def _create_events(self): """Create sample events. This one's a bit weird. While we could generate event models ourselves, it seems wiser to test the event machinery as many times as possible. As a result, we actually create a load of *other* objects, which will raise signals and trigger the remainder. """ # series-created series = create_series() # patch-created, patch-completed, series-completed patch = create_patch(series=series) # cover-created create_cover(series=series) # check-created create_check(patch=patch) # patch-delegated, patch-state-changed actor = create_maintainer(project=patch.project) user = create_maintainer(project=patch.project) state = create_state() patch.delegate = user patch.state = state self.assertTrue(patch.is_editable(actor)) patch.save() return Event.objects.all()
def test_maintainers(self): project = utils.create_project() requested_url = reverse('project-detail', kwargs={ 'project_id': project.linkname}) response = self.client.get(requested_url) self.assertEqual(response.status_code, 200) self.assertEqual(len(response.context['maintainers']), 0) utils.create_maintainer(project=project) response = self.client.get(requested_url) self.assertEqual(response.status_code, 200) self.assertEqual(len(response.context['maintainers']), 1)
def test_maintainers(self): project = utils.create_project() requested_url = reverse('project-detail', kwargs={'project_id': project.linkname}) response = self.client.get(requested_url) self.assertEqual(response.status_code, 200) self.assertEqual(len(response.context['maintainers']), 0) utils.create_maintainer(project=project) response = self.client.get(requested_url) self.assertEqual(response.status_code, 200) self.assertEqual(len(response.context['maintainers']), 1)
def test_update(self): """Ensure updates can be performed by maintainers.""" project = create_project() patch = create_patch(project=project) state = create_state() # anonymous user resp = self.client.patch(self.api_url(patch.id), {'state': state.name}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # authenticated user user = create_user() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(patch.id), {'state': state.name}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # maintainer user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(patch.id), { 'state': state.name, 'delegate': user.id}) self.assertEqual(status.HTTP_200_OK, resp.status_code, resp) self.assertEqual(Patch.objects.get(id=patch.id).state, state) self.assertEqual(Patch.objects.get(id=patch.id).delegate, user) # (who can unset fields too) # we need to send as JSON due to https://stackoverflow.com/q/30677216/ resp = self.client.patch(self.api_url(patch.id), {'delegate': None}, format='json') self.assertEqual(status.HTTP_200_OK, resp.status_code, resp) self.assertIsNone(Patch.objects.get(id=patch.id).delegate)
def setUp(self): super(TestCheckAPI, self).setUp() self.patch = create_patches()[0] self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id]) self.urlbase += 'checks/' defaults.project.save() self.user = create_maintainer(defaults.project)
def test_delegate_change_valid(self): delegate = create_maintainer(self.project) self._test_delegate_change(str(delegate.pk)) for patch in [Patch.objects.get(pk=p.pk) for p in self.patches]: self.assertEqual(patch.delegate, delegate)
def setUp(self): super(TestCheckAPI, self).setUp() project = create_project() self.user = create_maintainer(project) self.patch = create_patch(project=project) self.urlbase = reverse('api_1.0:patch-detail', args=[self.patch.id]) self.urlbase += 'checks/'
def test_update(self): """Ensure updates can be performed by maintainers.""" project = create_project() data = {'web_url': 'TEST'} # an anonymous user resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # a normal user user = create_user() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # a maintainer user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(resp.data['web_url'], 'TEST') # ...with the exception of some read-only fields resp = self.client.patch(self.api_url(project.id), { 'link_name': 'test'}) # NOTE(stephenfin): This actually returns HTTP 200 due to # https://github.com/encode/django-rest-framework/issues/1655 self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertNotEqual(resp.data['link_name'], 'test')
def test_update_maintainer(self): """Update patch as maintainer. Ensure updates can be performed by maintainers. """ project = create_project() patch = create_patch(project=project) state = create_state() user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(patch.id), { 'state': state.slug, 'delegate': user.id }) self.assertEqual(status.HTTP_200_OK, resp.status_code, resp) self.assertEqual(Patch.objects.get(id=patch.id).state, state) self.assertEqual(Patch.objects.get(id=patch.id).delegate, user) # (who can unset fields too) # we need to send as JSON due to https://stackoverflow.com/q/30677216/ resp = self.client.patch(self.api_url(patch.id), {'delegate': None}, format='json') self.assertEqual(status.HTTP_200_OK, resp.status_code, resp) self.assertIsNone(Patch.objects.get(id=patch.id).delegate)
def test_update(self): """Ensure updates can be performed by maintainers.""" project = create_project() data = {'web_url': 'TEST'} # an anonymous user resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # a normal user user = create_user() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) # a maintainer user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(resp.data['web_url'], 'TEST') # ...with the exception of some read-only fields resp = self.client.patch(self.api_url(project.id), {'link_name': 'test'}) # NOTE(stephenfin): This actually returns HTTP 200 due to # https://github.com/encode/django-rest-framework/issues/1655 self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertNotEqual(resp.data['link_name'], 'test')
