def setUp(self, fake_plugin_middleware=lambda: None, ictv_middleware=lambda: None):
super().setUp(fake_plugin_middleware, ictv_middleware)
building = Building(name="mytestbuilding")
self.screen = Screen(name="mytestscreen", building=building, secret="secret")
self.other_screen = Screen(name="myothertestscreen", building=building, secret="secret")
self.plugins = [Plugin(name="%s%d" % (self.plugin_name, i), activated="yes") for i in
range(self.n_elements - 1)]
self.plugins.append(Plugin.selectBy(name="fake_plugin").getOne())
self.plugin_channels = [PluginChannel(name="%s%d" % (self.plugin_channel_name, i), plugin=self.plugins[i],
subscription_right="public") for i in range(self.n_elements)]
self.bundle_channels = [ChannelBundle(name="%s%d" % (self.bundle_channel_name, i), subscription_right="public")
for i in range(self.n_elements)]
other_channel = PluginChannel(name="other_channel", plugin=self.plugins[0], subscription_right="public")
User(email=self.user_nothing_email, disabled=False)
User(email=self.user_administrator_email, disabled=False, admin=True)
User(email=self.user_super_administrator_email, disabled=False, admin=True, super_admin=True)
screen_owner = User(email=self.user_screen_owner_email, disabled=False)
self.screen.safe_add_user(screen_owner)
other_screen_owner = User(email=self.user_other_screen_owner_email, disabled=False)
self.other_screen.safe_add_user(other_screen_owner)
contributor = User(email=self.user_contributor_email, disabled=False)
[plugin_channel.give_permission_to_user(contributor) for plugin_channel in self.plugin_channels]
contributor_other_channel = User(email=self.user_contributor_of_other_channel_email, disabled=False)
other_channel.give_permission_to_user(contributor_other_channel)
administrator_other_channel = User(email=self.user_administrator_of_other_channel_email, disabled=False)
other_channel.give_permission_to_user(administrator_other_channel, UserPermissions.channel_administrator)
channel_admin = User(email=self.user_channel_admin_email, disabled=False)
[plugin_channel.give_permission_to_user(channel_admin, UserPermissions.channel_administrator) for plugin_channel
in self.plugin_channels]
def runTest(self):
""" Tests the ICTVObject SQLObject """
user = User(fullname='User', email='test@localhost')
assert user.to_dictionary(['fullname', 'email']) == {
'fullname': 'User',
'email': 'test@localhost'
}
def runTest(self):
""" Tests the Role object. """
try:
u = User(username='******',
fullname='test test',
email='*****@*****.**',
super_admin=True,
disabled=False)
PluginChannel(name='test',
plugin=Plugin(name='role_plugin', activated='no'),
subscription_right='restricted')
c = PluginChannel.selectBy(name="test").getOne()
r = Role(user=u,
channel=c,
permission_level=UserPermissions.channel_contributor)
assert_true(r != None)
assert_true(
r.permission_level == UserPermissions.channel_contributor)
r.permission_level = UserPermissions.channel_administrator
assert_true(
r.permission_level == UserPermissions.channel_administrator)
Role.delete(r.id)
role = Role.selectBy(user=u, channel=c).getOne(None)
assert_true(role == None)
PluginChannel.delete(c.id)
User.delete(u.id)
except DuplicateEntryError:
assert_true(False)
def channels_1_request(self):
# basic test
self.testApp.get('/channels/1/request/1', status=303)
u = User(username='******',
email='*****@*****.**',
super_admin=True,
disabled=False)
self.testApp.get('/channels/1/request/' + str(u.id), status=303)
User.delete(u.id)
def post(self):
"""
Receive the POST binding request from IDP.
