def install_app(app, path, additionnal_args=""):
app_install(
os.path.join(get_test_apps_dir(), app),
args="domain=%s&path=%s%s" % (maindomain, path, additionnal_args),
force=True,
)
def test_permission_legacy_app_propagation_on_ssowat():
app_install(os.path.join(get_test_apps_dir(), "legacy_app_ynh"),
args="domain=%s&domain_2=%s&path=%s" %
(maindomain, other_domains[0], "/legacy"),
force=True)
# App is configured as public by default using the legacy unprotected_uri mechanics
# It should automatically be migrated during the install
res = user_permission_list(full=True)['permissions']
assert "visitors" in res['legacy_app.main']['allowed']
assert "all_users" in res['legacy_app.main']['allowed']
app_webroot = "https://%s/legacy" % maindomain
assert can_access_webpage(app_webroot, logged_as=None)
assert can_access_webpage(app_webroot, logged_as="alice")
# Try to update the permission and check that permissions are still consistent
user_permission_update("legacy_app.main",
remove=["visitors", "all_users"],
add="bob")
assert not can_access_webpage(app_webroot, logged_as=None)
assert not can_access_webpage(app_webroot, logged_as="alice")
assert can_access_webpage(app_webroot, logged_as="bob")
def test_permission_app_install():
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
args="domain=%s&domain_2=%s&path=%s&is_public=0&admin=%s" %
(maindomain, other_domains[0], "/urlpermissionapp", "alice"),
force=True)
res = user_permission_list(full=True)['permissions']
assert "permissions_app.main" in res
assert "permissions_app.admin" in res
assert "permissions_app.dev" in res
assert res['permissions_app.main']['url'] == "/"
assert res['permissions_app.admin']['url'] == "/admin"
assert res['permissions_app.dev']['url'] == "/dev"
assert res['permissions_app.main']['allowed'] == ["all_users"]
assert set(res['permissions_app.main']['corresponding_users']) == set(
["alice", "bob"])
assert res['permissions_app.admin']['allowed'] == ["alice"]
assert res['permissions_app.admin']['corresponding_users'] == ["alice"]
assert res['permissions_app.dev']['allowed'] == []
assert set(res['permissions_app.dev']['corresponding_users']) == set()
# Check that we get the right stuff in app_map, which is used to generate the ssowatconf
assert maindomain + "/urlpermissionapp" in app_map(user="******").keys()
user_permission_update("permissions_app.main",
remove="all_users",
add="bob")
assert maindomain + "/urlpermissionapp" not in app_map(user="******").keys()
assert maindomain + "/urlpermissionapp" in app_map(user="******").keys()
def install_break_yo_system(domain, breakwhat):
app_install(
os.path.join(get_test_apps_dir(), "break_yo_system_ynh"),
args="domain=%s&breakwhat=%s" % (domain, breakwhat),
force=True,
)
def test_permission_app_propagation_on_ssowat():
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
args="domain=%s&domain_2=%s&path=%s&is_public=1&admin=%s" %
(maindomain, other_domains[0], "/urlpermissionapp", "alice"),
force=True)
res = user_permission_list(full=True)['permissions']
assert "visitors" in res['permissions_app.main']['allowed']
assert "all_users" in res['permissions_app.main']['allowed']
app_webroot = "https://%s/urlpermissionapp" % maindomain
assert can_access_webpage(app_webroot, logged_as=None)
assert can_access_webpage(app_webroot, logged_as="alice")
user_permission_update("permissions_app.main",
remove=["visitors", "all_users"],
add="bob")
res = user_permission_list(full=True)['permissions']
assert not can_access_webpage(app_webroot, logged_as=None)
assert not can_access_webpage(app_webroot, logged_as="alice")
assert can_access_webpage(app_webroot, logged_as="bob")
# Test admin access, as configured during install, only alice should be able to access it
# alice gotta be allowed on the main permission to access the admin tho
user_permission_update("permissions_app.main",
remove="bob",
add="all_users")
