self._make_client(depsort,
classname='iss',
nodeid=None,
userid=mary,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['1', '2', '3'])
cl = self._make_client(depgrp,
classname='iss',
nodeid=None,
userid=mary,
template='index')
h = HTMLRequest(cl)
self.assertEqual([x.id for x in h.batch()], ['1', '2', '3'])
def properties(self):
return {
'string': hyperdb.String(),
}
def __init__(self, db, classname, **properties):
if 'content' not in properties:
properties['content'] = hyperdb.String(indexme='yes')
if 'type' not in properties:
properties['type'] = hyperdb.String()
back_anydbm.Class.__init__(self, db, classname, **properties)
def testAuthFilter(self):
# this checks if we properly check for search permissions
self.db.security.permissions = {}
# self.db.security.set_props_only_default(props_only=False)
self.db.security.addRole(name='User')
self.db.security.addRole(name='Project')
self.db.security.addPermissionToRole('User', 'Web Access')
self.db.security.addPermissionToRole('Project', 'Web Access')
# Allow viewing keyword
p = self.db.security.addPermission(name='View', klass='keyword')
print("View keyword class: %r" % p)
self.db.security.addPermissionToRole('User', p)
# Allow viewing interesting things (but not keyword) on issue
# But users might only view issues where they are on nosy
# (so in the real world the check method would be better)
p = self.db.security.addPermission(name='View',
klass='issue',
properties=("title", "status"),
check=lambda x, y, z: True)
print("View keyword class w/ props: %r" % p)
self.db.security.addPermissionToRole('User', p)
# Allow role "Project" access to whole issue
p = self.db.security.addPermission(name='View', klass='issue')
self.db.security.addPermissionToRole('Project', p)
# Allow all access to status:
p = self.db.security.addPermission(name='View', klass='status')
self.db.security.addPermissionToRole('User', p)
self.db.security.addPermissionToRole('Project', p)
keyword = self.db.keyword
status = self.db.status
issue = self.db.issue
d1 = keyword.create(name='d1')
d2 = keyword.create(name='d2')
open = status.create(name='open')
closed = status.create(name='closed')
issue.create(title='i1', status=open, keyword=[d2])
issue.create(title='i2', status=open, keyword=[d1])
issue.create(title='i2', status=closed, keyword=[d1])
chef = self.db.user.create(username='******', roles='User, Project')
joe = self.db.user.lookup('joe')
# Conditionally allow view of whole issue (check is False here,
# this might check for keyword owner in the real world)
p = self.db.security.addPermission(name='View',
klass='issue',
check=lambda x, y, z: False)
print("View issue class: %r" % p)
self.db.security.addPermissionToRole('User', p)
# Allow user to search for issue.status
p = self.db.security.addPermission(name='Search',
klass='issue',
properties=("status", ))
print("View Search class w/ props: %r" % p)
self.db.security.addPermissionToRole('User', p)
keyw = {'keyword': self.db.keyword.lookup('d1')}
stat = {'status': self.db.status.lookup('open')}
keygroup = keysort = [('+', 'keyword')]
self.db.commit()
# Filter on keyword ignored for role 'User':
r = self.server.filter('issue', None, keyw)
self.assertEqual(r, ['1', '2', '3'])
# Filter on status works for all:
r = self.server.filter('issue', None, stat)
self.assertEqual(r, ['1', '2'])
# Sorting and grouping for class User fails:
r = self.server.filter('issue', None, {}, sort=keysort)
self.assertEqual(r, ['1', '2', '3'])
r = self.server.filter('issue', None, {}, group=keygroup)
self.assertEqual(r, ['1', '2', '3'])
self.db.close()
self.db = self.instance.open('chef')
self.db.tx_Source = 'web'
self.db.issue.addprop(tx_Source=hyperdb.String())
self.db.msg.addprop(tx_Source=hyperdb.String())
self.db.post_init()
self.server = RoundupInstance(self.db, self.instance.actions, None)
# Filter on keyword works for role 'Project':
r = self.server.filter('issue', None, keyw)
self.assertEqual(r, ['2', '3'])
# Filter on status works for all:
r = self.server.filter('issue', None, stat)
self.assertEqual(r, ['1', '2'])
# Sorting and grouping for class Project works:
r = self.server.filter('issue', None, {}, sort=keysort)
self.assertEqual(r, ['2', '3', '1'])
r = self.server.filter('issue', None, {}, group=keygroup)
self.assertEqual(r, ['2', '3', '1'])
def __init__(self, db, classname, **properties):
if not properties.has_key('content'):
properties['content'] = hyperdb.String(indexme='yes')
if not properties.has_key('type'):
properties['type'] = hyperdb.String()
back_anydbm.Class.__init__(self, db, classname, **properties)
