Пример #1
0
 def test_auth_owns_pretend(self):
     u, p = self._create_ad_user()
     
     rando = fh.create_user()
     u2 = fh.create_user()
     adm = fh.create_user(is_admin=True)
     
     assert auth_owns_fn_user(u, p)
     assert auth_owns_fn_actual_user(u, p)
     assert auth_enforce_owns_fn(u, p)
     assert auth_owns_fn_user(adm, p)
     
     assert self.throws_exception(lambda: auth_owns_fn_user(u2, p)).code == FORBIDDEN
     assert self.throws_exception(lambda: auth_enforce_owns_fn(u2, p)).code == FORBIDDEN
Пример #2
0
 def test_bool(self):
     u2 = fh.create_user(is_admin=True)
     self.flush()
     self.login(u2)
     
     r = self.client_async(self.url,{'abool': 'on'})
     assert r.results.abool == True
Пример #3
0
 def test_api_prologue_exception(self):
     """
     Verifies that an ApiPrologueException is handled properly
     """
     user = fh.create_user()
     self.flush()
     
     self.login(user)
     
     # The bad version in this url will force an ApiPrologueException in the dispatcher
     bad_url = '/api/vA/user/set_pref'
     params = {'key': 'asd', 'value': 'omgwow'}
     
     response = self.client_async(bad_url, params, status=501, assert_success=False)
     assert 'Invalid version' in response.results.errors[0].message
     
     # no function!
     url = '/api/v1/user/meow'
     params = {}
     response = self.client_async(url, params, status=501, assert_success=False)
     assert 'user.meow not implemented' in response.results.errors[0].message
     
     # no module!
     url = '/api/v1/rawr/meow'
     params = {}
     response = self.client_async(url, params, status=501, assert_success=False)
     assert 'rawr.meow not implemented' in response.results.errors[0].message
Пример #4
0
 def test_auth(self):
     
     # not an admin
     u = fh.create_user()
     self.flush()
     self.login(u)
     
     r = self.client_async(self.url,{}, status=403, assert_success=False)
     assert r.errors[0].code == FORBIDDEN
     
Пример #5
0
 def test_value_error(self):
     """
     Verifies that a ValueError is handled properly
     """
     # we cant create a new user because of the rollback when there is an error.
     user = fh.create_user(is_admin=True)
     self.flush()
     
     self.login(user)
     
     # Force a ValueError with a bad budget value
     params = {'anint': 'not an int'}
     response = self.client_async(self.url, params, status=500, assert_success=False)
     assert 'int()' in response.results.errors[0].message
Пример #6
0
    def test_timer_proxy(self):
        u = fh.create_user()
        self.flush()
        self.login(u)

        response = self.post(self.form_url, {"a_number": 32, "a_string": "aodij"})

        assert response.tmpl_context.show_debug == False
        assert response.tmpl_context.queries == ""

        u = fh.create_user(is_admin=True)
        self.flush()
        self.login(u)

        response = self.post(self.form_url, {"a_number": 32, "a_string": "aodij"})

        assert response.tmpl_context.show_debug == True
        assert len(response.tmpl_context.queries) == 3
        assert response.tmpl_context.querie_time > 0.0

        for q, t in response.tmpl_context.queries:
            assert q
            assert t > 0.0
Пример #7
0
 def test_edit(self):
     own = fh.create_user()
     rando = fh.create_user()
     a = fh.create_user(is_admin=True)
     self.flush()
     
     u = api.user.edit(own, own, own, first_name='omgwow', default_timezone=0, is_active='f', role='admin')
     
     assert u.id == own.id
     assert u.first_name == 'omgwow'
     assert u.is_active == True
     assert u.role == 'user'
     assert 'London' in u.default_timezone
     
     u = api.user.edit(a, a, own, last_name='yeah')
     assert u.id == own.id
     
     u = api.user.edit(a, a, own, is_active='f', role='admin')
     assert u.id == own.id
     assert u.is_active == False
     assert u.role == 'admin'
     
     assert self.throws_exception(lambda: api.user.edit(rando, rando, own, first_name='m')).code == NOT_FOUND
     assert self.throws_exception(lambda: api.user.edit(a, a, None, first_name='s')).code == NOT_FOUND   
Пример #8
0
 def test_field_editor(self):
     
     u = fh.create_user()
     adm = fh.create_user(is_admin=True)
     
