Mercurial > p > roundup > code

annotate test/test_cgi.py @ 7836:219fc5804345

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
issue2551270 - Better templating support for JavaScript Add (templating) utils.readfile(file, optional=False) and utils.expandfile(file, token_dict=None, optional=False). Allows reading an external file (e.g. JavaScript) and inserting it using tal:contents or equivalent jinja function. expandfile allows setting a dictionary and tokens in the file of the form "%(token_name)s" will be replaced in the file with the values from the dict. See method doc blocks or reference.txt for more info. Also reordered table in references.txt to be case sensitive alphabetic. Added a paragraph on using python's help() to get method/function/... documention blocks. in templating.py _find method. Added explicit return None calls to all code paths. Also added internationalization method to the TemplatingUtils class. Fixed use of 'property' hiding python builtin of same name. Added tests for new TemplatingUtils framework to use for testing existing utils.
author John Rouillard <rouilj@ieee.org>
date Tue, 26 Mar 2024 14:15:46 -0400
parents 978285986b2c
children e90be54708e9
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
1 #
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
2 # Copyright (c) 2003 Richard Jones, rjones@ekit-inc.com
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
3 # This module is free software, and you may redistribute it and/or modify
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
4 # under the same terms as Python, so long as this copyright message and
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
5 # disclaimer are retained in their original form.
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6 #
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
7 # This module is distributed in the hope that it will be useful,
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
8 # but WITHOUT ANY WARRANTY; without even the implied warranty of
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
10
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
11 from __future__ import print_function
7582
978285986b2c fix: issue2551193 - Fix roundup for removal of cgi and cgitb ...
John Rouillard <rouilj@ieee.org>
parents: 7184
diff changeset
12 import unittest, os, shutil, errno, sys, difflib, re, io
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
13
5721
abb9fdb02228 Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents: 5720
diff changeset
14 import pytest
6651
da6c9050a79e Fix modification of Cache_Control
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6601
diff changeset
15 import copy
5721
abb9fdb02228 Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents: 5720
diff changeset
16
7582
978285986b2c fix: issue2551193 - Fix roundup for removal of cgi and cgitb ...
John Rouillard <rouilj@ieee.org>
parents: 7184
diff changeset
17 from roundup.anypy.cgi_ import cgi
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
18 from roundup.cgi import client, actions, exceptions
5973
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
19 from roundup.cgi.exceptions import FormError, NotFound, Redirect
5976
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
20 from roundup.exceptions import UsageError, Reject
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
21 from roundup.cgi.templating import HTMLItem, HTMLRequest, NoTemplate
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
22 from roundup.cgi.templating import HTMLProperty, _HTMLItem, anti_csrf_nonce
7836
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
23 from roundup.cgi.templating import TemplatingUtils
2027
45ad02759998 test fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2004
diff changeset
24 from roundup.cgi.form_parser import FormParser
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
25 from roundup import init, instance, password, hyperdb, date
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
26 from roundup.anypy.strings import u2s, b2s, s2b
6361
58817c3bf471 Fix roundup/test
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6268
diff changeset
27 from roundup.test.tx_Source_detector import init as tx_Source_init
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
28
5973
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
29 from time import sleep
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
30
5166
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
31 # For testing very simple rendering
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
32 from roundup.cgi.engine_zopetal import RoundupPageTemplate
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
33
6366
f2c31f5ec50b Move mocknull from test to roundup/test
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6361
diff changeset
34 from roundup.test.mocknull import MockNull
4112
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
35
5388
d26921b851c3 Python 3 preparation: make relative imports explicit.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5385
diff changeset
36 from . import db_test_base
d26921b851c3 Python 3 preparation: make relative imports explicit.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5385
diff changeset
37 from .db_test_base import FormTestParent, setupTracker, FileUpload
5513
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
38 from .cmp_helper import StringFragmentCmpHelper
6593
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
39 from .test_postgresql import skip_postgresql
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
40 from .test_mysql import skip_mysql
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
41
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
42
5065
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
43 class FileList:
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
44 def __init__(self, name, *files):
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
45 self.name = name
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
46 self.files = files
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
47 def items (self):
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
48 for f in self.files:
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
49 yield (self.name, f)
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
50
6593
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
51 class testFtsQuery(object):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
52
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
53 def testRenderContextFtsQuery(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
54 self.db.issue.create(title='i1 is found', status="chatting")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
55
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
56 self.client.form=db_test_base.makeForm(
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
57 { "@ok_message": "ok message", "@template": "index",
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
58 "@search_text": "found"})
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
59 self.client.path = 'issue'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
60 self.client.determine_context()
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
61
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
62 result = self.client.renderContext()
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
63
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
64 expected = '">i1 is found</a>'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
65
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
66 self.assertIn(expected, result)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
67 self.assertEqual(self.client.response_code, 200)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
68
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
69 cm = client.add_message
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1631
diff changeset
70 class MessageTestCase(unittest.TestCase):
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
71 # Note: Escaping is now handled on a message-by-message basis at a
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
72 # point where we still know what generates a message. In this way we
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
73 # can decide when to escape and when not. We test the add_message
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
74 # routine here.
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
75 # Of course we won't catch errors in judgement when to escape here
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
76 # -- but at the time of this change only one message is not escaped.
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
77 def testAddMessageOK(self):
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
78 self.assertEqual(cm([],'a\nb'), ['a<br />\nb'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
79 self.assertEqual(cm([],'a\nb\nc\n'), ['a<br />\nb<br />\nc<br />\n'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
80
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
81 def testAddMessageBAD(self):
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
82 self.assertEqual(cm([],'<script>x</script>'),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
83 ['&lt;script&gt;x&lt;/script&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
84 self.assertEqual(cm([],'<iframe>x</iframe>'),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
85 ['&lt;iframe&gt;x&lt;/iframe&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
86 self.assertEqual(cm([],'<<script >>alert(42);5<</script >>'),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
87 ['&lt;&lt;script &gt;&gt;alert(42);5&lt;&lt;/script &gt;&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
88 self.assertEqual(cm([],'<a href="y">x</a>'),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
89 ['&lt;a href="y"&gt;x&lt;/a&gt;'])
5805
39a5f40ae4d4 Extra test of < and > inside quotes.
John Rouillard <rouilj@ieee.org>
parents: 5794
diff changeset
90 self.assertEqual(cm([],'<a href="<y>">x</a>'),
39a5f40ae4d4 Extra test of < and > inside quotes.
John Rouillard <rouilj@ieee.org>
parents: 5794
diff changeset
91 ['&lt;a href="&lt;y&gt;"&gt;x&lt;/a&gt;'])
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
92 self.assertEqual(cm([],'<A HREF="y">x</A>'),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
93 ['&lt;A HREF="y"&gt;x&lt;/A&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
94 self.assertEqual(cm([],'<br>x<br />'), ['&lt;br&gt;x&lt;br /&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
95 self.assertEqual(cm([],'<i>x</i>'), ['&lt;i&gt;x&lt;/i&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
96 self.assertEqual(cm([],'<b>x</b>'), ['&lt;b&gt;x&lt;/b&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
97 self.assertEqual(cm([],'<BR>x<BR />'), ['&lt;BR&gt;x&lt;BR /&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
98 self.assertEqual(cm([],'<I>x</I>'), ['&lt;I&gt;x&lt;/I&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
99 self.assertEqual(cm([],'<B>x</B>'), ['&lt;B&gt;x&lt;/B&gt;'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
100
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
101 def testAddMessageNoEscape(self):
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
102 self.assertEqual(cm([],'<i>x</i>',False), ['<i>x</i>'])
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
103 self.assertEqual(cm([],'<i>x</i>\n<b>x</b>',False),
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
104 ['<i>x</i><br />\n<b>x</b>'])
1684
b87c40d1b8fb fix hackish message escaping [SF#757128]
Richard Jones <richard@users.sourceforge.net>
parents: 1631
diff changeset
105
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
106 class testCsvExport(object):
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
107
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
108 def testCSVExportBase(self):
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
109 cl = self._make_client(
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
110 {'@columns': 'id,title,status,keyword,assignedto,nosy,creation'},
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
111 nodeid=None, userid='1')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
112 cl.classname = 'issue'
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
113
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
114 demo_id=self.db.user.create(username='demo', address='demo@test.test',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
115 roles='User', realname='demo')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
116 key_id1=self.db.keyword.create(name='keyword1')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
117 key_id2=self.db.keyword.create(name='keyword2')
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
118
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
119 originalDate = date.Date
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
120 dummy=date.Date('2000-06-26.00:34:02.0')
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
121 # is a closure the best way to return a static Date object??
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
122 def dummyDate(adate=None):
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
123 def dummyClosure(adate=None, translator=None):
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
124 return dummy
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
125 return dummyClosure
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
126 date.Date = dummyDate()
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
127
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
128 self.db.issue.create(title='foo1', status='2', assignedto='4', nosy=['3',demo_id])
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
129 self.db.issue.create(title='bar2', status='1', assignedto='3', keyword=[key_id1,key_id2])
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
130 self.db.issue.create(title='baz32', status='4')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
131 output = io.BytesIO()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
132 cl.request = MockNull()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
133 cl.request.wfile = output
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
134 # call export version that outputs names
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
135 actions.ExportCSVAction(cl).handle()
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
136 should_be=(s2b('"id","title","status","keyword","assignedto","nosy","creation"\r\n'
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
137 '"1","foo1","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo","2000-06-26 00:34"\r\n'
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
138 '"2","bar2","unread","keyword1;keyword2","Bork, Chef","Bork, Chef","2000-06-26 00:34"\r\n'
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
139 '"3","baz32","need-eg","","","","2000-06-26 00:34"\r\n'))
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
140
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
141
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
142 #print(should_be)
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
143 #print(output.getvalue())
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
144 self.assertEqual(output.getvalue(), should_be)
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
145 output = io.BytesIO()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
146 cl.request = MockNull()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
147 cl.request.wfile = output
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
148 # call export version that outputs id numbers
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
149 actions.ExportCSVWithIdAction(cl).handle()
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
150 should_be = s2b('"id","title","status","keyword","assignedto","nosy","creation"\r\n'
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
151 '''"1","foo1","2","[]","4","['3', '4', '5']","2000-06-26.00:34:02"\r\n'''
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
152 '''"2","bar2","1","['1', '2']","3","['3']","2000-06-26.00:34:02"\r\n'''
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
153 '''"3","baz32","4","[]","None","[]","2000-06-26.00:34:02"\r\n''')
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
154 #print(should_be)
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
155 #print(output.getvalue())
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
156 self.assertEqual(output.getvalue(), should_be)
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
157
6601
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
158 # reset the real date command
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
159 date.Date = originalDate
154f286061e2 Add date column to CSV output - test date display code.
