def test_index(self):
response = self.app.get(url(controller="package", action="index"))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url(controller="packages", action="index", packagename=None)))
response = self.app.get(url(controller="package", action="index", packagename="notapackage"))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url(controller="packages", action="index", packagename=None)))
response = self.app.get(url(controller="package", action="index", packagename="testpackage"))
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(response.lxml.xpath('//a[@href="%s"]' % url("packages-uploader", id="*****@*****.**"))), 1
)
response = self.app.post(url("login"), self._AUTHDATA)
user = meta.session.query(User).filter(User.email == "*****@*****.**").one()
response = self.app.get(url(controller="package", action="index", packagename="testpackage"))
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(
response.lxml.xpath(
'//a[@href="%s"]'
% url(controller="package", action="delete", packagename="testpackage", key=user.get_upload_key())
)
),
1,
)
self.assertEquals(
len(
response.lxml.xpath(
'//form[@action="%s"]' % url(controller="package", action="comment", packagename="testpackage")
)
),
1,
)
def test_index(self):
response = self.app.get(url(controller='package', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='packages', action='index', packagename=None)))
response = self.app.get(url(controller='package', action='index',
packagename='notapackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='packages', action='index', packagename=None)))
response = self.app.get(url(controller='package', action='index',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertEquals(len(response.lxml.xpath(
'//a[@href="%s"]' % url(
'packages-uploader',
id='*****@*****.**'))), 1)
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(url(controller='package', action='index',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertEquals(len(response.lxml.xpath(
'//a[@href="%s"]' % url(
controller='package', action='delete',
packagename='testpackage'))), 1)
self.assertEquals(len(response.lxml.xpath(
'//form[@action="%s"]' % url(
controller='package', action='comment',
packagename='testpackage'))), 1)
def test__invalid_form(self):
response = self.app.post(url('my'), {'form': 'invalid'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(url('my'), {'form': 'invalid'})
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % url('logout') in response)
def test__invalid_form(self):
response = self.app.post(url('my'), {'form': 'invalid'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(url('my'), {'form': 'invalid'})
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % url('logout') in response)
def test_rfs(self):
response = self.app.get(url(controller='package', action='rfs'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='packages', action='index', packagename=None)))
response = self.app.get(url(controller='package', action='rfs',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertTrue('Subject: RFS: testpackage' in response)
def test__gpg(self):
response = self.app.post(url('my'), {'form': 'gpg'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.gpg, None)
# upload GPG key with low strength
response = self.app.post(url('my'), {
'form': 'gpg',
'delete_gpg': 0,
'commit': 'submit'
},
upload_files=[('gpg', 'mykey.asc',
self._LOW_STRENGTH_GPGKEY)])
self.assertEquals(response.status_int, 200)
low_strength_msg = 'Key strength unacceptable in Debian Keyring. The minimum required key strength is'
self.assertTrue(low_strength_msg in response)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.gpg, None)
# upload GPG key with high strength
response = self.app.post(url('my'), {
'form': 'gpg',
'delete_gpg': 0,
'commit': 'submit'
},
upload_files=[('gpg', 'mykey.asc',
self._HIGH_STRENGTH_GPGKEY)])
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.gpg, self._HIGH_STRENGTH_GPGKEY)
# test whether index page contains GPG delete link
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
self.assertTrue(self._HIGH_STRENGTH_GPG_ID in response)
# delete GPG key
response = self.app.post(url('my'), {
'form': 'gpg',
'delete_gpg': 1,
'commit': 'submit',
'gpg': ''
})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.gpg, None)
def test__gpg(self):
response = self.app.post(url('my'), {'form': 'gpg'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, None)
# upload GPG key
response = self.app.post(url('my'), {'form': 'gpg',
'delete_gpg': 0,
'commit': 'submit'},
upload_files = [('gpg', 'mykey.asc',
self._GPGKEY)])
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, self._GPGKEY)
