def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db = self.conn.db_connection
self.conn.connect()
self.conn.create_default_env()
self.auth = self.conn.get_auth('cityhall', '')
self.env = self.auth.get_env('auto')
def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db = self.conn.db_connection
self.conn.connect()
self.conn.create_default_env()
self.auth = self.conn.get_auth("cityhall", "")
self.env = self.auth.get_env("auto")
def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db_conn = self.conn.db_connection
class TestConnection(TestCase):
def __init__(self, obj):
super(TestCase, self).__init__(obj)
self.db_conn = None
self.conn = None
def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db_conn = self.conn.db_connection
def test_create_env(self):
self.conn.connect()
self.conn.create_default_env()
self.assertIsInstance(self.db_conn.valsTable, list)
self.assertIsInstance(self.db_conn.authTable, list)
def test_open_required(self):
authenticate = self.conn.authenticate("cityhall", "")
self.assertTrue(authenticate is None)
self.conn.connect()
self.conn.create_default_env()
self.assertTrue(self.conn.authenticate("cityhall", ""))
def test_get_auth(self):
self.conn.connect()
self.conn.create_default_env()
auth = self.conn.get_auth("cityhall", "")
self.assertTrue(auth is not None)
from restless.views import Endpoint, HttpResponse
from lib.db.connection import Connection
from django.conf import settings
from lib.db.db import Rights
from .cache import CacheDict
CACHE = CacheDict(
max_size=settings.ENV_CACHE['SIZE'],
expiration=settings.ENV_CACHE['EXPIRATION_SEC'],
thread_clear=settings.ENV_CACHE['MULTI_THREAD'],
thread_clear_min_check=settings.ENV_CACHE['MULTI_THREAD_POLL_SEC'],
concurrent=settings.ENV_CACHE['MULTI_THREAD'],
)
DB = settings.CITY_HALL_DATABASE
CONN = Connection(DB)
CONN.connect()
def auth_token_in_cache(request):
cache_key = request.META.get('HTTP_AUTH_TOKEN', None)
if cache_key in CACHE:
return None
if cache_key is None:
return HttpResponse('Must specify Auth-Token in headers')
return HttpResponse('Auth-Token specified is invalid/expired')
class Info(Endpoint):
class TestEnvironment(TestCase):
def __init__(self, obj):
super(TestCase, self).__init__(obj)
self.db = None
self.conn = None
self.env = None
def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db = self.conn.db_connection
self.conn.connect()
self.conn.create_default_env()
self.auth = self.conn.get_auth('cityhall', '')
self.env = self.auth.get_env('auto')
def test_can_get_auth_from_env(self):
auth = self.env.get_auth()
self.assertTrue(auth is not None)
def test_setting(self):
self.env.set('/new_item', '')
self.assertEqual('new_item', self.db.valsTable[-1]['name'])
def test_add_children(self):
self.env.set('/parent', '')
self.env.set('/parent/child', '')
parent = self.db.valsTable[-2]
child = self.db.valsTable[-1]
self.assertEqual(child['parent'], parent['id'])
self.assertEqual(child['name'], 'child')
def test_adding_overrides(self):
before = len(self.db.valsTable)
override_name = 'cityhall'
override_val = 'some other value'
self.env.set('/value', 'global value')
self.env.set('/value', override_val, override_name)
after = len(self.db.valsTable)
global_val = self.db.valsTable[-2]
override_val = self.db.valsTable[-1]
self.assertEqual(before+2, after)
self.assertEqual(override_val['override'], override_name)
self.assertTrue(override_val['active'])
self.assertTrue(global_val['active'])
self.assertTrue(global_val['name'], override_val['name'])
self.assertNotEqual(global_val['id'], override_val['id'])
self.assertEqual(
(override_val['value'], False),
self.env.get_explicit('/value', override_name)
)
def test_can_add_overrides_to_children(self):
global_val = 'global_val'
override_val = 'override_val'
self.env.set('/parent1', '')
self.env.set('/parent1/parent2', '')
self.env.set('/parent1/parent2/child', global_val)
self.env.set('/parent1/parent2/child', override_val, 'cityhall')
self.assertEqual(
(global_val, False),
self.env.get_explicit('/parent1/parent2/child')
)
self.assertEqual(
(override_val, False),
self.env.get_explicit('/parent1/parent2/child', 'cityhall')
)
def test_able_to_add_global_val_to_root(self):
before = len(self.db.valsTable)
self.env.set('/value', 'abc')
after = len(self.db.valsTable)
self.assertEqual(before+1, after)
def test_able_to_add_override_val_to_root(self):