John Rouillard <rouilj@ieee.org>
parents: 6600
diff changeset
160
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
161 # test full text search
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
162 # call export version that outputs names
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
163 cl = self._make_client(
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
164 {'@columns': 'id,title,status,keyword,assignedto,nosy',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
165 "@search_text": "bar2"}, nodeid=None, userid='1')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
166 cl.classname = 'issue'
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
167 output = io.BytesIO()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
168 cl.request = MockNull()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
169 cl.request.wfile = output
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
170 actions.ExportCSVAction(cl).handle()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
171 should_be=(s2b('"id","title","status","keyword","assignedto","nosy"\r\n'
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
172 '"2","bar2","unread","keyword1;keyword2","Bork, Chef","Bork, Chef"\r\n'))
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
173
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
174 self.assertEqual(output.getvalue(), should_be)
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
175
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
176 # call export version that outputs id numbers
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
177 output = io.BytesIO()
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
178 cl.request = MockNull()
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
179 cl.request.wfile = output
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
180 actions.ExportCSVWithIdAction(cl).handle()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
181 should_be = s2b('"id","title","status","keyword","assignedto","nosy"\r\n'
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
182 "\"2\",\"bar2\",\"1\",\"['1', '2']\",\"3\",\"['3']\"\r\n")
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
183 self.assertEqual(output.getvalue(), should_be)
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
184
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
185 class FormTestCase(FormTestParent, StringFragmentCmpHelper, testCsvExport, unittest.TestCase):
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
186
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
187 def setUp(self):
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
188 FormTestParent.setUp(self)
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
189
6361
58817c3bf471 Fix roundup/test
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6268
diff changeset
190 tx_Source_init(self.db)
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
191
2929
7a8a02646d4e backend is an attribute of tracker instances
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2821
diff changeset
192 test = self.instance.backend.Class(self.db, "test",
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
193 string=hyperdb.String(), number=hyperdb.Number(),
5067
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
194 intval=hyperdb.Integer(), boolean=hyperdb.Boolean(),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
195 link=hyperdb.Link('test'), multilink=hyperdb.Multilink('test'),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
196 date=hyperdb.Date(), messages=hyperdb.Multilink('msg'),
5814
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
197 interval=hyperdb.Interval(), pw=hyperdb.Password() )
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
198
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
199 # compile the labels re
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
200 classes = '|'.join(self.db.classes.keys())
2004
1782fe36e7b8 Move out parts of client.py to new modules:
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1873
diff changeset
201 self.FV_SPECIAL = re.compile(FormParser.FV_LABELS%classes,
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
202 re.VERBOSE)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
203
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
204 #
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
205 # form label extraction
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
206 #
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
207 def tl(self, s, c, i, a, p):
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
208 m = self.FV_SPECIAL.match(s)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
209 self.assertNotEqual(m, None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
210 d = m.groupdict()
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
211 self.assertEqual(d['classname'], c)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
212 self.assertEqual(d['id'], i)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
213 for action in 'required add remove link note file'.split():
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
214 if a == action:
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
215 self.assertNotEqual(d[action], None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
216 else:
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
217 self.assertEqual(d[action], None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
218 self.assertEqual(d['propname'], p)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
219
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
220 def testLabelMatching(self):
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
221 self.tl('<propname>', None, None, None, '<propname>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
222 self.tl(':required', None, None, 'required', None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
223 self.tl(':confirm:<propname>', None, None, 'confirm', '<propname>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
224 self.tl(':add:<propname>', None, None, 'add', '<propname>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
225 self.tl(':remove:<propname>', None, None, 'remove', '<propname>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
226 self.tl(':link:<propname>', None, None, 'link', '<propname>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
227 self.tl('test1:<prop>', 'test', '1', None, '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
228 self.tl('test1:required', 'test', '1', 'required', None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
229 self.tl('test1:add:<prop>', 'test', '1', 'add', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
230 self.tl('test1:remove:<prop>', 'test', '1', 'remove', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
231 self.tl('test1:link:<prop>', 'test', '1', 'link', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
232 self.tl('test1:confirm:<prop>', 'test', '1', 'confirm', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
233 self.tl('test-1:<prop>', 'test', '-1', None, '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
234 self.tl('test-1:required', 'test', '-1', 'required', None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
235 self.tl('test-1:add:<prop>', 'test', '-1', 'add', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
236 self.tl('test-1:remove:<prop>', 'test', '-1', 'remove', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
237 self.tl('test-1:link:<prop>', 'test', '-1', 'link', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
238 self.tl('test-1:confirm:<prop>', 'test', '-1', 'confirm', '<prop>')
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
239 self.tl(':note', None, None, 'note', None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
240 self.tl(':file', None, None, 'file', None)
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
241
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
242 #
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
243 # Empty form
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
244 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
245 def testNothing(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
246 self.assertEqual(self.parseForm({}), ({('test', None): {}}, []))
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
247
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
248 def testNothingWithRequired(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
249 self.assertRaises(FormError, self.parseForm, {':required': 'string'})
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
250 self.assertRaises(FormError, self.parseForm,
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
251 {':required': 'title,status', 'status':'1'}, 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
252 self.assertRaises(FormError, self.parseForm,
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
253 {':required': ['title','status'], 'status':'1'}, 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
254 self.assertRaises(FormError, self.parseForm,
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
255 {':required': 'status', 'status':''}, 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
256 self.assertRaises(FormError, self.parseForm,
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
257 {':required': 'nosy', 'nosy':''}, 'issue')
3656
0119e04886d8 @required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents: 3491
diff changeset
258 self.assertRaises(FormError, self.parseForm,
0119e04886d8 @required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents: 3491
diff changeset
259 {':required': 'msg-1@content', 'msg-1@content':''}, 'issue')
0119e04886d8 @required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents: 3491
diff changeset
260 self.assertRaises(FormError, self.parseForm,
0119e04886d8 @required in forms may now specify properties of linked items
Richard Jones <richard@users.sourceforge.net>
parents: 3491
diff changeset
261 {':required': 'msg-1@content'}, 'issue')
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
262
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
263 #
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
264 # Nonexistant edit
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
265 #
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
266 def testEditNonexistant(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
267 self.assertRaises(FormError, self.parseForm, {'boolean': ''},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
268 'test', '1')
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
269
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
270 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
271 # String
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
272 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
273 def testEmptyString(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
274 self.assertEqual(self.parseForm({'string': ''}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
275 ({('test', None): {}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
276 self.assertEqual(self.parseForm({'string': ' '}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
277 ({('test', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
278 self.assertRaises(FormError, self.parseForm, {'string': ['', '']})
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
279
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
280 def testSetString(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
281 self.assertEqual(self.parseForm({'string': 'foo'}),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
282 ({('test', None): {'string': 'foo'}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
283 self.assertEqual(self.parseForm({'string': 'a\r\nb\r\n'}),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
284 ({('test', None): {'string': 'a\nb'}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
285 nodeid = self.db.issue.create(title='foo')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
286 self.assertEqual(self.parseForm({'title': 'foo'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
287 ({('issue', nodeid): {}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
288
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
289 def testEmptyStringSet(self):
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
290 nodeid = self.db.issue.create(title='foo')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
291 self.assertEqual(self.parseForm({'title': ''}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
292 ({('issue', nodeid): {'title': None}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
293 nodeid = self.db.issue.create(title='foo')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
294 self.assertEqual(self.parseForm({'title': ' '}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
295 ({('issue', nodeid): {'title': None}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
296
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
297 def testStringLinkId(self):
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
298 self.db.status.set('1', name='2')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
299 self.db.status.set('2', name='1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
300 issue = self.db.issue.create(title='i1-status1', status='1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
301 self.assertEqual(self.db.issue.get(issue,'status'),'1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
302 self.assertEqual(self.db.status.lookup('1'),'2')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
303 self.assertEqual(self.db.status.lookup('2'),'1')
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
304 self.assertEqual(self.db.issue.get('1','tx_Source'),'web')
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
305 form = cgi.FieldStorage()
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
306 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form)
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
307 cl.classname = 'issue'
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
308 cl.nodeid = issue
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
309 cl.db = self.db
3969
905faf52a51f fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents: 3930
diff changeset
310 cl.language = ('en',)
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
311 item = HTMLItem(cl, 'issue', issue)
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
312 self.assertEqual(item.status.id, '1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
313 self.assertEqual(item.status.name, '2')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
314
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
315 def testStringMultilinkId(self):
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
316 id = self.db.keyword.create(name='2')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
317 self.assertEqual(id,'1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
318 id = self.db.keyword.create(name='1')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
319 self.assertEqual(id,'2')
3904
91008ec8f9a0 retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3902
diff changeset
320 issue = self.db.issue.create(title='i1-status1', keyword=['1'])
91008ec8f9a0 retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3902
diff changeset
321 self.assertEqual(self.db.issue.get(issue,'keyword'),['1'])
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
322 self.assertEqual(self.db.keyword.lookup('1'),'2')
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
323 self.assertEqual(self.db.keyword.lookup('2'),'1')
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
324 self.assertEqual(self.db.issue.get(issue,'tx_Source'),'web')
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
325 form = cgi.FieldStorage()
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
326 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form)
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
327 cl.classname = 'issue'
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
328 cl.nodeid = issue
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
329 cl.db = self.db
3969
905faf52a51f fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents: 3930
diff changeset
330 cl.language = ('en',)
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
331 cl.userid = '1'
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
332 item = HTMLItem(cl, 'issue', issue)
3904
91008ec8f9a0 retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3902
diff changeset
333 for keyword in item.keyword:
91008ec8f9a0 retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3902
diff changeset
334 self.assertEqual(keyword.id, '1')
91008ec8f9a0 retire "topic" usage
Justus Pendleton <jpend@users.sourceforge.net>
parents: 3902
diff changeset
335 self.assertEqual(keyword.name, '2')
3859
9e48fda4a41c Added two new tests for Links and Multilinks in HTMLItems:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 3777
diff changeset
336
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
337 def testFileUpload(self):
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
338 file = FileUpload('foo', 'foo.txt')
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
339 self.assertEqual(self.parseForm({'content': file}, 'file'),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
340 ({('file', None): {'content': 'foo', 'name': 'foo.txt',
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
341 'type': 'text/plain'}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
342
5065
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
343 def testSingleFileUpload(self):
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
344 file = FileUpload('foo', 'foo.txt')
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
345 self.assertEqual(self.parseForm({'@file': file}, 'issue'),
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
346 ({('file', '-1'): {'content': 'foo', 'name': 'foo.txt',
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
347 'type': 'text/plain'},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
348 ('issue', None): {}},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
349 [('issue', None, 'files', [('file', '-1')])]))
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
350
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
351 def testMultipleFileUpload(self):
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
352 f1 = FileUpload('foo', 'foo.txt')
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
353 f2 = FileUpload('bar', 'bar.txt')
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
354 f3 = FileUpload('baz', 'baz.txt')
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
355 files = FileList('@file', f1, f2, f3)
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
356
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
357 self.assertEqual(self.parseForm(files, 'issue'),
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
358 ({('file', '-1'): {'content': 'foo', 'name': 'foo.txt',
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
359 'type': 'text/plain'},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
360 ('file', '-2'): {'content': 'bar', 'name': 'bar.txt',
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
361 'type': 'text/plain'},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
362 ('file', '-3'): {'content': 'baz', 'name': 'baz.txt',
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
363 'type': 'text/plain'},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
364 ('issue', None): {}},
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
365 [ ('issue', None, 'files', [('file', '-1')])
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
366 , ('issue', None, 'files', [('file', '-2')])
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
367 , ('issue', None, 'files', [('file', '-3')])
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
368 ]))
47ab150b7325 Allow multiple file uploads
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5037
diff changeset
369
1734
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
370 def testEditFileClassAttributes(self):
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
371 self.assertEqual(self.parseForm({'name': 'foo.txt',
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
372 'type': 'application/octet-stream'},
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
373 'file'),
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
374 ({('file', None): {'name': 'foo.txt',
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
375 'type': 'application/octet-stream'}},[]))
5a04969176dc Regression test case to ensure FileClass attribute bug doesn't show up again.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1684
diff changeset
376
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
377 #
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
378 # Link
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
379 #
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
380 def testEmptyLink(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
381 self.assertEqual(self.parseForm({'link': ''}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
382 ({('test', None): {}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
383 self.assertEqual(self.parseForm({'link': ' '}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
384 ({('test', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
385 self.assertRaises(FormError, self.parseForm, {'link': ['', '']})
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
386 self.assertEqual(self.parseForm({'link': '-1'}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
387 ({('test', None): {}}, []))
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
388
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
389 def testSetLink(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
390 self.assertEqual(self.parseForm({'status': 'unread'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
391 ({('issue', None): {'status': '1'}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
392 self.assertEqual(self.parseForm({'status': '1'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
393 ({('issue', None): {'status': '1'}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
394 nodeid = self.db.issue.create(status='unread')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
395 self.assertEqual(self.parseForm({'status': 'unread'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
396 ({('issue', nodeid): {}}, []))
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
397 self.assertEqual(self.db.issue.get(nodeid,'tx_Source'),'web')
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
398
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
399 def testUnsetLink(self):
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
400 nodeid = self.db.issue.create(status='unread')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
401 self.assertEqual(self.parseForm({'status': '-1'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
402 ({('issue', nodeid): {'status': None}}, []))
4781
6e9b9743de89 Implementation for:
John Rouillard <rouilj@ieee.org>
parents: 4685
diff changeset
403 self.assertEqual(self.db.issue.get(nodeid,'tx_Source'),'web')
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
404
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
405 def testInvalidLinkValue(self):
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
406 # XXX This is not the current behaviour - should we enforce this?
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
407 # self.assertRaises(IndexError, self.parseForm,
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
408 # {'status': '4'}))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
409 self.assertRaises(FormError, self.parseForm, {'link': 'frozzle'})
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
410 self.assertRaises(FormError, self.parseForm, {'status': 'frozzle'},
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
411 'issue')
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
412
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
413 #
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
414 # Multilink
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
415 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
416 def testEmptyMultilink(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
417 self.assertEqual(self.parseForm({'nosy': ''}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
418 ({('test', None): {}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
419 self.assertEqual(self.parseForm({'nosy': ' '}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
420 ({('test', None): {}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
421
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
422 def testSetMultilink(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
423 self.assertEqual(self.parseForm({'nosy': '1'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
424 ({('issue', None): {'nosy': ['1']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
425 self.assertEqual(self.parseForm({'nosy': 'admin'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
426 ({('issue', None): {'nosy': ['1']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
427 self.assertEqual(self.parseForm({'nosy': ['1','2']}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
428 ({('issue', None): {'nosy': ['1','2']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
429 self.assertEqual(self.parseForm({'nosy': '1,2'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
430 ({('issue', None): {'nosy': ['1','2']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
431 self.assertEqual(self.parseForm({'nosy': 'admin,2'}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
432 ({('issue', None): {'nosy': ['1','2']}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
433
1631
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
434 def testMixedMultilink(self):
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
435 form = cgi.FieldStorage()
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
436 form.list.append(cgi.MiniFieldStorage('nosy', '1,2'))
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
437 form.list.append(cgi.MiniFieldStorage('nosy', '3'))
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
438 cl = client.Client(self.instance, None, {'PATH_INFO':'/'}, form)
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
439 cl.classname = 'issue'
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
440 cl.nodeid = None
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
441 cl.db = self.db
3969
905faf52a51f fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents: 3930
diff changeset
442 cl.language = ('en',)
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
443 self.assertEqual(cl.parsePropsFromForm(create=1),
1631
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
444 ({('issue', None): {'nosy': ['1','2', '3']}}, []))
8a908bbad1ef A couple of form value handling changes:
Richard Jones <richard@users.sourceforge.net>
parents: 1592
diff changeset
445
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
446 def testEmptyMultilinkSet(self):
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
447 nodeid = self.db.issue.create(nosy=['1','2'])
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
448 self.assertEqual(self.parseForm({'nosy': ''}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
449 ({('issue', nodeid): {'nosy': []}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
450 nodeid = self.db.issue.create(nosy=['1','2'])
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
451 self.assertEqual(self.parseForm({'nosy': ' '}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
452 ({('issue', nodeid): {'nosy': []}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
453 self.assertEqual(self.parseForm({'nosy': '1,2'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
454 ({('issue', nodeid): {}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
455
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
456 def testInvalidMultilinkValue(self):
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
457 # XXX This is not the current behaviour - should we enforce this?
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
458 # self.assertRaises(IndexError, self.parseForm,
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
459 # {'nosy': '4'}))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
460 self.assertRaises(FormError, self.parseForm, {'nosy': 'frozzle'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
461 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
462 self.assertRaises(FormError, self.parseForm, {'nosy': '1,frozzle'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
463 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
464 self.assertRaises(FormError, self.parseForm, {'multilink': 'frozzle'})
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
465
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
466 def testMultilinkAdd(self):
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
467 nodeid = self.db.issue.create(nosy=['1'])
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
468 # do nothing
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
469 self.assertEqual(self.parseForm({':add:nosy': ''}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
470 ({('issue', nodeid): {}}, []))
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
471
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
472 # do something ;)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
473 self.assertEqual(self.parseForm({':add:nosy': '2'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
474 ({('issue', nodeid): {'nosy': ['1','2']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
475 self.assertEqual(self.parseForm({':add:nosy': '2,mary'}, 'issue',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
476 nodeid), ({('issue', nodeid): {'nosy': ['1','2','4']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
477 self.assertEqual(self.parseForm({':add:nosy': ['2','3']}, 'issue',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
478 nodeid), ({('issue', nodeid): {'nosy': ['1','2','3']}}, []))
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
479
1382
87143c3d7156 really fix [SF#663235], and test it
Richard Jones <richard@users.sourceforge.net>
parents: 1381
diff changeset
480 def testMultilinkAddNew(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
481 self.assertEqual(self.parseForm({':add:nosy': ['2','3']}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
482 ({('issue', None): {'nosy': ['2','3']}}, []))
1382
87143c3d7156 really fix [SF#663235], and test it
Richard Jones <richard@users.sourceforge.net>
parents: 1381
diff changeset
483
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
484 def testMultilinkRemove(self):
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
485 nodeid = self.db.issue.create(nosy=['1','2'])
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
486 # do nothing
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
487 self.assertEqual(self.parseForm({':remove:nosy': ''}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
488 ({('issue', nodeid): {}}, []))
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
489
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
490 # do something ;)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
491 self.assertEqual(self.parseForm({':remove:nosy': '1'}, 'issue',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
492 nodeid), ({('issue', nodeid): {'nosy': ['2']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
493 self.assertEqual(self.parseForm({':remove:nosy': 'admin,2'},
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
494 'issue', nodeid), ({('issue', nodeid): {'nosy': []}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
495 self.assertEqual(self.parseForm({':remove:nosy': ['1','2']},
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
496 'issue', nodeid), ({('issue', nodeid): {'nosy': []}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
497
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
498 # add and remove
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
499 self.assertEqual(self.parseForm({':add:nosy': ['3'],
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
500 ':remove:nosy': ['1','2']},
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
501 'issue', nodeid), ({('issue', nodeid): {'nosy': ['3']}}, []))
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
502
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
503 # remove one that doesn't exist?
