def test_api_lock_repo_lock_optional_locked(self, backend): # TODO: Provide a fixture locked_repository or similar repo = Repository.get_by_repo_name(backend.repo_name) user = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) Repository.lock(repo, user.user_id, lock_reason=Repository.LOCK_API) id_, params = build_data(self.apikey, 'lock', repoid=backend.repo_name) response = api_call(self.app, params) time_ = response.json['result']['locked_since'] expected = { 'repo': backend.repo_name, 'locked': True, 'locked_since': time_, 'locked_by': TEST_USER_ADMIN_LOGIN, 'lock_state_changed': False, 'lock_reason': Repository.LOCK_API, 'msg': ('Repo `%s` locked by `%s` on `%s`.' % (backend.repo_name, TEST_USER_ADMIN_LOGIN, json.dumps(time_to_datetime(time_)))) } assert_ok(id_, expected, given=response.body)
def test_api_lock_repo_lock_aquire_optional_userid(self, backend): id_, params = build_data(self.apikey, 'lock', repoid=backend.repo_name, locked=True) response = api_call(self.app, params) time_ = response.json['result']['locked_since'] expected = { 'repo': backend.repo_name, 'locked': True, 'locked_since': time_, 'locked_by': TEST_USER_ADMIN_LOGIN, 'lock_state_changed': True, 'lock_reason': Repository.LOCK_API, 'msg': ('User `%s` set lock state for repo `%s` to `%s`' % (TEST_USER_ADMIN_LOGIN, backend.repo_name, True)) } assert_ok(id_, expected, given=response.body)
def test_repo_lock_aquire_by_non_admin(self, backend): repo = backend.create_repo(cur_user=self.TEST_USER_LOGIN) repo_name = repo.repo_name id_, params = build_data(self.apikey_regular, 'lock', repoid=repo_name, locked=True) response = api_call(self.app, params) expected = { 'repo': repo_name, 'locked': True, 'locked_since': response.json['result']['locked_since'], 'locked_by': self.TEST_USER_LOGIN, 'lock_state_changed': True, 'lock_reason': Repository.LOCK_API, 'msg': ('User `%s` set lock state for repo `%s` to `%s`' % (self.TEST_USER_LOGIN, repo_name, True)) } assert_ok(id_, expected, given=response.body)
def _update(self, user_util, **kwargs): repo_group = user_util.create_repo_group() initial_name = repo_group.name user = UserModel().get_by_username(self.TEST_USER_LOGIN) user_util.grant_user_permission_to_repo_group( repo_group, user, 'group.admin') id_, params = build_data( self.apikey, 'update_repo_group', repogroupid=initial_name, **kwargs) response = api_call(self.app, params) ret = { 'msg': 'updated repository group ID:{} {}'.format( repo_group.group_id, repo_group.group_name), 'repo_group': { 'repositories': [], 'group_name': repo_group.group_name, 'group_description': repo_group.group_description, 'owner': repo_group.user.username, 'group_id': repo_group.group_id, 'parent_group': ( repo_group.parent_group.name if repo_group.parent_group else None) } } assert_ok(id_, ret, given=response.body) return initial_name
def test_create_repo_with_extra_slashes_in_name(self, backend, user_util): existing_repo_group = user_util.create_repo_group() dirty_repo_name = '//{}/repo_name//'.format( existing_repo_group.group_name) cleaned_repo_name = '{}/repo_name'.format( existing_repo_group.group_name) id_, params = build_data( self.apikey, 'create_repo', repo_name=dirty_repo_name, repo_type=backend.alias, owner=TEST_USER_ADMIN_LOGIN, ) response = api_call(self.app, params) repo = RepoModel().get_by_repo_name(cleaned_repo_name) assert repo is not None expected = { 'msg': 'Created new repository `%s`' % (cleaned_repo_name, ), 'success': True, 'task': None, } assert_ok(id_, expected, given=response.body) fixture.destroy_repo(cleaned_repo_name)
