def setUp(self): self.user = self.create_user() self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name='NullDB', proxy_user=self.proxy, owner=self.user, scope_list=('project:read', ), webhook_url='http://example.com', )
def setUp(self): self.user = self.create_user() self.org = self.create_organization(owner=self.user) self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name="NullDB", proxy_user=self.proxy, owner=self.org, scope_list=("project:read", ), webhook_url="http://example.com", )
def has_object_permission(self, request, view, project): result = super(ProjectPermission, self).has_object_permission(request, view, project.organization) if not result: return result if project.teams.exists(): return any( has_team_permission(request, team, self.scope_map) for team in project.teams.all()) elif is_system_auth(request.auth): return True elif request.user and request.user.is_authenticated(): # this is only for team-less projects if is_active_superuser(request): return True elif request.user.is_sentry_app: return SentryApp.check_project_permission_for_sentry_app_user( request.user, project) try: role = (OrganizationMember.objects.filter( organization=project.organization, user=request.user).values_list("role", flat=True).get()) except OrganizationMember.DoesNotExist: # this should probably never happen? return False return roles.get(role).is_global elif hasattr(request.auth, "project_id") and project.id == request.auth.project_id: return True return False
def get(self, request): return self.paginate( request=request, queryset=SentryApp.visible_for_user(request.user), order_by='-date_added', paginator_cls=OffsetPaginator, on_results=lambda x: serialize(x, request.user), )
def assert_response_has_serialized_sentry_app( self, response: Response, sentry_app: SentryApp, organization: Organization, has_features: bool = False, mask_secret: bool = False, ) -> None: data = { "allowedOrigins": [], "author": sentry_app.author, "avatars": [], "clientId": sentry_app.application.client_id, "clientSecret": sentry_app.application.client_secret, "events": [], "featureData": [], "isAlertable": sentry_app.is_alertable, "name": sentry_app.name, "overview": sentry_app.overview, "owner": { "id": organization.id, "slug": organization.slug }, "popularity": self.default_popularity, "redirectUrl": sentry_app.redirect_url, "schema": {}, "scopes": [], "slug": sentry_app.slug, "status": sentry_app.get_status_display(), "uuid": sentry_app.uuid, "verifyInstall": sentry_app.verify_install, "webhookUrl": sentry_app.webhook_url, } if mask_secret: data["scopes"] = ["project:write"] data["clientSecret"] = MASKED_VALUE if has_features: data["featureData"] = [{ "featureId": 0, "featureGate": "integrations-api", "description": (f"{sentry_app.name} can **utilize the Sentry API** to pull data or" + " update resources in Sentry (with permissions granted, of course)." ), }] assert data in json.loads(response.content)
def test_raises_when_sentry_app_cannot_be_found(self, sentry_app): sentry_app.side_effect = SentryApp.DoesNotExist() with self.assertRaises(APIUnauthorized): self.validator.call()
class SentryAppTest(TestCase): def setUp(self): self.user = self.create_user() self.org = self.create_organization(owner=self.user) self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name='NullDB', proxy_user=self.proxy, owner=self.org, scope_list=('project:read', ), webhook_url='http://example.com', ) def test_slug(self): self.sentry_app.save() assert self.sentry_app.slug == 'nulldb' def test_paranoid(self): self.sentry_app.save() self.sentry_app.delete() assert self.sentry_app.date_deleted is not None assert self.sentry_app not in SentryApp.objects.all() def test_date_updated(self): self.sentry_app.save() date_updated = self.sentry_app.date_updated self.sentry_app.save() assert not self.sentry_app.date_updated == date_updated def test_related_names(self): self.sentry_app.save() assert self.sentry_app.application.sentry_app == self.sentry_app assert self.sentry_app.proxy_user.sentry_app == self.sentry_app assert self.sentry_app in self.sentry_app.owner.owned_sentry_apps.all()