# test whether index page contains GPG delete link
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
self.assertTrue(self._GPG_ID in response)
# delete GPG key
response = self.app.post(url('my'), {'form': 'gpg',
'delete_gpg': 1,
'commit': 'submit',
'gpg': ''})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, None)
def test_comment(self):
response = self.app.get(url(controller='package', action='comment',
packagename='testpackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='package', action='index',
packagename='testpackage')))
self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(url(controller='package', action='comment',
packagename='testpackage'))
self.assertTrue(response.location.endswith(
url(controller='package', action='index',
packagename='testpackage')))
self.assertEquals(response.status_int, 302)
response = self.app.post(
url(controller='package', action='comment',
packagename='testpackage'),
{'package_version': 1,
'text': 'This is a test comment',
'outcome': constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
'commit': 'submit'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='package', action='index',
packagename='testpackage')))
comment = meta.session.query(PackageComment).filter_by(
package_version_id=1).one()
self.assertEquals(comment.text, 'This is a test comment')
self.assertEquals(comment.status,
constants.PACKAGE_COMMENT_STATUS_NOT_UPLOADED)
meta.session.delete(comment)
# test with a subscriber
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
packsub = PackageSubscription(
package='testpackage',
level=constants.SUBSCRIPTION_LEVEL_COMMENTS)
packsub.user = user
meta.session.add(packsub)
meta.session.commit()
response = self.app.post(
url(controller='package', action='comment',
packagename='testpackage'),
{'package_version': 1,
'text': 'This is a test comment',
'outcome': constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
'commit': 'submit',
'status': 'checked'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='package', action='index',
packagename='testpackage')))
comment = meta.session.query(PackageComment).filter_by(
package_version_id=1).one()
self.assertEquals(comment.text, 'This is a test comment')
self.assertEquals(comment.status,
constants.PACKAGE_COMMENT_STATUS_UPLOADED)
meta.session.delete(packsub)
meta.session.commit()
def test_delete(self):
response = self.app.get(url(controller='package', action='delete',
packagename='testpackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(url(controller='package', action='delete',
packagename='testpackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(
url(controller='packages', action='index', filter='my')))
package = meta.session.query(Package).filter(
Package.name=='testpackage').first()
self.assertEquals(package, None)
def test_delete(self):
self.app.post(url("login"), self._AUTHDATA)
user = meta.session.query(User).filter(User.email == "*****@*****.**").one()
response = self.app.get(
url(controller="package", action="delete", packagename="testpackage", key="INVALIDKEY"), expect_errors=True
)
self.assertEquals(response.status_int, 402)
response = self.app.get(
url(controller="package", action="delete", packagename="testpackage", key=user.get_upload_key())
)
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url(controller="packages", action="my")))
package = meta.session.query(Package).filter(Package.name == "testpackage").first()
self.assertEquals(package, None)
def test_comment(self):
response = self.app.get(url(controller="package", action="comment", packagename="testpackage"))
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(url(controller="package", action="index", packagename="testpackage"))
)
self.app.post(url("login"), self._AUTHDATA)
response = self.app.get(url(controller="package", action="comment", packagename="testpackage"))
self.assertTrue(
response.location.endswith(url(controller="package", action="index", packagename="testpackage"))
)
self.assertEquals(response.status_int, 302)
response = self.app.post(
url(controller="package", action="comment", packagename="testpackage"),
{
"package_version": 1,
"text": "This is a test comment",
"outcome": constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
"commit": "submit",
},
)
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(url(controller="package", action="index", packagename="testpackage"))
)
comment = meta.session.query(PackageComment).filter_by(package_version_id=1).one()
self.assertEquals(comment.text, "This is a test comment")
self.assertEquals(comment.status, constants.PACKAGE_COMMENT_STATUS_NOT_UPLOADED)
meta.session.delete(comment)
# test with a subscriber
user = meta.session.query(User).filter(User.email == "*****@*****.**").one()
