def test_add_file_into_repo_errors_and_no_commits(
self, backend, csrf_token):
repo = backend.create_repo()
# Create a file with no filename, it will display an error but
# the repo has no commits yet
response = self.app.post(
url(
'files_add',
repo_name=repo.repo_name,
revision='tip', f_path='/'),
params={
'content': "foo",
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(response, 'No filename')
# Not allowed, redirect to the summary
redirected = response.follow()
summary_url = url('summary_home', repo_name=repo.repo_name)
# As there are no commits, displays the summary page with the error of
# creating a file with no filename
assert redirected.req.path == summary_url
def test_update_application_permissions(self, anonymous, default_register,
default_register_message,
default_extern_activate,
expect_error, expect_form_error):
self.log_user()
# TODO: anonymous access set here to False, breaks some other tests
params = {
'csrf_token': self.csrf_token,
'anonymous': anonymous,
'default_register': default_register,
'default_register_message': default_register_message,
'default_extern_activate': default_extern_activate,
}
response = self.app.post(url('admin_permissions_application'),
params=params)
if expect_form_error:
assert response.status_int == 200
response.mustcontain('Value must be one of')
else:
if expect_error:
msg = 'Error occurred during update of permissions'
else:
msg = 'Application permissions updated successfully'
assert_session_flash(response, msg)
def test_update_global_permissions(self, repo_create, repo_create_write,
user_group_create, repo_group_create,
fork_create,
inherit_default_permissions,
expect_error, expect_form_error):
self.log_user()
params = {
'csrf_token': self.csrf_token,
'default_repo_create': repo_create,
'default_repo_create_on_write': repo_create_write,
'default_user_group_create': user_group_create,
'default_repo_group_create': repo_group_create,
'default_fork_create': fork_create,
'default_inherit_default_permissions': inherit_default_permissions
}
response = self.app.post(url('admin_permissions_global'),
params=params)
if expect_form_error:
assert response.status_int == 200
response.mustcontain('Value must be one of')
else:
if expect_error:
msg = 'Error occurred during update of permissions'
else:
msg = 'Global permissions updated successfully'
assert_session_flash(response, msg)
def test_delete(self):
self.log_user()
users_group_name = TEST_USER_GROUP + 'another'
response = self.app.post(
url('users_groups'), {
'users_group_name': users_group_name,
'user_group_description': 'DESC',
'active': True,
'csrf_token': self.csrf_token
})
user_group_link = link_to(
users_group_name,
url('edit_users_group',
user_group_id=UserGroup.get_by_group_name(
users_group_name).users_group_id))
assert_session_flash(response,
'Created user group %s' % user_group_link)
group = Session().query(UserGroup).filter(
UserGroup.users_group_name == users_group_name).one()
response = self.app.post(url('delete_users_group',
user_group_id=group.users_group_id),
params={
'_method': 'delete',
'csrf_token': self.csrf_token
})
group = Session().query(UserGroup).filter(
UserGroup.users_group_name == users_group_name).scalar()
assert group is None
def test_create_subgroup(self, user_util):
self.log_user()
repo_group_name = self.NEW_REPO_GROUP
parent_group = user_util.create_repo_group()
parent_group_name = parent_group.group_name
expected_group_name = '{}/{}'.format(parent_group_name,
repo_group_name)
expected_group_name_unicode = expected_group_name.decode('utf8')
try:
response = self.app.post(
url('repo_groups'),
fixture._get_group_create_params(
group_name=repo_group_name,
group_parent_id=parent_group.group_id,
group_description='Test desciption',
csrf_token=self.csrf_token))
assert_session_flash(
response, u'Created repository group <a href="%s">%s</a>' %
(h.url('repo_group_home', group_name=expected_group_name),
expected_group_name_unicode))
finally:
RepoGroupModel().delete(expected_group_name_unicode)
Session().commit()
def test_edit_file_view_commit_changes_default_message(self, backend,
csrf_token):
repo = backend.create_repo()
backend.ensure_file("vcs/nodes.py", content="print 'hello'")
commit_id = (
backend.default_branch_name or
backend.repo.scm_instance().commit_ids[-1])
response = self.app.post(
url(
'files_edit',
repo_name=repo.repo_name,
revision=commit_id,
f_path='vcs/nodes.py'),
params={
'content': "print 'hello world'",
'message': '',
'filename': "vcs/nodes.py",
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(
response, 'Successfully committed to vcs/nodes.py')
tip = repo.get_commit(commit_idx=-1)
assert tip.message == 'Edited file vcs/nodes.py via RhodeCode Enterprise'
def test_my_account_remove_auth_token(self):