- process the request
- extract user attributes
- create a new User if it doesn't exist
- fill in the session
- redirect to RelayState or /
"""
# SAML boiler plate code
req = prepare_request()
settings = build_settings(self.config['saml2'])
# this is the object to interact with the shibboleth parameters
auth = init_saml_auth(req, settings)
errors = []
not_auth_warn = False
success_slo = False
input_data = flask.request.form
if 'acs' in flask.request.args:
auth.process_response() # decrypt and extract informations
errors = auth.get_errors()
not_auth_warn = not auth.is_authenticated()
if len(errors) == 0:
attrs = auth.get_attributes(
) # get attributes returned by the shibboleth idp
for key in attrs.keys():
print("(" + key + ", " + str(attrs[key]) + ")")
username = attrs[settings['sp']['attrs']['username']][0]
realname = attrs[settings['sp']['attrs']['realname']][0]
email = attrs[settings['sp']['attrs']['email']][0]
u = User.selectBy(email=email).getOne(None)
if not u: # The user does not exist in our DB
u = User(username=username,
email=email,
fullname=realname,
super_admin=False,
disabled=True)
self.session['user'] = u.to_dictionary(
['id', 'fullname', 'username', 'email'])
self_url = OneLogin_Saml2_Utils.get_self_url(req)
if 'RelayState' in input_data and self_url != input_data[
'RelayState']:
return resp.seeother(
auth.redirect_to(input_data['RelayState']))
return resp.seeother('/')
def runTest(self):
""" Tests the User object """
try:
User(username='******',
fullname='test test',
email='*****@*****.**',
super_admin=True,
disabled=False)
except DuplicateEntryError:
assert_true(False)
b = User.selectBy(username="******").getOne()
assert_not_equal(b, None)
assert_equal(b.username, "test")
try:
b.set(username="******")
except DuplicateEntryError:
assert_true(False)
assert_equal(b.username, "newName")
b.set(username="******")
l = b.get_subscriptions_of_owned_screens()
assert_true(l.count() >= 0)
una = User(username='******',
fullname='testnoadmin test',
email='*****@*****.**',
super_admin=False,
disabled=False)
l = una.get_subscriptions_of_owned_screens()
assert_true(l.count() >= 0)
User.delete(una.id)
b.set(disabled=True)
assert_equal(b.disabled, True)
t = b.owns_screen()
assert_equal(t, False)
b = User.selectBy(username="******").getOne()
b.addScreen(Screen(name='A', building=Building(name='A')))
t = b.owns_screen()
assert_equal(t, True)
b = User.selectBy(username="******").getOne()
t = User.delete(b.id)
assert_equal(t, None)
b = User.selectBy(username="******").getOne(None)
assert_true(None == b)
def setUp(self):
super().setUp()
self.building_id = Building(name=self.building_name).id
self.building2_id = Building(name=self.second_building_name).id
self.channel = PluginChannel(name=self.channel_name,
plugin=Plugin(name="dummy",
activated="notfound"),
subscription_right="public")
User(email=self.user_nothing_email, disabled=False)
User(email=self.user_administrator_email, disabled=False, admin=True)
User(email=self.user_super_administrator_email,
disabled=False,
admin=True,
super_admin=True)
contributor = User(email=self.user_contributor_email, disabled=False)
self.channel.give_permission_to_user(contributor)
channel_admin = User(email=self.user_channel_admin_email,
disabled=False)
self.channel.give_permission_to_user(
channel_admin, UserPermissions.channel_administrator)
def runTest(self):
""" Tests the Role SQLObject """
Channel.deleteMany(None)
fake_plugin = Plugin(name='fake_plugin', activated='notfound')
plugin_channel = PluginChannel(name='Plugin Channel',
plugin=fake_plugin,
subscription_right='public')
user = User(fullname='User', email='test@localhost')
role = Role(user=user,
channel=plugin_channel,
permission_level=UserPermissions.channel_administrator)
assert role._SO_get_permission_level() == 'channel_administrator'
assert role.permission_level == UserPermissions.channel_administrator
role.permission_level = UserPermissions.channel_contributor
assert role._SO_get_permission_level() == 'channel_contributor'
assert role.permission_level == UserPermissions.channel_contributor
def create_database():
Building.createTable()
Channel.createTable()
Plugin.createTable()
User.createTable()
PluginChannel.createTable()
ChannelBundle.createTable()
Role.createTable()
Screen.createTable()
ScreenMac.createTable()
Subscription.createTable()
Template.createTable()
Asset.createTable()
PluginParamAccessRights.createTable()
LogStat.createTable()
DBVersion.createTable()
DBVersion(version=database_version)