packsub = PackageSubscription(package="testpackage", level=constants.SUBSCRIPTION_LEVEL_COMMENTS)
packsub.user = user
meta.session.add(packsub)
meta.session.commit()
response = self.app.post(
url(controller="package", action="comment", packagename="testpackage"),
{
"package_version": 1,
"text": "This is a test comment",
"outcome": constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
"commit": "submit",
"status": "checked",
},
)
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(url(controller="package", action="index", packagename="testpackage"))
)
comment = meta.session.query(PackageComment).filter_by(package_version_id=1).one()
self.assertEquals(comment.text, "This is a test comment")
self.assertEquals(comment.status, constants.PACKAGE_COMMENT_STATUS_UPLOADED)
meta.session.delete(packsub)
meta.session.commit()
def test_maintainer_signup(self, actually_delete_it=True):
count = meta.session.query(User).filter(
User.email == '*****@*****.**').count()
self.assertEquals(count, 0)
self.app.post(
url(controller='register', action='register'), {
'name': 'Mr. Me',
'password': '******',
'password_confirm': 'password',
'commit': 'yes',
'email': '*****@*****.**',
'sponsor': '0'
})
count = meta.session.query(User).filter(
User.email == '*****@*****.**').count()
self.assertEquals(count, 1)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
# delete it
if actually_delete_it:
meta.session.delete(user)
else:
return user
def test_maintainer_signup_with_duplicate_name(self):
self.test_maintainer_signup(actually_delete_it=False)
self.app.post(
url(controller='register', action='register'), {
'name': 'Mr. Me',
'password': '******',
'password_confirm': 'password',
'commit': 'yes',
'email': '*****@*****.**',
'sponsor': '0'
})
count = meta.session.query(User).filter(
User.email == '*****@*****.**').count()
self.assertEquals(count, 0)
# The assertion is that there are no matching users by
# email address.
#
# That is because both user accounts have the same name,
# and that is not permitted by the backend.
#
# You might think it's silly to assert that we don't
# do anything. Really, the point is to make sure that
# the backend does not crash; before we wrote this test,
# this case would actuallly raise an unhandled
# IntegrityError from the database.
# Now, finally, delete that User that we created.
meta.session.delete(
meta.session.query(User).filter(
User.email == '*****@*****.**').one())
def test_upload_successful(self):
"""
Tests whether uploads with sane file extensions and authorization are successful.
"""
extensions = ('dsc', 'changes', 'deb', 'tar.gz', 'tar.bz2', 'tar.xz')
for extension in extensions:
filename = 'testfile.%s' % extension
response = self.app.put(url(controller='upload',
action='index',
filename=filename),
params='contents',
expect_errors=False)
self.assertEqual(response.status_int, 200)
app_config = pylons.test.pylonsapp.config
self.assertTrue(
os.path.isfile(
os.path.join(app_config['debexpo.upload.incoming'], 'pub',
filename)))
self.assertEqual(
file(
os.path.join(app_config['debexpo.upload.incoming'], 'pub',
filename)).read(), 'contents')
def test_maintainer_signup_with_duplicate_name(self):
self.test_maintainer_signup(actually_delete_it=False)
self.app.post(url(controller='register', action='register'),
{'name': 'Mr. Me',
'password': '******',
'password_confirm': 'password',
'commit': 'yes',
'email': '*****@*****.**',
'sponsor': '0'})
count = meta.session.query(User).filter(User.email=='*****@*****.**').count()
self.assertEquals(count, 0)
# The assertion is that there are no matching users by
# email address.
#
# That is because both user accounts have the same name,
# and that is not permitted by the backend.
#
# You might think it's silly to assert that we don't
# do anything. Really, the point is to make sure that
# the backend does not crash; before we wrote this test,
# this case would actuallly raise an unhandled
# IntegrityError from the database.
# Now, finally, delete that User that we created.
meta.session.delete(
meta.session.query(User).filter(User.email=='*****@*****.**').one())
def test__password(self):
response = self.app.post(url('my'), {'form': 'password'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(url('my'), {'form': 'password',
'password_current': 'password',
'password_new': 'newpassword',
'password_confirm': 'newpassword',
'commit': 'submit'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email=='*****@*****.**').filter(
User.password==md5.new('newpassword').hexdigest()).one()
self.assertEquals(user.name, 'Test user')
def test_reupload_disallowed(self):
"""
Tests whether uploading a file twice is disallowed.
