def test_create_private_project_as_admin_clone_as_admin(self): """ Clone private project as admin and check content """ pname = 'p_%s' % create_random_str() options = {"private": ""} self.create_project(pname, config.ADMIN_USER, options=options) ggu = GerritGitUtils(config.ADMIN_USER, config.ADMIN_PRIV_KEY_PATH, config.USERS[config.ADMIN_USER]['email']) url = "ssh://%s@%s:29418/%s" % (config.ADMIN_USER, config.GATEWAY_HOST, pname) clone_dir = ggu.clone(url, pname) self.dirs_to_delete.append(os.path.dirname(clone_dir)) # Test that the clone is a success self.assertTrue(os.path.isdir(clone_dir)) # Verify master own the .gitreview file self.assertTrue(os.path.isfile(os.path.join(clone_dir, '.gitreview'))) # Verify meta/config branch own both group and ACLs config file ggu.fetch_meta_config(clone_dir) self.assertTrue(os.path.isfile(os.path.join(clone_dir, 'project.config'))) self.assertTrue(os.path.isfile(os.path.join(clone_dir, 'groups'))) # There is a group dev for a private project content = file(os.path.join(clone_dir, 'project.config')).read() self.assertTrue('%s-dev' % pname in content) content = file(os.path.join(clone_dir, 'groups')).read() self.assertTrue('%s-dev' % pname in content)
def test_create_private_project_as_admin_clone_as_admin(self): """ Clone private project as admin and check content """ pname = 'p_%s' % create_random_str() options = {"private": ""} self.create_project(pname, config.ADMIN_USER, options=options) ggu = GerritGitUtils(config.ADMIN_USER, config.ADMIN_PRIV_KEY_PATH, config.USERS[config.ADMIN_USER]['email']) url = "ssh://%s@%s:29418/%s" % (config.ADMIN_USER, config.GATEWAY_HOST, pname) clone_dir = ggu.clone(url, pname) self.dirs_to_delete.append(os.path.dirname(clone_dir)) # Test that the clone is a success self.assertTrue(os.path.isdir(clone_dir)) # Verify master own the .gitreview file self.assertTrue(os.path.isfile(os.path.join(clone_dir, '.gitreview'))) # Verify meta/config branch own both group and ACLs config file ggu.fetch_meta_config(clone_dir) self.assertTrue(os.path.isfile(os.path.join(clone_dir, 'project.config'))) self.assertTrue(os.path.isfile(os.path.join(clone_dir, 'groups'))) # There is a group dev for a private project content = file(os.path.join(clone_dir, 'project.config')).read() self.assertTrue('%s-dev' % pname in content) content = file(os.path.join(clone_dir, 'groups')).read() self.assertTrue('%s-dev' % pname in content)
def test_01_validate_gerrit_project_acls(self): """ Verify the correct behavior of ACLs set on gerrit project """ pname = "TestProjectACL" self.createProject(pname) un = config.ADMIN_USER priv_key_path = set_private_key(config.USERS[un]["privkey"]) gitu = GerritGitUtils(un, priv_key_path, config.USERS[un]['email']) url = "ssh://%s@%s:29418/%s" % (un, config.GATEWAY_HOST, pname) clone_dir = gitu.clone(url, pname) gitu.fetch_meta_config(clone_dir) with open(os.path.join(clone_dir, 'project.config')) as project_config: p_config = parse_project_config(project_config) ptl = pname + "-ptl" core = pname + "-core" self.assertTrue('access "refs/*"' in p_config.keys(), repr(p_config)) self.assertTrue('access "refs/heads/*"' in p_config.keys(), repr(p_config)) self.assertTrue('access "refs/meta/config"' in p_config.keys(), repr(p_config)) self.assertTrue(any(ptl in l for l in p_config['access "refs/*"']['owner']), repr(p_config)) self.assertTrue(any(core in l for l in p_config['access "refs/*"']['read']), repr(p_config)) heads = p_config['access "refs/heads/*"'] self.assertTrue(any(core in l for l in heads['label-Code-Review']), repr(p_config)) self.assertTrue(any(core in l for l in heads['label-Workflow']), repr(p_config)) self.assertTrue(any(ptl in l for l in heads['label-Verified']), repr(p_config)) self.assertTrue(any(ptl in l for l in heads['submit']), repr(p_config)) self.assertTrue(any(core in l for l in heads['read']), repr(p_config)) # no need to test ref/meta/config, we could not test is if we # could not access it to begin with self.dirs_to_delete.append(os.path.dirname(clone_dir))
def test_01_validate_gerrit_project_acls(self): """ Verify the correct behavior of ACLs set on gerrit project """ pname = "TestProjectACL" self.createProject(pname) un = config.ADMIN_USER priv_key_path = set_private_key(config.USERS[un]["privkey"]) gitu = GerritGitUtils(un, priv_key_path, config.USERS[un]['email']) url = "ssh://%s@%s:29418/%s" % (un, config.GATEWAY_HOST, pname) clone_dir = gitu.clone(url, pname) gitu.fetch_meta_config(clone_dir) with open(os.path.join(clone_dir, 'project.config')) as project_config: p_config = parse_project_config(project_config) ptl = pname + "-ptl" core = pname + "-core" self.assertTrue('access "refs/*"' in p_config.keys(), repr(p_config)) self.assertTrue('access "refs/heads/*"' in p_config.keys(), repr(p_config)) self.assertTrue('access "refs/meta/config"' in p_config.keys(), repr(p_config)) self.assertTrue( any(ptl in l for l in p_config['access "refs/*"']['owner']), repr(p_config)) self.assertTrue( any(core in l for l in p_config['access "refs/*"']['read']), repr(p_config)) heads = p_config['access "refs/heads/*"'] self.assertTrue(any(core in l for l in heads['label-Code-Review']), repr(p_config)) self.assertTrue(any(core in l for l in heads['label-Workflow']), repr(p_config)) self.assertTrue(any(ptl in l for l in heads['label-Verified']), repr(p_config)) self.assertTrue(any(ptl in l for l in heads['submit']), repr(p_config)) self.assertTrue(any(core in l for l in heads['read']), repr(p_config)) # no need to test ref/meta/config, we could not test is if we # could not access it to begin with self.dirs_to_delete.append(os.path.dirname(clone_dir))
def test_create_public_project_as_admin_clone_as_admin(self): """ Clone public project as admin and check content """ pname = "p_%s" % create_random_str() self.create_project(pname, config.ADMIN_USER) ggu = GerritGitUtils(config.ADMIN_USER, config.ADMIN_PRIV_KEY_PATH, config.USERS[config.ADMIN_USER]["email"]) url = "ssh://%s@%s:29418/%s" % (config.ADMIN_USER, config.GATEWAY_HOST, pname) clone_dir = ggu.clone(url, pname) self.dirs_to_delete.append(os.path.dirname(clone_dir)) # Test that the clone is a success self.assertTrue(os.path.isdir(clone_dir)) # Verify master own the .gitreview file self.assertTrue(os.path.isfile(os.path.join(clone_dir, ".gitreview"))) # Verify meta/config branch own both group and ACLs config file ggu.fetch_meta_config(clone_dir) self.assertTrue(os.path.isfile(os.path.join(clone_dir, "project.config"))) self.assertTrue(os.path.isfile(os.path.join(clone_dir, "groups"))) # There is no group dev for a public project content = file(os.path.join(clone_dir, "project.config")).read() self.assertFalse("%s-dev" % pname in content) content = file(os.path.join(clone_dir, "groups")).read() self.assertFalse("%s-dev" % pname in content)