User(username="******", fullname="ICTV Admin", email="admin@ictv", super_admin=True, disabled=False)
def runTest(self):
""" Tests the cache mecanism. """
u = User(username='******',
fullname='testasset test',
email='*****@*****.**',
super_admin=True,
disabled=False)
PluginChannel(name='testasset2',
plugin=Plugin(name='cache_plugin', activated='no'),
subscription_right='restricted')
c = PluginChannel.selectBy(name="testasset2").getOne()
a = Asset(plugin_channel=c, user=u)
self.testApp.get('/cache/' + str(a.id), status=303)
try:
Asset.delete(a.id)
except SQLObjectNotFound:
pass
finally:
User.delete(u.id)
PluginChannel.delete(c.id)
def runTest(self):
fake_plugin = Plugin.byName('fake_plugin')
user = User(fullname='User', email='test@localhost')
assert fake_plugin.channels_number == 0
pc1 = PluginChannel(plugin=fake_plugin,
name='Plugin Channel 1',
subscription_right='public')
assert fake_plugin.channels_number == 1
pc2 = PluginChannel(plugin=fake_plugin,
name='Plugin Channel 2',
subscription_right='public')
assert fake_plugin.channels_number == 2
pc2.destroySelf()
assert fake_plugin.channels_number == 1
pc2 = PluginChannel(plugin=fake_plugin,
name='Plugin Channel 2',
subscription_right='public')
pc3 = PluginChannel(plugin=fake_plugin,
name='Plugin Channel 3',
subscription_right='public')
bundle_channel = ChannelBundle(name='Bundle',
subscription_right='public')
bundle_channel.add_channel(pc3)
building = Building(name='building')
screen1 = Screen(name='Screen1', building=building)
screen2 = Screen(name='Screen2', building=building)
screen3 = Screen(name='Screen3', building=building)
assert fake_plugin.screens_number == 0
screen1.subscribe_to(user, pc1)
assert fake_plugin.screens_number == 1
screen1.subscribe_to(user, pc2)
assert fake_plugin.screens_number == 1
screen2.subscribe_to(user, pc3)
assert fake_plugin.screens_number == 2
screen2.subscribe_to(user, bundle_channel)
assert fake_plugin.screens_number == 2
screen3.subscribe_to(user, bundle_channel)
assert fake_plugin.screens_number == 3
def setUp(self):
super(ChannelsPageTestCase, self).setUp()
Channel.deleteMany(None)
self.fake_plugin = Plugin.byName('fake_plugin')
self.pc1 = PluginChannel(plugin=self.fake_plugin,
name='PC 1',
subscription_right='public')
self.pc2 = PluginChannel(plugin=self.fake_plugin,
name='PC 2',
subscription_right='public')
self.pc3 = PluginChannel(plugin=self.fake_plugin,
name='PC 3',
subscription_right='public')
self.bundle = ChannelBundle(name='Bundle', subscription_right='public')
self.building = Building(name='Building')
self.screen = Screen(name='Screen', building=self.building)
self.user_nothing = User(email='nothing@localhost', disabled=False)
self.user_contrib = User(email='contrib@localhost', disabled=False)
self.pc1.give_permission_to_user(self.user_contrib,
UserPermissions.channel_contributor)
self.user_chan_admin = User(email='chan_admin@localhost',
disabled=False)
self.user_chan_admin2 = User(email='chan_admin2@localhost',
disabled=False)
self.pc1.give_permission_to_user(self.user_chan_admin,
UserPermissions.channel_administrator)
self.pc2.give_permission_to_user(self.user_chan_admin2,
UserPermissions.channel_administrator)
self.user_screen_admin = User(email='screen_admin@locahost',
disabled=False)
self.screen.safe_add_user(self.user_screen_admin)
self.user_admin = User(email='admin@localhost',
disabled=False,
admin=True)
self.user_super_admin = User(email='super_admin@localhost',
disabled=False,
admin=True,
super_admin=True)
self.users = [
self.user_nothing, self.user_contrib, self.user_chan_admin,
self.user_chan_admin2, self.user_screen_admin, self.user_admin,
self.user_super_admin
]
def runTest(self):
""" Tests the Channel SQLObject """
Channel.deleteMany(None)
fake_plugin = Plugin(name='fake_plugin', activated='notfound')
channel = Channel(name='Channel',
subscription_right='public',
secret='abcdef')
plugin_channel = PluginChannel(name='Channel2',
plugin=fake_plugin,
subscription_right='public')
bundle_channel = ChannelBundle(name='Channel3',
subscription_right='public')
building = Building(name='building')
screen = Screen(name='Screen', building=building)
user = User(fullname='User', email='test@localhost')
user2 = User(fullname='User2', email='test2@localhost')
# Test can_subscribe()
def test_channel_subscription(c, u):
def assert_subscription_no_perm():
assert c.can_subscribe(u)
c.subscription_right = 'restricted'
assert not c.can_subscribe(u)
c.subscription_right = 'private'
assert not c.can_subscribe(u)