def test_api_grant_user_permission_to_user_group_by_regular_user( self, name, perm, grant_admin, access_ok, user_util): api_user = UserModel().get_by_username(self.TEST_USER_LOGIN) user = user_util.create_user() group = user_util.create_user_group() # grant the user ability to at least read the group permission = 'usergroup.admin' if grant_admin else 'usergroup.read' user_util.grant_user_permission_to_user_group(group, api_user, permission) id_, params = build_data(self.apikey_regular, 'grant_user_permission_to_user_group', usergroupid=group.users_group_name, userid=user.username, perm=perm) response = api_call(self.app, params) if access_ok: ret = { 'msg': ('Granted perm: `%s` for user: `%s` in user group: `%s`' % (perm, user.username, group.users_group_name)), 'success': True } expected = ret assert_ok(id_, expected, given=response.body) else: expected = 'user group `%s` does not exist' % ( group.users_group_name) assert_error(id_, expected, given=response.body)
def test_api_add_field_to_repo(self, backend): repo = backend.create_repo() repo_name = repo.repo_name id_, params = build_data( self.apikey, 'add_field_to_repo', repoid=repo_name, key='extra_field', label='extra_field_label', description='extra_field_desc') response = api_call(self.app, params) expected = { 'msg': 'Added new repository field `extra_field`', 'success': True, } assert_ok(id_, expected, given=response.body) repo = Repository.get_by_repo_name(repo_name) repo_field = RepositoryField.get_by_key_name('extra_field', repo) _data = repo_field.get_dict() assert _data['field_desc'] == 'extra_field_desc' assert _data['field_key'] == 'extra_field' assert _data['field_label'] == 'extra_field_label' id_, params = build_data( self.apikey, 'add_field_to_repo', repoid=repo_name, key='extra_field', label='extra_field_label', description='extra_field_desc') response = api_call(self.app, params) expected = 'Field with key `extra_field` exists for repo `%s`' % ( repo_name) assert_error(id_, expected, given=response.body)
def test_api_revoke_user_group_permission_from_repo_group( self, name, apply_to_children, user_util): user_group = user_util.create_user_group() repo_group = user_util.create_repo_group() user_util.grant_user_group_permission_to_repo_group( repo_group, user_group, 'group.read') id_, params = build_data( self.apikey, 'revoke_user_group_permission_from_repo_group', repogroupid=repo_group.name, usergroupid=user_group.users_group_name, apply_to_children=apply_to_children,) response = api_call(self.app, params) expected = { 'msg': ( 'Revoked perm (recursive:%s) for user group: `%s`' ' in repo group: `%s`' % ( apply_to_children, user_group.users_group_name, repo_group.name ) ), 'success': True } assert_ok(id_, expected, given=response.body)
def test_api_revoke_user_permission_from_user_group_by_regular_user( self, name, grant_admin, access_ok, user_util): user = user_util.create_user() group = user_util.create_user_group() permission = 'usergroup.admin' if grant_admin else 'usergroup.read' user_util.grant_user_permission_to_user_group(group, user, permission) id_, params = build_data(self.apikey_regular, 'revoke_user_permission_from_user_group', usergroupid=group.users_group_name, userid=user.username) response = api_call(self.app, params) if access_ok: expected = { 'msg': 'Revoked perm for user: `%s` in user group: `%s`' % (user.username, group.users_group_name), 'success': True } assert_ok(id_, expected, given=response.body) else: expected = 'user group `%s` does not exist' % ( group.users_group_name) assert_error(id_, expected, given=response.body)
def test_api_create_user_group_regular_user(self): group_name = 'some_new_group' usr = UserModel().get_by_username(self.TEST_USER_LOGIN) usr.inherit_default_permissions = False Session().add(usr) UserModel().grant_perm(self.TEST_USER_LOGIN, 'hg.usergroup.create.true') Session().commit() id_, params = build_data(self.apikey_regular, 'create_user_group', group_name=group_name) response = api_call(self.app, params) expected = { 'msg': 'created new user group `%s`' % (group_name, ), 'user_group': jsonify(UserGroupModel().get_by_name(group_name).get_api_data()) } try: assert_ok(id_, expected, given=response.body) finally: self.fixture.destroy_user_group(group_name) UserModel().revoke_perm(self.TEST_USER_LOGIN, 'hg.usergroup.create.true') usr = UserModel().get_by_username(self.TEST_USER_LOGIN) usr.inherit_default_permissions = True Session().add(usr) Session().commit()