# TODO: without this cleanup it fails when run with the whole
# test suite, so there must be some interference with other tests.
UserApiKeys.query().delete()
usr = self.log_user('test_regular2', 'test12')
User.get(usr['user_id'])
response = self.app.post(url('my_account_auth_tokens'), {
'description': 'desc',
'lifetime': -1,
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Auth token successfully created')
response = response.follow()
# now delete our key
keys = UserApiKeys.query().all()
assert 1 == len(keys)
response = self.app.post(
url('my_account_auth_tokens'), {
'_method': 'delete',
'del_auth_token': keys[0].api_key,
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Auth token successfully deleted')
keys = UserApiKeys.query().all()
assert 0 == len(keys)
def test_register_ok(self):
username = '******'
password = '******'
email = '*****@*****.**'
name = 'testname'
lastname = 'testlastname'
response = self.app.post(
register_url, {
'username': username,
'password': password,
'password_confirmation': password,
'email': email,
'firstname': name,
'lastname': lastname,
'admin': True
}) # This should be overriden
assert response.status == '302 Found'
assert_session_flash(
response, 'You have successfully registered with RhodeCode')
ret = Session().query(User).filter(
User.username == 'test_regular4').one()
assert ret.username == username
assert check_password(password, ret.password)
assert ret.email == email
assert ret.name == name
assert ret.lastname == lastname
assert ret.api_key is not None
assert not ret.admin
def test_compare_of_fork_with_largefiles(self, backend_hg, settings_util):
orig = backend_hg.create_repo(number_of_commits=1)
fork = backend_hg.create_fork()
settings_util.create_repo_rhodecode_ui(
orig, 'extensions', value='', key='largefiles', active=False)
settings_util.create_repo_rhodecode_ui(
fork, 'extensions', value='', key='largefiles', active=True)
compare_module = ('rhodecode.lib.vcs.backends.hg.repository.'
'MercurialRepository.compare')
with mock.patch(compare_module) as compare_mock:
compare_mock.side_effect = RepositoryRequirementError()
response = self.app.get(
url('compare_url',
repo_name=orig.repo_name,
action="compare",
source_ref_type="rev",
source_ref="tip",
target_ref_type="rev",
target_ref="tip",
merge='1',
target_repo=fork.repo_name),
status=302)
assert_session_flash(
response,
'Could not compare repos with different large file settings')
def test_my_account_my_emails_add_remove(self):
self.log_user()
response = self.app.get(url('my_account_emails'))
response.mustcontain('No additional emails specified')
response = self.app.post(url('my_account_emails'), {
'new_email': '*****@*****.**',
'csrf_token': self.csrf_token
})
response = self.app.get(url('my_account_emails'))
from rhodecode.model.db import UserEmailMap
email_id = UserEmailMap.query().filter(
UserEmailMap.user == User.get_by_username(TEST_USER_ADMIN_LOGIN)
).filter(UserEmailMap.email == '*****@*****.**').one().email_id
response.mustcontain('*****@*****.**')
response.mustcontain('<input id="del_email_id" name="del_email_id" '
'type="hidden" value="%s" />' % email_id)
response = self.app.post(
url('my_account_emails'), {
'del_email_id': email_id,
'_method': 'delete',
'csrf_token': self.csrf_token
})
assert_session_flash(response,
'Removed email address from user account')
response = self.app.get(url('my_account_emails'))
response.mustcontain('No additional emails specified')
def test_my_account_my_emails_add_mising_email_in_form(self):
self.log_user()
response = self.app.get(url('my_account_emails'))
response.mustcontain('No additional emails specified')
response = self.app.post(url('my_account_emails'),
{'csrf_token': self.csrf_token})
assert_session_flash(response, 'Please enter an email address')
def test_delete_normal_user_his_gist(self, create_gist):
self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS)
gist = create_gist('delete-me', owner=TEST_USER_REGULAR_LOGIN)
response = self.app.post(url('gist', gist_id=gist.gist_id),
params={
'_method': 'delete',