c.subscription_right = 'public'
assert c.can_subscribe(u)
def assert_subscription_admin():
assert c.can_subscribe(u)
c.subscription_right = 'restricted'
assert c.can_subscribe(u)
c.subscription_right = 'private'
assert c.can_subscribe(u)
c.subscription_right = 'public'
assert c.can_subscribe(u)
def assert_subscription_super_admin():
assert c.can_subscribe(u)
c.subscription_right = 'restricted'
assert c.can_subscribe(u)
c.subscription_right = 'private'
assert c.can_subscribe(u)
c.subscription_right = 'public'
assert c.can_subscribe(u)
assert_subscription_no_perm()
user.admin = True
assert_subscription_admin()
user.admin = False
user.super_admin = True
assert_subscription_super_admin()
user.super_admin = False
test_channel_subscription(channel, user)
test_channel_subscription(plugin_channel, user)
test_channel_subscription(bundle_channel, user)
# Test get_channels_authorized_subscribers_as_json()
def test_channel_subscribers(c):
def assert_no_users():
assert Channel.get_channels_authorized_subscribers_as_json(
[c]) == '{"%d": []}' % c.id
def assert_only_user(u):
assert Channel.get_channels_authorized_subscribers_as_json(
[c]) == '{"%d": [%d]}' % (c.id, u.id)
def assert_users(*users):
for u in json.loads(
Channel.get_channels_authorized_subscribers_as_json(
[c]))[str(c.id)]:
assert u in [u.id for u in users]
assert_no_users()
c.safe_add_user(user)
assert_only_user(user)
# check that there is no duplicate
c.safe_add_user(user)
assert_only_user(user)
c.removeUser(user)
c.safe_add_user(user)
assert_only_user(user)
c.safe_add_user(user2)
assert_users(user, user2)
c.removeUser(user)
assert_only_user(user2)
c.removeUser(user2)
assert_no_users()
test_channel_subscribers(channel)
test_channel_subscribers(plugin_channel)
test_channel_subscribers(bundle_channel)
# Test get_visible_channels_of()
def test_visible_channels(u):
def assert_no_channels():
assert Channel.get_visible_channels_of(u) == set()
def assert_channel(c):
assert Channel.get_visible_channels_of(u) == {c}
def assert_all_channels():
assert Channel.get_visible_channels_of(u) == {
channel, plugin_channel, bundle_channel
}
def assert_public_channels():
channel.subscription_right = 'restricted'
assert Channel.get_visible_channels_of(u) == {
plugin_channel, bundle_channel
}
channel.subscription_right = 'private'
assert Channel.get_visible_channels_of(u) == {
plugin_channel, bundle_channel
}
channel.subscription_right = 'public'
assert_no_channels()
u.admin = True
assert_all_channels()
u.admin = False
assert_no_channels()
u.super_admin = True
assert_all_channels()
u.super_admin = False
assert_no_channels()
screen.addUser(u)
assert_public_channels()
screen.removeUser(u)
assert_no_channels()
channel.subscription_right = 'restricted'
assert_no_channels()
channel.addUser(u)
assert_channel(channel)
screen.addUser(u)
assert_all_channels()
channel.removeUser(u)
screen.removeUser(u)
assert_no_channels()
channel.subscription_right = 'public'
plugin_channel.give_permission_to_user(
u, UserPermissions.channel_contributor)
assert_channel(plugin_channel)
plugin_channel.give_permission_to_user(
u, UserPermissions.channel_administrator)
assert_channel(plugin_channel)
plugin_channel.remove_permission_to_user(u)
assert_no_channels()
test_visible_channels(user)
test_visible_channels(user2)
# Test get_screens_channels_from()
def test_screens_channels(u):
def assert_no_channels():
assert set(Channel.get_screens_channels_from(u)) == set()
def assert_channel(c):
assert set(Channel.get_screens_channels_from(u)) == {c}
def assert_channels(*channels):
assert set(
Channel.get_screens_channels_from(u)) == set(channels)
def assert_all_channels():
assert set(Channel.get_screens_channels_from(u)) == {
channel, plugin_channel, bundle_channel
}
assert_all_channels()
channel.subscription_right = 'restricted'
plugin_channel.subscription_right = 'restricted'
bundle_channel.subscription_right = 'restricted'
assert_no_channels()
u.super_admin = True
assert_all_channels()
u.super_admin = False
assert_no_channels()
channel.addUser(u)
assert_channel(channel)
channel.removeUser(u)
assert_no_channels()
screen.addUser(user)
screen.subscribe_to(user, channel)
assert_channel(channel)
screen.subscribe_to(user, bundle_channel)
assert_channels(channel, bundle_channel)
channel.subscription_right = 'public'
plugin_channel.subscription_right = 'public'
bundle_channel.subscription_right = 'public'
test_screens_channels(user)
# Test get_preview_link()
assert channel.get_preview_link(