     class SomeForm(formencode.Schema):
         things = fv.Number(not_empty=False, min=0)
         yo_mammas = fv.Int(not_empty=False, min=0)
         admin_only = fv.Int(not_empty=False, min=0)
         error_1 = fv.UnicodeString(not_empty=False)
         error_2 = fv.UnicodeString(not_empty=False)
     
     edit_fields = ['things', 'yo_mammas', 'error_1', 'error_2']
     admin_edit_fields = ['admin_only']
     
     class Editor(FieldEditor):
         def __init__(self):
             super(Editor, self).__init__(edit_fields, admin_edit_fields, SomeForm)
         
         def edit_error_1(self, actual_user, user, obj, key, value):
             raise ClientException('error_1')
         def edit_error_2(self, actual_user, user, obj, key, value):
             raise ClientException('error_2')
         
         def edit_things(self, actual_user, user, obj, key, value):
             assert actual_user
             assert user
             assert key == 'things'
             obj['things'] = value
         
         def edit_random(self, actual_user, user, obj, key, value):
             obj['random'] = value
         
         def edit_admin_only(self, actual_user, user, obj, key, value):
             assert key == 'admin_only'
             obj['admin_only'] = value
         
         #not defining yo_mammas intentionally
     
     editor =  Editor()
     
     #basic case, non admin
     obj = {}
     editor.edit(u, u, obj, things='3.0')
     assert obj['things'] == 3.0
     
     obj = {}
     editor.edit(u, u, obj, key='things', value='4.0')
     assert obj['things'] == 4.0
     
     #basic case, admin, multiple fields
     obj = {}
     editor.edit(adm, u, obj, things='5.0', admin_only=34)
     assert obj['things'] == 5.0
     assert obj['admin_only'] == 34
     
     #FAIL case, non-admin. will not edit admin!
     obj = {}
     editor.edit(u, u, obj, things='5.0', admin_only=34)
     assert obj['things'] == 5.0
     assert 'admin_only' not in obj
     
     # should not run the validator on the admin_only field
     editor.edit(u, u, obj, things='5.0', admin_only='dont breaK!')
     assert obj['things'] == 5.0
     assert 'admin_only' not in obj
     
     ce = (ClientException,)
     
     #FAIL case, empty
     assert self.throws_exception(lambda: editor.edit(u, u, obj), types=ce).code == INCOMPLETE
     
     #FAIL case, dont edit random stuff we dont care about
     obj = {}
     assert self.throws_exception(lambda: editor.edit(u, u, obj, random='poo'), types=ce).code == INCOMPLETE
     assert not obj
     assert self.throws_exception(lambda: editor.edit(u, u, obj, admin_only='poo'), types=ce).code == INCOMPLETE
     assert not obj
     editor.edit(u, u, obj, things=4.5, random='poo')
     assert 'things' in obj
     assert 'random' not in obj
     editor.edit(u, u, obj, things=4.5, random_foo='poo')
     assert 'things' in obj
     assert 'random_foo' not in obj
     
     #this cant call the function cause it isnt defined
     obj = {}
     assert self.throws_exception(lambda: editor.edit(u, u, obj, yo_mammas='2'), types=(AppException,)).code == INCOMPLETE
     
     exc = self.throws_exception(lambda: editor.edit(u, u, obj, error_1='blah', error_2='blah'), types=(CompoundException,))
     assert exc.has_exceptions
     assert len(exc.exceptions) == 2
     assert 'error_1' in [e.msg for e in exc.exceptions]
     assert 'error_2' in [e.msg for e in exc.exceptions]
     
     ##
     #validation!
     ##
     
     i = (formencode.validators.Invalid,)
     exc = self.throws_exception(lambda: editor.edit(u, u, obj, things='asd', yo_mammas='qw'), types=i)
     assert exc
     assert len(exc.error_dict.keys()) == 2
     assert 'things' in exc.error_dict.keys()
     assert 'yo_mammas' in exc.error_dict.keys()
Пример #9
0
 def test_auth_admin(self):
     u = fh.create_user()
     adm = fh.create_user(is_admin=True)
     
     assert auth_admin_fn(adm)
     assert self.throws_exception(lambda: auth_admin_fn(u)).code == FORBIDDEN
Пример #10
0
 def _create_ad_user(self, make_admin=False):
     u = make_admin and fh.create_user(is_admin=True) or fh.create_user()
     p = u.set_preference(u'omg', u'wow')
     return u, p