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
504 self.assertRaises(FormError, self.parseForm, {':remove:nosy': '4'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
505 'issue', nodeid)
1381
944bd3c6d365 more cgi form parsing tests, and a fix for an outstanding couple of bugs
Richard Jones <richard@users.sourceforge.net>
parents: 1380
diff changeset
506
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
507 def testMultilinkRetired(self):
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
508 self.db.user.retire('2')
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
509 self.assertEqual(self.parseForm({'nosy': ['2','3']}, 'issue'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
510 ({('issue', None): {'nosy': ['2','3']}}, []))
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
511 nodeid = self.db.issue.create(nosy=['1','2'])
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
512 self.assertEqual(self.parseForm({':remove:nosy': '2'}, 'issue',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
513 nodeid), ({('issue', nodeid): {'nosy': ['1']}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
514 self.assertEqual(self.parseForm({':add:nosy': '3'}, 'issue', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
515 ({('issue', nodeid): {'nosy': ['1','2','3']}}, []))
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
516
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
517 def testAddRemoveNonexistant(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
518 self.assertRaises(FormError, self.parseForm, {':remove:foo': '2'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
519 'issue')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
520 self.assertRaises(FormError, self.parseForm, {':add:foo': '2'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
521 'issue')
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
522
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
523 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
524 # Password
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
525 #
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
526 def testEmptyPassword(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
527 self.assertEqual(self.parseForm({'password': ''}, 'user'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
528 ({('user', None): {}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
529 self.assertEqual(self.parseForm({'password': ''}, 'user'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
530 ({('user', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
531 self.assertRaises(FormError, self.parseForm, {'password': ['', '']},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
532 'user')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
533 self.assertRaises(FormError, self.parseForm, {'password': 'foo',
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
534 ':confirm:password': ['', '']}, 'user')
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
535
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
536 def testSetPassword(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
537 self.assertEqual(self.parseForm({'password': 'foo',
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
538 ':confirm:password': 'foo'}, 'user'),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
539 ({('user', None): {'password': 'foo'}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
540
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
541 def testSetPasswordConfirmBad(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
542 self.assertRaises(FormError, self.parseForm, {'password': 'foo'},
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
543 'user')
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
544 self.assertRaises(FormError, self.parseForm, {'password': 'foo',
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
545 ':confirm:password': 'bar'}, 'user')
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
546
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
547 def testEmptyPasswordNotSet(self):
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
548 nodeid = self.db.user.create(username='1',
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
549 password=password.Password('foo'))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
550 self.assertEqual(self.parseForm({'password': ''}, 'user', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
551 ({('user', nodeid): {}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
552 nodeid = self.db.user.create(username='2',
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
553 password=password.Password('foo'))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
554 self.assertEqual(self.parseForm({'password': '',
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
555 ':confirm:password': ''}, 'user', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
556 ({('user', nodeid): {}}, []))
1380
4ce6820c18fa fixes to CGI form handling (NEEDS BACKPORTING TO 0.5)
Richard Jones <richard@users.sourceforge.net>
parents: 1377
diff changeset
557
5721
abb9fdb02228 Mark the failing test I deactivated as xfail to make it easier for
John Rouillard <rouilj@ieee.org>
parents: 5720
diff changeset
558 def testPasswordMigration(self):
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
559 chef = self.db.user.lookup('Chef')
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
560 form = dict(__login_name='Chef', __login_password='foo')
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
561 cl = self._make_client(form)
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
562 # assume that the "best" algorithm is the first one and doesn't
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
563 # need migration, all others should be migrated.
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
564 cl.db.config.WEB_LOGIN_ATTEMPTS_MIN = 200
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
565 cl.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 10000
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
566 # The third item always fails. Regardless of what is there.
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
567 # ['plaintext', 'SHA', 'crypt', 'MD5']:
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
568 print(password.Password.deprecated_schemes)
4485
95aace124a8e use idea from Eli Collins to use a list of deprecated password encoding schemes
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4484
diff changeset
569 for scheme in password.Password.deprecated_schemes:
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
570 print(scheme)
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
571 cl.db.Otk = self.db.Otk
4684
8453c0d4acbe windows: Fix another failing test due to missing 'crypt'
anatoly techtonik <techtonik@gmail.com>
parents: 4683
diff changeset
572 if scheme == 'crypt' and os.name == 'nt':
8453c0d4acbe windows: Fix another failing test due to missing 'crypt'
anatoly techtonik <techtonik@gmail.com>
parents: 4683
diff changeset
573 continue # crypt is not available on Windows
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
574 pw1 = password.Password('foo', scheme=scheme)
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
575 print(pw1)
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
576 self.assertEqual(pw1.needs_migration(config=cl.db.config), True)
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
577 self.db.user.set(chef, password=pw1)
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
578 self.db.commit()
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
579 actions.LoginAction(cl).handle()
7164
5487882ff17a Fix test failure when run alone.
John Rouillard <rouilj@ieee.org>
parents: 7160
diff changeset
580 pw = cl.db.user.get(chef, 'password')
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
581 print(pw)
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
582 self.assertEqual(pw, 'foo')
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
583 self.assertEqual(pw.needs_migration(config=cl.db.config), False)
7164
5487882ff17a Fix test failure when run alone.
John Rouillard <rouilj@ieee.org>
parents: 7160
diff changeset
584 cl.db.Otk = self.db.Otk
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
585 pw1 = pw
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
586 self.assertEqual(pw1.needs_migration(config=cl.db.config), False)
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
587 scheme = password.Password.known_schemes[0]
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
588 self.assertEqual(scheme, pw1.scheme)
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
589 actions.LoginAction(cl).handle()
7164
5487882ff17a Fix test failure when run alone.
John Rouillard <rouilj@ieee.org>
parents: 7160
diff changeset
590 pw = cl.db.user.get(chef, 'password')
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
591 self.assertEqual(pw, 'foo')
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
592 self.assertEqual(pw, pw1)
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
593
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
594 # migrate if rounds has increased above rounds was 10000
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
595 # below will be 100000
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
596 cl.db.Otk = self.db.Otk
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
597 pw1 = pw
7184
8b2287d850c8 Fix round check/settings in needs_migration
John Rouillard <rouilj@ieee.org>
parents: 7166
diff changeset
598 # do not use the production number of PBKDF2
8b2287d850c8 Fix round check/settings in needs_migration
John Rouillard <rouilj@ieee.org>
parents: 7166
diff changeset
599 os.environ["PYTEST_USE_CONFIG"] = "True"
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
600 cl.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 100000
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
601 self.assertEqual(pw1.needs_migration(config=cl.db.config), True)
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
602 scheme = password.Password.known_schemes[0]
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
603 self.assertEqual(scheme, pw1.scheme)
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
604 actions.LoginAction(cl).handle()
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
605 pw = cl.db.user.get(chef, 'password')
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
606 self.assertEqual(pw, 'foo')
7184
8b2287d850c8 Fix round check/settings in needs_migration
John Rouillard <rouilj@ieee.org>
parents: 7166
diff changeset
607 del(os.environ["PYTEST_USE_CONFIG"])
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
608 # do not assert self.assertEqual(pw, pw1) as pw is a 100,000
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
609 # cycle while pw1 is only 10,000. They won't compare equally.
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
610
4685
61e922a93112 windows: Fix cgi tests by explicitly closing db opened by test client
anatoly techtonik <techtonik@gmail.com>
parents: 4684
diff changeset
611 cl.db.close()
4484
52e13bf0bb40 Add new config-option 'migrate_passwords' in section 'web'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4446
diff changeset
612
4486
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
613 def testPasswordConfigOption(self):
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
614 chef = self.db.user.lookup('Chef')
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
615 form = dict(__login_name='Chef', __login_password='foo')
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
616 cl = self._make_client(form)
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
617 self.db.config.PASSWORD_PBKDF2_DEFAULT_ROUNDS = 1000
4683
2f66d44616ad windows: Fix failing password tests due to missing crypt module
anatoly techtonik <techtonik@gmail.com>
parents: 4624
diff changeset
618 pw1 = password.Password('foo', scheme='MD5')
7166
1549c7e74ef8 issue2551251 - migrate pbkdf2 passwords ... test fixes and doc update
John Rouillard <rouilj@ieee.org>
parents: 7164
diff changeset
619 self.assertEqual(pw1.needs_migration(config=cl.db.config), True)
4486
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
620 self.db.user.set(chef, password=pw1)
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
621 self.db.commit()
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
622 actions.LoginAction(cl).handle()
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
623 pw = self.db.user.get(chef, 'password')
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
624 self.assertEqual('PBKDF2', pw.scheme)
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
625 self.assertEqual(1000, password.pbkdf2_unpack(pw.password)[0])
4685
61e922a93112 windows: Fix cgi tests by explicitly closing db opened by test client
anatoly techtonik <techtonik@gmail.com>
parents: 4684
diff changeset
626 cl.db.close()
4486
693c75d56ebe Add new config-option 'password_pbkdf2_default_rounds'...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4485
diff changeset
627
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
628 #
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
629 # Boolean
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
630 #
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
631 def testEmptyBoolean(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
632 self.assertEqual(self.parseForm({'boolean': ''}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
633 ({('test', None): {}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
634 self.assertEqual(self.parseForm({'boolean': ' '}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
635 ({('test', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
636 self.assertRaises(FormError, self.parseForm, {'boolean': ['', '']})
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
637
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
638 def testSetBoolean(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
639 self.assertEqual(self.parseForm({'boolean': 'yes'}),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
640 ({('test', None): {'boolean': 1}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
641 self.assertEqual(self.parseForm({'boolean': 'a\r\nb\r\n'}),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
642 ({('test', None): {'boolean': 0}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
643 nodeid = self.db.test.create(boolean=1)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
644 self.assertEqual(self.parseForm({'boolean': 'yes'}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
645 ({('test', nodeid): {}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
646 nodeid = self.db.test.create(boolean=0)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
647 self.assertEqual(self.parseForm({'boolean': 'no'}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
648 ({('test', nodeid): {}}, []))
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
649
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
650 def testEmptyBooleanSet(self):
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
651 nodeid = self.db.test.create(boolean=0)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
652 self.assertEqual(self.parseForm({'boolean': ''}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
653 ({('test', nodeid): {'boolean': None}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
654 nodeid = self.db.test.create(boolean=1)
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
655 self.assertEqual(self.parseForm({'boolean': ' '}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
656 ({('test', nodeid): {'boolean': None}}, []))
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
657
3777
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
658 def testRequiredBoolean(self):
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
659 self.assertRaises(FormError, self.parseForm, {'boolean': '',
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
660 ':required': 'boolean'})
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
661 try:
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
662 self.parseForm({'boolean': 'no', ':required': 'boolean'})
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
663 except FormError:
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
664 self.fail('boolean "no" raised "required missing"')
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
665
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
666 #
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
667 # Number
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
668 #
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
669 def testEmptyNumber(self):
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
670 self.assertEqual(self.parseForm({'number': ''}),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
671 ({('test', None): {}}, []))
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
672 self.assertEqual(self.parseForm({'number': ' '}),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
673 ({('test', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
674 self.assertRaises(FormError, self.parseForm, {'number': ['', '']})
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
675
1562
b975da59cd11 handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents: 1525
diff changeset
676 def testInvalidNumber(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
677 self.assertRaises(FormError, self.parseForm, {'number': 'hi, mum!'})
1562
b975da59cd11 handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents: 1525
diff changeset
678
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
679 def testSetNumber(self):
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
680 self.assertEqual(self.parseForm({'number': '1'}),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
681 ({('test', None): {'number': 1}}, []))
3491
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
682 self.assertEqual(self.parseForm({'number': '0'}),
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
683 ({('test', None): {'number': 0}}, []))
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
684 self.assertEqual(self.parseForm({'number': '\n0\n'}),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
685 ({('test', None): {'number': 0}}, []))
3491
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
686
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
687 def testSetNumberReplaceOne(self):
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
688 nodeid = self.db.test.create(number=1)
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
689 self.assertEqual(self.parseForm({'number': '1'}, 'test', nodeid),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
690 ({('test', nodeid): {}}, []))
3491
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
691 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid),
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
692 ({('test', nodeid): {'number': 0}}, []))
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
693
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
694 def testSetNumberReplaceZero(self):
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
695 nodeid = self.db.test.create(number=0)
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
696 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
697 ({('test', nodeid): {}}, []))
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
698
3491
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
699 def testSetNumberReplaceNone(self):
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
700 nodeid = self.db.test.create()
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
701 self.assertEqual(self.parseForm({'number': '0'}, 'test', nodeid),
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
702 ({('test', nodeid): {'number': 0}}, []))
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
703 self.assertEqual(self.parseForm({'number': '1'}, 'test', nodeid),
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
704 ({('test', nodeid): {'number': 1}}, []))
0e5f15520e70 fix detection of "missing" existing values in CGI form parser [SF#1414149]
Richard Jones <richard@users.sourceforge.net>
parents: 2929
diff changeset
705
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
706 def testEmptyNumberSet(self):
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
707 nodeid = self.db.test.create(number=0)
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
708 self.assertEqual(self.parseForm({'number': ''}, 'test', nodeid),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
709 ({('test', nodeid): {'number': None}}, []))
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
710 nodeid = self.db.test.create(number=1)
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
711 self.assertEqual(self.parseForm({'number': ' '}, 'test', nodeid),
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
712 ({('test', nodeid): {'number': None}}, []))
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
713
3777
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
714 def testRequiredNumber(self):
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
715 self.assertRaises(FormError, self.parseForm, {'number': '',
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
716 ':required': 'number'})
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
717 try:
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
718 self.parseForm({'number': '0', ':required': 'number'})
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
719 except FormError:
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
720 self.fail('number "no" raised "required missing"')
74aebbbea305 Sorry for the mega-patch - was all done on the train:
Richard Jones <richard@users.sourceforge.net>
parents: 3656
diff changeset
721
1525
c006e8166f81 added tests for Number cgi editing
Richard Jones <richard@users.sourceforge.net>
parents: 1483
diff changeset
722 #
5067
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
723 # Integer
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
724 #
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
725 def testEmptyInteger(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
726 self.assertEqual(self.parseForm({'intval': ''}),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
727 ({('test', None): {}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
728 self.assertEqual(self.parseForm({'intval': ' '}),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
729 ({('test', None): {}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
730 self.assertRaises(FormError, self.parseForm, {'intval': ['', '']})
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
731
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
732 def testInvalidInteger(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
733 self.assertRaises(FormError, self.parseForm, {'intval': 'hi, mum!'})
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
734
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
735 def testSetInteger(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
736 self.assertEqual(self.parseForm({'intval': '1'}),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
737 ({('test', None): {'intval': 1}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
738 self.assertEqual(self.parseForm({'intval': '0'}),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
739 ({('test', None): {'intval': 0}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
740 self.assertEqual(self.parseForm({'intval': '\n0\n'}),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
741 ({('test', None): {'intval': 0}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
742
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
743 def testSetIntegerReplaceOne(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
744 nodeid = self.db.test.create(intval=1)
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
745 self.assertEqual(self.parseForm({'intval': '1'}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
746 ({('test', nodeid): {}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
747 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
748 ({('test', nodeid): {'intval': 0}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
749
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
750 def testSetIntegerReplaceZero(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
751 nodeid = self.db.test.create(intval=0)
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
752 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
753 ({('test', nodeid): {}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
754
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
755 def testSetIntegerReplaceNone(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
756 nodeid = self.db.test.create()
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
757 self.assertEqual(self.parseForm({'intval': '0'}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
758 ({('test', nodeid): {'intval': 0}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
759 self.assertEqual(self.parseForm({'intval': '1'}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
760 ({('test', nodeid): {'intval': 1}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
761
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
762 def testEmptyIntegerSet(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
763 nodeid = self.db.test.create(intval=0)
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
764 self.assertEqual(self.parseForm({'intval': ''}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
765 ({('test', nodeid): {'intval': None}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
766 nodeid = self.db.test.create(intval=1)
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
767 self.assertEqual(self.parseForm({'intval': ' '}, 'test', nodeid),
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
768 ({('test', nodeid): {'intval': None}}, []))
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
769
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
770 def testRequiredInteger(self):
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
771 self.assertRaises(FormError, self.parseForm, {'intval': '',
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
772 ':required': 'intval'})
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
773 try:
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
774 self.parseForm({'intval': '0', ':required': 'intval'})
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
775 except FormError:
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
776 self.fail('intval "no" raised "required missing"')
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
777
e424987d294a Add support for an integer type to join the existing number type.