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
def test_my_account_my_emails_add_existing_email(self):
self.log_user()
response = self.app.get(url('my_account_emails'))
response.mustcontain('No additional emails specified')
response = self.app.post(url('my_account_emails'), {
'new_email': TEST_USER_REGULAR_EMAIL,
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'This e-mail address is already taken')
def test_delete(self, create_gist):
self.log_user()
gist = create_gist('delete-me')
response = self.app.post(url('gist', gist_id=gist.gist_id),
params={
'_method': 'delete',
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
def test_global_perms_on_group(self, repo_create, repo_create_write,
user_group_create, repo_group_create,
fork_create, expect_error,
expect_form_error,
inherit_default_permissions):
self.log_user()
users_group_name = TEST_USER_GROUP + 'another2'
response = self.app.post(
url('users_groups'), {
'users_group_name': users_group_name,
'user_group_description': 'DESC',
'active': True,
'csrf_token': self.csrf_token
})
ug = UserGroup.get_by_group_name(users_group_name)
user_group_link = link_to(
users_group_name,
url('edit_users_group', user_group_id=ug.users_group_id))
assert_session_flash(response,
'Created user group %s' % user_group_link)
response.follow()
# ENABLE REPO CREATE ON A GROUP
perm_params = {
'inherit_default_permissions': False,
'default_repo_create': repo_create,
'default_repo_create_on_write': repo_create_write,
'default_user_group_create': user_group_create,
'default_repo_group_create': repo_group_create,
'default_fork_create': fork_create,
'default_inherit_default_permissions': inherit_default_permissions,
'_method': 'put',
'csrf_token': self.csrf_token,
}
response = self.app.post(url('edit_user_group_global_perms',
user_group_id=ug.users_group_id),
params=perm_params)
if expect_form_error:
assert response.status_int == 200
response.mustcontain('Value must be one of')
else:
if expect_error:
msg = 'An error occurred during permissions saving'
else:
msg = 'User Group global permissions updated successfully'
ug = UserGroup.get_by_group_name(users_group_name)
del perm_params['_method']
del perm_params['csrf_token']
del perm_params['inherit_default_permissions']
assert perm_params == ug.get_default_perms()
assert_session_flash(response, msg)
fixture.destroy_user_group(users_group_name)
def test_my_account_update(self, name, attrs):
usr = fixture.create_user(self.test_user_1,
password='******',
email='*****@*****.**',
extern_type='rhodecode',
extern_name=self.test_user_1,
skip_if_exists=True)
self.destroy_users.add(self.test_user_1)
params = usr.get_api_data() # current user data
user_id = usr.user_id
self.log_user(username=self.test_user_1, password='******')
params.update({'password_confirmation': ''})
params.update({'new_password': ''})
params.update({'extern_type': 'rhodecode'})
params.update({'extern_name': self.test_user_1})
params.update({'csrf_token': self.csrf_token})
params.update(attrs)
# my account page cannot set language param yet, only for admins
del params['language']
response = self.app.post(url('my_account'), params)
assert_session_flash(response, 'Your account was updated successfully')
del params['csrf_token']
updated_user = User.get_by_username(self.test_user_1)
updated_params = updated_user.get_api_data()
updated_params.update({'password_confirmation': ''})
updated_params.update({'new_password': ''})
params['last_login'] = updated_params['last_login']
# my account page cannot set language param yet, only for admins
# but we get this info from API anyway
params['language'] = updated_params['language']
if name == 'email':
params['emails'] = [attrs['email']]
if name == 'extern_type':
# cannot update this via form, expected value is original one
params['extern_type'] = "rhodecode"
if name == 'extern_name':
# cannot update this via form, expected value is original one
params['extern_name'] = str(user_id)
if name == 'active':
# my account cannot deactivate account
params['active'] = True
if name == 'admin':
