def test_list_files_filters_by_owner(self): factory.make_FileStorage(owner=factory.make_User()) response = self.make_API_GET_request() self.assertEqual(http.client.OK, response.status_code) parsed_results = json_load_bytes(response.content) self.assertEqual([], parsed_results)
def test_getUserFromSessionId_returns_None_for_invalid_key(self): self.client.login(user=maas_factory.make_User()) session_id = maas_factory.make_name("sessionid") protocol, factory = self.make_protocol() self.assertIs(None, protocol.getUserFromSessionId(session_id))
def test_whoami_returns_forbidden_if_not_logged_in(self): self.client.logout() factory.make_User() response = self.client.get(reverse("users_handler"), {"op": "whoami"}) self.assertEqual(http.client.UNAUTHORIZED, response.status_code, response.content)
def test_ProfileForm_validates_if_email_unchanged(self): email = '*****@*****.**' % factory.make_string() user = factory.make_User(email=email) form = ProfileForm(instance=user, data={'email': email}) self.assertTrue(form.is_valid())
def test_is_authenticated_external_auth(self): user = factory.make_User() request = self.make_request(user=user) auth = MAASAPIAuthentication() self.assertTrue(auth.is_authenticated(request))
def test_missing_action_raises_error(self): user = factory.make_User() device = self.make_device_with_ip_address(owner=user) handler = DeviceHandler(user, {}) with ExpectedException(NodeActionError): handler.action({"system_id": device.system_id})
def test_returns_owner_if_node_found(self): node = factory.make_Node(owner=factory.make_User()) make_provider_state_file(node=node) self.assertEqual(node.owner, get_bootstrap_node_owner())
def test_user_can_edit_VirtualBlockDevice_when_node_owner(self): backend = MAASAuthorizationBackend() user = factory.make_User() node = factory.make_Node(owner=user) device = factory.make_VirtualBlockDevice(node=node) self.assertTrue(backend.has_perm(user, NODE_PERMISSION.EDIT, device))
def make_user(self, name='test', password='******'): """Create a user with a password.""" return factory.make_User(username=name, password=password)
def test_user_can_lock_locked_node(self): backend = MAASAuthorizationBackend() owner = factory.make_User() node = factory.make_Node( owner=owner, status=NODE_STATUS.DEPLOYED, locked=True) self.assertTrue(backend.has_perm(owner, NODE_PERMISSION.LOCK, node))
def test_user_can_view_BlockDevice_when_no_node_owner(self): backend = MAASAuthorizationBackend() user = factory.make_User() node = factory.make_Node() device = factory.make_BlockDevice(node=node) self.assertTrue(backend.has_perm(user, NODE_PERMISSION.VIEW, device))
def test_user_can_edit_his_own_nodes(self): backend = MAASAuthorizationBackend() user = factory.make_User() self.assertTrue(backend.has_perm( user, NODE_PERMISSION.EDIT, make_allocated_node(owner=user)))
def test_user_cannot_edit_unowned_node(self): backend = MAASAuthorizationBackend() self.assertFalse(backend.has_perm( factory.make_User(), NODE_PERMISSION.EDIT, factory.make_Node()))
def test_user_cannot_edit_nodes_owned_by_others(self): backend = MAASAuthorizationBackend() self.assertFalse(backend.has_perm( factory.make_User(), NODE_PERMISSION.EDIT, make_allocated_node()))
def test_get_form_class_returns_DeviceForm_for_update(self): user = factory.make_User() handler = DeviceHandler(user, {}) self.assertIs(DeviceForm, handler.get_form_class("update"))
def test_user_can_view(self): backend = MAASAuthorizationBackend() user = factory.make_User() self.assertTrue( backend.has_perm( user, NODE_PERMISSION.VIEW, self.factory()))
def test_get_form_class_raises_error_for_unknown_action(self): user = factory.make_User() handler = DeviceHandler(user, {}) self.assertRaises( HandlerError, handler.get_form_class, factory.make_name())
def test_user_cannot_edit(self): backend = MAASAuthorizationBackend() user = factory.make_User() self.assertFalse( backend.has_perm( user, NODE_PERMISSION.EDIT, self.factory()))
def test_update_raise_permissions_error_for_non_admin(self): user = factory.make_User() handler = DeviceHandler(user, {}) self.assertRaises( HandlerPermissionError, handler.update, {})
def test_user_not_admin(self): backend = MAASAuthorizationBackend() user = factory.make_User() self.assertFalse( backend.has_perm( user, NODE_PERMISSION.ADMIN, self.factory()))
def test_returns_None_if_node_does_not_exist(self): node = factory.make_Node(owner=factory.make_User()) make_provider_state_file(node=node) node.delete() self.assertIsNone(get_bootstrap_node_owner())
def make_allocated_node(owner=None): """Create a node, owned by `owner` (or create owner if not given).""" if owner is None: owner = factory.make_User() return factory.make_Node(owner=owner, status=NODE_STATUS.ALLOCATED)
def test_is_authenticated(self): Config.objects.set_config('external_auth_url', '') user = factory.make_User() request = self.make_request(user=user) auth = MAASAPIAuthentication() self.assertTrue(auth.is_authenticated(request))
def test_user_can_view_unowned_node(self): backend = MAASAuthorizationBackend() self.assertTrue(backend.has_perm( factory.make_User(), NODE_PERMISSION.VIEW, factory.make_Node()))
def get_user_and_session_id(self): user = maas_factory.make_User() self.client.login(user=user) session_id = self.client.session._session_key return user, session_id
def test_user_can_view_nodes_owned_by_others(self): backend = MAASAuthorizationBackend() self.assertTrue(backend.has_perm( factory.make_User(), NODE_PERMISSION.VIEW, make_allocated_node()))
def make_user(self): return maas_factory.make_User()
def test_get_object_raises_exception_if_owner_by_another_user(self): user = factory.make_User() device = self.make_device_with_ip_address() handler = DeviceHandler(user, {}) with ExpectedException(HandlerDoesNotExistError): handler.get_object({"system_id": device.system_id})
def test_create_is_admin_only(self): user = factory.make_User() handler = DHCPSnippetHandler(user, {}, None) self.assertRaises(HandlerPermissionError, handler.create, {})
def test_pockets_to_disable(self): handler = GeneralHandler(factory.make_User(), {}) self.assertEqual(PackageRepository.objects.get_pockets_to_disable(), handler.pockets_to_disable({}))