def test_api_grant_user_group_permission_to_user_group( self, name, perm, user_util): group = user_util.create_user_group() target_group = user_util.create_user_group() id_, params = build_data( self.apikey, 'grant_user_group_permission_to_user_group', usergroupid=target_group.users_group_name, sourceusergroupid=group.users_group_name, perm=perm) response = api_call(self.app, params) expected = { 'msg': ( 'Granted perm: `%s` for user group: `%s`' ' in user group: `%s`' % ( perm, group.users_group_name, target_group.users_group_name ) ), 'success': True } try: assert_ok(id_, expected, given=response.body) finally: UserGroupModel().revoke_user_group_permission( target_group.users_group_id, group.users_group_id)
def test_api_get_gist_with_content(self, gist_util): mapping = { u'filename1.txt': {'content': u'hello world'}, u'filename1ą.txt': {'content': u'hello worldę'} } gist = gist_util.create_gist(gist_mapping=mapping) gist_id = gist.gist_access_id gist_created_on = gist.created_on gist_modified_at = gist.modified_at id_, params = build_data( self.apikey, 'get_gist', gistid=gist_id, content=True) response = api_call(self.app, params) expected = { 'access_id': gist_id, 'created_on': gist_created_on, 'modified_at': gist_modified_at, 'description': 'new-gist', 'expires': -1.0, 'gist_id': int(gist_id), 'type': 'public', 'url': 'http://test.example.com:80/_admin/gists/%s' % (gist_id,), 'acl_level': Gist.ACL_LEVEL_PUBLIC, 'content': { u'filename1.txt': u'hello world', u'filename1ą.txt': u'hello worldę' }, } assert_ok(id_, expected, given=response.body)
def test_api_create_repo_in_group(self, backend): repo_group_name = 'my_gr' # create the parent fixture.create_repo_group(repo_group_name) repo_name = '%s/api-repo-gr' % (repo_group_name, ) id_, params = build_data( self.apikey, 'create_repo', repo_name=repo_name, owner=TEST_USER_ADMIN_LOGIN, repo_type=backend.alias, ) response = api_call(self.app, params) repo = RepoModel().get_by_repo_name(repo_name) assert repo is not None assert repo.group is not None ret = { 'msg': 'Created new repository `%s`' % (repo_name, ), 'success': True, 'task': None, } expected = ret assert_ok(id_, expected, given=response.body) fixture.destroy_repo(repo_name) fixture.destroy_repo_group(repo_group_name)
def test_api_get_repo( self, apikey_attr, expect_secrets, cache_param, backend, user_util): repo = backend.create_repo() usr = UserModel().get_by_username(TEST_USER_ADMIN_LOGIN) group = user_util.create_user_group(members=[usr]) user_util.grant_user_group_permission_to_repo( repo=repo, user_group=group, permission_name='repository.read') Session().commit() kwargs = { 'repoid': repo.repo_name, } if cache_param is not None: kwargs['cache'] = cache_param apikey = getattr(self, apikey_attr) id_, params = build_data(apikey, 'get_repo', **kwargs) response = api_call(self.app, params) ret = repo.get_api_data() permissions = expected_permissions(repo) followers = [] for user in repo.followers: followers.append(user.user.get_api_data( include_secrets=expect_secrets)) ret['members'] = permissions ret['permissions'] = permissions ret['followers'] = followers expected = ret assert_ok(id_, expected, given=response.body)
def test_api_get_repo_nodes_by_regular_user(self, name, ret_type, grant_perm, backend): RepoModel().grant_user_permission(repo=backend.repo_name, user=self.TEST_USER_LOGIN, perm=grant_perm) Session().commit() commit_id = 'tip' path = '/' id_, params = build_data(self.apikey_regular, 'get_repo_nodes', repoid=backend.repo_name, revision=commit_id, root_path=path, ret_type=ret_type) response = api_call(self.app, params) # we don't the actual return types here since it's tested somewhere # else expected = response.json['result'] try: assert_ok(id_, expected, given=response.body) finally: RepoModel().revoke_user_permission(backend.repo_name, self.TEST_USER_LOGIN)