def setUp(self): defaults.project.save() self.user = create_maintainer(defaults.project) self.client.login(username=self.user.username, password=self.user.username) self.properties_form_id = 'patchform-properties' self.url = reverse('patchwork.views.patch.list', args=[defaults.project.linkname]) self.base_data = { 'action': 'Update', 'project': str(defaults.project.id), 'form': 'patchlistform', 'archived': '*', 'delegate': '*', 'state': '*' } self.patches = [] for name in ['patch one', 'patch two', 'patch three']: patch = Patch(project=defaults.project, msgid=name, name=name, content='', submitter=Person.objects.get(user=self.user)) patch.save() self.patches.append(patch)
def setUp(self): self.url = self.live_server_url + reverse('xmlrpc') # url is of the form http://localhost:PORT/PATH # strip the http and replace it with the username/passwd of a user. self.project = utils.create_project() self.user = utils.create_maintainer(self.project) self.url = ('http://%s:%s@' + self.url[7:]) % (self.user.username, self.user.username) self.rpc = xmlrpc_client.Server(self.url)
def test_create(self): """Ensure creates aren't allowed""" user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(), {'category': 'patch-created'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_delete(self): """Ensure deletions are rejected.""" user = create_maintainer(defaults.project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(self.patches[0].id)) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) self.assertEqual(1, Patch.objects.all().count())
def test_update(self): """Ensure updates are allowed.""" user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(user.id), {'first_name': 'Tan'}) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertSerialized(user, resp.data)
def test_list_authenticated(self): """List projects as an authenticated user.""" project = create_project() user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(1, len(resp.data)) self.assertSerialized(project, resp.data[0])
def test_create_delete(self): """Ensure creations and deletions and not allowed.""" user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(user.id), {'email': '*****@*****.**'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.delete(self.api_url(user.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create(self): """Ensure creations are rejected.""" project = create_project() user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post( self.api_url(), {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_update_readonly_field(self): """Update read-only fields.""" project = create_project() user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), { 'link_name': 'test'}) # NOTE(stephenfin): This actually returns HTTP 200 due to # https://github.com/encode/django-rest-framework/issues/1655 self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertNotEqual(resp.data['link_name'], 'test')
def setUp(self): defaults.project.save() self.user = create_maintainer(defaults.project) self.client.login(username=self.user.username, password=self.user.username) self.properties_form_id = 'patchform-properties' self.url = reverse('patch-list', args=[defaults.project.linkname]) self.base_data = { 'action': 'Update', 'project': str(defaults.project.id), 'form': 'patchlistform', 'archived': '*', 'delegate': '*', 'state': '*'} self.patches = create_patches(3)
def test_delete(self): """Ensure deletions are rejected.""" # Even an admin can't remove a project project = create_project() user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(project.id)) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) self.assertEqual(1, Project.objects.all().count())
def test_delete(self): """Ensure deletions are always rejected.""" project = create_project() patch = create_patch(project=project) user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(patch.id)) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) self.assertEqual(1, Patch.objects.all().count())
def test_update_readonly_field(self): """Update read-only fields.""" project = create_project() user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), {'link_name': 'test'}) # NOTE(stephenfin): This actually returns HTTP 200 due to # https://github.com/encode/django-rest-framework/issues/1655 self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertNotEqual(resp.data['link_name'], 'test')
def test_update_invalid(self): """Ensure we handle invalid Patch states.""" project = create_project() state = create_state() patch = create_patch(project=project, state=state) user = create_maintainer(project) # invalid state self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(patch.id), {'state': 'foobar'}) self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code) self.assertContains(resp, 'Expected one of: %s.' % state.name, status_code=status.HTTP_400_BAD_REQUEST)
def test_update_maintainer(self): """Update project as maintainer. Ensure updates can only be performed by maintainers. """ project = create_project() data = {'web_url': 'https://example.com/test'} user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), data) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(resp.data['web_url'], 'https://example.com/test')
def test_readonly(self): user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(1)) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) resp = self.client.patch(self.api_url(1), {'email': '*****@*****.**'}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code) resp = self.client.post(self.api_url(), {'email': '*****@*****.**'}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_create_update_delete(self): user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(), {'name': 'test series'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.patch(self.api_url(), {'name': 'test series'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.delete(self.api_url()) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_update_maintainer_version_1_0(self): """Update patch as maintainer on v1.1.""" project = create_project() patch = create_patch(project=project) state = create_state() user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(patch.id, version="1.1"), { 'state': state.slug, 'delegate': user.id }) self.assertEqual(status.HTTP_200_OK, resp.status_code, resp) self.assertEqual(Patch.objects.get(id=patch.id).state, state) self.assertEqual(Patch.objects.get(id=patch.id).delegate, user)