before = len(self.db.valsTable)
self.env.set('/value', 'abc', 'cityhall')
after = len(self.db.valsTable)
val1 = self.db.valsTable[-2]
val2 = self.db.valsTable[-1]
self.assertTrue(val1['name'], val2['name'])
self.assertTrue(val1['override'] == '' or val2['override'] == '')
self.assertTrue(
val1['override'] == 'cityhall' or val2['override'] == 'cityhall'
)
self.assertEqual(before+2, after)
self.assertNotEqual(val1['id'], val2['id'])
self.assertEqual(val1['parent'], val2['parent'])
def test_cannot_add_children_to_items_that_do_not_exist(self):
self.assertFalse(self.env.set('/parent/child', 'abc'))
def test_able_to_read_values_set(self):
value_global = 'some value'
value_override = 'global value'
self.env.set('/value', value_global)
self.env.set('/value', value_override, 'cityhall')
self.assertEqual(
(value_global, False),
self.env.get_explicit('/value')
)
self.assertEqual(
(value_override, False),
self.env.get_explicit('/value', 'cityhall')
)
def test_adding_a_new_value_makes_old_one_inactive(self):
self.env.set('/value', 'old value')
self.env.set('/value', 'new value')
first_added = self.db.valsTable[-2]
second_added = self.db.valsTable[-1]
self.assertEqual(first_added['id'], second_added['id'])
self.assertNotEqual(first_added['active'], second_added['active'])
def test_library_get(self):
# this is the get that most libraries will use,
# they will expect to just provide the path and get either the global
# or their specific one
self.env.set('/value', 'abc')
self.env.set('/value', 'def', 'cityhall')
self.assertEqual(('def', False), self.env.get('/value'))
auth = self.env.get_auth()
auth.create_user('test', '')
auth.grant('auto', 'test', Rights.Read)
test_auth = self.conn.get_auth('test', '')
test_env = test_auth.get_env('auto')
self.assertEqual(('abc', False), test_env.get('/value'))
def children_match_value1_value2_value3(self, children):
self.assertEqual(3, len(children))
names = [child['name'] for child in children]
self.assertTrue('value1' in names)
self.assertTrue('value2' in names)
self.assertTrue('value3' in names)
self.assertTrue('id' in children[0])
self.assertTrue('name' in children[0])
self.assertTrue('override' in children[0])
def test_get_children_of_root(self):
self.env.set('/value1', 'abc')
self.env.set('/value2', 'def')
self.env.set('/value3', 'ghi')
children = self.env.get_children('/')
self.children_match_value1_value2_value3(children)
def test_get_children_of_sub_value(self):
self.env.set('/parent', '')
self.env.set('/parent/value1', 'abc')
self.env.set('/parent/value2', 'def')
self.env.set('/parent/value3', 'ghi')
children = self.env.get_children('/parent')
self.children_match_value1_value2_value3(children)
def test_get_history(self):
self.env.set('/value1', 'abc')
self.env.set('/value1', 'def')
self.env.set('/value1', 'ghi')
hist = self.env.get_history('/value1')
self.assertEqual(3, len(hist))
first = hist[0]
self.assertTrue('id' in first)
self.assertTrue('name' in first)
self.assertTrue('value' in first)
self.assertTrue('author' in first)
self.assertTrue('datetime' in first)
self.assertTrue('active' in first)
self.assertTrue('protect' in first)
def test_get_history_must_have_elevated_permissions(self):
self.env.set('/value1', 'abc')
auth = self.env.get_auth()
auth.create_user('test_read', '')
auth.grant('auto', 'test_read', Rights.Read)
auth.create_user('test_read_protect', '')
auth.grant('auto', 'test_read_protect', Rights.ReadProtected)
read_auth = self.conn.get_auth('test_read', '')
env = read_auth.get_env('auto')
hist = env.get_history('/value1')
self.assertEqual(0, len(hist))
read_protected_auth = self.conn.get_auth('test_read_protect', '')
env = read_protected_auth.get_env('auto')
hist = env.get_history('/value1')
self.assertEqual(1, len(hist))
def test_get_history_of_override(self):
self.env.set('/value1', 'abc')
self.env.set('/value1', '123', 'cityhall')
self.env.set('/value1', '456', 'cityhall')
hist_global = self.env.get_history('/value1')
hist_override = self.env.get_history('/value1', 'cityhall')
self.assertEqual(1, len(hist_global))
self.assertEqual(2, len(hist_override))
def test_delete(self):
self.env.set('/value1', 'abc')
self.env.delete('value1')
children = self.env.get_children('/')
self.assertEqual(0, len(children))
def test_children_created_show_up_in_history(self):
self.env.set('/value1', '')
hist_before = self.env.get_history('/value1')