def test_api_revoke_user_permission_from_repo_group_by_regular_user( self, name, apply_to_children, grant_admin, access_ok, user_util): user = user_util.create_user() repo_group = user_util.create_repo_group() permission = 'group.admin' if grant_admin else 'group.read' user_util.grant_user_permission_to_repo_group(repo_group, user, permission) id_, params = build_data( self.apikey_regular, 'revoke_user_permission_from_repo_group', repogroupid=repo_group.name, userid=user.username, apply_to_children=apply_to_children, ) response = api_call(self.app, params) if access_ok: expected = { 'msg': ('Revoked perm (recursive:%s) for user: `%s`' ' in repo group: `%s`' % (apply_to_children, user.username, repo_group.name)), 'success': True } assert_ok(id_, expected, given=response.body) else: expected = 'repository group `%s` does not exist' % ( repo_group.name) assert_error(id_, expected, given=response.body)
def test_api_delete_repo_group_regular_user(self, user_util): repo_group = user_util.create_repo_group(auto_cleanup=False) repo_group_name = repo_group.group_name repo_group_id = repo_group.group_id user = UserModel().get_by_username(self.TEST_USER_LOGIN) user_util.grant_user_permission_to_repo_group(repo_group, user, 'group.admin') id_, params = build_data( self.apikey, 'delete_repo_group', repogroupid=repo_group_name, ) response = api_call(self.app, params) ret = { 'msg': 'deleted repo group ID:%s %s' % (repo_group_id, repo_group_name), 'repo_group': None } expected = ret assert_ok(id_, expected, given=response.body) gr = RepoGroupModel()._get_repo_group(repo_group_name) assert gr is None
def test_api_grant_user_group_permission_to_repo_group( self, name, perm, apply_to_children, user_util): user_group = user_util.create_user_group() repo_group = user_util.create_repo_group() id_, params = build_data( self.apikey, 'grant_user_group_permission_to_repo_group', repogroupid=repo_group.name, usergroupid=user_group.users_group_name, perm=perm, apply_to_children=apply_to_children, ) response = api_call(self.app, params) ret = { 'msg': ('Granted perm: `%s` (recursive:%s) for user group: `%s`' ' in repo group: `%s`' % (perm, apply_to_children, user_group.users_group_name, repo_group.name)), 'success': True } expected = ret try: assert_ok(id_, expected, given=response.body) finally: RepoGroupModel().revoke_user_group_permission( repo_group.group_id, user_group.users_group_id)
def test_api_revoke_user_group_permission_from_user_group( self, name, user_util): user = UserModel().get_by_username(self.TEST_USER_LOGIN) group = user_util.create_user_group() source_group = user_util.create_user_group() user_util.grant_user_permission_to_user_group(group, user, 'usergroup.read') user_util.grant_user_group_permission_to_user_group( source_group, group, 'usergroup.read') id_, params = build_data( self.apikey, 'revoke_user_group_permission_from_user_group', usergroupid=group.users_group_name, sourceusergroupid=source_group.users_group_name) response = api_call(self.app, params) expected = { 'msg': 'Revoked perm for user group: `%s` in user group: `%s`' % (source_group.users_group_name, group.users_group_name), 'success': True } assert_ok(id_, expected, given=response.body)
def test_api_create_gist(self, lifetime, gist_type, gist_acl_level): id_, params = build_data(self.apikey_regular, 'create_gist', lifetime=lifetime, description='foobar-gist', gist_type=gist_type, acl_level=gist_acl_level, files={'foobar': { 'content': 'foo' }}) response = api_call(self.app, params) response_json = response.json gist = response_json['result']['gist'] expected = { 'gist': { 'access_id': gist['access_id'], 'created_on': gist['created_on'], 'modified_at': gist['modified_at'], 'description': 'foobar-gist', 'expires': gist['expires'], 'gist_id': gist['gist_id'], 'type': gist_type, 'url': gist['url'], # content is empty since we don't show it here 'content': None, 'acl_level': gist_acl_level, }, 'msg': 'created new gist' } try: assert_ok(id_, expected, given=response.body) finally: Fixture().destroy_gists()