# my account cannot make you an admin !
params['admin'] = False
assert params == updated_params
def test_delete_file_view_not_on_branch(self, backend):
repo = backend.create_repo()
backend.ensure_file('vcs/nodes.py')
response = self.app.get(
url(
'files_delete_home',
repo_name=repo.repo_name,
revision='tip', f_path='vcs/nodes.py'),
status=302)
assert_session_flash(
response,
'You can only delete files with revision being a valid branch')
def test_add_file_into_repo_missing_filename(self, backend, csrf_token):
response = self.app.post(
url(
'files_add',
repo_name=backend.repo_name,
revision='tip', f_path='/'),
params={
'content': "foo",
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(response, 'No filename')
def test_merge_pull_request_renders_failure_reason(user_regular):
pull_request = mock.Mock()
controller = pullrequests.PullrequestsController()
model_patcher = mock.patch.multiple(
PullRequestModel,
merge=mock.Mock(return_value=MergeResponse(
True, False, 'STUB_COMMIT_ID', MergeFailureReason.PUSH_FAILED)),
merge_status=mock.Mock(return_value=(True, 'WRONG_MESSAGE')))
with model_patcher:
controller._merge_pull_request(pull_request, user_regular, extras={})
assert_session_flash(msg=PullRequestModel.MERGE_STATUS_MESSAGES[
MergeFailureReason.PUSH_FAILED])
def test_access_empty_repo_redirect_to_summary_with_alert_write_perms(
self, app, backend_stub, autologin_regular_user, user_regular,
user_util):
repo = backend_stub.create_repo()
user_util.grant_user_permission_to_repo(
repo, user_regular, 'repository.write')
response = self.app.get(url(
controller='files', action='index',
repo_name=repo.repo_name, revision='tip', f_path='/'))
assert_session_flash(
response,
'There are no files yet. <a class="alert-link" '
'href="/%s/add/0/#edit">Click here to add a new file.</a>'
% (repo.repo_name))
def test_forgot_password(self):
response = self.app.get(pwd_reset_url)
assert response.status == '200 OK'
username = '******'
password = '******'
email = '*****@*****.**'
name = 'passwd'
lastname = 'reset'
new = User()
new.username = username
new.password = password
new.email = email
new.name = name
new.lastname = lastname
new.api_key = generate_auth_token(username)
Session().add(new)
Session().commit()
response = self.app.post(pwd_reset_url, {
'email': email,
})
assert_session_flash(response, 'Your password reset link was sent')
response = response.follow()
# BAD KEY
key = "bad"
confirm_url = '{}?key={}'.format(pwd_reset_confirm_url, key)
response = self.app.get(confirm_url)
assert response.status == '302 Found'
assert response.location.endswith(pwd_reset_url)
# GOOD KEY
key = User.get_by_username(username).api_key
confirm_url = '{}?key={}'.format(pwd_reset_confirm_url, key)
response = self.app.get(confirm_url)
assert response.status == '302 Found'
assert response.location.endswith(login_url)
assert_session_flash(
response, 'Your password reset was successful, '
'a new password has been sent to your email')
response = response.follow()
def test_update_params_false_git(self, autologin_user, csrf_token):
params = {
'default_repo_enable_locking': False,
'default_repo_enable_downloads': False,
'default_repo_enable_statistics': False,
'default_repo_private': False,
'default_repo_type': 'git',
'csrf_token': csrf_token,
}
response = self.app.post(url('admin_defaults_repositories'),
params=params)
assert_session_flash(response, 'Default settings updated successfully')
defs = SettingsModel().get_default_repo_settings()
del params['csrf_token']
assert params == defs
def test_my_account_reset_main_auth_token(self):
usr = self.log_user('test_regular2', 'test12')
user = User.get(usr['user_id'])
api_key = user.api_key
response = self.app.get(url('my_account_auth_tokens'))
response.mustcontain(api_key)