self.env.set('/value1/child', 'abc')
hist_after = self.env.get_history('/value1')
self.assertEqual(len(hist_before)+1, len(hist_after))
def test_children_deleted_show_up_in_history(self):
self.env.set('/value1', '')
self.env.set('/value1/child', 'abc')
hist_before = self.env.get_history('/value1')
self.env.delete('/value1/child')
hist_after = self.env.get_history('/value1')
self.assertEqual(len(hist_before)+1, len(hist_after))
def test_children_value_do_not_show_up_in_history(self):
self.env.set('/value1', '')
self.env.set('/value1/child', 'abc')
hist_before = self.env.get_history('/value1')
self.env.set('/value1/child', 'def')
hist_after = self.env.get_history('/value1')
self.assertEqual(len(hist_before), len(hist_after))
def test_deleting_global_also_deletes_overrides(self):
self.env.set('/value1', 'abc')
self.env.set('/value1', 'def', 'cityhall')
self.env.delete('/value1', '')
get = self.env.get_explicit('/value1', 'cityhall')
self.assertIsNone(get)
def test_deleted_values_no_longer_returned(self):
self.env.set('/value1', 'abc')
self.env.delete('/value1', '')
deleted = self.env.get('/value1')
does_not_exist = self.env.get('/key_doesnt_exist')
self.assertEqual(deleted, does_not_exist)
self.assertIsNone(deleted[0])
self.assertIsNone(deleted[1])
def test_cannot_delete_root(self):
self.env.set('/', 'abc')
self.env.delete('/', '')
self.assertEqual(('abc', False), self.env.get('/'))
def test_get_returns_protect(self):
self.env.set('/', 'abc')
self.env.set_protect(True, '/', '')
self.assertEqual(('abc', True), self.env.get('/'))
self.env.set_protect(False, '/', '')
self.assertEqual(('abc', False), self.env.get('/'))
def test_can_protect(self):
self.env.set('/value1', 'abc')
self.env.set_protect(True, '/value1', '')
protect = self.db.valsTable[-1]
self.assertEqual('value1', protect['name'])
self.assertTrue(protect['protect'])
def test_can_unprotect(self):
self.env.set('/value1', 'abc')
self.env.set_protect(True, '/value1', '')
self.env.set_protect(False, '/value1', '')
unprotect = self.db.valsTable[-1]
self.assertEqual('value1', unprotect['name'])
self.assertFalse(unprotect['protect'])
def test_can_protect_override(self):
self.env.set('/value1', 'abc', 'test')
self.env.set_protect(True, '/value1', 'test')
protect = self.db.valsTable[-1]
self.assertEqual('test', protect['override'])
self.assertTrue(protect['protect'])
def test_protect_requires_write_permissions(self):
auth = self.conn.get_auth('cityhall', '')
auth.create_user('test', '')
auth.grant('auto', 'test', Rights.Read)
auth_test = self.conn.get_auth('test', '')
test_env = auth_test.get_env('auto')
self.env.set('/value1', 'abc')
before = len(self.db.valsTable)
self.assertFalse(test_env.set_protect(True, '/value1', ''))
after = len(self.db.valsTable)
self.assertEqual(before, after)
def test_protect_again_is_noop(self):
self.env.set('/value1', 'abc')
self.env.set_protect(True, '/value1', '')
before = len(self.db.valsTable)
self.assertTrue(self.env.set_protect(True, '/value1', ''))
after = len(self.db.valsTable)
self.assertEqual(before, after)
def test_protect_shows_up_in_history(self):
self.env.set('/value1', 'abc')
self.env.set_protect(True, '/value1', '')
hist = self.env.get_history('/value1')
self.assertEqual(2, len(hist))
self.assertTrue(hist[1]['protect'])
def test_protect_is_honored(self):
auth = self.conn.get_auth('cityhall', '')
self.env.set('/value1', 'abc')
self.env.set_protect(True, '/value1', '')
auth.create_user('test', '')
auth.grant('auto', 'test', Rights.Read)
test_auth = self.conn.get_auth('test', '')
test_env = test_auth.get_env('auto')
self.assertEqual((None, None), test_env.get('/value1'))
class TestAuthentication(TestCase):
def __init__(self, obj):
super(TestCase, self).__init__(obj)
self.db = None
self.conn = None
self.env = None
def setUp(self):
self.conn = Connection(CityHallDbFactory())
self.db = self.conn.db_connection
self.conn.connect()
self.conn.create_default_env()
self.auth = self.conn.get_auth("cityhall", "")
self.env = self.auth.get_env("auto")
def test_can_get_env(self):
self.assertTrue(self.env is not None)
def test_create_env(self):
env = self.auth.create_env("dev")
self.assertTrue(env is not None)
def test_create_env_returns_false_if_env_exists(self):
self.auth.create_env("dev")
create = self.auth.create_env("dev")
self.assertIsInstance(create, bool)
self.assertFalse(create)