"""
filename = 'testfile.dsc'
response = self.app.put(url(controller='upload', action='index',
filename=filename),
params='contents', expect_errors=False)
self.assertEqual(response.status_int, 200)
response = self.app.put(url(controller='upload', action='index',
filename=filename),
params='contents', expect_errors=True)
self.assertEqual(response.status_int, 403)
def test_get(self):
"""
Tests whether requests where method != PUT are rejected with error code 405.
"""
response = self.app.get(url(controller='upload', action='index',
filename='testname.dsc'), expect_errors=True)
self.assertEqual(response.status_int, 405)
def test__gpg(self):
response = self.app.post(url('my'), {'form': 'gpg'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, None)
# upload GPG key with low strength
response = self.app.post(url('my'), {'form': 'gpg',
'delete_gpg': 0,
'commit': 'submit'},
upload_files = [('gpg', 'mykey.asc',
self._LOW_STRENGTH_GPGKEY)])
self.assertEquals(response.status_int, 200)
low_strength_msg = 'Key strength unacceptable in Debian Keyring. The minimum required key strength is'
self.assertTrue(low_strength_msg in response)
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, None)
# upload GPG key with high strength
response = self.app.post(url('my'), {'form': 'gpg',
'delete_gpg': 0,
'commit': 'submit'},
upload_files = [('gpg', 'mykey.asc',
self._HIGH_STRENGTH_GPGKEY)])
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, self._HIGH_STRENGTH_GPGKEY)
# test whether index page contains GPG delete link
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
self.assertTrue(self._HIGH_STRENGTH_GPG_ID in response)
# delete GPG key
response = self.app.post(url('my'), {'form': 'gpg',
'delete_gpg': 1,
'commit': 'submit',
'gpg': ''})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.gpg, None)
def test_index(self):
response = self.app.get(url(controller='package', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url(controller='packages', action='index', packagename=None)))
response = self.app.get(
url(controller='package',
action='index',
packagename='notapackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url(controller='packages', action='index', packagename=None)))
response = self.app.get(
url(controller='package',
action='index',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(
response.lxml.xpath(
'//a[@href="%s"]' %
url('packages-uploader', id='*****@*****.**'))), 1)
response = self.app.post(url('login'), self._AUTHDATA)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
response = self.app.get(
url(controller='package',
action='index',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(
response.lxml.xpath('//a[@href="%s"]' %
url(controller='package',
action='delete',
packagename='testpackage',
key=user.get_upload_key()))), 1)
self.assertEquals(
len(
response.lxml.xpath('//form[@action="%s"]' %
url(controller='package',
action='comment',
packagename='testpackage'))), 1)
def test__other_details(self):
response = self.app.post(url('my'), {'form': 'other_details'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
# test set ircnick
response = self.app.post(url('my'), {'form': 'other_details',
'country': '',
'ircnick': 'tester',
'jabber': '',
'commit': 'submit'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.ircnick, 'tester')
# test DM switch
response = self.app.post(url('my'), {'form': 'other_details',
'country': -1,
'ircnick': 'tester',
'jabber': '',
'status': 1,
'commit': 'submit'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.status, constants.USER_STATUS_MAINTAINER)
def test__other_details(self):
response = self.app.post(url('my'), {'form': 'other_details'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
# test set ircnick
response = self.app.post(
url('my'), {
'form': 'other_details',
'country': '',
'ircnick': 'tester',
'jabber': '',
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.ircnick, 'tester')
# test DM switch
response = self.app.post(
url('my'), {
'form': 'other_details',
'country': -1,
'ircnick': 'tester',
'jabber': '',
'status': 1,
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.status, constants.USER_STATUS_MAINTAINER)
def test_upload_wrong_extension(self):
"""
Tests whether uploads of an unknown file extensions are rejected with error code 403.
