def test_add_file_into_repo_errors_and_no_commits( self, backend, csrf_token): repo = backend.create_repo() # Create a file with no filename, it will display an error but # the repo has no commits yet response = self.app.post( url( 'files_add', repo_name=repo.repo_name, revision='tip', f_path='/'), params={ 'content': "foo", 'csrf_token': csrf_token, }, status=302) assert_session_flash(response, 'No filename') # Not allowed, redirect to the summary redirected = response.follow() summary_url = url('summary_home', repo_name=repo.repo_name) # As there are no commits, displays the summary page with the error of # creating a file with no filename assert redirected.req.path == summary_url
def test_update_application_permissions(self, anonymous, default_register, default_register_message, default_extern_activate, expect_error, expect_form_error): self.log_user() # TODO: anonymous access set here to False, breaks some other tests params = { 'csrf_token': self.csrf_token, 'anonymous': anonymous, 'default_register': default_register, 'default_register_message': default_register_message, 'default_extern_activate': default_extern_activate, } response = self.app.post(url('admin_permissions_application'), params=params) if expect_form_error: assert response.status_int == 200 response.mustcontain('Value must be one of') else: if expect_error: msg = 'Error occurred during update of permissions' else: msg = 'Application permissions updated successfully' assert_session_flash(response, msg)
def test_update_global_permissions(self, repo_create, repo_create_write, user_group_create, repo_group_create, fork_create, inherit_default_permissions, expect_error, expect_form_error): self.log_user() params = { 'csrf_token': self.csrf_token, 'default_repo_create': repo_create, 'default_repo_create_on_write': repo_create_write, 'default_user_group_create': user_group_create, 'default_repo_group_create': repo_group_create, 'default_fork_create': fork_create, 'default_inherit_default_permissions': inherit_default_permissions } response = self.app.post(url('admin_permissions_global'), params=params) if expect_form_error: assert response.status_int == 200 response.mustcontain('Value must be one of') else: if expect_error: msg = 'Error occurred during update of permissions' else: msg = 'Global permissions updated successfully' assert_session_flash(response, msg)
def test_delete(self): self.log_user() users_group_name = TEST_USER_GROUP + 'another' response = self.app.post( url('users_groups'), { 'users_group_name': users_group_name, 'user_group_description': 'DESC', 'active': True, 'csrf_token': self.csrf_token }) user_group_link = link_to( users_group_name, url('edit_users_group', user_group_id=UserGroup.get_by_group_name( users_group_name).users_group_id)) assert_session_flash(response, 'Created user group %s' % user_group_link) group = Session().query(UserGroup).filter( UserGroup.users_group_name == users_group_name).one() response = self.app.post(url('delete_users_group', user_group_id=group.users_group_id), params={ '_method': 'delete', 'csrf_token': self.csrf_token }) group = Session().query(UserGroup).filter( UserGroup.users_group_name == users_group_name).scalar() assert group is None
def test_create_subgroup(self, user_util): self.log_user() repo_group_name = self.NEW_REPO_GROUP parent_group = user_util.create_repo_group() parent_group_name = parent_group.group_name expected_group_name = '{}/{}'.format(parent_group_name, repo_group_name) expected_group_name_unicode = expected_group_name.decode('utf8') try: response = self.app.post( url('repo_groups'), fixture._get_group_create_params( group_name=repo_group_name, group_parent_id=parent_group.group_id, group_description='Test desciption', csrf_token=self.csrf_token)) assert_session_flash( response, u'Created repository group <a href="%s">%s</a>' % (h.url('repo_group_home', group_name=expected_group_name), expected_group_name_unicode)) finally: RepoGroupModel().delete(expected_group_name_unicode) Session().commit()