) == '/preview/channels/%d/abcdef' % channel.id
def runTest(self):
""" Tests the Screen SQLObject """
Channel.deleteMany(None)
Screen.deleteMany(None)
channel = Channel(name='Channel',
subscription_right='public',
secret='abcdef')
plugin_channel = PluginChannel(name='Channel2',
plugin=Plugin.byName('fake_plugin'),
subscription_right='public')
plugin_channel2 = PluginChannel(name='Channel3',
plugin=Plugin.byName('fake_plugin'),
subscription_right='public')
bundle_channel = ChannelBundle(name='Channel4',
subscription_right='public')
bundle_channel.add_channel(plugin_channel2)
building = Building(name='building')
screen = Screen(name='Screen', building=building, secret='abcdef')
screen2 = Screen(name='Screen2', building=building)
user = User(fullname='User', email='test@localhost')
user2 = User(fullname='User2', email='test2@localhost')
# Miscellaneous test
assert screen.get_view_link() == '/screens/%d/view/abcdef' % screen.id
assert screen.get_client_link(
) == '/screens/%d/client/abcdef' % screen.id
assert screen.get_macs_string() == ''
assert screen not in user.screens
screen.safe_add_user(user)
assert screen in user.screens
assert screen not in user2.screens
screen.removeUser(user)
assert screen not in user2.screens
# Test subscription
assert not screen.is_subscribed_to(channel)
screen.subscribe_to(user, channel)
assert screen.is_subscribed_to(channel)
sub = screen.subscriptions[0]
screen.subscribe_to(user2, channel, weight=42)
assert sub.created_by == user2
assert sub.weight == 42
assert screen.is_subscribed_to(channel)
assert list(screen.subscribed_channels) == [channel]
screen.unsubscribe_from(user2, channel)
assert not screen.is_subscribed_to(channel)
# Test macs
ScreenMac(screen=screen, mac='00b16b00b500')
ScreenMac(screen=screen, mac='00b16b00b501')
assert screen.get_macs_string(
) == '00:b1:6b:00:b5:00;00:b1:6b:00:b5:01'
# Test get_visible_screens_of()
assert list(Screen.get_visible_screens_of(user)) == list(
Screen.get_visible_screens_of(user2)) == []
user.admin = True
assert list(Screen.get_visible_screens_of(user)) == [screen, screen2]
assert list(Screen.get_visible_screens_of(user2)) == []
user.admin = False
user2.super_admin = True
assert list(Screen.get_visible_screens_of(user2)) == [screen, screen2]
assert list(Screen.get_visible_screens_of(user)) == []
user2.super_admin = False
screen.safe_add_user(user)
screen2.safe_add_user(user2)
assert list(Screen.get_visible_screens_of(user)) == [screen]
assert list(Screen.get_visible_screens_of(user2)) == [screen2]
# Test channel content
screen.subscribe_to(user, plugin_channel)
screen.subscribe_to(user, bundle_channel)
screen_content = screen.get_channels_content(self.ictv_app)
assert len(screen_content) == 2
assert len(screen_content[0].get_slides()) == 1
assert screen_content[0].get_slides()[0].get_content() == {
'background-1': {
'size': 'contain',
'src': ''
},
'title-1': {
'text': 'Channel2'
},
'text-1': {
'text': ''
}
}
assert len(screen_content[1].get_slides()) == 1
assert screen_content[1].get_slides()[0].get_content() == {
'background-1': {
'size': 'contain',
'src': ''
},
'title-1': {
'text': 'Channel3'
},
'text-1': {
'text': ''
}
}
screen.shuffle = True
assert len(screen.get_channels_content(self.ictv_app)) == 2
def runTest(self):
""" Tests the PluginChannel SQLObject """
Channel.deleteMany(None)
fake_plugin = Plugin.selectBy(name='fake_plugin').getOne()
plugin_channel = PluginChannel(name='MyPluginChannel',
plugin=fake_plugin,
subscription_right='public')
user = User(fullname='User', email='test@localhost')
user2 = User(fullname='User2', email='test2@localhost')
assert plugin_channel.get_type_name() == 'Plugin fake_plugin'
# Test user permissions
def assert_no_permission(c, u):
assert c.get_channel_permissions_of(
u) == UserPermissions.no_permission
assert u not in c.get_admins() and u not in c.get_contribs()
def has_contrib(u, check_inlist=True):
return plugin_channel.has_contrib(u) and (
not check_inlist or u in plugin_channel.get_contribs())
def has_admin(u):
return plugin_channel.has_admin(
u) and u in plugin_channel.get_admins()
assert_no_permission(plugin_channel, user)
assert_no_permission(plugin_channel, user2)
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_contributor)
role = Role.selectBy(user=user, channel=plugin_channel).getOne()
assert has_contrib(user)
assert not has_admin(user)
assert not has_contrib(user2)
assert not has_admin(user2)
assert role.permission_level == UserPermissions.channel_contributor == plugin_channel.get_channel_permissions_of(