assert not can_access_webpage(app_webroot + "/admin", logged_as=None)
assert can_access_webpage(app_webroot + "/admin", logged_as="alice")
assert not can_access_webpage(app_webroot + "/admin", logged_as="bob")
def install_legacy_app(domain, path, public=True):
app_install(
os.path.join(get_test_apps_dir(), "legacy_app_ynh"),
args="domain=%s&path=%s&is_public=%s" % (domain, path, 1 if public else 0),
force=True,
)
def install_full_domain_app(domain):
app_install(
os.path.join(get_test_apps_dir(), "full_domain_app_ynh"),
args="domain=%s" % domain,
force=True,
)
def test_normalize_permission_path_conflicting_path():
app_install(os.path.join(get_test_apps_dir(), "register_url_app_ynh"),
args="domain=%s&path=%s" % (maindomain, "/url/registerapp"), force=True)
with pytest.raises(YunohostError):
_validate_and_sanitize_permission_url("/registerapp", maindomain + '/url', 'test_permission')
with pytest.raises(YunohostError):
_validate_and_sanitize_permission_url(maindomain + "/url/registerapp", maindomain + '/path', 'test_permission')
def test_registerurl_baddomain():
with pytest.raises(YunohostError):
app_install(
os.path.join(get_test_apps_dir(), "register_url_app_ynh"),
args="domain=%s&path=%s" % ("yolo.swag", "/urlregisterapp"),
force=True,
)
def test_permission_app_remove():
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
args="domain=%s&domain_2=%s&path=%s&is_public=0&admin=%s" %
(maindomain, other_domains[0], "/urlpermissionapp", "alice"),
force=True)
app_remove("permissions_app")
# Check all permissions for this app got deleted
res = user_permission_list(full=True)['permissions']
assert not any(p.startswith("permissions_app.") for p in res.keys())
def test_registerurl():
app_install(os.path.join(get_test_apps_dir(), "register_url_app_ynh"),
args="domain=%s&path=%s" % (maindomain, "/urlregisterapp"), force=True)
assert not domain_url_available(maindomain, "/urlregisterapp")
# Try installing at same location
with pytest.raises(YunohostError):
app_install(os.path.join(get_test_apps_dir(), "register_url_app_ynh"),
args="domain=%s&path=%s" % (maindomain, "/urlregisterapp"), force=True)
def test_permission_protection_management_by_helper():
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
args="domain=%s&domain_2=%s&path=%s&admin=%s" %
(maindomain, other_domains[0], "/urlpermissionapp", "alice"),
force=True)
res = user_permission_list(full=True)['permissions']
assert res['permissions_app.main']['protected'] is False
assert res['permissions_app.admin']['protected'] is True
assert res['permissions_app.dev']['protected'] is False
app_upgrade(["permissions_app"],
file=os.path.join(get_test_apps_dir(), "permissions_app_ynh"))
res = user_permission_list(full=True)['permissions']
assert res['permissions_app.main']['protected'] is False
assert res['permissions_app.admin']['protected'] is False
assert res['permissions_app.dev']['protected'] is True
def test_permission_app_change_url():
app_install(os.path.join(get_test_apps_dir(), "permissions_app_ynh"),
args="domain=%s&domain_2=%s&path=%s&admin=%s" %
(maindomain, other_domains[0], "/urlpermissionapp", "alice"),
force=True)
# FIXME : should rework this test to look for differences in the generated app map / app tiles ...
res = user_permission_list(full=True)['permissions']
assert res['permissions_app.main']['url'] == "/"
assert res['permissions_app.admin']['url'] == "/admin"
assert res['permissions_app.dev']['url'] == "/dev"
app_change_url("permissions_app", maindomain, "/newchangeurl")
res = user_permission_list(full=True)['permissions']
assert res['permissions_app.main']['url'] == "/"
assert res['permissions_app.admin']['url'] == "/admin"
assert res['permissions_app.dev']['url'] == "/dev"
def install_changeurl_app(path):
app_install(os.path.join(get_test_apps_dir(), "change_url_app_ynh"),
args="domain=%s&path=%s" % (maindomain, path),
force=True)