def test_api_create_repo_group_in_another_group(self): repo_group_name = 'api-repo-group' repo_group = RepoGroupModel.cls.get_by_group_name(repo_group_name) assert repo_group is None # create the parent fixture.create_repo_group(repo_group_name) full_repo_group_name = repo_group_name + '/' + repo_group_name id_, params = build_data(self.apikey, 'create_repo_group', group_name=full_repo_group_name, owner=TEST_USER_ADMIN_LOGIN, copy_permissions=True) response = api_call(self.app, params) repo_group = RepoGroupModel.cls.get_by_group_name(full_repo_group_name) assert repo_group is not None ret = { 'msg': 'Created new repo group `%s`' % (full_repo_group_name, ), 'repo_group': repo_group.get_api_data() } expected = ret assert_ok(id_, expected, given=response.body) fixture.destroy_repo_group(full_repo_group_name) fixture.destroy_repo_group(repo_group_name)
def test_api_grant_user_permission_to_repo_group_by_regular_user( self, name, perm, apply_to_children, grant_admin, access_ok, user_util): user = user_util.create_user() repo_group = user_util.create_repo_group() if grant_admin: test_user = UserModel().get_by_username(self.TEST_USER_LOGIN) user_util.grant_user_permission_to_repo_group( repo_group, test_user, 'group.admin') id_, params = build_data( self.apikey_regular, 'grant_user_permission_to_repo_group', repogroupid=repo_group.name, userid=user.username, perm=perm, apply_to_children=apply_to_children) response = api_call(self.app, params) if access_ok: ret = { 'msg': ( 'Granted perm: `%s` (recursive:%s) for user: `%s`' ' in repo group: `%s`' % ( perm, apply_to_children, user.username, repo_group.name ) ), 'success': True } expected = ret assert_ok(id_, expected, given=response.body) else: expected = 'repository group `%s` does not exist' % ( repo_group.name, ) assert_error(id_, expected, given=response.body)
def test_api_update_repo(self, updates, expected, backend): repo_name = UPDATE_REPO_NAME repo = fixture.create_repo(repo_name, repo_type=backend.alias) if updates.get('group'): fixture.create_repo_group(updates['group']) expected_api_data = repo.get_api_data(include_secrets=True) if expected is SAME_AS_UPDATES: expected_api_data.update(updates) else: expected_api_data.update(expected) id_, params = build_data(self.apikey, 'update_repo', repoid=repo_name, **updates) response = api_call(self.app, params) if updates.get('name'): repo_name = updates['name'] if updates.get('group'): repo_name = '/'.join([updates['group'], repo_name]) try: expected = { 'msg': 'updated repo ID:%s %s' % (repo.repo_id, repo_name), 'repository': jsonify(expected_api_data) } assert_ok(id_, expected, given=response.body) finally: fixture.destroy_repo(repo_name) if updates.get('group'): fixture.destroy_repo_group(updates['group'])
def test_api_comment_pull_request(self, pr_util, no_notifications): pull_request = pr_util.create_pull_request() pull_request_id = pull_request.pull_request_id author = pull_request.user_id repo = pull_request.target_repo.repo_id id_, params = build_data(self.apikey, 'comment_pull_request', repoid=pull_request.target_repo.repo_name, pullrequestid=pull_request.pull_request_id, message='test message') response = api_call(self.app, params) pull_request = PullRequestModel().get(pull_request.pull_request_id) comments = ChangesetCommentsModel().get_comments( pull_request.target_repo.repo_id, pull_request=pull_request) expected = { 'pull_request_id': pull_request.pull_request_id, 'comment_id': comments[-1].comment_id, 'status': None } assert_ok(id_, expected, response.body) action = 'user_commented_pull_request:%d' % pull_request_id journal = UserLog.query()\ .filter(UserLog.user_id == author)\ .filter(UserLog.repository_id == repo)\ .filter(UserLog.action == action)\ .all() assert len(journal) == 2