def test_update(self): """Ensure updates can be performed maintainers.""" # A maintainer can update user = create_maintainer(defaults.project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(self.patches[0].id), {'state': 2}) self.assertEqual(status.HTTP_200_OK, resp.status_code) # A normal user can't user = create_user() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(self.patches[0].id), {'state': 2}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_delete(self): """Ensure deletions are always rejected.""" project = create_project() patch = create_patch(project=project) # anonymous user resp = self.client.delete(self.api_url(patch.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) # superuser user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(patch.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create(self): """Ensure creations are rejected.""" project = create_project() data = {'linkname': 'l', 'name': 'n', 'listid': 'l', 'listemail': 'e'} # an anonymous user resp = self.client.post(self.api_url(), data) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) # a superuser user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(), data) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_delete(self): """Ensure deletions are rejected.""" project = create_project() # an anonymous user resp = self.client.delete(self.api_url(project.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) # a super user user = create_maintainer(project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.delete(self.api_url(project.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) self.assertEqual(1, Project.objects.all().count())
def test_create_update_delete_version_1_1(self): """Ensure creates, updates and deletes aren't allowed with old API.""" user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(version='1.1'), {'name': 'test'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.patch(self.api_url(1, version='1.1'), {'name': 'test'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.delete(self.api_url(1, version='1.1')) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_create_update_delete(self): """Ensure creates, updates and deletes aren't allowed""" user = create_maintainer() user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(), {'name': 'Test'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) series = create_series() resp = self.client.patch(self.api_url(series.id), {'name': 'Test'}) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code) resp = self.client.delete(self.api_url(series.id)) self.assertEqual(status.HTTP_405_METHOD_NOT_ALLOWED, resp.status_code)
def test_list(self): """Validate we can list the default test project.""" project = create_project() # anonymous user resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(1, len(resp.data)) self.assertSerialized(project, resp.data[0]) # maintainer user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.get(self.api_url()) self.assertEqual(status.HTTP_200_OK, resp.status_code) self.assertEqual(1, len(resp.data)) self.assertSerialized(project, resp.data[0])
def setUp(self): self.project = create_project() self.user = create_maintainer(self.project) self.patches = create_patches(3, project=self.project) self.client.login(username=self.user.username, password=self.user.username) self.url = reverse('patch-list', args=[self.project.linkname]) self.base_data = { 'action': 'Update', 'project': str(self.project.id), 'form': 'patchlistform', 'archived': '*', 'delegate': '*', 'state': '*' }
def test_update(self): """Ensure updates can be performed maintainers.""" project = create_project() # A maintainer can update user = create_maintainer(project) self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), {'linkname': 'TEST'}) self.assertEqual(status.HTTP_200_OK, resp.status_code) # A normal user can't user = create_user() self.client.force_authenticate(user=user) resp = self.client.patch(self.api_url(project.id), {'linkname': 'TEST'}) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def test_update_invalid_delegate(self): """Update patch with invalid fields. Ensure we handle invalid Patch updates. """ project = create_project() state = create_state() patch = create_patch(project=project, state=state) user_a = create_maintainer(project) user_b = create_user() self.client.force_authenticate(user=user_a) resp = self.client.patch(self.api_url(patch.id), {'delegate': user_b.id}) self.assertEqual(status.HTTP_400_BAD_REQUEST, resp.status_code) self.assertContains(resp, "User '%s' is not a maintainer" % user_b, status_code=status.HTTP_400_BAD_REQUEST)
def test_create(self): """Ensure creations are rejected.""" patch = { 'project': defaults.project.id, 'submitter': defaults.patch_author_person.id, 'msgid': make_msgid(), 'name': 'test-create-patch', 'diff': 'patch diff', } user = create_maintainer(defaults.project) user.is_superuser = True user.save() self.client.force_authenticate(user=user) resp = self.client.post(self.api_url(), patch) self.assertEqual(status.HTTP_403_FORBIDDEN, resp.status_code)
def setUp(self): defaults.project.save() self.user = create_maintainer(defaults.project) self.client.login(username = self.user.username, password = self.user.username) self.properties_form_id = 'patchform-properties' self.url = reverse( 'patchwork.views.patch.list', args = [defaults.project.linkname]) self.base_data = { 'action': 'Update', 'project': str(defaults.project.id), 'form': 'patchlistform', 'archived': '*', 'delegate': '*', 'state': '*'} self.patches = [] for name in ['patch one', 'patch two', 'patch three']: patch = Patch(project = defaults.project, msgid = name, name = name, content = '', submitter = Person.objects.get(user = self.user)) patch.save() self.patches.append(patch)