"""
response = self.app.put(url(controller='upload', action='index',
filename='testname.unknown'),
expect_errors=True)
self.assertEqual(response.status_int, 403)
def test__password(self):
response = self.app.post(url('my'), {'form': 'password'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(
url('my'), {
'form': 'password',
'password_current': 'password',
'password_new': 'newpassword',
'password_confirm': 'newpassword',
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').filter(
User.password == md5.new('newpassword').hexdigest()).one()
self.assertEquals(user.name, 'Test user')
def test_upload_wrong_extension(self):
"""
Tests whether uploads of an unknown file extensions are rejected with error code 403.
"""
response = self.app.put(url(controller='upload',
action='index',
filename='testname.unknown'),
expect_errors=True)
self.assertEqual(response.status_int, 403)
def test_get(self):
"""
Tests whether requests where method != PUT are rejected with error code 405.
"""
response = self.app.get(url(controller='upload',
action='index',
filename='testname.dsc'),
expect_errors=True)
self.assertEqual(response.status_int, 405)
def testExtensionNotAllowed(self):
"""
Tests whether uploads of an unknown file extensions are rejected with error code 403.
"""
response = self.app.put(url(controller='upload', action='index',
filename='testname.unknown', email=self.email,
password=self.user_upload_key),
expect_errors=True)
self.assertEqual(response.status_int, 403)
def testFalseAuthentication(self):
"""
Tests whether false authentication details returns a 403 error code.
"""
response = self.app.put(url(controller='upload', action='index',
filename='testname.dsc', email=self.email,
password='******'),
expect_errors=True)
self.assertEqual(response.status_int, 403)
def test_reupload_disallowed(self):
"""
Tests whether uploading a file twice is disallowed.
"""
filename = 'testfile.dsc'
response = self.app.put(url(controller='upload',
action='index',
filename=filename),
params='contents',
expect_errors=False)
self.assertEqual(response.status_int, 200)
response = self.app.put(url(controller='upload',
action='index',
filename=filename),
params='contents',
expect_errors=True)
self.assertEqual(response.status_int, 403)
def testNoAuthorization(self):
"""
Tests whether requests where the "Authorization" header is missing are rejected with
error code 401 and whether the "WWW-Authenticate" header is sent in the response with
the correct "realm" syntax.
"""
response = self.app.put(
url(controller='upload', action='index',
filename='testname.dsc', email='email', password='******'), expect_errors=True)
self.assertEqual(response.status_int, 403)
def test__details(self):
response = self.app.post(url('my'), {'form': 'details'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(
url('my'), {
'form': 'details',
'name': '',
'email': '*****@*****.**',
'commit': 'submit'
})
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(response.lxml.xpath('//input[@id="name" and @class="error"]')),
1)
response = self.app.post(
url('my'), {
'form': 'details',
'name': 'Test user2',
'email': '*****@*****.**',
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(
User.email == '*****@*****.**').first()
self.assertEquals(user, None)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
self.assertEquals(user.name, 'Test user2')
meta.session.delete(user)
meta.session.commit()
def test_delete(self):
self.app.post(url('login'), self._AUTHDATA)
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
response = self.app.get(url(controller='package',
action='delete',
packagename='testpackage',
key="INVALIDKEY"),
expect_errors=True)
self.assertEquals(response.status_int, 402)
response = self.app.get(
url(controller='package',
action='delete',
packagename='testpackage',
key=user.get_upload_key()))
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(url(controller='packages',
action='my')))
package = meta.session.query(Package).filter(
Package.name == 'testpackage').first()
self.assertEquals(package, None)
def testTrueAuthentication(self):
"""
Tests whether true authentication details returns a nicer error code.