John Rouillard <rouilj@ieee.org>
parents: 5065
diff changeset
778 #
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
779 # Date
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
780 #
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
781 def testEmptyDate(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
782 self.assertEqual(self.parseForm({'date': ''}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
783 ({('test', None): {}}, []))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
784 self.assertEqual(self.parseForm({'date': ' '}),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
785 ({('test', None): {}}, []))
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
786 self.assertRaises(FormError, self.parseForm, {'date': ['', '']})
1385
2bd4822f96a6 - more fixes to CGI form handling
Richard Jones <richard@users.sourceforge.net>
parents: 1382
diff changeset
787
1562
b975da59cd11 handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents: 1525
diff changeset
788 def testInvalidDate(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
789 self.assertRaises(FormError, self.parseForm, {'date': '12'})
1562
b975da59cd11 handle invalid data input in forms better
Richard Jones <richard@users.sourceforge.net>
parents: 1525
diff changeset
790
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
791 def testSetDate(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
792 self.assertEqual(self.parseForm({'date': '2003-01-01'}),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
793 ({('test', None): {'date': date.Date('2003-01-01')}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
794 nodeid = self.db.test.create(date=date.Date('2003-01-01'))
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
795 self.assertEqual(self.parseForm({'date': '2003-01-01'}, 'test',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
796 nodeid), ({('test', nodeid): {}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
797
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
798 def testEmptyDateSet(self):
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
799 nodeid = self.db.test.create(date=date.Date('.'))
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
800 self.assertEqual(self.parseForm({'date': ''}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
801 ({('test', nodeid): {'date': None}}, []))
1393
71928bf79302 more CGI fixes and tests
Richard Jones <richard@users.sourceforge.net>
parents: 1385
diff changeset
802 nodeid = self.db.test.create(date=date.Date('1970-01-01.00:00:00'))
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
803 self.assertEqual(self.parseForm({'date': ' '}, 'test', nodeid),
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
804 ({('test', nodeid): {'date': None}}, []))
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
805
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
806 #
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
807 # Test multiple items in form
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
808 #
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
809 def testMultiple(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
810 self.assertEqual(self.parseForm({'string': 'a', 'issue-1@title': 'b'}),
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
811 ({('test', None): {'string': 'a'},
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
812 ('issue', '-1'): {'title': 'b'}
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
813 }, []))
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
814
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
815 def testMultipleExistingContext(self):
1420
3ac43c62a250 implemented extension to form parsing...
Richard Jones <richard@users.sourceforge.net>
parents: 1393
diff changeset
816 nodeid = self.db.test.create()
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
817 self.assertEqual(self.parseForm({'string': 'a', 'issue-1@title': 'b'},
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
818 'test', nodeid),({('test', nodeid): {'string': 'a'},
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
819 ('issue', '-1'): {'title': 'b'}}, []))
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
820
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
821 def testLinking(self):
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
822 self.assertEqual(self.parseForm({
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
823 'string': 'a',
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
824 'issue-1@add@nosy': '1',
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
825 'issue-2@link@superseder': 'issue-1',
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
826 }),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
827 ({('test', None): {'string': 'a'},
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
828 ('issue', '-1'): {'nosy': ['1']},
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
829 },
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
830 [('issue', '-2', 'superseder', [('issue', '-1')])
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
831 ]
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
832 )
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
833 )
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
834
3982
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
835 def testMessages(self):
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
836 self.assertEqual(self.parseForm({
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
837 'msg-1@content': 'asdf',
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
838 'msg-2@content': 'qwer',
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
839 '@link@messages': 'msg-1, msg-2'}),
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
840 ({('test', None): {},
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
841 ('msg', '-2'): {'content': 'qwer'},
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
842 ('msg', '-1'): {'content': 'asdf'}},
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
843 [('test', None, 'messages', [('msg', '-1'), ('msg', '-2')])]
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
844 )
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
845 )
efcea2fe69be add new test for multiple message creation
Richard Jones <richard@users.sourceforge.net>
parents: 3980
diff changeset
846
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
847 def testLinkBadDesignator(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
848 self.assertRaises(FormError, self.parseForm,
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
849 {'test-1@link@link': 'blah'})
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
850 self.assertRaises(FormError, self.parseForm,
1438
13c42b803101 Better handling of the form variable labels.
Richard Jones <richard@users.sourceforge.net>
parents: 1431
diff changeset
851 {'test-1@link@link': 'issue'})
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
852
1446
8ce33ce262a4 fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents: 1438
diff changeset
853 def testLinkNotLink(self):
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
854 self.assertRaises(FormError, self.parseForm,
1446
8ce33ce262a4 fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents: 1438
diff changeset
855 {'test-1@link@boolean': 'issue-1'})
1819
e24cebaaa7e8 Use FormError.
Johannes Gijsbers <jlgijsbers@users.sourceforge.net>
parents: 1797
diff changeset
856 self.assertRaises(FormError, self.parseForm,
1446
8ce33ce262a4 fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents: 1438
diff changeset
857 {'test-1@link@string': 'issue-1'})
8ce33ce262a4 fix property type check, and dont create items that have no properties
Richard Jones <richard@users.sourceforge.net>
parents: 1438
diff changeset
858
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
859 def testBackwardsCompat(self):
1431
c70068162e64 Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents: 1425
diff changeset
860 res = self.parseForm({':note': 'spam'}, 'issue')
c70068162e64 Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents: 1425
diff changeset
861 date = res[0][('msg', '-1')]['date']
c70068162e64 Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents: 1425
diff changeset
862 self.assertEqual(res, ({('issue', None): {}, ('msg', '-1'):
c70068162e64 Altered Class.create() and FileClass.create() methods...
Richard Jones <richard@users.sourceforge.net>
parents: 1425
diff changeset
863 {'content': 'spam', 'author': '1', 'date': date}},
1425
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
864 [('issue', None, 'messages', [('msg', '-1')])]))
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
865 file = FileUpload('foo', 'foo.txt')
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
866 self.assertEqual(self.parseForm({':file': file}, 'issue'),
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
867 ({('issue', None): {}, ('file', '-1'): {'content': 'foo',
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
868 'name': 'foo.txt', 'type': 'text/plain'}},
58ce2c1614cd new form handling complete
Richard Jones <richard@users.sourceforge.net>
parents: 1420
diff changeset
869 [('issue', None, 'files', [('file', '-1')])]))
1377
9ddb3ab23a3f start of CGI form handling tests
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
870
6382
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
871 def testErrorForBadTemplate(self):
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
872 form = {}
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
873 cl = self.setupClient(form, 'issue', '1', template="broken",
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
874 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'})
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
875 out = []
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
876
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
877 out = cl.renderContext()
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
878
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
879 self.assertEqual(out, '<strong>No template file exists for templating "issue" with template "broken" (neither "issue.broken" nor "_generic.broken")</strong>')
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
880 self.assertEqual(cl.response_code, 400)
b35a50d02890 Fix issue2551129 - Template not found return 500 and traceback
John Rouillard <rouilj@ieee.org>
parents: 6366
diff changeset
881
5166
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
882 def testFormValuePreserveOnError(self):
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
883 page_template = """
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
884 <html>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
885 <body>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
886 <p tal:condition="options/error_message|nothing"
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
887 tal:repeat="m options/error_message"
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
888 tal:content="structure m"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
889 <p tal:content="context/title/plain"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
890 <p tal:content="context/priority/plain"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
891 <p tal:content="context/status/plain"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
892 <p tal:content="context/nosy/plain"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
893 <p tal:content="context/keyword/plain"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
894 <p tal:content="structure context/superseder/field"/>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
895 </body>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
896 </html>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
897 """.strip ()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
898 self.db.keyword.create (name = 'key1')
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
899 self.db.keyword.create (name = 'key2')
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
900 nodeid = self.db.issue.create (title = 'Title', priority = '1',
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
901 status = '1', nosy = ['1'], keyword = ['1'])
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
902 self.db.commit ()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
903 form = {':note': 'msg-content', 'title': 'New title',
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
904 'priority': '2', 'status': '2', 'nosy': '1,2', 'keyword': '',
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
905 'superseder': '5000', ':action': 'edit'}
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
906 cl = self.setupClient(form, 'issue', '1',
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
907 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'})
5166
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
908 pt = RoundupPageTemplate()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
909 pt.pt_edit(page_template, 'text/html')
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
910 out = []
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
911 def wh(s):
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
912 out.append(s)
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
913 cl.write_html = wh
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
914 # Enable the following if we get a templating error:
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
915 #def send_error (*args, **kw):
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
916 # import pdb; pdb.set_trace()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
917 #cl.send_error_to_admin = send_error
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
918 # Need to rollback the database on error -- this usually happens
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
919 # in web-interface (and for other databases) anyway, need it for
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
920 # testing that the form values are really used, not the database!
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
921 # We do this together with the setup of the easy template above
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
922 def load_template(x):
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
923 cl.db.rollback()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
924 return pt
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
925 cl.instance.templates.load = load_template
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
926 cl.selectTemplate = MockNull()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
927 cl.determine_context = MockNull ()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
928 def hasPermission(s, p, classname=None, d=None, e=None, **kw):
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
929 return True
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
930 actions.Action.hasPermission = hasPermission
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
931 e1 = _HTMLItem.is_edit_ok
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
932 _HTMLItem.is_edit_ok = lambda x : True
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
933 e2 = HTMLProperty.is_edit_ok
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
934 HTMLProperty.is_edit_ok = lambda x : True
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
935 cl.inner_main()
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
936 _HTMLItem.is_edit_ok = e1
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
937 HTMLProperty.is_edit_ok = e2
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
938 self.assertEqual(len(out), 1)
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
939 self.assertEqual(out [0].strip (), """
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
940 <html>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
941 <body>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
942 <p>Edit Error: issue has no node 5000</p>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
943 <p>New title</p>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
944 <p>urgent</p>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
945 <p>deferred</p>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
946 <p>admin, anonymous</p>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
947 <p></p>
5485
b0359a7c5b6d create input elements with attributes in a defined (sorted) order
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5484
diff changeset
948 <p><input name="superseder" size="30" type="text" value="5000"></p>
5166
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
949 </body>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
950 </html>
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
951 """.strip ())
232c74973a56 issue1408570: fix that form values are lost
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5162
diff changeset
952
5519
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
953 def testXMLTemplate(self):
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
954 page_template = """<?xml version="1.0" encoding="UTF-8"?><feed xmlns="http://www.w3.org/2005/Atom" xmlns:tal="http://xml.zope.org/namespaces/tal" xmlns:metal="http://xml.zope.org/namespaces/metal"></feed>"""
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
955 pt = RoundupPageTemplate()
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
956 pt.pt_edit(page_template, 'application/xml')
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
957
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
958 cl = self.setupClient({ }, 'issue',
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
959 env_addon = {'HTTP_REFERER': 'http://whoami.com/path/'})
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
960 out = pt.render(cl, 'issue', MockNull())
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
961 self.assertEqual(out, '<?xml version="1.0" encoding="UTF-8"?><feed\n xmlns="http://www.w3.org/2005/Atom"/>\n')
5519
14a61eabcea8 Fixed unicode issues for XML template with Python 2
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5515
diff changeset
962
5924
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
963 def testHttpProxyStrip(self):
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
964 os.environ['HTTP_PROXY'] = 'http://bad.news/here/'
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
965 cl = self.setupClient({ }, 'issue',
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
966 env_addon = {'HTTP_PROXY': 'http://bad.news/here/'})
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
967 out = []
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
968 def wh(s):
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
969 out.append(s)
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
970 cl.write_html = wh
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
971 cl.main()
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
972 self.assertFalse('HTTP_PROXY' in cl.env)
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
973 self.assertFalse('HTTP_PROXY' in os.environ)
b40059d7036f issue2550925 strip HTTP_PROXY environment variable
John Rouillard <rouilj@ieee.org>
parents: 5847
diff changeset
974
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
975 def testCsrfProtection(self):
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
976 # need to set SENDMAILDEBUG to prevent
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
977 # downstream issue when email is sent on successful
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
978 # issue creation. Also delete the file afterwards
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
979 # just to make sure that some other test looking for
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
980 # SENDMAILDEBUG won't trip over ours.
5381
0942fe89e82e Python 3 preparation: change "x.has_key(y)" to "y in x".