def test_edit_file_view_commit_changes_default_message(self, backend, csrf_token): repo = backend.create_repo() backend.ensure_file("vcs/nodes.py", content="print 'hello'") commit_id = ( backend.default_branch_name or backend.repo.scm_instance().commit_ids[-1]) response = self.app.post( url( 'files_edit', repo_name=repo.repo_name, revision=commit_id, f_path='vcs/nodes.py'), params={ 'content': "print 'hello world'", 'message': '', 'filename': "vcs/nodes.py", 'csrf_token': csrf_token, }, status=302) assert_session_flash( response, 'Successfully committed to vcs/nodes.py') tip = repo.get_commit(commit_idx=-1) assert tip.message == 'Edited file vcs/nodes.py via RhodeCode Enterprise'
def test_my_account_remove_auth_token(self): # TODO: without this cleanup it fails when run with the whole # test suite, so there must be some interference with other tests. UserApiKeys.query().delete() usr = self.log_user('test_regular2', 'test12') User.get(usr['user_id']) response = self.app.post(url('my_account_auth_tokens'), { 'description': 'desc', 'lifetime': -1, 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Auth token successfully created') response = response.follow() # now delete our key keys = UserApiKeys.query().all() assert 1 == len(keys) response = self.app.post( url('my_account_auth_tokens'), { '_method': 'delete', 'del_auth_token': keys[0].api_key, 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Auth token successfully deleted') keys = UserApiKeys.query().all() assert 0 == len(keys)
def test_register_ok(self): username = '******' password = '******' email = '*****@*****.**' name = 'testname' lastname = 'testlastname' response = self.app.post( register_url, { 'username': username, 'password': password, 'password_confirmation': password, 'email': email, 'firstname': name, 'lastname': lastname, 'admin': True }) # This should be overriden assert response.status == '302 Found' assert_session_flash( response, 'You have successfully registered with RhodeCode') ret = Session().query(User).filter( User.username == 'test_regular4').one() assert ret.username == username assert check_password(password, ret.password) assert ret.email == email assert ret.name == name assert ret.lastname == lastname assert ret.api_key is not None assert not ret.admin
def test_compare_of_fork_with_largefiles(self, backend_hg, settings_util): orig = backend_hg.create_repo(number_of_commits=1) fork = backend_hg.create_fork() settings_util.create_repo_rhodecode_ui( orig, 'extensions', value='', key='largefiles', active=False) settings_util.create_repo_rhodecode_ui( fork, 'extensions', value='', key='largefiles', active=True) compare_module = ('rhodecode.lib.vcs.backends.hg.repository.' 'MercurialRepository.compare') with mock.patch(compare_module) as compare_mock: compare_mock.side_effect = RepositoryRequirementError() response = self.app.get( url('compare_url', repo_name=orig.repo_name, action="compare", source_ref_type="rev", source_ref="tip", target_ref_type="rev", target_ref="tip", merge='1', target_repo=fork.repo_name), status=302) assert_session_flash( response, 'Could not compare repos with different large file settings')
def test_my_account_my_emails_add_remove(self): self.log_user() response = self.app.get(url('my_account_emails')) response.mustcontain('No additional emails specified') response = self.app.post(url('my_account_emails'), { 'new_email': '*****@*****.**', 'csrf_token': self.csrf_token }) response = self.app.get(url('my_account_emails')) from rhodecode.model.db import UserEmailMap email_id = UserEmailMap.query().filter( UserEmailMap.user == User.get_by_username(TEST_USER_ADMIN_LOGIN) ).filter(UserEmailMap.email == '*****@*****.**').one().email_id response.mustcontain('*****@*****.**') response.mustcontain('<input id="del_email_id" name="del_email_id" ' 'type="hidden" value="%s" />' % email_id) response = self.app.post( url('my_account_emails'), { 'del_email_id': email_id, '_method': 'delete', 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Removed email address from user account') response = self.app.get(url('my_account_emails')) response.mustcontain('No additional emails specified')