def test_create_user(self):
self.auth.create_user("test", "")
test_auth = self.conn.get_auth("test", "")
self.assertTrue(test_auth is not None)
def test_get_permissions(self):
self.auth.create_user("test", "")
self.auth.create_env("dev")
test_auth = self.conn.get_auth("test", "")
rights = test_auth.get_permissions("dev")
self.assertEqual(Rights.DontExist, rights)
def test_grant_permissions(self):
self.auth.create_user("test", "")
self.auth.create_env("dev")
test_auth = self.conn.get_auth("test", "")
self.auth.grant("dev", "test", Rights.Write)
rights = test_auth.get_permissions("dev")
self.assertEqual(Rights.Write, rights)
def test_grant_permissions_is_noop_without_proper_level(self):
self.auth.create_user("test", "")
test_auth = self.conn.get_auth("test", "")
test_auth.grant("auto", "test", Rights.Write)
rights = test_auth.get_permissions("auto")
self.assertEqual(Rights.DontExist, rights)
def test_get_users(self):
users = self.auth.get_users("auto")
before = len(users)
self.auth.create_user("test", "")
self.auth.grant("auto", "test", Rights.ReadProtected)
users = self.auth.get_users("auto")
after = len(users)
self.assertEqual(before + 1, after)
self.assertIn("test", users)
self.assertEqual(users["test"], Rights.ReadProtected)
def test_get_user(self):
self.auth.create_env("add")
self.auth.create_user("test", "")
environments = self.auth.get_user("test")
self.assertEqual(0, len(environments))
self.auth.grant("add", "test", Rights.Read)
environments = self.auth.get_user("test")
self.assertEqual(1, len(environments))
self.assertIn("add", environments)
def test_delete_user(self):
"""
A user can only be deleted if the author has Grant permissions on
all environments of that user, or that user has Admin rights on auto
"""
self.auth.create_user("test1", "")
self.auth.create_user("test2", "")
self.auth.grant("auto", "test2", Rights.Grant)
test1_auth = self.conn.get_auth("test1", "")
test1_auth.create_env("test1_env")
test2_auth = self.conn.get_auth("test2", "")
test2_auth.create_env("test2_env")
self.assertFalse(test2_auth.delete_user("test1"))
test1_auth.grant("test1_env", "test2", Rights.Grant)
self.assertTrue(test2_auth.delete_user("test1"))
self.assertFalse(self.db.authenticate("test1", ""))
self.assertTrue(self.auth.delete_user("test2"))
def test_cannot_delete_user_twice(self):
self.auth.create_user("test", "")
self.auth.grant("auto", "test", Rights.Read)
self.assertTrue(self.auth.delete_user("test"))
self.assertFalse(self.auth.delete_user("test"))
def test_grant_response_insufficient_privileges(self):
self.auth.create_user("grants", "")
self.auth.create_user("user1", "")
grant_auth = self.conn.get_auth("grants", "")
resp = grant_auth.grant("auto", "user1", Rights.Read)
self.assertEqual(resp[0], "Failure")
self.assertEqual(resp[1], "Insufficient rights to grant to environment 'auto'")
def test_grant_response_noop(self):
self.auth.create_user("grants", "")
self.auth.create_user("user1", "")
self.auth.grant("auto", "grants", Rights.Grant)
self.auth.grant("auto", "user1", Rights.Read)
grant_auth = self.conn.get_auth("grants", "")
resp = grant_auth.grant("auto", "user1", Rights.Read)
self.assertEqual(resp[0], "Ok")
self.assertEqual(resp[1], "Rights for 'user1' already at set level")
def test_grant_response_created(self):
self.auth.create_user("grants", "")
self.auth.create_user("user1", "")
grant_auth = self.conn.get_auth("grants", "")
grant_auth.create_env("test")
resp = grant_auth.grant("test", "user1", Rights.Read)
self.assertEqual(resp[0], "Ok")
self.assertEqual(resp[1], "Rights for 'user1' created")
def test_grant_response_updated(self):
self.auth.create_user("grants", "")
self.auth.create_user("user1", "")
grant_auth = self.conn.get_auth("grants", "")
grant_auth.create_env("test")
grant_auth.grant("test", "user1", Rights.Write)
resp = grant_auth.grant("test", "user1", Rights.Read)
self.assertEqual(resp[0], "Ok")
self.assertEqual(resp[1], "Rights for 'user1' updated")
def test_update_user(self):
self.auth.create_user("test", "123")
test_auth_before = self.conn.get_auth("test", "123")
self.auth.update_user("test", "abc")
test_auth_after_wrong_pass = self.conn.get_auth("test", "123")
test_auth_after_correct_pass = self.conn.get_auth("test", "abc")
self.assertIsNotNone(test_auth_before)
self.assertIsNone(test_auth_after_wrong_pass)
self.assertIsNotNone(test_auth_after_correct_pass)