user)
assert json.loads(plugin_channel.get_users_as_json()) == {
str(user.id): UserPermissions.channel_contributor.value
}
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_administrator)
assert has_contrib(user, check_inlist=False)
assert has_admin(user)
assert not has_contrib(user2)
assert not has_admin(user2)
assert role.permission_level == UserPermissions.channel_administrator == plugin_channel.get_channel_permissions_of(
user)
assert json.loads(plugin_channel.get_users_as_json()) == {
str(user.id): UserPermissions.channel_administrator.value
}
assert json.loads(PluginChannel.get_channels_users_as_json([plugin_channel])) == \
{str(plugin_channel.id): {str(user.id): UserPermissions.channel_administrator.value}}
plugin_channel.remove_permission_to_user(user)
plugin_channel.give_permission_to_user(
user2, UserPermissions.channel_administrator)
assert not has_contrib(user)
assert not has_admin(user)
assert has_contrib(user2, check_inlist=False)
assert has_admin(user2)
plugin_channel.remove_permission_to_user(user2)
assert not has_contrib(user2)
assert not has_admin(user2)
# Test plugin config parameters
assert plugin_channel.get_config_param(
'string_param') == 'default string'
assert plugin_channel.get_config_param('int_param') == 1
assert plugin_channel.get_config_param('float_param') == float('-inf')
assert plugin_channel.get_config_param('boolean_param') is True
assert plugin_channel.get_config_param('template_param') is None
with pytest.raises(KeyError):
assert plugin_channel.get_config_param(
'this_param_does_not_exists')
def assert_value_is_set(param, value):
plugin_channel.plugin_config[param] = value
plugin_channel.plugin_config = plugin_channel.plugin_config # Force SQLObject update
assert plugin_channel.get_config_param(param) == value
assert_value_is_set('string_param', 'Hello, world!')
assert_value_is_set('int_param', 42)
assert_value_is_set('float_param', 42.0)
assert_value_is_set('boolean_param', False)
assert_value_is_set('template_param', 'fake-template')
# Test parameters access rights
ppar = PluginParamAccessRights.selectBy(plugin=fake_plugin,
name='int_param').getOne()
ppar.channel_contributor_read = False
ppar.channel_contributor_write = False
ppar.channel_administrator_read = True
ppar.channel_administrator_write = False
ppar.administrator_read = True
ppar.administrator_write = True
user.super_admin = True
assert plugin_channel.has_visible_params_for(user)
for param in [
'string_param', 'int_param', 'float_param', 'boolean_param',
'template_param'
]:
assert plugin_channel.get_access_rights_for(param,
user) == (True, True)
user.super_admin = False
assert not plugin_channel.has_visible_params_for(user)
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_contributor)
assert not plugin_channel.has_visible_params_for(user)
assert plugin_channel.get_access_rights_for('int_param',
user) == (False, False)
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_administrator)
assert plugin_channel.has_visible_params_for(user)
assert plugin_channel.get_access_rights_for('int_param',
user) == (True, False)
user.admin = True
assert plugin_channel.has_visible_params_for(user)
assert plugin_channel.get_access_rights_for('int_param',
user) == (True, True)
plugin_channel.remove_permission_to_user(user)
user.admin = False
assert not plugin_channel.has_visible_params_for(user)
assert plugin_channel.get_access_rights_for('int_param',
user) == (False, False)
# Test miscellaneous parameters
assert plugin_channel.cache_activated is True
plugin_channel.plugin.cache_activated_default = False
assert plugin_channel.cache_activated is False
plugin_channel.cache_activated = True
assert plugin_channel.cache_activated is True
assert plugin_channel.cache_validity is 60
plugin_channel.plugin.cache_validity_default = 120
assert plugin_channel.cache_validity is 120
plugin_channel.cache_validity = 42
assert plugin_channel.cache_validity is 42
assert plugin_channel.keep_noncomplying_capsules is False
plugin_channel.plugin.keep_noncomplying_capsules_default = True
assert plugin_channel.keep_noncomplying_capsules is True
plugin_channel.keep_noncomplying_capsules = False
assert plugin_channel.keep_noncomplying_capsules is False
# Test flatten()
plugin_channel.enabled = False
assert plugin_channel.flatten() == []
assert plugin_channel.flatten(keep_disabled_channels=True) == [
plugin_channel
]
plugin_channel.enabled = True
assert plugin_channel.flatten() == [plugin_channel]
