def _test_team_assigned_to_bug(self, private=True): # Users can see teams assigned to bugs. bug_owner = self.factory.makePerson() product = self.factory.makeProduct(owner=bug_owner) if private: information_type = InformationType.USERDATA else: information_type = InformationType.PUBLIC bug = self.factory.makeBug(owner=bug_owner, target=product, information_type=information_type) # Initially no visibility. some_person = self.factory.makePerson() self._check_permission(some_person, False) clear_cache() # Assign the private team to a bugtask. login_person(bug_owner) bug.default_bugtask.transitionToAssignee(self.priv_team) # All users can see public bugs, so in that case, the team is # now visible, else team is still not visible. some_person = self.factory.makePerson() self._check_permission(some_person, not private) # Subscribe the user to the bug. login_person(bug_owner) bug.subscribe(some_person, bug_owner) # The team is now visible. self._check_permission(some_person, True)
def _test_team_assigned_to_bug(self, private=True): # Users can see teams assigned to bugs. bug_owner = self.factory.makePerson() product = self.factory.makeProduct(owner=bug_owner) if private: information_type = InformationType.USERDATA else: information_type = InformationType.PUBLIC bug = self.factory.makeBug( owner=bug_owner, target=product, information_type=information_type) # Initially no visibility. some_person = self.factory.makePerson() self._check_permission(some_person, False) clear_cache() # Assign the private team to a bugtask. login_person(bug_owner) bug.default_bugtask.transitionToAssignee(self.priv_team) # All users can see public bugs, so in that case, the team is # now visible, else team is still not visible. some_person = self.factory.makePerson() self._check_permission(some_person, not private) # Subscribe the user to the bug. login_person(bug_owner) bug.subscribe(some_person, bug_owner) # The team is now visible. self._check_permission(some_person, True)
def test_query_count(self): # The function issues a constant number of queries regardless of # team count. login_person(self.user) context = self.factory.makeProduct(owner=self.user) self._setup_teams(self.user) IStore(Person).invalidate() clear_cache() with StormStatementRecorder() as recorder: expose_user_administered_teams_to_js( self.request, self.user, context, absoluteURL=fake_absoluteURL) self.assertThat(recorder, HasQueryCount(Equals(4))) # Create some new public teams owned by the user, and a private # team administered by the user. for i in range(3): self.factory.makeTeam(owner=self.user) pt = self.factory.makeTeam( visibility=PersonVisibility.PRIVATE, members=[self.user]) with person_logged_in(pt.teamowner): pt.addMember( self.user, pt.teamowner, status=TeamMembershipStatus.ADMIN) IStore(Person).invalidate() clear_cache() del IJSONRequestCache(self.request).objects['administratedTeams'] with StormStatementRecorder() as recorder: expose_user_administered_teams_to_js( self.request, self.user, context, absoluteURL=fake_absoluteURL) self.assertThat(recorder, HasQueryCount(Equals(4)))
def testRejectPermission(self): """Test the reject() access control. Only an answer contacts and administrator can reject a question. """ login(ANONYMOUS) self.assertRaises(Unauthorized, getattr, self.question, 'reject') login_person(self.owner) self.assertRaises(Unauthorized, getattr, self.question, 'reject') login_person(self.answerer) self.assertRaises(Unauthorized, getattr, self.question, 'reject') # Answer contacts must speak a language self.answerer.addLanguage(getUtility(ILanguageSet)['en']) self.question.target.addAnswerContact(self.answerer, self.answerer) # clear authorization cache for check_permission clear_cache() self.assertTrue( getattr(self.question, 'reject'), "Answer contact cannot reject question.") login_person(self.admin) self.assertTrue( getattr(self.question, 'reject'), "Admin cannot reject question.")
def _make_formatter(self, cache_permission=False): # Helper to create the formatter and optionally cache the permission. formatter = getAdapter(self.team, IPathAdapter, 'fmt') clear_cache() request = LaunchpadTestRequest() any_person = self.factory.makePerson() if cache_permission: login_person(any_person, request) precache_permission_for_objects( request, 'launchpad.LimitedView', [self.team]) return formatter, request, any_person
def test_visible_to_owner(self): # The owners of a branch always have visibility of their own branches. owner = self.factory.makePerson() branch = self.factory.makeBranch( owner=owner, information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) clear_cache() # Clear authorization cache for check_permission. access = AccessBranch(naked_branch) self.assertFalse(access.checkUnauthenticated()) self.assertTrue(access.checkAuthenticated(IPersonRoles(owner))) self.assertFalse(check_permission('launchpad.View', branch))
def test_visible_to_owner(self): # The owners of a branch always have visibility of their own branches. owner = self.factory.makePerson() branch = self.factory.makeBranch( owner=owner, information_type=InformationType.USERDATA) naked_branch = removeSecurityProxy(branch) clear_cache() # Clear authorization cache for check_permission. access = AccessBranch(naked_branch) self.assertFalse(access.checkUnauthenticated()) self.assertTrue( access.checkAuthenticated(IPersonRoles(owner))) self.assertFalse(check_permission('launchpad.View', branch))
def _check_permission(self, user, visible): login_person(user) self.assertEqual( visible, check_permission('launchpad.LimitedView', self.priv_team)) clear_cache()