def test_my_account_my_emails_add_mising_email_in_form(self): self.log_user() response = self.app.get(url('my_account_emails')) response.mustcontain('No additional emails specified') response = self.app.post(url('my_account_emails'), {'csrf_token': self.csrf_token}) assert_session_flash(response, 'Please enter an email address')
def test_delete_normal_user_his_gist(self, create_gist): self.log_user(TEST_USER_REGULAR_LOGIN, TEST_USER_REGULAR_PASS) gist = create_gist('delete-me', owner=TEST_USER_REGULAR_LOGIN) response = self.app.post(url('gist', gist_id=gist.gist_id), params={ '_method': 'delete', 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
def test_my_account_my_emails_add_existing_email(self): self.log_user() response = self.app.get(url('my_account_emails')) response.mustcontain('No additional emails specified') response = self.app.post(url('my_account_emails'), { 'new_email': TEST_USER_REGULAR_EMAIL, 'csrf_token': self.csrf_token }) assert_session_flash(response, 'This e-mail address is already taken')
def test_delete(self, create_gist): self.log_user() gist = create_gist('delete-me') response = self.app.post(url('gist', gist_id=gist.gist_id), params={ '_method': 'delete', 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Deleted gist %s' % gist.gist_id)
def test_global_perms_on_group(self, repo_create, repo_create_write, user_group_create, repo_group_create, fork_create, expect_error, expect_form_error, inherit_default_permissions): self.log_user() users_group_name = TEST_USER_GROUP + 'another2' response = self.app.post( url('users_groups'), { 'users_group_name': users_group_name, 'user_group_description': 'DESC', 'active': True, 'csrf_token': self.csrf_token }) ug = UserGroup.get_by_group_name(users_group_name) user_group_link = link_to( users_group_name, url('edit_users_group', user_group_id=ug.users_group_id)) assert_session_flash(response, 'Created user group %s' % user_group_link) response.follow() # ENABLE REPO CREATE ON A GROUP perm_params = { 'inherit_default_permissions': False, 'default_repo_create': repo_create, 'default_repo_create_on_write': repo_create_write, 'default_user_group_create': user_group_create, 'default_repo_group_create': repo_group_create, 'default_fork_create': fork_create, 'default_inherit_default_permissions': inherit_default_permissions, '_method': 'put', 'csrf_token': self.csrf_token, } response = self.app.post(url('edit_user_group_global_perms', user_group_id=ug.users_group_id), params=perm_params) if expect_form_error: assert response.status_int == 200 response.mustcontain('Value must be one of') else: if expect_error: msg = 'An error occurred during permissions saving' else: msg = 'User Group global permissions updated successfully' ug = UserGroup.get_by_group_name(users_group_name) del perm_params['_method'] del perm_params['csrf_token'] del perm_params['inherit_default_permissions'] assert perm_params == ug.get_default_perms() assert_session_flash(response, msg) fixture.destroy_user_group(users_group_name)
def test_my_account_update(self, name, attrs): usr = fixture.create_user(self.test_user_1, password='******', email='*****@*****.**', extern_type='rhodecode', extern_name=self.test_user_1, skip_if_exists=True) self.destroy_users.add(self.test_user_1) params = usr.get_api_data() # current user data user_id = usr.user_id self.log_user(username=self.test_user_1, password='******') params.update({'password_confirmation': ''}) params.update({'new_password': ''}) params.update({'extern_type': 'rhodecode'}) params.update({'extern_name': self.test_user_1}) params.update({'csrf_token': self.csrf_token}) params.update(attrs) # my account page cannot set language param yet, only for admins del params['language'] response = self.app.post(url('my_account'), params) assert_session_flash(response, 'Your account was updated successfully') del params['csrf_token'] updated_user = User.get_by_username(self.test_user_1) updated_params = updated_user.get_api_data() updated_params.update({'password_confirmation': ''}) updated_params.update({'new_password': ''}) params['last_login'] = updated_params['last_login'] # my