"""
response = self.app.put(url(controller='upload', action='index',
filename='testname.dsc', email=self.email,
password=self.user_upload_key),
expect_errors=False)
self.assertNotEqual(response.status_int, 403)
app_config = pylons.test.pylonsapp.config
if os.path.isfile(os.path.join(app_config['debexpo.upload.incoming'], 'testfile1.dsc')):
os.remove(os.path.join(app_config['debexpo.upload.incoming'], 'testfile1.dsc'))
def test_maintainer_signup(self, actually_delete_it=True):
count = meta.session.query(User).filter(User.email=='*****@*****.**').count()
self.assertEquals(count, 0)
self.app.post(url(controller='register', action='maintainer'),
{'name': 'Mr. Me',
'password': '******',
'password_confirm': 'password',
'commit': 'yes',
'email': '*****@*****.**'})
count = meta.session.query(User).filter(User.email=='*****@*****.**').count()
self.assertEquals(count, 1)
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
# delete it
if actually_delete_it:
meta.session.delete(user)
else:
return user
def test_upload_successful(self):
"""
Tests whether uploads with sane file extensions and authorization are successful.
"""
extensions = ('dsc', 'changes', 'deb', 'tar.gz', 'tar.bz2', 'tar.xz')
for extension in extensions:
filename = 'testfile.%s' % extension
response = self.app.put(url(controller='upload', action='index',
filename=filename),
params='contents', expect_errors=False)
self.assertEqual(response.status_int, 200)
app_config = pylons.test.pylonsapp.config
self.assertTrue(os.path.isfile(os.path.join(app_config['debexpo.upload.incoming'], 'pub',
filename)))
self.assertEqual(file(os.path.join(app_config['debexpo.upload.incoming'], 'pub',
filename)).read(), 'contents')
def testSuccessfulUpload(self):
"""
Tests whether uploads with sane file extensions and authorization are successful.
"""
response = self.app.put(url(
controller='upload', action='index',
filename='testfile2.dsc',
email=self.email,
password=self.user_upload_key),
params='contents', expect_errors=False)
self.assertEqual(response.status_int, 200)
app_config = pylons.test.pylonsapp.config
self.assertTrue(os.path.isfile(os.path.join(app_config['debexpo.upload.incoming'],
'testfile2.dsc')))
self.assertEqual(file(os.path.join(app_config['debexpo.upload.incoming'],
'testfile2.dsc')).read(), 'contents')
if os.path.isfile(os.path.join(app_config['debexpo.upload.incoming'], 'testfile2.dsc')):
os.remove(os.path.join(app_config['debexpo.upload.incoming'], 'testfile2.dsc'))
def test__details(self):
response = self.app.post(url('my'), {'form': 'details'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.post(url('my'), {'form': 'details',
'name': '',
'email': '*****@*****.**',
'commit': 'submit'})
self.assertEquals(response.status_int, 200)
self.assertEquals(len(response.lxml.xpath('//input[@id="name" and @class="error"]')),
1)
response = self.app.post(url('my'), {'form': 'details',
'name': 'Test user2',
'email': '*****@*****.**',
'commit': 'submit'})
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('my')))
user = meta.session.query(User).filter(User.email=='*****@*****.**').first()
self.assertEquals(user, None)
user = meta.session.query(User).filter(User.email=='*****@*****.**').one()
self.assertEquals(user.name, 'Test user2')
meta.session.delete(user)
meta.session.commit()
def test_index(self):
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
self.assertEquals(response.session['path_before_login'], url('my'))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test user with country
user = meta.session.query(User).filter(
User.email=='*****@*****.**').one()
user.country = meta.session.query(UserCountry).filter(
UserCountry.name=='Germany').one()
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test DD user
user = meta.session.query(User).filter(
User.email=='*****@*****.**').one()
user.status = constants.USER_STATUS_DEVELOPER
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test DM user
user = meta.session.query(User).filter(
User.email=='*****@*****.**').one()
user.status = constants.USER_STATUS_MAINTAINER
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test handling of deleted user
self._remove_example_user()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