class SentryAppTest(TestCase): def setUp(self): self.user = self.create_user() self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name='NullDB', proxy_user=self.proxy, owner=self.user, scope_list=('project:read', ), webhook_url='http://example.com', ) def test_slug(self): self.sentry_app.save() assert self.sentry_app.slug == 'nulldb' def test_paranoid(self): self.sentry_app.save() self.sentry_app.delete() assert self.sentry_app.date_deleted is not None assert self.sentry_app not in SentryApp.objects.all() def test_date_updated(self): self.sentry_app.save() date_updated = self.sentry_app.date_updated self.sentry_app.save() assert not self.sentry_app.date_updated == date_updated def test_related_names(self): self.sentry_app.save() assert self.sentry_app.application.sentry_app == self.sentry_app assert self.sentry_app.proxy_user.sentry_app == self.sentry_app assert self.sentry_app in self.sentry_app.owner.owned_sentry_apps.all()
class SentryAppTest(TestCase): def setUp(self): self.user = self.create_user() self.org = self.create_organization(owner=self.user) self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name="NullDB", proxy_user=self.proxy, owner=self.org, scope_list=("project:read", ), webhook_url="http://example.com", ) def test_paranoid(self): self.sentry_app.save() self.sentry_app.delete() assert self.sentry_app.date_deleted is not None assert self.sentry_app not in SentryApp.objects.all() def test_date_updated(self): self.sentry_app.save() date_updated = self.sentry_app.date_updated self.sentry_app.save() assert not self.sentry_app.date_updated == date_updated def test_related_names(self): self.sentry_app.save() assert self.sentry_app.application.sentry_app == self.sentry_app assert self.sentry_app.proxy_user.sentry_app == self.sentry_app assert self.sentry_app in self.sentry_app.owner.owned_sentry_apps.all() def test_is_unpublished(self): self.sentry_app.status = SentryAppStatus.UNPUBLISHED self.sentry_app.save() assert self.sentry_app.is_unpublished def test_is_published(self): self.sentry_app.status = SentryAppStatus.PUBLISHED self.sentry_app.save() assert self.sentry_app.is_published def test_is_internal(self): self.sentry_app.status = SentryAppStatus.INTERNAL self.sentry_app.save() assert self.sentry_app.is_internal
class SentryAppTest(TestCase): def setUp(self): self.user = self.create_user() self.org = self.create_organization(owner=self.user) self.proxy = self.create_user() self.application = ApiApplication.objects.create(owner=self.proxy) self.sentry_app = SentryApp( application=self.application, name='NullDB', proxy_user=self.proxy, owner=self.org, scope_list=('project:read', ), webhook_url='http://example.com', ) def test_slug(self): self.sentry_app.save() assert self.sentry_app.slug == 'nulldb' def test_internal_slug(self): self.sentry_app.status = SentryAppStatus.INTERNAL self.sentry_app.save() assert self.sentry_app.slug == u'nulldb-{}'.format( hashlib.sha1(self.org.slug).hexdigest()[0:6]) def test_internal_slug_on_update(self): self.sentry_app.status = SentryAppStatus.INTERNAL self.sentry_app.save() self.sentry_app.save() assert self.sentry_app.slug == u'nulldb-{}'.format( hashlib.sha1(self.org.slug).hexdigest()[0:6]) def test_paranoid(self): self.sentry_app.save() self.sentry_app.delete() assert self.sentry_app.date_deleted is not None assert self.sentry_app not in SentryApp.objects.all() def test_date_updated(self): self.sentry_app.save() date_updated = self.sentry_app.date_updated self.sentry_app.save() assert not self.sentry_app.date_updated == date_updated def test_related_names(self): self.sentry_app.save() assert self.sentry_app.application.sentry_app == self.sentry_app assert self.sentry_app.proxy_user.sentry_app == self.sentry_app assert self.sentry_app in self.sentry_app.owner.owned_sentry_apps.all() def test_is_unpublished(self): self.sentry_app.status = SentryAppStatus.UNPUBLISHED self.sentry_app.save() assert self.sentry_app.is_unpublished def test_is_published(self): self.sentry_app.status = SentryAppStatus.PUBLISHED self.sentry_app.save() assert self.sentry_app.is_published def test_is_internal(self): self.sentry_app.status = SentryAppStatus.INTERNAL self.sentry_app.save() assert self.sentry_app.is_internal