def test_api_grant_user_permission_to_user_group_by_regular_user(
self, name, perm, grant_admin, access_ok, user_util):
api_user = UserModel().get_by_username(self.TEST_USER_LOGIN)
user = user_util.create_user()
group = user_util.create_user_group()
# grant the user ability to at least read the group
permission = 'usergroup.admin' if grant_admin else 'usergroup.read'
user_util.grant_user_permission_to_user_group(group, api_user,
permission)
id_, params = build_data(self.apikey_regular,
'grant_user_permission_to_user_group',
usergroupid=group.users_group_name,
userid=user.username,
perm=perm)
response = api_call(self.app, params)
if access_ok:
ret = {
'msg':
('Granted perm: `%s` for user: `%s` in user group: `%s`' %
(perm, user.username, group.users_group_name)),
'success':
True
}
expected = ret
assert_ok(id_, expected, given=response.body)
else:
expected = 'user group `%s` does not exist' % (
group.users_group_name)
assert_error(id_, expected, given=response.body)
def test_api_get_gists_regular_user_with_different_userid(self):
id_, params = build_data(
self.apikey_regular, 'get_gists',
userid=TEST_USER_ADMIN_LOGIN)
response = api_call(self.app, params)
expected = 'userid is not the same as your user'
assert_error(id_, expected, given=response.body)
def test_create_fails_when_no_revisions(self, backend):
data = self._prepare_data(backend, source_head='initial')
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'no commits found'
assert_error(id_, expected_message, given=response.body)
def test_api_revoke_user_permission_from_user_group_by_regular_user(
self, name, grant_admin, access_ok, user_util):
user = user_util.create_user()
group = user_util.create_user_group()
permission = 'usergroup.admin' if grant_admin else 'usergroup.read'
user_util.grant_user_permission_to_user_group(group, user, permission)
id_, params = build_data(self.apikey_regular,
'revoke_user_permission_from_user_group',
usergroupid=group.users_group_name,
userid=user.username)
response = api_call(self.app, params)
if access_ok:
expected = {
'msg':
'Revoked perm for user: `%s` in user group: `%s`' %
(user.username, group.users_group_name),
'success':
True
}
assert_ok(id_, expected, given=response.body)
else:
expected = 'user group `%s` does not exist' % (
group.users_group_name)
assert_error(id_, expected, given=response.body)
def test_api_add_field_to_repo(self, backend):
repo = backend.create_repo()
repo_name = repo.repo_name
id_, params = build_data(
self.apikey, 'add_field_to_repo',
repoid=repo_name,
key='extra_field',
label='extra_field_label',
description='extra_field_desc')
response = api_call(self.app, params)
expected = {
'msg': 'Added new repository field `extra_field`',
'success': True,
}
assert_ok(id_, expected, given=response.body)
repo = Repository.get_by_repo_name(repo_name)
repo_field = RepositoryField.get_by_key_name('extra_field', repo)
_data = repo_field.get_dict()
assert _data['field_desc'] == 'extra_field_desc'
assert _data['field_key'] == 'extra_field'
assert _data['field_label'] == 'extra_field_label'
id_, params = build_data(
self.apikey, 'add_field_to_repo',
repoid=repo_name,
key='extra_field',
label='extra_field_label',
description='extra_field_desc')
response = api_call(self.app, params)
expected = 'Field with key `extra_field` exists for repo `%s`' % (
repo_name)
assert_error(id_, expected, given=response.body)
def test_api_pull_error(self, backend):
id_, params = build_data(
self.apikey, 'pull', repoid=backend.repo_name)
response = api_call(self.app, params)
expected = 'Unable to pull changes from `%s`' % (backend.repo_name,)
assert_error(id_, expected, given=response.body)
def test_api_missing_non_optional_param_args_bad(self):
id_, params = build_data(self.apikey, 'get_repo')
params = params.replace('"args": {}', '"args": 1')
response = api_call(self.app, params)
expected = 'Missing non optional `repoid` arg in JSON DATA'
assert_error(id_, expected, given=response.body)