def test_api_get_repo_by_non_admin(self, grant_perm, backend): # TODO: Depending on which tests are running before this one, we # start with a different number of permissions in the database. repo = RepoModel().get_by_repo_name(backend.repo_name) permission_count = len(repo.repo_to_perm) RepoModel().grant_user_permission(repo=backend.repo_name, user=self.TEST_USER_LOGIN, perm=grant_perm) Session().commit() id_, params = build_data( self.apikey_regular, 'get_repo', repoid=backend.repo_name) response = api_call(self.app, params) repo = RepoModel().get_by_repo_name(backend.repo_name) ret = repo.get_api_data() assert permission_count + 1, len(repo.repo_to_perm) permissions = expected_permissions(repo) followers = [] for user in repo.followers: followers.append(user.user.get_api_data()) ret['members'] = permissions ret['permissions'] = permissions ret['followers'] = followers expected = ret try: assert_ok(id_, expected, given=response.body) finally: RepoModel().revoke_user_permission( backend.repo_name, self.TEST_USER_LOGIN)
def test_api_update_user_group_regular_user(self, changing_attr, updates, user_util): user_group = user_util.create_user_group() group_name = user_group.users_group_name expected_api_data = user_group.get_api_data() expected_api_data.update(updates) # grant permission to this user user = UserModel().get_by_username(self.TEST_USER_LOGIN) user_util.grant_user_permission_to_user_group(user_group, user, 'usergroup.admin') id_, params = build_data(self.apikey_regular, 'update_user_group', usergroupid=group_name, **updates) response = api_call(self.app, params) expected = { 'msg': 'updated user group ID:%s %s' % (user_group.users_group_id, user_group.users_group_name), 'user_group': jsonify(expected_api_data) } assert_ok(id_, expected, given=response.body)
def test_api_create_repo_with_booleans(self, backend): repo_name = 'api-repo-2' id_, params = build_data(self.apikey, 'create_repo', repo_name=repo_name, owner=TEST_USER_ADMIN_LOGIN, repo_type=backend.alias, enable_statistics=True, enable_locking=True, enable_downloads=True) response = api_call(self.app, params) repo = RepoModel().get_by_repo_name(repo_name) assert repo is not None ret = { 'msg': 'Created new repository `%s`' % (repo_name, ), 'success': True, 'task': None, } expected = ret assert_ok(id_, expected, given=response.body) id_, params = build_data(self.apikey, 'get_repo', repoid=repo_name) response = api_call(self.app, params) body = json.loads(response.body) assert body['result']['enable_downloads'] is True assert body['result']['enable_locking'] is True assert body['result']['enable_statistics'] is True fixture.destroy_repo(repo_name)
def test_api_create_restricted_repo_type(self, backend): repo_name = 'api-repo-type-{0}'.format(backend.alias) id_, params = build_data( self.apikey, 'create_repo', repo_name=repo_name, owner=TEST_USER_ADMIN_LOGIN, repo_type=backend.alias, ) git_backend = settings.BACKENDS['git'] with mock.patch('rhodecode.lib.vcs.settings.BACKENDS', {'git': git_backend}): response = api_call(self.app, params) repo = RepoModel().get_by_repo_name(repo_name) if backend.alias == 'git': assert repo is not None expected = { 'msg': 'Created new repository `{0}`'.format(repo_name, ), 'success': True, 'task': None, } assert_ok(id_, expected, given=response.body) else: assert repo is None fixture.destroy_repo(repo_name)
def test_api_delete_gist_regular_user(self, gist_util): gist_id = gist_util.create_gist( owner=self.TEST_USER_LOGIN).gist_access_id id_, params = build_data(self.apikey_regular, 'delete_gist', gistid=gist_id) response = api_call(self.app, params) expected = {'gist': None, 'msg': 'deleted gist ID:%s' % (gist_id, )} assert_ok(id_, expected, given=response.body)
def test_api_get_user_without_giving_userid_non_admin(self): id_, params = build_data(self.apikey_regular, 'get_user') response = api_call(self.app, params) usr = UserModel().get_by_username(self.TEST_USER_LOGIN) ret = usr.get_api_data(include_secrets=True) ret['permissions'] = AuthUser(usr.user_id).permissions expected = ret assert_ok(id_, expected, given=response.body)