Joseph Myers <jsm@polyomino.org.uk>
parents: 5376
diff changeset
981 if 'SENDMAILDEBUG' not in os.environ:
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
982 os.environ['SENDMAILDEBUG'] = 'mail-test1.log'
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
983 SENDMAILDEBUG = os.environ['SENDMAILDEBUG']
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
984
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
985 page_template = """
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
986 <html>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
987 <body>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
988 <p tal:condition="options/error_message|nothing"
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
989 tal:repeat="m options/error_message"
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
990 tal:content="structure m"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
991 <p tal:content="context/title/plain"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
992 <p tal:content="context/priority/plain"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
993 <p tal:content="context/status/plain"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
994 <p tal:content="context/nosy/plain"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
995 <p tal:content="context/keyword/plain"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
996 <p tal:content="structure context/superseder/field"/>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
997 </body>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
998 </html>
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
999 """.strip ()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1000 self.db.keyword.create (name = 'key1')
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1001 self.db.keyword.create (name = 'key2')
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1002 nodeid = self.db.issue.create (title = 'Title', priority = '1',
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1003 status = '1', nosy = ['1'], keyword = ['1'])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1004 self.db.commit ()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1005 form = {':note': 'msg-content', 'title': 'New title',
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1006 'priority': '2', 'status': '2', 'nosy': '1,2', 'keyword': '',
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1007 ':action': 'edit'}
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1008 cl = self.setupClient(form, 'issue', '1')
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1009 pt = RoundupPageTemplate()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1010 pt.pt_edit(page_template, 'text/html')
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1011 out = []
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1012 def wh(s):
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1013 out.append(s)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1014 cl.write_html = wh
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1015 # Enable the following if we get a templating error:
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1016 #def send_error (*args, **kw):
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1017 # import pdb; pdb.set_trace()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1018 #cl.send_error_to_admin = send_error
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1019 # Need to rollback the database on error -- this usually happens
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1020 # in web-interface (and for other databases) anyway, need it for
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1021 # testing that the form values are really used, not the database!
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1022 # We do this together with the setup of the easy template above
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1023 def load_template(x):
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1024 cl.db.rollback()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1025 return pt
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1026 cl.instance.templates.load = load_template
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1027 cl.selectTemplate = MockNull()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1028 cl.determine_context = MockNull ()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1029 def hasPermission(s, p, classname=None, d=None, e=None, **kw):
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1030 return True
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1031 actions.Action.hasPermission = hasPermission
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1032 e1 = _HTMLItem.is_edit_ok
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1033 _HTMLItem.is_edit_ok = lambda x : True
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1034 e2 = HTMLProperty.is_edit_ok
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1035 HTMLProperty.is_edit_ok = lambda x : True
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1036
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1037 # test with no headers. Default config requires that 1 header
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1038 # is present and passes checks.
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1039 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1040 match_at=out[0].find('Unable to verify sufficient headers')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1041 print("result of subtest 1:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1042 self.assertNotEqual(match_at, -1)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1043 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1044
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1045 # all the rest of these allow at least one header to pass
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1046 # and the edit happens with a redirect back to issue 1
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1047 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/'
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1048 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1049 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1050 print("result of subtest 2:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1051 self.assertEqual(match_at, 0)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1052 del(cl.env['HTTP_REFERER'])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1053 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1054
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1055 cl.env['HTTP_ORIGIN'] = 'http://whoami.com'
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1056 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1057 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1058 print("result of subtest 3:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1059 self.assertEqual(match_at, 0)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1060 del(cl.env['HTTP_ORIGIN'])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1061 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1062
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1063 cl.env['HTTP_X_FORWARDED_HOST'] = 'whoami.com'
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1064 # if there is an X-FORWARDED-HOST header it is used and
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1065 # HOST header is ignored. X-FORWARDED-HOST should only be
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1066 # passed/set by a proxy. In this case the HOST header is
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1067 # the proxy's name for the web server and not the name
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1068 # thatis exposed to the world.
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1069 cl.env['HTTP_HOST'] = 'frontend1.whoami.net'
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1070 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1071 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1072 print("result of subtest 4:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1073 self.assertNotEqual(match_at, -1)
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1074 del(cl.env['HTTP_X_FORWARDED_HOST'])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1075 del(cl.env['HTTP_HOST'])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1076 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1077
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1078 cl.env['HTTP_HOST'] = 'whoami.com'
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1079 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1080 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1081 print("result of subtest 5:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1082 self.assertEqual(match_at, 0)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1083 del(cl.env['HTTP_HOST'])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1084 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1085
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1086 # try failing headers
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1087 cl.env['HTTP_X_FORWARDED_HOST'] = 'whoami.net'
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1088 # this raises an error as the header check passes and
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1089 # it did the edit and tries to send mail.
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1090 cl.inner_main()
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1091 match_at=out[0].find('Invalid X-FORWARDED-HOST whoami.net')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1092 print("result of subtest 6:", out[0])
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1093 self.assertNotEqual(match_at, -1)
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1094 del(cl.env['HTTP_X_FORWARDED_HOST'])
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1095 del(out[0])
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1096
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1097 # header checks succeed
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1098 # check nonce handling.
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1099 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/'
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1100
5220
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1101 # roundup will report a missing token.
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1102 cl.db.config['WEB_CSRF_ENFORCE_TOKEN'] = 'required'
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1103 cl.inner_main()
5847
26cd8e8bbed3 Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents: 5814
diff changeset
1104 match_at=out[0].find("<p>We can't validate your session (csrf failure). Re-enter any unsaved data and try again.</p>")
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1105 print("result of subtest 6a:", out[0], match_at)
5220
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1106 self.assertEqual(match_at, 33)
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1107 del(out[0])
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1108 cl.db.config['WEB_CSRF_ENFORCE_TOKEN'] = 'yes'
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1109
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1110 form2 = copy.copy(form)
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1111 form2.update({'@csrf': 'booogus'})
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1112 # add a bogus csrf field to the form and rerun the inner_main
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
1113 cl.form = db_test_base.makeForm(form2)
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1114
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1115 cl.inner_main()
5847
26cd8e8bbed3 Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents: 5814
diff changeset
1116 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.")
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1117 print("result of subtest 7:", out[0])
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1118 self.assertEqual(match_at, 36)
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1119 del(out[0])
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1120
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1121 form2 = copy.copy(form)
5488
52cb53eedf77 reworked random number use
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5485
diff changeset
1122 nonce = anti_csrf_nonce(cl)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1123 # verify that we can see the nonce
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1124 otks = cl.db.getOTKManager()
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1125 isitthere = otks.exists(nonce)
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1126 print("result of subtest 8:", isitthere)
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1127 print("otks: user, session", otks.get(nonce, 'uid', default=None),
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1128 otks.get(nonce, 'session', default=None))
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1129 self.assertEqual(isitthere, True)
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1130
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1131 form2.update({'@csrf': nonce})
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1132 # add a real csrf field to the form and rerun the inner_main
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
1133 cl.form = db_test_base.makeForm(form2)
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1134 cl.inner_main()
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1135 # csrf passes and redirects to the new issue.
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1136 match_at=out[0].find('Redirecting to <a href="http://whoami.com/path/issue1?@ok_message')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1137 print("result of subtest 9:", out[0])
5203
9f490cc0effe Also rename test to testCsrfProtection
John Rouillard <rouilj@ieee.org>
parents: 5201
diff changeset
1138 self.assertEqual(match_at, 0)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1139 del(out[0])
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1140
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1141 # try a replay attack
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1142 cl.inner_main()
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1143 # This should fail as token was wiped by last run.
5847
26cd8e8bbed3 Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents: 5814
diff changeset
1144 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.")
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1145 print("replay of csrf after post use", out[0])
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1146 print("result of subtest 10:", out[0])
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1147 self.assertEqual(match_at, 36)
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1148 del(out[0])
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1149
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1150 # make sure that a get deletes the csrf.
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1151 cl.env['REQUEST_METHOD'] = 'GET'
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1152 cl.env['HTTP_REFERER'] = 'http://whoami.com/path/'
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1153 form2 = copy.copy(form)
5488
52cb53eedf77 reworked random number use
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5485
diff changeset
1154 nonce = anti_csrf_nonce(cl)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1155 form2.update({'@csrf': nonce})
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1156 # add a real csrf field to the form and rerun the inner_main
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
1157 cl.form = db_test_base.makeForm(form2)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1158 cl.inner_main()
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1159 # csrf passes but fail creating new issue because not a post
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1160 match_at=out[0].find('<p>Invalid request</p>')
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1161 print("result of subtest 11:", out[0])
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1162 self.assertEqual(match_at, 33)
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1163 del(out[0])
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1164
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1165 # the token should be gone
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1166 isitthere = otks.exists(nonce)
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1167 print("result of subtest 12:", isitthere)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1168 self.assertEqual(isitthere, False)
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1169
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1170 # change to post and should fail w/ invalid csrf
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1171 # since get deleted the token.
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1172 cl.env.update({'REQUEST_METHOD': 'POST'})
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1173 print(cl.env)
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1174 cl.inner_main()
5847
26cd8e8bbed3 Change microcopy for missing csrf to follow mismatched csrf. Fix tests.
John Rouillard <rouilj@ieee.org>
parents: 5814
diff changeset
1175 match_at=out[0].find("We can't validate your session (csrf failure). Re-enter any unsaved data and try again.")
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1176 print("post failure after get", out[0])
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1177 print("result of subtest 13:", out[0])
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1178 self.assertEqual(match_at, 36)
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1179 del(out[0])
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1180
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1181 del(cl.env['HTTP_REFERER'])
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1182
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1183 # test by setting allowed api origins to *
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1184 # this should not redirect as it is not an API call.
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1185 cl.db.config.WEB_ALLOWED_API_ORIGINS = " * "
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1186 cl.env['HTTP_ORIGIN'] = 'https://baz.edu'
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1187 cl.inner_main()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1188 match_at=out[0].find('Invalid Origin https://baz.edu')
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1189 print("result of subtest invalid origin:", out[0])
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1190 self.assertEqual(match_at, 36)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1191 del(cl.env['HTTP_ORIGIN'])
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1192 cl.db.config.WEB_ALLOWED_API_ORIGINS = ""
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1193 del(out[0])
6693
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1194
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1195 # test by setting allowed api origins to *
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1196 # this should not redirect as it is not an API call.
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1197 cl.db.config.WEB_ALLOWED_API_ORIGINS = " * "
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1198 cl.env['HTTP_ORIGIN'] = 'http://whoami.com'
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1199 cl.env['HTTP_REFERER'] = 'https://baz.edu/path/'
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1200 cl.inner_main()
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1201 match_at=out[0].find('Invalid Referer: https://baz.edu/path/')
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1202 print("result of subtest invalid referer:", out[0])
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1203 self.assertEqual(match_at, 36)
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1204 del(cl.env['HTTP_ORIGIN'])
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1205 del(cl.env['HTTP_REFERER'])
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1206 cl.db.config.WEB_ALLOWED_API_ORIGINS = ""
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1207 del(out[0])
5210
7da56980754d Remove csrf keys used with get
John Rouillard <rouilj@ieee.org>
parents: 5208
diff changeset
1208
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1209 # clean up from email log
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1210 if os.path.exists(SENDMAILDEBUG):
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1211 os.remove(SENDMAILDEBUG)
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1212 #raise ValueError
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
1213
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1214 def testRestOriginValidationCredentials(self):
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1215 import json
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1216 # set the password for admin so we can log in.
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1217 passwd=password.Password('admin')
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1218 self.db.user.set('1', password=passwd)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1219
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1220 out = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1221 def wh(s):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1222 out.append(s)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1223
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1224 # rest has no form content
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1225 form = cgi.FieldStorage()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1226 # origin set to allowed value
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1227 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1228 {'REQUEST_METHOD':'GET',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1229 'PATH_INFO':'rest/data/issue',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1230 'HTTP_ORIGIN': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1231 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1232 'HTTP_REFERER': 'http://whoami.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1233 'HTTP_ACCEPT': "application/json;version=1",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1234 'HTTP_X_REQUESTED_WITH': 'rest',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1235 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1236 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1237 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1238 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1239 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1240 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1241 h = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1242 'content-type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1243 'accept': 'application/json;version=1',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1244 'origin': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1245 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1246 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1247
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1248 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1249
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1250 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1251 print(b2s(out[0]))
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1252 expected="""
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1253 {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1254 "data": {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1255 "collection": [],
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1256 "@total_size": 0
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1257 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1258 }"""
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1259
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1260 self.assertEqual(json.loads(b2s(out[0])),json.loads(expected))
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1261 self.assertIn('Access-Control-Allow-Credentials',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1262 cl.additional_headers)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1263 self.assertEqual(
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1264 cl.additional_headers['Access-Control-Allow-Credentials'],
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1265 'true'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1266 )
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1267 self.assertEqual(
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1268 cl.additional_headers['Access-Control-Allow-Origin'],
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1269 'http://whoami.com'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1270 )
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1271 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1272
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1273
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1274 # Origin not set. AKA same origin GET request.
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1275 # Should be like valid origin.
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1276 # Because of HTTP_X_REQUESTED_WITH header it should be
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1277 # preflighted.