def test_api_grant_user_permission_to_repo_group_by_regular_user(
self, name, perm, apply_to_children, grant_admin, access_ok,
user_util):
user = user_util.create_user()
repo_group = user_util.create_repo_group()
if grant_admin:
test_user = UserModel().get_by_username(self.TEST_USER_LOGIN)
user_util.grant_user_permission_to_repo_group(
repo_group, test_user, 'group.admin')
id_, params = build_data(
self.apikey_regular, 'grant_user_permission_to_repo_group',
repogroupid=repo_group.name, userid=user.username,
perm=perm, apply_to_children=apply_to_children)
response = api_call(self.app, params)
if access_ok:
ret = {
'msg': (
'Granted perm: `%s` (recursive:%s) for user: `%s`'
' in repo group: `%s`' % (
perm, apply_to_children, user.username, repo_group.name
)
),
'success': True
}
expected = ret
assert_ok(id_, expected, given=response.body)
else:
expected = 'repository group `%s` does not exist' % (
repo_group.name, )
assert_error(id_, expected, given=response.body)
def test_api_invalidate_cache_error(self, backend):
id_, params = build_data(
self.apikey, 'invalidate_cache', repoid=backend.repo_name)
response = api_call(self.app, params)
expected = 'Error occurred during cache invalidation action'
assert_error(id_, expected, given=response.body)
def test_api_revoke_user_permission_from_repo_group_by_regular_user(
self, name, apply_to_children, grant_admin, access_ok, user_util):
user = user_util.create_user()
repo_group = user_util.create_repo_group()
permission = 'group.admin' if grant_admin else 'group.read'
user_util.grant_user_permission_to_repo_group(repo_group, user,
permission)
id_, params = build_data(
self.apikey_regular,
'revoke_user_permission_from_repo_group',
repogroupid=repo_group.name,
userid=user.username,
apply_to_children=apply_to_children,
)
response = api_call(self.app, params)
if access_ok:
expected = {
'msg': ('Revoked perm (recursive:%s) for user: `%s`'
' in repo group: `%s`' %
(apply_to_children, user.username, repo_group.name)),
'success':
True
}
assert_ok(id_, expected, given=response.body)
else:
expected = 'repository group `%s` does not exist' % (
repo_group.name)
assert_error(id_, expected, given=response.body)
def test_api_close_pull_request_repo_error(self):
id_, params = build_data(
self.apikey, 'close_pull_request',
repoid=666, pullrequestid=1)
response = api_call(self.app, params)
expected = 'repository `666` does not exist'
assert_error(id_, expected, given=response.body)
def test_api_get_user_with_giving_userid_non_admin(self):
id_, params = build_data(self.apikey_regular,
'get_user',
userid=self.TEST_USER_LOGIN)
response = api_call(self.app, params)
expected = 'userid is not the same as your user'
assert_error(id_, expected, given=response.body)
def test_api_get_repo_not_existing(self):
id_, params = build_data(
self.apikey, 'get_repo', repoid='no-such-repo')
response = api_call(self.app, params)
ret = 'repository `%s` does not exist' % 'no-such-repo'
expected = ret
assert_error(id_, expected, given=response.body)
def test_api_lock_repo_lock_aquire_non_admin_not_his_repo(self, backend):
id_, params = build_data(self.apikey_regular,
'lock',
repoid=backend.repo_name,
locked=True)
response = api_call(self.app, params)
expected = 'repository `%s` does not exist' % (backend.repo_name, )
assert_error(id_, expected, given=response.body)
def test_api_delete_gist_regular_user_no_permission(self, gist_util):
gist_id = gist_util.create_gist().gist_access_id
id_, params = build_data(self.apikey_regular,
'delete_gist',
gistid=gist_id)
response = api_call(self.app, params)
expected = 'gist `%s` does not exist' % (gist_id, )
assert_error(id_, expected, given=response.body)
def test_api_create_user_group_regular_user_no_permission(self):
group_name = 'some_new_group'
id_, params = build_data(self.apikey_regular,
'create_user_group',
group_name=group_name)
response = api_call(self.app, params)
expected = "Access was denied to this resource."