def test_subscribe(self):
response = self.app.get(url(controller="package", action="subscribe", packagename="testpackage"))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url("login")))
self.assertEquals(
response.session["path_before_login"],
url(controller="package", action="subscribe", packagename="testpackage"),
)
self.app.post(url("login"), self._AUTHDATA)
response = self.app.get(url(controller="package", action="subscribe", packagename="testpackage"))
self.assertEquals(response.status_int, 200)
subscribeforms = response.lxml.xpath(
'//form[@action="%s" and @method="post"]'
% url(controller="package", action="subscribe", packagename="testpackage")
)
self.assertEquals(len(subscribeforms), 1)
options = subscribeforms[0].xpath('*/select[@name="level"]/option')
self.assertEquals(len(options), 3)
for option in options:
self.assertTrue(
option.attrib["value"]
in [
str(item)
for item in (-1, constants.SUBSCRIPTION_LEVEL_UPLOADS, constants.SUBSCRIPTION_LEVEL_COMMENTS)
]
)
response = self.app.post(url(controller="package", action="subscribe", packagename="testpackage"))
self.assertEquals(response.status_int, 200)
self.assertEquals(len(response.lxml.xpath('//span[@class="error-message"]')), 2)
response = self.app.post(
url(controller="package", action="subscribe", packagename="testpackage"),
{"level": constants.SUBSCRIPTION_LEVEL_UPLOADS, "commit": "submit"},
)
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url("package", packagename="testpackage")))
subs = (
meta.session.query(PackageSubscription)
.filter_by(package="testpackage")
.filter_by(user_id=response.session["user_id"])
.one()
)
self.assertEquals(subs.level, constants.SUBSCRIPTION_LEVEL_UPLOADS)
response = self.app.get(url(controller="package", action="subscribe", packagename="testpackage"))
self.assertEquals(
len(
response.lxml.xpath(
'//option[@value="%d" and @selected="selected"]' % constants.SUBSCRIPTION_LEVEL_UPLOADS
)
),
1,
)
response = self.app.post(
url(controller="package", action="subscribe", packagename="testpackage"),
{"level": constants.SUBSCRIPTION_LEVEL_COMMENTS, "commit": "submit"},
)
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url("package", packagename="testpackage")))
subs = (
meta.session.query(PackageSubscription)
.filter_by(package="testpackage")
.filter_by(user_id=response.session["user_id"])
.one()
)
self.assertEquals(subs.level, constants.SUBSCRIPTION_LEVEL_COMMENTS)
response = self.app.post(
url(controller="package", action="subscribe", packagename="testpackage"), {"level": -1, "commit": "submit"}
)
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url("package", packagename="testpackage")))
subs = (
meta.session.query(PackageSubscription)
.filter_by(package="testpackage")
.filter_by(user_id=response.session["user_id"])
.first()
)
self.assertEquals(subs, None)
def test_comment(self):
response = self.app.get(
url(controller='package',
action='comment',
packagename='testpackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url(controller='package',
action='index',
packagename='testpackage')))
self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(
url(controller='package',
action='comment',
packagename='testpackage'))
self.assertTrue(
response.location.endswith(
url(controller='package',
action='index',
packagename='testpackage')))
self.assertEquals(response.status_int, 302)
response = self.app.post(
url(controller='package',
action='comment',
packagename='testpackage'), {
'package_version': 1,
'text': 'This is a test comment',
'outcome': constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url(controller='package',
action='index',
packagename='testpackage')))
comment = meta.session.query(PackageComment).filter_by(
package_version_id=1).one()
self.assertEquals(comment.text, 'This is a test comment')
self.assertEquals(comment.status,
constants.PACKAGE_COMMENT_STATUS_NOT_UPLOADED)
meta.session.delete(comment)
# test with a subscriber
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
packsub = PackageSubscription(
package='testpackage', level=constants.SUBSCRIPTION_LEVEL_COMMENTS)
packsub.user = user
meta.session.add(packsub)
meta.session.commit()
response = self.app.post(
url(controller='package',