account page cannot set language param yet, only for admins # but we get this info from API anyway params['language'] = updated_params['language'] if name == 'email': params['emails'] = [attrs['email']] if name == 'extern_type': # cannot update this via form, expected value is original one params['extern_type'] = "rhodecode" if name == 'extern_name': # cannot update this via form, expected value is original one params['extern_name'] = str(user_id) if name == 'active': # my account cannot deactivate account params['active'] = True if name == 'admin': # my account cannot make you an admin ! params['admin'] = False assert params == updated_params
def test_delete_file_view_not_on_branch(self, backend): repo = backend.create_repo() backend.ensure_file('vcs/nodes.py') response = self.app.get( url( 'files_delete_home', repo_name=repo.repo_name, revision='tip', f_path='vcs/nodes.py'), status=302) assert_session_flash( response, 'You can only delete files with revision being a valid branch')
def test_add_file_into_repo_missing_filename(self, backend, csrf_token): response = self.app.post( url( 'files_add', repo_name=backend.repo_name, revision='tip', f_path='/'), params={ 'content': "foo", 'csrf_token': csrf_token, }, status=302) assert_session_flash(response, 'No filename')
def test_merge_pull_request_renders_failure_reason(user_regular): pull_request = mock.Mock() controller = pullrequests.PullrequestsController() model_patcher = mock.patch.multiple( PullRequestModel, merge=mock.Mock(return_value=MergeResponse( True, False, 'STUB_COMMIT_ID', MergeFailureReason.PUSH_FAILED)), merge_status=mock.Mock(return_value=(True, 'WRONG_MESSAGE'))) with model_patcher: controller._merge_pull_request(pull_request, user_regular, extras={}) assert_session_flash(msg=PullRequestModel.MERGE_STATUS_MESSAGES[ MergeFailureReason.PUSH_FAILED])
def test_access_empty_repo_redirect_to_summary_with_alert_write_perms( self, app, backend_stub, autologin_regular_user, user_regular, user_util): repo = backend_stub.create_repo() user_util.grant_user_permission_to_repo( repo, user_regular, 'repository.write') response = self.app.get(url( controller='files', action='index', repo_name=repo.repo_name, revision='tip', f_path='/')) assert_session_flash( response, 'There are no files yet. <a class="alert-link" ' 'href="/%s/add/0/#edit">Click here to add a new file.</a>' % (repo.repo_name))
def test_forgot_password(self): response = self.app.get(pwd_reset_url) assert response.status == '200 OK' username = '******' password = '******' email = '*****@*****.**' name = 'passwd' lastname = 'reset' new = User() new.username = username new.password = password new.email = email new.name = name new.lastname = lastname new.api_key = generate_auth_token(username) Session().add(new) Session().commit() response = self.app.post(pwd_reset_url, { 'email': email, }) assert_session_flash(response, 'Your password reset link was sent') response = response.follow() # BAD KEY key = "bad" confirm_url = '{}?key={}'.format(pwd_reset_confirm_url, key) response = self.app.get(confirm_url) assert response.status == '302 Found' assert response.location.endswith(pwd_reset_url) # GOOD KEY key = User.get_by_username(username).api_key confirm_url = '{}?key={}'.format(pwd_reset_confirm_url, key) response = self.app.get(confirm_url) assert response.status == '302 Found' assert response.location.endswith(login_url) assert_session_flash( response, 'Your password reset was successful, ' 'a new password has been sent to your email') response = response.follow()
def test_update_params_false_git(self, autologin_user, csrf_token): params = { 'default_repo_enable_locking': False, 'default_repo_enable_downloads': False, 'default_repo_enable_statistics': False, 'default_repo_private': False, 'default_repo_type': 'git', 'csrf_token': csrf_token, } response = self.app.post(url('admin_defaults_repositories'), params=params) assert_session_flash(response, 'Default settings updated successfully') defs = SettingsModel().get_default_repo_settings() del params['csrf_token'] assert params == defs