response.mustcontain('expires: never')
response = self.app.post(
url('my_account_auth_tokens'), {
'_method': 'delete',
'del_auth_token_builtin': api_key,
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Auth token successfully reset')
response = response.follow()
response.mustcontain(no=[api_key])
def test_delete_file_view_commit_changes(self, backend, csrf_token):
repo = backend.create_repo()
backend.ensure_file("vcs/nodes.py")
response = self.app.post(
url(
'files_delete_home',
repo_name=repo.repo_name,
revision=backend.default_head_id,
f_path='vcs/nodes.py'),
params={
'message': 'i commited',
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(
response, 'Successfully deleted file vcs/nodes.py')
def test_update_invalid_source_reference(self, pr_util, csrf_token):
pull_request = pr_util.create_pull_request()
pull_request.source_ref = 'branch:invalid-branch:invalid-commit-id'
Session().add(pull_request)
Session().commit()
pull_request_id = pull_request.pull_request_id
response = self.app.post(
url(controller='pullrequests', action='update',
repo_name=pull_request.target_repo.repo_name,
pull_request_id=str(pull_request_id)),
params={'update_commits': 'true', '_method': 'put',
'csrf_token': csrf_token})
assert_session_flash(
response, u'Update failed due to missing commits.',
category='error')
def test_create(self):
self.log_user()
users_group_name = TEST_USER_GROUP
response = self.app.post(
url('users_groups'), {
'users_group_name': users_group_name,
'user_group_description': 'DESC',
'active': True,
'csrf_token': self.csrf_token
})
user_group_link = link_to(
users_group_name,
url('edit_users_group',
user_group_id=UserGroup.get_by_group_name(
users_group_name).users_group_id))
assert_session_flash(response,
'Created user group %s' % user_group_link)
def test_add_file_into_repo(self, cnt, location, filename, backend,
csrf_token):
repo = backend.create_repo()
response = self.app.post(
url(
'files_add',
repo_name=repo.repo_name,
revision='tip', f_path='/'),
params={
'content': "foo",
'filename': filename,
'location': location,
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(
response, 'Successfully committed to %s'
% os.path.join(location, filename))
def test_add_file_into_repo_bad_filenames(
self, location, filename, backend, csrf_token):
response = self.app.post(
url(
'files_add',
repo_name=backend.repo_name,
revision='tip', f_path='/'),
params={
'content': "foo",
'filename': filename,
'location': location,
'csrf_token': csrf_token,
},
status=302)
assert_session_flash(
response,
'The location specified must be a relative path and must not '
'contain .. in the path')
def test_my_account_add_auth_tokens(self, desc, lifetime):
usr = self.log_user('test_regular2', 'test12')
user = User.get(usr['user_id'])
response = self.app.post(
url('my_account_auth_tokens'), {
'description': desc,
'lifetime': lifetime,
'csrf_token': self.csrf_token
})
assert_session_flash(response, 'Auth token successfully created')
try:
response = response.follow()
user = User.get(usr['user_id'])
for auth_token in user.auth_tokens:
response.mustcontain(auth_token)
finally:
for auth_token in UserApiKeys.query().all():
Session().delete(auth_token)
Session().commit()
def test_edit_title_description_closed(self, pr_util, csrf_token):
pull_request = pr_util.create_pull_request()
pull_request_id = pull_request.pull_request_id
pr_util.close()
response = self.app.post(
url(controller='pullrequests', action='update',
repo_name=pull_request.target_repo.repo_name,
pull_request_id=str(pull_request_id)),
params={
'edit_pull_request': 'true',
'_method': 'put',
'title': 'New title',
'description': 'New description',
'csrf_token': csrf_token})
assert_session_flash(
response, u'Cannot update closed pull requests.',
category='error')