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1278 cl = client.Client(self.instance, None,
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1279 {'REQUEST_METHOD':'GET',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1280 'PATH_INFO':'rest/data/issue',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1281 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1282 'HTTP_REFERER': 'http://whoami.com/path/',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1283 'HTTP_ACCEPT': "application/json;version=1",
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1284 'HTTP_X_REQUESTED_WITH': 'rest',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1285 }, form)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1286 cl.db = self.db
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1287 cl.base = 'http://whoami.com/path/'
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1288 cl._socket_op = lambda *x : True
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1289 cl._error_message = []
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1290 cl.request = MockNull()
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1291 h = { 'content-type': 'application/json',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1292 'accept': 'application/json' }
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1293 cl.request.headers = MockNull(**h)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1294
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1295 cl.write = wh # capture output
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1296
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1297 # Should return explanation because content type is text/plain
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1298 # and not text/xml
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1299 cl.handle_rest()
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1300 self.assertIn('Access-Control-Allow-Credentials',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1301 cl.additional_headers)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1302
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1303 self.assertEqual(json.loads(b2s(out[0])),json.loads(expected))
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1304 del(out[0])
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1305
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1306 cl = client.Client(self.instance, None,
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1307 {'REQUEST_METHOD':'OPTIONS',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1308 'HTTP_ORIGIN': 'http://invalid.com',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1309 'PATH_INFO':'rest/data/issue',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1310 'Access-Control-Request-Headers': 'Authorization',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1311 'Access-Control-Request-Method': 'GET',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1312 }, form)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1313 cl.db = self.db
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1314 cl.base = 'http://whoami.com/path/'
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1315 cl._socket_op = lambda *x : True
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1316 cl._error_message = []
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1317 cl.request = MockNull()
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1318 h = { 'content-type': 'application/json',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1319 'accept': 'application/json',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1320 'access-control-request-headers': 'Authorization',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1321 'access-control-request-method': 'GET',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1322 }
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1323 cl.request.headers = MockNull(**h)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1324
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1325 cl.write = wh # capture output
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1326
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1327 # Should return explanation because content type is text/plain
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1328 # and not text/xml
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1329 cl.handle_rest()
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1330 self.assertNotIn('Access-Control-Allow-Credentials',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1331 cl.additional_headers)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1332
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1333 self.assertNotIn('Access-Control-Allow-Origin',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1334 cl.additional_headers
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1335 )
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1336
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1337 self.assertEqual(cl.response_code, 400)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1338 del(out[0])
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1339
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1340 # origin not set to allowed value
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1341 # prevents authenticated request like this from
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1342 # being shared with the requestor because
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1343 # Access-Control-Allow-Credentials is not
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1344 # set in response
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1345 cl.db.config.WEB_ALLOWED_API_ORIGINS = " * "
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1346 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1347 {'REQUEST_METHOD':'GET',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1348 'PATH_INFO':'rest/data/issue',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1349 'HTTP_ORIGIN': 'http://invalid.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1350 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1351 'HTTP_REFERER': 'http://invalid.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1352 'HTTP_ACCEPT': "application/json;version=1",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1353 'HTTP_X_REQUESTED_WITH': 'rest',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1354 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1355 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1356 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1357 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1358 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1359 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1360 h = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1361 'content-type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1362 'accept': 'application/json;version=1',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1363 'origin': 'http://invalid.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1364 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1365 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1366
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1367 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1368 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1369 self.assertEqual(json.loads(b2s(out[0])),
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1370 json.loads(expected)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1371 )
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1372 self.assertNotIn('Access-Control-Allow-Credentials',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1373 cl.additional_headers)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1374 self.assertIn('Access-Control-Allow-Origin',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1375 cl.additional_headers)
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1376 self.assertEqual(
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1377 h['origin'],
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1378 cl.additional_headers['Access-Control-Allow-Origin']
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1379 )
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1380
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1381 self.assertIn('Content-Length', cl.additional_headers)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1382 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1383
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1384
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1385 # CORS Same rules as for invalid origin
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1386 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1387 {'REQUEST_METHOD':'GET',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1388 'PATH_INFO':'rest/data/issue',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1389 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1390 'HTTP_REFERER': 'http://whoami.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1391 'HTTP_ACCEPT': "application/json;version=1",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1392 'HTTP_X_REQUESTED_WITH': 'rest',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1393 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1394 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1395 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1396 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1397 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1398 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1399 h = { 'content-type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1400 'accept': 'application/json' }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1401 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1402
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1403 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1404
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1405 # Should return explanation because content type is text/plain
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1406 # and not text/xml
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1407 cl.handle_rest()
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1408 self.assertIn('Access-Control-Allow-Credentials',
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1409 cl.additional_headers)
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1410
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1411 self.assertEqual(json.loads(b2s(out[0])),json.loads(expected))
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1412 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1413
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1414 # origin set to special "null" value. Same rules as for
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1415 # invalid origin
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1416 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1417 {'REQUEST_METHOD':'GET',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1418 'PATH_INFO':'rest/data/issue',
7155
89a59e46b3af improve REST interface security
John Rouillard <rouilj@ieee.org>
parents: 7154
diff changeset
1419 'HTTP_ORIGIN': 'null',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1420 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1421 'HTTP_REFERER': 'http://whoami.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1422 'HTTP_ACCEPT': "application/json;version=1",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1423 'HTTP_X_REQUESTED_WITH': 'rest',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1424 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1425 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1426 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1427 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1428 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1429 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1430 h = { 'content-type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1431 'accept': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1432 'origin': 'null' }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1433 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1434
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1435 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1436
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1437 # Should return explanation because content type is text/plain
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1438 # and not text/xml
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1439 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1440 self.assertNotIn('Access-Control-Allow-Credentials', cl.additional_headers)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1441
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1442 self.assertEqual(json.loads(b2s(out[0])),json.loads(expected))
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1443 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1444
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1445
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1446 def testRestOptionsBadAttribute(self):
7154
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1447 import json
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1448 out = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1449 def wh(s):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1450 out.append(s)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1451
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1452 # rest has no form content
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1453 form = cgi.FieldStorage()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1454 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1455 {'REQUEST_METHOD':'OPTIONS',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1456 'HTTP_ORIGIN': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1457 'PATH_INFO':'rest/data/user/1/zot',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1458 'HTTP_REFERER': 'http://whoami.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1459 'content-type': ""
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1460 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1461 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1462 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1463 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1464 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1465 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1466 h = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1467 'origin': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1468 'access-control-request-headers': 'x-requested-with',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1469 'access-control-request-method': 'GET',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1470 'referer': 'http://whoami.com/path',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1471 'content-type': "",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1472 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1473 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1474
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1475 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1476 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1477
7154
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1478 _py3 = sys.version_info[0] > 2
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1479
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1480 expected_headers = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1481 'Access-Control-Allow-Credentials': 'true',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1482 'Access-Control-Allow-Headers': 'Content-Type, Authorization, '
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1483 'X-Requested-With, X-HTTP-Method-Override',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1484 'Access-Control-Allow-Methods': 'HEAD, OPTIONS, GET, POST, PUT, DELETE, PATCH',
7160
ed63b6d35838 Add 'Access-Control-Expose-Headers' to a couple of tests.
John Rouillard <rouilj@ieee.org>
parents: 7155
diff changeset
1485 'Access-Control-Expose-Headers': 'X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Limit-Period, Retry-After, Sunset, Allow',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1486 'Access-Control-Allow-Origin': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1487 'Access-Control-Max-Age': '86400',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1488 'Allow': 'OPTIONS, GET, POST, PUT, DELETE, PATCH',
7154
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1489 # string representation under python2 has an extra space.
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1490 'Content-Length': '104' if _py3 else '105',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1491 'Content-Type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1492 'Vary': 'Origin'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1493 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1494
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1495 expected_body = b'{\n "error": {\n "status": 404,\n "msg": "Attribute zot not valid for Class user"\n }\n}\n'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1496
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1497 self.assertEqual(cl.response_code, 404)
7154
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1498 # json payload string representation differs. Compare as objects.
f614176903d0 fix test; string for json object has extra space under python2.
John Rouillard <rouilj@ieee.org>
parents: 7153
diff changeset
1499 self.assertEqual(json.loads(b2s(out[0])), json.loads(expected_body))
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1500 self.assertEqual(cl.additional_headers, expected_headers)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1501
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1502 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1503
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1504
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1505 def testRestOptionsRequestGood(self):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1506 import json
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1507 out = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1508 def wh(s):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1509 out.append(s)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1510
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1511 # OPTIONS/CORS preflight has no credentials
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1512 # rest has no form content
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1513 form = cgi.FieldStorage()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1514 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1515 {'REQUEST_METHOD':'OPTIONS',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1516 'HTTP_ORIGIN': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1517 'PATH_INFO':'rest/data/issue',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1518 'HTTP_REFERER': 'http://whoami.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1519 'Access-Control-Request-Headers': 'Authorization',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1520 'Access-Control-Request-Method': 'POST',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1521 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1522 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1523 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1524 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1525 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1526 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1527 h = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1528 'origin': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1529 'access-control-request-headers': 'Authorization',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1530 'access-control-request-method': 'POST',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1531 'referer': 'http://whoami.com/path',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1532 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1533 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1534
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1535 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1536 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1537 self.assertEqual(out[0], '') # 204 options returns no data
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1538
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1539 expected_headers = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1540 'Access-Control-Allow-Credentials': 'true',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1541 'Access-Control-Allow-Headers': 'Content-Type, Authorization, '
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1542 'X-Requested-With, X-HTTP-Method-Override',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1543 'Access-Control-Allow-Methods': 'OPTIONS, GET, POST',
7160
ed63b6d35838 Add 'Access-Control-Expose-Headers' to a couple of tests.
John Rouillard <rouilj@ieee.org>
parents: 7155
diff changeset
1544 'Access-Control-Expose-Headers': 'X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Reset, X-RateLimit-Limit-Period, Retry-After, Sunset, Allow',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1545 'Access-Control-Allow-Origin': 'http://whoami.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1546 'Access-Control-Max-Age': '86400',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1547 'Allow': 'OPTIONS, GET, POST',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1548 'Content-Type': 'application/json',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1549 'Vary': 'Origin'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1550 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1551
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1552 self.assertEqual(cl.additional_headers, expected_headers)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1553
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1554
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1555 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1556
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1557 def testRestOptionsRequestBad(self):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1558 import json
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1559
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1560 out = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1561 def wh(s):
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1562 out.append(s)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1563
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1564 # OPTIONS/CORS preflight has no credentials
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1565 # rest has no form content
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1566 form = cgi.FieldStorage()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1567 cl = client.Client(self.instance, None,
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1568 {'REQUEST_METHOD':'OPTIONS',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1569 'HTTP_ORIGIN': 'http://invalid.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1570 'PATH_INFO':'rest/data/issue',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1571 'HTTP_REFERER':
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1572 'http://invalid.com/path/',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1573 'Access-Control-Request-Headers': 'Authorization',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1574 'Access-Control-Request-Method': 'POST',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1575 }, form)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1576 cl.db = self.db
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1577 cl.base = 'http://whoami.com/path/'
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1578 cl._socket_op = lambda *x : True
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1579 cl._error_message = []
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1580 cl.request = MockNull()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1581 h = {
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1582 'origin': 'http://invalid.com',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1583 'access-control-request-headers': 'Authorization',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1584 'access-control-request-method': 'POST',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1585 'referer': 'http://invalid.com/path',
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1586 }
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1587 cl.request.headers = MockNull(**h)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1588
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1589 cl.write = wh # capture output
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1590 cl.handle_rest()
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1591
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1592 self.assertEqual(cl.response_code, 400)
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1593
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1594 del(out[0])
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1595
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1596 def testRestCsrfProtection(self):
5700
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1597 import json
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1598 # set the password for admin so we can log in.
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1599 passwd=password.Password('admin')
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1600 self.db.user.set('1', password=passwd)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1601
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1602 out = []
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1603 def wh(s):
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1604 out.append(s)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1605
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1606 # rest has no form content
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1607 form = cgi.FieldStorage()
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1608 form.list = [
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1609 cgi.MiniFieldStorage('title', 'A new issue'),
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1610 cgi.MiniFieldStorage('status', '1'),
5700
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1611 cgi.MiniFieldStorage('@pretty', 'false'),
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1612 cgi.MiniFieldStorage('@apiver', '1'),
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1613 ]
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1614 cl = client.Client(self.instance, None,
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1615 {'REQUEST_METHOD':'POST',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1616 'PATH_INFO':'rest/data/issue',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1617 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1618 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1619 'HTTP_REFERER': 'http://whoami.com/path/',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1620 'HTTP_ACCEPT': "application/json;version=1"
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1621 }, form)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1622 cl.db = self.db
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1623 cl.base = 'http://whoami.com/path/'
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1624 cl._socket_op = lambda *x : True
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1625 cl._error_message = []
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1626 cl.request = MockNull()
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1627 h = { 'content-type': 'application/json',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1628 'accept': 'application/json;version=1' }
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1629 cl.request.headers = MockNull(**h)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1630
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1631 cl.write = wh # capture output
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1632
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1633 # Should return explanation because content type is text/plain
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1634 # and not text/xml
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1635 cl.handle_rest()
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1636 self.assertEqual(b2s(out[0]), '{ "error": { "status": 400, '
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1637 '"msg": "Required Header Missing" } }')
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1638 del(out[0])
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1639
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1640 cl = client.Client(self.instance, None,
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1641 {'REQUEST_METHOD':'POST',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1642 'PATH_INFO':'rest/data/issue',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1643 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1644 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1645 'HTTP_REFERER': 'http://whoami.com/path/',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1646 'HTTP_X_REQUESTED_WITH': 'rest',
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1647 'HTTP_ACCEPT': "application/json;version=1",
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1648 'HTTP_ORIGIN': 'http://whoami.com',
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1649 }, form)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1650 cl.db = self.db
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1651 cl.base = 'http://whoami.com/path/'
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1652 cl._socket_op = lambda *x : True
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1653 cl._error_message = []
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1654 cl.request = MockNull()
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1655 h = { 'content-type': 'application/json',
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1656 'accept': 'application/json;version=1' }
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1657 cl.request.headers = MockNull(**h)
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1658
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1659 cl.write = wh # capture output
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1660
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1661 # Should work as all required headers are present.
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1662 cl.handle_rest()
5700
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1663 answer='{"data": {"link": "http://tracker.example/cgi-bin/roundup.cgi/bugs/rest/data/issue/1", "id": "1"}}\n'
5703
92c1864d5dd2 Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents: 5700
diff changeset
1664 # check length to see if pretty is turned off.
92c1864d5dd2 Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents: 5700
diff changeset
1665 self.assertEqual(len(out[0]), 99)
92c1864d5dd2 Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents: 5700
diff changeset
1666
92c1864d5dd2 Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents: 5700
diff changeset
1667 # compare as dicts not strings due to different key ordering
92c1864d5dd2 Add test for @pretty=false format change.
John Rouillard <rouilj@ieee.org>
parents: 5700
diff changeset
1668 # between python versions.
5700
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1669 response=json.loads(b2s(out[0]))
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1670 expected=json.loads(answer)
f90a534cb112 Change output comparison from strings to comparison on python
John Rouillard <rouilj@ieee.org>
parents: 5699
diff changeset
1671 self.assertEqual(response,expected)
5699
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1672 del(out[0])
b1ab8bd18e79 Adding tests for csrf protection for rest. Also test disabling of
John Rouillard <rouilj@ieee.org>
parents: 5652
diff changeset
1673
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1674
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1675 # rest has no form content
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1676 cl.db.config.WEB_ALLOWED_API_ORIGINS = "https://bar.edu http://bar.edu"
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1677 form = cgi.FieldStorage()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1678 form.list = [
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1679 cgi.MiniFieldStorage('title', 'A new issue'),
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1680 cgi.MiniFieldStorage('status', '1'),
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1681 cgi.MiniFieldStorage('@pretty', 'false'),
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1682 cgi.MiniFieldStorage('@apiver', '1'),
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1683 ]
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1684 cl = client.Client(self.instance, None,
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1685 {'REQUEST_METHOD':'POST',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1686 'PATH_INFO':'rest/data/issue',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1687 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1688 'HTTP_ORIGIN': 'https://bar.edu',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1689 'HTTP_X_REQUESTED_WITH': 'rest',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1690 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1691 'HTTP_REFERER': 'http://whoami.com/path/',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1692 'HTTP_ACCEPT': "application/json;version=1"
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1693 }, form)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1694 cl.db = self.db
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1695 cl.base = 'http://whoami.com/path/'
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1696 cl._socket_op = lambda *x : True
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1697 cl._error_message = []
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1698 cl.request = MockNull()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1699 h = { 'content-type': 'application/json',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1700 'accept': 'application/json' }
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1701 cl.request.headers = MockNull(**h)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1702
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1703 cl.write = wh # capture output
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1704
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1705 # Should return explanation because content type is text/plain
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1706 # and not text/xml
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1707 cl.handle_rest()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1708 answer='{"data": {"link": "http://tracker.example/cgi-bin/roundup.cgi/bugs/rest/data/issue/2", "id": "2"}}\n'
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1709 # check length to see if pretty is turned off.
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1710 self.assertEqual(len(out[0]), 99)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1711
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1712 # compare as dicts not strings due to different key ordering
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1713 # between python versions.