action='comment',
packagename='testpackage'), {
'package_version': 1,
'text': 'This is a test comment',
'outcome': constants.PACKAGE_COMMENT_OUTCOME_UNREVIEWED,
'commit': 'submit',
'status': 'checked'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url(controller='package',
action='index',
packagename='testpackage')))
comment = meta.session.query(PackageComment).filter_by(
package_version_id=1).one()
self.assertEquals(comment.text, 'This is a test comment')
self.assertEquals(comment.status,
constants.PACKAGE_COMMENT_STATUS_UPLOADED)
meta.session.delete(packsub)
meta.session.commit()
def test_subscribe(self):
response = self.app.get(
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
self.assertEquals(
response.session['path_before_login'],
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
subscribeforms = response.lxml.xpath(
'//form[@action="%s" and @method="post"]' %
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.assertEquals(len(subscribeforms), 1)
options = subscribeforms[0].xpath('*/select[@name="level"]/option')
self.assertEquals(len(options), 3)
for option in options:
self.assertTrue(option.attrib['value'] in [
str(item)
for item in (-1, constants.SUBSCRIPTION_LEVEL_UPLOADS,
constants.SUBSCRIPTION_LEVEL_COMMENTS)
])
response = self.app.post(
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.assertEquals(response.status_int, 200)
self.assertEquals(
len(response.lxml.xpath('//span[@class="error-message"]')), 2)
response = self.app.post(
url(controller='package',
action='subscribe',
packagename='testpackage'), {
'level': constants.SUBSCRIPTION_LEVEL_UPLOADS,
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url('package', packagename='testpackage')))
subs = meta.session.query(PackageSubscription).filter_by(
package='testpackage').filter_by(
user_id=response.session['user_id']).one()
self.assertEquals(subs.level, constants.SUBSCRIPTION_LEVEL_UPLOADS)
response = self.app.get(
url(controller='package',
action='subscribe',
packagename='testpackage'))
self.assertEquals(
len(
response.lxml.xpath(
'//option[@value="%d" and @selected="selected"]' %
constants.SUBSCRIPTION_LEVEL_UPLOADS)), 1)
response = self.app.post(
url(controller='package',
action='subscribe',
packagename='testpackage'), {
'level': constants.SUBSCRIPTION_LEVEL_COMMENTS,
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url('package', packagename='testpackage')))
subs = meta.session.query(PackageSubscription).filter_by(
package='testpackage').filter_by(
user_id=response.session['user_id']).one()
self.assertEquals(subs.level, constants.SUBSCRIPTION_LEVEL_COMMENTS)
response = self.app.post(
url(controller='package',
action='subscribe',
packagename='testpackage'), {
'level': -1,
'commit': 'submit'
})
self.assertEquals(response.status_int, 302)
self.assertTrue(
response.location.endswith(
url('package', packagename='testpackage')))
subs = meta.session.query(PackageSubscription).filter_by(
package='testpackage').filter_by(
user_id=response.session['user_id']).first()
self.assertEquals(subs, None)
def test_index(self):
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))
self.assertEquals(response.session['path_before_login'], url('my'))
response = self.app.post(url('login'), self._AUTHDATA)
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test user with country
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
user.country = meta.session.query(UserCountry).filter(
UserCountry.name == 'Germany').one()
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test DD user
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
user.status = constants.USER_STATUS_DEVELOPER
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test DM user
user = meta.session.query(User).filter(
User.email == '*****@*****.**').one()
user.status = constants.USER_STATUS_MAINTAINER
meta.session.commit()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 200)
self.assertTrue('<a href="%s">' % (url('logout')) in response)
# test handling of deleted user
self._remove_example_user()
response = self.app.get(url(controller='my', action='index'))
self.assertEquals(response.status_int, 302)
self.assertTrue(response.location.endswith(url('login')))