def post(self):
""" Handles user creation, editing and deletion. """
form = self.form
super_admin = form.get('super_admin', False) == 'on'
admin = form.get('admin', False) == 'on'
if super_admin:
admin = False
current_user = User.get(self.session['user']['id'])
try:
if form.action == 'create':
username = form.username.strip()
fullname = form.fullname.strip()
form.email = form.email.strip()
email = None if len(form.email) == 0 or not self.pattern.match(
form.email) else form.email
if email is None and len(form.email) != 0:
raise ImmediateFeedback(form.action, 'invalid_email')
if len(email) > User.sqlmeta.columns['email'].length:
raise ImmediateFeedback(form.action, 'too_long_email')
if len(username) > User.sqlmeta.columns['username'].length:
raise ImmediateFeedback(form.action, 'too_long_username')
if not username:
username = None
elif len(username) < 3:
raise ImmediateFeedback(form.action, 'invalid_username')
try:
User(username=username,
fullname=fullname,
email=email,
super_admin=super_admin,
disabled=False)
except DuplicateEntryError:
u = User.selectBy(email=form.email).getOne(None)
if u is not None:
raise ImmediateFeedback(form.action,
'email_already_exists')
u = User.selectBy(username=username).getOne(None)
if u is not None:
raise ImmediateFeedback(form.action,
'username_already_exists')
elif form.action == 'edit':
try:
form.id = int(form.id)
u = User.get(form.id)
form.email = form.email.strip()
email = None if len(
form.email) == 0 or not self.pattern.match(
form.email) else form.email
form.username = u.username
form.fullname = u.fullname
if email is None and len(form.email) != 0:
raise ImmediateFeedback(form.action, 'invalid_email')
if email:
try:
u.email = email
except DuplicateEntryError:
raise ImmediateFeedback(form.action,
'email_already_exists')
form.email = u.email
if len(email) > User.sqlmeta.columns['email'].length:
raise ImmediateFeedback(form.action, 'too_long_email')
if not current_user.super_admin:
if u.super_admin:
resp.forbidden()
else:
if self.session['user']['id'] != form.id:
u.set(super_admin=super_admin, admin=admin)
except (SQLObjectNotFound, ValueError):
raise ImmediateFeedback(form.action, 'invalid_id')
elif form.action == 'toggle-activation':
if not current_user.super_admin:
resp.forbidden()
try:
form.id = int(form.id)
u = User.get(form.id)
form.email = u.email
u.disabled = not u.disabled
add_feedback(
form.action,
'activated' if not u.disabled else 'deactivated')
except (SQLObjectNotFound, ValueError):
raise ImmediateFeedback(form.action, 'invalid_id')
add_feedback(form.action, 'ok')
except ImmediateFeedback:
pass
store_form(form)
resp.seeother('/users')
def runTest(self):
""" Tests the Channel object. """
try:
PluginChannel(name='test',
plugin=Plugin(name='channel_plugin', activated='no'),
subscription_right='restricted')
PluginChannel(
name='test2',
plugin=Plugin.selectBy(name='channel_plugin').getOne(),
subscription_right='restricted')
c = PluginChannel.selectBy(name="test").getOne()
assert_not_equal(None, c)
c.set(name="testNew")
assert_equal(c.name, "testNew")
u = User(username='******',
fullname='test test',
email='*****@*****.**',
super_admin=True,
disabled=False)
up = UserPermissions.channel_contributor
c.give_permission_to_user(u, up)
role = Role.selectBy(user=u, channel=c).getOne(None)
assert_true(role != None)
c.give_permission_to_user(u, up)
role = Role.selectBy(user=u, channel=c).getOne(None)
assert_true(role != None)
getup = c.get_channel_permissions_of(u)
assert_equal(getup, up)
getupnoperm = c.get_channel_permissions_of(User.get(1))
assert_equal(getupnoperm, UserPermissions.no_permission)
c.remove_permission_to_user(u)
role = Role.selectBy(user=u, channel=c).getOne(None)
assert_true(role == None)
assert_false(c.has_admin(u))
up = UserPermissions.channel_administrator
c.give_permission_to_user(u, up)
assert_true(c.has_admin(u))
assert_true(c.has_contrib(u))
assert_is_not_none(c.get_admins())
assert_is_not_none(c.get_contribs())
assert_in(str(u.id), c.get_users_as_json())
c.remove_permission_to_user(u)
role = Role.selectBy(user=u, channel=c).getOne(None)
assert_true(role == None)
c.give_permission_to_user(None, up)
role = Role.selectBy(user=u).getOne(None)
assert_true(role == None)
tru = c.has_visible_params_for(u)
assert_true(tru)
u3 = User(username='******',
fullname='test3 test2',
email='*****@*****.**',
super_admin=False,
disabled=False)
tru = c.has_visible_params_for(u3)
assert_false(tru)
t = PluginChannel.delete(c.id)
assert_equal(t, None)