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1714 response=json.loads(b2s(out[0]))
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1715 expected=json.loads(answer)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1716 self.assertEqual(response,expected)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1717 del(out[0])
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1718
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1719 #####
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1720 cl = client.Client(self.instance, None,
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1721 {'REQUEST_METHOD':'POST',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1722 'PATH_INFO':'rest/data/issue',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1723 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1724 'HTTP_ORIGIN': 'httxs://bar.edu',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1725 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1726 'HTTP_REFERER': 'http://whoami.com/path/',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1727 'HTTP_ACCEPT': "application/json;version=1"
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1728 }, form)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1729 cl.db = self.db
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1730 cl.base = 'http://whoami.com/path/'
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1731 cl._socket_op = lambda *x : True
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1732 cl._error_message = []
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1733 cl.request = MockNull()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1734 h = { 'content-type': 'application/json',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1735 'accept': 'application/json' }
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1736 cl.request.headers = MockNull(**h)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1737
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1738 cl.write = wh # capture output
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1739
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1740 # Should return explanation because content type is text/plain
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1741 # and not text/xml
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1742 cl.handle_rest()
7153
1181157d7cec Refactor rejecting requests; update tests, xfail test
John Rouillard <rouilj@ieee.org>
parents: 6693
diff changeset
1743 self.assertEqual(b2s(out[0]), '{ "error": { "status": 400, "msg": "Client is not allowed to use Rest Interface." } }')
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1744 del(out[0])
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1745
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1746
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1747 cl.db.config.WEB_ALLOWED_API_ORIGINS = " * "
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1748 cl = client.Client(self.instance, None,
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1749 {'REQUEST_METHOD':'POST',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1750 'PATH_INFO':'rest/data/issue',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1751 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1752 'HTTP_ORIGIN': 'httxs://bar.edu',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1753 'HTTP_X_REQUESTED_WITH': 'rest',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1754 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
6693
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1755 'HTTP_REFERER': 'httxp://bar.edu/path/',
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1756 'HTTP_ACCEPT': "application/json;version=1"
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1757 }, form)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1758 cl.db = self.db
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1759 cl.base = 'http://whoami.com/path/'
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1760 cl._socket_op = lambda *x : True
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1761 cl._error_message = []
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1762 cl.request = MockNull()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1763 h = { 'content-type': 'application/json',
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1764 'accept': 'application/json' }
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1765 cl.request.headers = MockNull(**h)
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1766
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1767 cl.write = wh # capture output
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1768
6693
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1769 # create fourth issue
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1770 cl.handle_rest()
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1771 self.assertIn('"id": "3"', b2s(out[0]))
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1772 del(out[0])
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
1773
6693
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1774 cl.db.config.WEB_ALLOWED_API_ORIGINS = "httxs://bar.foo.edu httxs://bar.edu"
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1775 for referer in [ 'httxs://bar.edu/path/foo',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1776 'httxs://bar.edu/path/foo?g=zz',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1777 'httxs://bar.edu']:
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1778 cl = client.Client(self.instance, None,
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1779 {'REQUEST_METHOD':'POST',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1780 'PATH_INFO':'rest/data/issue',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1781 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1782 'HTTP_ORIGIN': 'httxs://bar.edu',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1783 'HTTP_X_REQUESTED_WITH': 'rest',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1784 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1785 'HTTP_REFERER': referer,
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1786 'HTTP_ACCEPT': "application/json;version=1"
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1787 }, form)
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1788 cl.db = self.db
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1789 cl.base = 'http://whoami.com/path/'
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1790 cl._socket_op = lambda *x : True
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1791 cl._error_message = []
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1792 cl.request = MockNull()
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1793 h = { 'content-type': 'application/json',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1794 'accept': 'application/json' }
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1795 cl.request.headers = MockNull(**h)
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1796
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1797 cl.write = wh # capture output
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1798
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1799 # create fourth issue
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1800 cl.handle_rest()
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1801 self.assertIn('"id": "', b2s(out[0]))
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1802 del(out[0])
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1803
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1804 cl.db.config.WEB_ALLOWED_API_ORIGINS = "httxs://bar.foo.edu httxs://bar.edu"
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1805 cl = client.Client(self.instance, None,
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1806 {'REQUEST_METHOD':'POST',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1807 'PATH_INFO':'rest/data/issue',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1808 'CONTENT_TYPE': 'application/x-www-form-urlencoded',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1809 'HTTP_ORIGIN': 'httxs://bar.edu',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1810 'HTTP_X_REQUESTED_WITH': 'rest',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1811 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1812 'HTTP_REFERER': 'httxp://bar.edu/path/',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1813 'HTTP_ACCEPT': "application/json;version=1"
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1814 }, form)
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1815 cl.db = self.db
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1816 cl.base = 'http://whoami.com/path/'
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1817 cl._socket_op = lambda *x : True
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1818 cl._error_message = []
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1819 cl.request = MockNull()
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1820 h = { 'content-type': 'application/json',
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1821 'accept': 'application/json' }
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1822 cl.request.headers = MockNull(**h)
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1823
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1824 cl.write = wh # capture output
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1825
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1826 # create fourth issue
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1827 cl.handle_rest()
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1828 self.assertEqual(b2s(out[0]), '{ "error": { "status": 400, "msg": "Invalid Referer: httxp://bar.edu/path/"}}')
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1829 del(out[0])
9a1f5e496e6c issue2551203 - Add support for CORS preflight request
John Rouillard <rouilj@ieee.org>
parents: 6681
diff changeset
1830
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1831 def testXmlrpcCsrfProtection(self):
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1832 # set the password for admin so we can log in.
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1833 passwd=password.Password('admin')
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1834 self.db.user.set('1', password=passwd)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1835
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1836 out = []
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1837 def wh(s):
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1838 out.append(s)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1839
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1840 # xmlrpc has no form content
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1841 form = {}
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1842 cl = client.Client(self.instance, None,
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1843 {'REQUEST_METHOD':'POST',
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1844 'PATH_INFO':'xmlrpc',
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1845 'CONTENT_TYPE': 'text/plain',
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1846 'HTTP_AUTHORIZATION': 'Basic YWRtaW46YWRtaW4=',
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1847 'HTTP_REFERER': 'http://whoami.com/path/',
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1848 'HTTP_X_REQUESTED_WITH': "XMLHttpRequest"
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1849 }, form)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1850 cl.db = self.db
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1851 cl.base = 'http://whoami.com/path/'
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1852 cl._socket_op = lambda *x : True
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1853 cl._error_message = []
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1854 cl.request = MockNull()
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1855 cl.write = wh # capture output
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1856
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1857 # Should return explanation because content type is text/plain
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1858 # and not text/xml
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1859 cl.handle_xmlrpc()
6268
bdcccd2b2141 Replace http:....roundup-tracker.org with https.
John Rouillard <rouilj@ieee.org>
parents: 6190
diff changeset
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1861 del(out[0])
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1862
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1863 # Should return admin user indicating auth works and
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1864 # header checks succeed (REFERER and X-REQUESTED-WITH)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1865 cl.env['CONTENT_TYPE'] = "text/xml"
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1866 # ship the form with the value holding the xml value.
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1867 # I have no clue why this works but ....
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1868 cl.form = MockNull(file = True, value = "<?xml version='1.0'?>\n<methodCall>\n<methodName>display</methodName>\n<params>\n<param>\n<value><string>user1</string></value>\n</param>\n<param>\n<value><string>username</string></value>\n</param>\n</params>\n</methodCall>\n" )
5472
e903835f0822 expect bytes from XMLRPC tests
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5453
diff changeset
1869 answer = b"<?xml version='1.0'?>\n<methodResponse>\n<params>\n<param>\n<value><struct>\n<member>\n<name>username</name>\n<value><string>admin</string></value>\n</member>\n</struct></value>\n</param>\n</params>\n</methodResponse>\n"
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1870 cl.handle_xmlrpc()
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1871 print(out)
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1872 self.assertEqual(out[0], answer)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1873 del(out[0])
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1874
5220
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1875 # remove the X-REQUESTED-WITH header and get an xmlrpc fault returned
5624
b3618882f906 issue2551023: Fix CSRF headers for use with wsgi and cgi. The
John Rouillard <rouilj@ieee.org>
parents: 5614
diff changeset
1876 del(cl.env['HTTP_X_REQUESTED_WITH'])
5220
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1877 cl.handle_xmlrpc()
5513
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1878 frag_faultCode = "<member>\n<name>faultCode</name>\n<value><int>1</int></value>\n</member>\n"
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1879 frag_faultString = "<member>\n<name>faultString</name>\n<value><string>&lt;class 'roundup.exceptions.UsageError'&gt;:Required Header Missing</string></value>\n</member>\n"
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1880 output_fragments = ["<?xml version='1.0'?>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1881 "<methodResponse>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1882 "<fault>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1883 "<value><struct>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1884 (frag_faultCode + frag_faultString,
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1885 frag_faultString + frag_faultCode),
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1886 "</struct></value>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1887 "</fault>\n",
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1888 "</methodResponse>\n"]
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1889 print(out[0])
5513
19bd4b413ed6 be more lenient when comparing string results
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5488
diff changeset
1890 self.compareStringFragments(out[0], output_fragments)
5220
14d8f61e6ef2 Reimplemented anti-csrf measures by raising exceptions rather than
John Rouillard <rouilj@ieee.org>
parents: 5218
diff changeset
1891 del(out[0])
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1892
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1893 # change config to not require X-REQUESTED-WITH header
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1894 cl.db.config['WEB_CSRF_ENFORCE_HEADER_X-REQUESTED-WITH'] = 'logfailure'
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1895 cl.handle_xmlrpc()
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
1896 print(out)
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1897 self.assertEqual(out[0], answer)
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1898 del(out[0])
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
1899
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1900 #
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1901 # SECURITY
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1902 #
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1903 # XXX test all default permissions
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
1904 def _make_client(self, form, classname='user', nodeid='1',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
1905 userid='2', template='item'):
4088
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3982
diff changeset
1906 cl = client.Client(self.instance, None, {'PATH_INFO':'/',
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
1907 'REQUEST_METHOD':'POST'}, db_test_base.makeForm(form))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
1908 cl.classname = classname
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1909 if nodeid is not None:
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1910 cl.nodeid = nodeid
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1911 cl.db = self.db
7164
5487882ff17a Fix test failure when run alone.
John Rouillard <rouilj@ieee.org>
parents: 7160
diff changeset
1912 cl.db.Otk = cl.db.getOTKManager()
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1913 #cl.db.Otk = MockNull()
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1914 #cl.db.Otk.data = {}
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1915 #cl.db.Otk.getall = self.data_get
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1916 #cl.db.Otk.set = self.data_set
4112
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
1917 cl.userid = userid
3969
905faf52a51f fix mysql breakage in 1.4.2
Richard Jones <richard@users.sourceforge.net>
parents: 3930
diff changeset
1918 cl.language = ('en',)
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
1919 cl._error_message = []
5094
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
1920 cl._ok_message = []
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
1921 cl.template = template
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1922 return cl
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1923
5720
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1924 def data_get(self, key):
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1925 return self.db.Otk.data[key]
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1926
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1927 def data_set(self, key, **value):
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1928 self.db.Otk.data[key] = value
071625b5b7c0 Deactivate failing test till I can get somebody to look at it. I want
John Rouillard <rouilj@ieee.org>
parents: 5703
diff changeset
1929
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1930 def testClassPermission(self):
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1931 cl = self._make_client(dict(username='bob'))
5794
95a366d46065 Replace deprecated assertEquals with assertEqual and failUnlessRaises
John Rouillard <rouilj@ieee.org>
parents: 5786
diff changeset
1932 self.assertRaises(exceptions.Unauthorised,
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1933 actions.EditItemAction(cl).handle)
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1934 cl.nodeid = '1'
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1935 self.assertRaises(exceptions.Unauthorised,
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1936 actions.EditItemAction(cl).handle)
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1937
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1938 def testCheckAndPropertyPermission(self):
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1939 self.db.security.permissions = {}
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1940 def own_record(db, userid, itemid):
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1941 return userid == itemid
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1942 p = self.db.security.addPermission(name='Edit', klass='user',
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1943 check=own_record, properties=("password", ))
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1944 self.db.security.addPermissionToRole('User', p)
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1945
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1946 cl = self._make_client(dict(username='bob'))
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1947 self.assertRaises(exceptions.Unauthorised,
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1948 actions.EditItemAction(cl).handle)
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1949 cl = self._make_client(dict(roles='User,Admin'), userid='4', nodeid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1950 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1951 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1952 cl = self._make_client(dict(roles='User,Admin'), userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1953 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1954 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1955 cl = self._make_client(dict(roles='User,Admin'))
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1956 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1957 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1958 # working example, mary may change her pw
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1959 cl = self._make_client({'password':'ob', '@confirm@password':'ob'},
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1960 nodeid='4', userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1961 self.assertRaises(exceptions.Redirect,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1962 actions.EditItemAction(cl).handle)
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1963 cl = self._make_client({'password':'bob', '@confirm@password':'bob'})
5794
95a366d46065 Replace deprecated assertEquals with assertEqual and failUnlessRaises
John Rouillard <rouilj@ieee.org>
parents: 5786
diff changeset
1964 self.assertRaises(exceptions.Unauthorised,
3930
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1965 actions.EditItemAction(cl).handle)
1b84355e346a add tests for through-the-web permission checking
Richard Jones <richard@users.sourceforge.net>
parents: 3904
diff changeset
1966
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1967 def testCreatePermission(self):
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1968 # this checks if we properly differentiate between create and
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1969 # edit permissions
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1970 self.db.security.permissions = {}
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1971 self.db.security.addRole(name='UserAdd')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1972 # Don't allow roles
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1973 p = self.db.security.addPermission(name='Create', klass='user',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1974 properties=("username", "password", "address",
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1975 "alternate_address", "realname", "phone", "organisation",
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1976 "timezone"))
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1977 self.db.security.addPermissionToRole('UserAdd', p)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1978 # Don't allow roles *and* don't allow username
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1979 p = self.db.security.addPermission(name='Edit', klass='user',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1980 properties=("password", "address", "alternate_address",
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1981 "realname", "phone", "organisation", "timezone"))
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1982 self.db.security.addPermissionToRole('UserAdd', p)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1983 self.db.user.set('4', roles='UserAdd')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1984
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1985 # anonymous may not
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1986 cl = self._make_client({'username':'new_user', 'password':'secret',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1987 '@confirm@password':'secret', 'address':'new_user@bork.bork',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1988 'roles':'Admin'}, nodeid=None, userid='2')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1989 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1990 actions.NewItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1991 # Don't allow creating new user with roles
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1992 cl = self._make_client({'username':'new_user', 'password':'secret',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1993 '@confirm@password':'secret', 'address':'new_user@bork.bork',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1994 'roles':'Admin'}, nodeid=None, userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1995 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1996 actions.NewItemAction(cl).handle)
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
1997 self.assertEqual(cl._error_message,[])
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1998 # this should work
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
1999 cl = self._make_client({'username':'new_user', 'password':'secret',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2000 '@confirm@password':'secret', 'address':'new_user@bork.bork'},
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2001 nodeid=None, userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2002 self.assertRaises(exceptions.Redirect,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2003 actions.NewItemAction(cl).handle)
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
2004 self.assertEqual(cl._error_message,[])
4310
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2005 # don't allow changing (my own) username (in this example)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2006 cl = self._make_client(dict(username='new_user42'), userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2007 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2008 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2009 cl = self._make_client(dict(username='new_user42'), userid='4',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2010 nodeid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2011 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2012 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2013 # don't allow changing (my own) roles
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2014 cl = self._make_client(dict(roles='User,Admin'), userid='4',
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2015 nodeid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2016 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2017 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2018 cl = self._make_client(dict(roles='User,Admin'), userid='4')
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2019 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2020 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2021 cl = self._make_client(dict(roles='User,Admin'))
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2022 self.assertRaises(exceptions.Unauthorised,
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2023 actions.EditItemAction(cl).handle)
8e0d350ce644 Proper handling of 'Create' permissions in both mail gateway...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
2024
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2025 def testSearchPermission(self):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2026 # this checks if we properly check for search permissions
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2027 self.db.security.permissions = {}
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2028 self.db.security.addRole(name='User')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2029 self.db.security.addRole(name='Project')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2030 self.db.security.addPermissionToRole('User', 'Web Access')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2031 self.db.security.addPermissionToRole('Project', 'Web Access')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2032 # Allow viewing department
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2033 p = self.db.security.addPermission(name='View', klass='department')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2034 self.db.security.addPermissionToRole('User', p)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2035 # Allow viewing interesting things (but not department) on iss
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2036 # But users might only view issues where they are on nosy
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2037 # (so in the real world the check method would be better)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2038 p = self.db.security.addPermission(name='View', klass='iss',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2039 properties=("title", "status"), check=lambda x,y,z: True)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2040 self.db.security.addPermissionToRole('User', p)
4446
17f796a78647 fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
2041 # Allow all relevant roles access to stat
17f796a78647 fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
2042 p = self.db.security.addPermission(name='View', klass='stat')
17f796a78647 fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
2043 self.db.security.addPermissionToRole('User', p)
17f796a78647 fix broken tests by adding additional permissions...