def test_my_account_reset_main_auth_token(self): usr = self.log_user('test_regular2', 'test12') user = User.get(usr['user_id']) api_key = user.api_key response = self.app.get(url('my_account_auth_tokens')) response.mustcontain(api_key) response.mustcontain('expires: never') response = self.app.post( url('my_account_auth_tokens'), { '_method': 'delete', 'del_auth_token_builtin': api_key, 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Auth token successfully reset') response = response.follow() response.mustcontain(no=[api_key])
def test_delete_file_view_commit_changes(self, backend, csrf_token): repo = backend.create_repo() backend.ensure_file("vcs/nodes.py") response = self.app.post( url( 'files_delete_home', repo_name=repo.repo_name, revision=backend.default_head_id, f_path='vcs/nodes.py'), params={ 'message': 'i commited', 'csrf_token': csrf_token, }, status=302) assert_session_flash( response, 'Successfully deleted file vcs/nodes.py')
def test_update_invalid_source_reference(self, pr_util, csrf_token): pull_request = pr_util.create_pull_request() pull_request.source_ref = 'branch:invalid-branch:invalid-commit-id' Session().add(pull_request) Session().commit() pull_request_id = pull_request.pull_request_id response = self.app.post( url(controller='pullrequests', action='update', repo_name=pull_request.target_repo.repo_name, pull_request_id=str(pull_request_id)), params={'update_commits': 'true', '_method': 'put', 'csrf_token': csrf_token}) assert_session_flash( response, u'Update failed due to missing commits.', category='error')
def test_create(self): self.log_user() users_group_name = TEST_USER_GROUP response = self.app.post( url('users_groups'), { 'users_group_name': users_group_name, 'user_group_description': 'DESC', 'active': True, 'csrf_token': self.csrf_token }) user_group_link = link_to( users_group_name, url('edit_users_group', user_group_id=UserGroup.get_by_group_name( users_group_name).users_group_id)) assert_session_flash(response, 'Created user group %s' % user_group_link)
def test_add_file_into_repo(self, cnt, location, filename, backend, csrf_token): repo = backend.create_repo() response = self.app.post( url( 'files_add', repo_name=repo.repo_name, revision='tip', f_path='/'), params={ 'content': "foo", 'filename': filename, 'location': location, 'csrf_token': csrf_token, }, status=302) assert_session_flash( response, 'Successfully committed to %s' % os.path.join(location, filename))
def test_add_file_into_repo_bad_filenames( self, location, filename, backend, csrf_token): response = self.app.post( url( 'files_add', repo_name=backend.repo_name, revision='tip', f_path='/'), params={ 'content': "foo", 'filename': filename, 'location': location, 'csrf_token': csrf_token, }, status=302) assert_session_flash( response, 'The location specified must be a relative path and must not ' 'contain .. in the path')
def test_my_account_add_auth_tokens(self, desc, lifetime): usr = self.log_user('test_regular2', 'test12') user = User.get(usr['user_id']) response = self.app.post( url('my_account_auth_tokens'), { 'description': desc, 'lifetime': lifetime, 'csrf_token': self.csrf_token }) assert_session_flash(response, 'Auth token successfully created') try: response = response.follow() user = User.get(usr['user_id']) for auth_token in user.auth_tokens: response.mustcontain(auth_token) finally: for auth_token in UserApiKeys.query().all(): Session().delete(auth_token) Session().commit()
def test_edit_title_description_closed(self, pr_util, csrf_token): pull_request = pr_util.create_pull_request() pull_request_id = pull_request.pull_request_id pr_util.close() response = self.app.post( url(controller='pullrequests', action='update', repo_name=pull_request.target_repo.repo_name, pull_request_id=str(pull_request_id)), params={ 'edit_pull_request': 'true', '_method': 'put', 'title': 'New title', 'description': 'New description', 'csrf_token': csrf_token}) assert_session_flash( response, u'Cannot update closed pull requests.', category='error')