assert_error(id_, expected, given=response.body)
def test_create_fails_with_wrong_repo(self, backend, data_key):
repo_name = 'fake-repo'
data = self._prepare_data(backend)
data[data_key] = repo_name
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'repository `{}` does not exist'.format(repo_name)
assert_error(id_, expected_message, given=response.body)
def test_api_invalidate_cache_regular_user_no_permission(self, backend):
self._set_cache(backend.repo_name)
id_, params = build_data(
self.apikey_regular, 'invalidate_cache', repoid=backend.repo_name)
response = api_call(self.app, params)
expected = "repository `%s` does not exist" % (backend.repo_name,)
assert_error(id_, expected, given=response.body)
def test_api_update_user_group_exception_occurred(self, user_util):
user_group = user_util.create_user_group()
group_name = user_group.users_group_name
id_, params = build_data(self.apikey,
'update_user_group',
usergroupid=group_name)
response = api_call(self.app, params)
expected = 'failed to update user group `%s`' % (group_name, )
assert_error(id_, expected, given=response.body)
def test_api_get_gist_private_gist_without_permission(self, gist_util):
gist = gist_util.create_gist()
gist_id = gist.gist_access_id
id_, params = build_data(
self.apikey_regular, 'get_gist', gistid=gist_id, )
response = api_call(self.app, params)
expected = 'gist `%s` does not exist' % (gist_id,)
assert_error(id_, expected, given=response.body)
def test_api_rescann_error(self):
id_, params = build_data(
self.apikey,
'rescan_repos',
)
response = api_call(self.app, params)
expected = 'Error occurred during rescan repositories action'
assert_error(id_, expected, given=response.body)
def test_create_fails_when_the_reviewer_is_not_found(self, backend):
data = self._prepare_data(backend)
reviewers = ['somebody']
data['reviewers'] = reviewers
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'user `somebody` does not exist'
assert_error(id_, expected_message, given=response.body)
def test_cannot_create_with_reviewers_in_wrong_format(self, backend):
data = self._prepare_data(backend)
reviewers = ','.join([TEST_USER_REGULAR_LOGIN, TEST_USER_ADMIN_LOGIN])
data['reviewers'] = reviewers
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'reviewers should be specified as a list'
assert_error(id_, expected_message, given=response.body)
def test_api_create_user_group_exception_occurred(self):
group_name = 'exception_happens'
id_, params = build_data(self.apikey,
'create_user_group',
group_name=group_name)
response = api_call(self.app, params)
expected = 'failed to create group `%s`' % (group_name, )
assert_error(id_, expected, given=response.body)
def test_api_update_user_default_user(self):
usr = User.get_default_user()
id_, params = build_data(self.apikey,
'update_user',
userid=usr.user_id)
response = api_call(self.app, params)
expected = 'editing default user is forbidden'
assert_error(id_, expected, given=response.body)
def test_api_get_pull_request_pull_request_error(self):
id_, params = build_data(self.apikey,
'get_pull_request',
repoid=1,
pullrequestid=666)
response = api_call(self.app, params)
expected = 'pull request `666` does not exist'
assert_error(id_, expected, given=response.body)
def test_api_create_user_with_existing_email(self):
id_, params = build_data(
self.apikey, 'create_user',
username=TEST_USER_ADMIN_LOGIN + 'new',
email=TEST_USER_REGULAR_EMAIL,
password='******')
response = api_call(self.app, params)
expected = "email `%s` already exist" % (TEST_USER_REGULAR_EMAIL,)
assert_error(id_, expected, given=response.body)
def test_create_fails_with_non_existing_ref(self, backend, data_key):
commit_id = 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa10'
ref = self._get_full_ref(backend, commit_id)
data = self._prepare_data(backend)
data[data_key] = ref
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'Ref `{}` does not exist'.format(ref)
assert_error(id_, expected_message, given=response.body)
def test_api_remove_user_from_user_group_exception_occurred(
self, user_util):
user, group = user_util.create_user_with_group()
id_, params = build_data(
self.apikey, 'remove_user_from_user_group',
usergroupid=group.users_group_name, userid=user.username)
response = api_call(self.app, params)
expected = 'failed to remove member from user group `%s`' % (
group.users_group_name)
assert_error(id_, expected, given=response.body)
def test_create_fails_with_non_existing_branch(self, backend, data_key):
branch_name = 'test-branch'
data = self._prepare_data(backend)
data[data_key] = "branch:{}".format(branch_name)
id_, params = build_data(self.apikey_regular, 'create_pull_request',
**data)
response = api_call(self.app, params)
expected_message = 'The specified branch `{}` does not exist'.format(
branch_name)
assert_error(id_, expected_message, given=response.body)