# try to delete a channel used by a screen - Seems to work...
sc = Screen(name='A', building=Building(name='A'))
sc.subscribe_to(u, PluginChannel.get(2))
# t2 = PluginChannel.delete(2)
c4 = PluginChannel.get(2)
nbSub = c4.subscriptions.count()
c4.set(enabled=False)
assert_equal(nbSub, c4.subscriptions.count())
c4.set(enabled=True)
c4.set(subscription_right="private")
assert_equal(nbSub, c4.subscriptions.count())
c4.set(subscription_right="public")
# todo seems working by bypassing the webinterface
c4.set(cache_validity=-10)
assert_true(c4.cache_validity < 0)
sc.unsubscribe_from(u, PluginChannel.get(2))
u2 = User(username='******',
fullname='test2 test2',
email='*****@*****.**',
super_admin=False,
disabled=False)
l = PluginChannel.get_screens_channels_from(u2)
assert_is_not_none(l)
temp = PluginChannel.get_visible_channels_of(u2)
assert_is_not_none(temp)
User.delete(u.id)
User.delete(u2.id)
User.delete(u3.id)
except DuplicateEntryError:
assert_true(False)
return
def runTest(self):
""" Tests the User SQLObject """
user = User(username='******', fullname='fullname', email='email')
fake_plugin = Plugin(name='fake_plugin', activated='notfound')
plugin_channel = PluginChannel(plugin=fake_plugin,
name='Channel',
subscription_right='public')
building = Building(name='building')
screen = Screen(name='Screen', building=building)
screen.subscribe_to(user, plugin_channel)
# Miscellaneous test
assert user.log_name == 'fullname (%d)' % user.id
user.fullname = None
assert user.log_name == 'email (%d)' % user.id
user.fullname = 'fullname'
assert user.log_name == 'fullname (%d)' % user.id
assert user.readable_name == 'fullname'
user.fullname = None
assert user.readable_name == 'username'
user.username = None
assert user.readable_name == 'email'
# Test permissions
assert user.highest_permission_level == UserPermissions.no_permission
assert list(user.get_subscriptions_of_owned_screens()) == []
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_contributor)) == []
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_administrator)) == []
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_contributor)
assert user.highest_permission_level == UserPermissions.channel_contributor
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_contributor)) == [plugin_channel]
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_administrator)) == []
plugin_channel.give_permission_to_user(
user, UserPermissions.channel_administrator)
assert user.highest_permission_level == UserPermissions.channel_administrator
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_contributor)) == []
assert list(
user.get_channels_with_permission_level(
UserPermissions.channel_administrator)) == [plugin_channel]
plugin_channel.remove_permission_to_user(user)
assert user.highest_permission_level == UserPermissions.no_permission
assert list(user.get_subscriptions_of_owned_screens()) == []
user.admin = True
assert user.highest_permission_level == UserPermissions.administrator
assert list(user.get_subscriptions_of_owned_screens()) == list(
screen.subscriptions)
user.admin = False
assert user.highest_permission_level == UserPermissions.no_permission
assert list(user.get_subscriptions_of_owned_screens()) == []
user.super_admin = True
assert user.highest_permission_level == UserPermissions.super_administrator
assert list(user.get_subscriptions_of_owned_screens()) == list(
screen.subscriptions)
user.super_admin = False
assert user.highest_permission_level == UserPermissions.no_permission
assert list(user.get_subscriptions_of_owned_screens()) == []
screen.safe_add_user(user)
assert user.highest_permission_level == UserPermissions.screen_administrator
assert list(user.get_subscriptions_of_owned_screens()) == list(
screen.subscriptions)
screen.removeUser(user)
assert list(user.get_subscriptions_of_owned_screens()) == []
assert user.highest_permission_level == UserPermissions.no_permission