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
2044 self.db.security.addPermissionToRole('Project', p)
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2045 # Allow role "Project" access to whole iss
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2046 p = self.db.security.addPermission(name='View', klass='iss')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2047 self.db.security.addPermissionToRole('Project', p)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2048
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2049 department = self.instance.backend.Class(self.db, "department",
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2050 name=hyperdb.String())
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2051 status = self.instance.backend.Class(self.db, "stat",
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2052 name=hyperdb.String())
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2053 issue = self.instance.backend.Class(self.db, "iss",
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2054 title=hyperdb.String(), status=hyperdb.Link('stat'),
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2055 department=hyperdb.Link('department'))
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2056
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2057 d1 = department.create(name='d1')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2058 d2 = department.create(name='d2')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2059 open = status.create(name='open')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2060 closed = status.create(name='closed')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2061 issue.create(title='i1', status=open, department=d2)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2062 issue.create(title='i2', status=open, department=d1)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2063 issue.create(title='i2', status=closed, department=d1)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2064
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2065 chef = self.db.user.lookup('Chef')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2066 mary = self.db.user.lookup('mary')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2067 self.db.user.set(chef, roles = 'User, Project')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2068
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2069 perm = self.db.security.hasPermission
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2070 search = self.db.security.hasSearchPermission
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2071 self.assertTrue(perm('View', chef, 'iss', 'department', '1'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2072 self.assertTrue(perm('View', chef, 'iss', 'department', '2'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2073 self.assertTrue(perm('View', chef, 'iss', 'department', '3'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2074 self.assertTrue(search(chef, 'iss', 'department'))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2075
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2076 self.assertTrue(not perm('View', mary, 'iss', 'department'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2077 self.assertTrue(perm('View', mary, 'iss', 'status'))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2078 # Conditionally allow view of whole iss (check is False here,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2079 # this might check for department owner in the real world)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2080 p = self.db.security.addPermission(name='View', klass='iss',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2081 check=lambda x,y,z: False)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2082 self.db.security.addPermissionToRole('User', p)
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2083 self.assertTrue(perm('View', mary, 'iss', 'department'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2084 self.assertTrue(not perm('View', mary, 'iss', 'department', '1'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2085 self.assertTrue(not search(mary, 'iss', 'department'))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2086
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2087 self.assertTrue(perm('View', mary, 'iss', 'status'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2088 self.assertTrue(not search(mary, 'iss', 'status'))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2089 # Allow user to search for iss.status
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2090 p = self.db.security.addPermission(name='Search', klass='iss',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2091 properties=("status",))
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2092 self.db.security.addPermissionToRole('User', p)
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2093 self.assertTrue(search(mary, 'iss', 'status'))
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2094
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2095 dep = {'@action':'search','columns':'id','@filter':'department',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2096 'department':'1'}
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2097 stat = {'@action':'search','columns':'id','@filter':'status',
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2098 'status':'1'}
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2099 depsort = {'@action':'search','columns':'id','@sort':'department'}
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2100 depgrp = {'@action':'search','columns':'id','@group':'department'}
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2101
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2102 # Filter on department ignored for role 'User':
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2103 cl = self._make_client(dep, classname='iss', nodeid=None, userid=mary,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2104 template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2105 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2106 self.assertEqual([x.id for x in h.batch()],['1', '2', '3'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2107 # Filter on department works for role 'Project':
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2108 cl = self._make_client(dep, classname='iss', nodeid=None, userid=chef,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2109 template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2110 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2111 self.assertEqual([x.id for x in h.batch()],['2', '3'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2112 # Filter on status works for all:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2113 cl = self._make_client(stat, classname='iss', nodeid=None, userid=mary,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2114 template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2115 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2116 self.assertEqual([x.id for x in h.batch()],['1', '2'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2117 cl = self._make_client(stat, classname='iss', nodeid=None, userid=chef,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2118 template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2119 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2120 self.assertEqual([x.id for x in h.batch()],['1', '2'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2121 # Sorting and grouping for class Project works:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2122 cl = self._make_client(depsort, classname='iss', nodeid=None,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2123 userid=chef, template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2124 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2125 self.assertEqual([x.id for x in h.batch()],['2', '3', '1'])
5094
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2126 self.assertEqual(cl._error_message, []) # test for empty _error_message when sort is valid
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2127 self.assertEqual(cl._ok_message, []) # test for empty _ok_message when sort is valid
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2128
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2129 # Test for correct _error_message for invalid sort/group properties
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2130 baddepsort = {'@action':'search','columns':'id','@sort':'dep'}
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2131 baddepgrp = {'@action':'search','columns':'id','@group':'dep'}
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2132 cl = self._make_client(baddepsort, classname='iss', nodeid=None,
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2133 userid=chef, template='index')
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2134 h = HTMLRequest(cl)
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2135 self.assertEqual(cl._error_message, ['Unknown sort property dep'])
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2136 cl = self._make_client(baddepgrp, classname='iss', nodeid=None,
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2137 userid=chef, template='index')
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2138 h = HTMLRequest(cl)
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2139 self.assertEqual(cl._error_message, ['Unknown group property dep'])
92d33d3125a0 Validate properties specified for sorting and grouping in index
John Rouillard <rouilj@ieee.org>
parents: 5067
diff changeset
2140
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2141 cl = self._make_client(depgrp, classname='iss', nodeid=None,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2142 userid=chef, template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2143 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2144 self.assertEqual([x.id for x in h.batch()],['2', '3', '1'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2145 # Sorting and grouping for class User fails:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2146 cl = self._make_client(depsort, classname='iss', nodeid=None,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2147 userid=mary, template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2148 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2149 self.assertEqual([x.id for x in h.batch()],['1', '2', '3'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2150 cl = self._make_client(depgrp, classname='iss', nodeid=None,
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2151 userid=mary, template='index')
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2152 h = HTMLRequest(cl)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2153 self.assertEqual([x.id for x in h.batch()],['1', '2', '3'])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4310
diff changeset
2154
5814
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2155 def testEditCSVKeyword(self):
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2156 form = dict(rows='id,name\n1,newkey')
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2157 cl = self._make_client(form, userid='1', classname='keyword')
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
2158 cl._ok_message = []
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2159 actions.EditCSVAction(cl).handle()
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
2160 self.assertEqual(cl._ok_message, ['Items edited OK'])
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2161 k = self.db.keyword.getnode('1')
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2162 self.assertEqual(k.name, 'newkey')
5484
ca8050fa5e78 fixed string encoding in test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5472
diff changeset
2163 form = dict(rows=u2s(u'id,name\n1,\xe4\xf6\xfc'))
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2164 cl = self._make_client(form, userid='1', classname='keyword')
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
2165 cl._ok_message = []
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2166 actions.EditCSVAction(cl).handle()
4880
ca692423e401 Different approach to fix XSS in issue2550817
Ralf Schlatterbeck <rsc@runtux.com>
parents: 4851
diff changeset
2167 self.assertEqual(cl._ok_message, ['Items edited OK'])
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2168 k = self.db.keyword.getnode('1')
5484
ca8050fa5e78 fixed string encoding in test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5472
diff changeset
2169 self.assertEqual(k.name, u2s(u'\xe4\xf6\xfc'))
6435
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2170 form = dict(rows='id,name\n1,newkey\n\n2,newerkey\n\n')
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2171 cl = self._make_client(form, userid='1', classname='keyword')
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2172 cl._ok_message = []
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2173 actions.EditCSVAction(cl).handle()
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2174 self.assertEqual(cl._ok_message, ['Items edited OK'])
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2175 k = self.db.keyword.getnode('1')
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2176 self.assertEqual(k.name, 'newkey')
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2177 k = self.db.keyword.getnode('2')
ada96db8ec62 Ignore blank lines when editing class via CSV
John Rouillard <rouilj@ieee.org>
parents: 6382
diff changeset
2178 self.assertEqual(k.name, 'newerkey')
4521
abd2db0a159a Fix StringIO issue2550713:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4486
diff changeset
2179
5814
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2180 def testEditCSVTest(self):
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2181
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2182 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,true,2019-02-10,2d,4,,,,3.4,pass,foo\n2,no,2017-02-10,1d,-9,1,,1,-2.4,poof,bar\n3,no,2017-02-10,1d,-9,2,,1:2,-2.4,ping,bar')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2183 cl = self._make_client(form, userid='1', classname='test')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2184 cl._ok_message = []
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2185 actions.EditCSVAction(cl).handle()
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2186 self.assertEqual(cl._ok_message, ['Items edited OK'])
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2187 t = self.db.test.getnode('1')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2188 self.assertEqual(t.string, 'foo')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2189 self.assertEqual(t['string'], 'foo')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2190 self.assertEqual(t.boolean, True)
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2191 t = self.db.test.getnode('3')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2192 self.assertEqual(t.multilink, [ "1", "2" ])
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2193
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2194 # now edit existing row and delete row
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2195 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,false,2019-03-10,1d,3,1,,1:2,2.2,pass,bar\n2,,,,,1,,1,,,bar')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2196 cl = self._make_client(form, userid='1', classname='test')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2197 cl._ok_message = []
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2198 actions.EditCSVAction(cl).handle()
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2199 self.assertEqual(cl._ok_message, ['Items edited OK'])
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2200 t = self.db.test.getnode('1')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2201 self.assertEqual(t.string, 'bar')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2202 self.assertEqual(t['string'], 'bar')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2203 self.assertEqual(t.boolean, False)
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2204 self.assertEqual(t.multilink, [ "1", "2" ])
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2205 self.assertEqual(t.link, "1")
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2206
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2207 t = self.db.test.getnode('3')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2208 self.assertTrue(t.cl.is_retired('3'))
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2209
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2210
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2211 def testEditCSVTestBadRow(self):
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2212 form = dict(rows='\nid,boolean,date,interval,intval,link,messages,multilink,number,pw,string\n1,2019-02-10,2d,4,,,,3.4,pass,foo')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2213 cl = self._make_client(form, userid='1', classname='test')
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2214 cl._ok_message = []
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2215 cl._error_message = []
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2216 actions.EditCSVAction(cl).handle()
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2217 print(cl._error_message)
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2218 self.assertEqual(cl._error_message, ['Not enough values on line 3'])
bd6d41f21a5a More extensive EditCSV testing.
John Rouillard <rouilj@ieee.org>
parents: 5805
diff changeset
2219
5515
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2220 def testEditCSVRestore(self):
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2221 form = dict(rows='id,name\n1,key1\n2,key2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2222 cl = self._make_client(form, userid='1', classname='keyword')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2223 cl._ok_message = []
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2224 actions.EditCSVAction(cl).handle()
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2225 self.assertEqual(cl._ok_message, ['Items edited OK'])
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2226 k = self.db.keyword.getnode('1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2227 self.assertEqual(k.name, 'key1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2228 k = self.db.keyword.getnode('2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2229 self.assertEqual(k.name, 'key2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2230
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2231 form = dict(rows='id,name\n1,key1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2232 cl = self._make_client(form, userid='1', classname='keyword')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2233 cl._ok_message = []
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2234 actions.EditCSVAction(cl).handle()
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2235 self.assertEqual(cl._ok_message, ['Items edited OK'])
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2236 k = self.db.keyword.getnode('1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2237 self.assertEqual(k.name, 'key1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2238 self.assertEqual(self.db.keyword.is_retired('2'), True)
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2239
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2240 form = dict(rows='id,name\n1,newkey1\n2,newkey2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2241 cl = self._make_client(form, userid='1', classname='keyword')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2242 cl._ok_message = []
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2243 actions.EditCSVAction(cl).handle()
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2244 self.assertEqual(cl._ok_message, ['Items edited OK'])
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2245 k = self.db.keyword.getnode('1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2246 self.assertEqual(k.name, 'newkey1')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2247 k = self.db.keyword.getnode('2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2248 self.assertEqual(k.name, 'newkey2')
cd0ceb2afdb8 fixed issue2550993 and added test case
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5513
diff changeset
2249
5976
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2250 def testRegisterActionDelay(self):
5973
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2251 from roundup.cgi.timestamp import pack_timestamp
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2252
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2253 # need to set SENDMAILDEBUG to prevent
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2254 # downstream issue when email is sent on successful
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2255 # issue creation. Also delete the file afterwards
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
2256 # just to make sure that some other test looking for
5973
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2257 # SENDMAILDEBUG won't trip over ours.
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2258 if 'SENDMAILDEBUG' not in os.environ:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2259 os.environ['SENDMAILDEBUG'] = 'mail-test1.log'
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2260 SENDMAILDEBUG = os.environ['SENDMAILDEBUG']
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2261
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2262 # missing opaqueregister
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2263 cl = self._make_client({'username':'new_user1', 'password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2264 '@confirm@password':'secret', 'address':'new_user@bork.bork'},
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2265 nodeid=None, userid='2')
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2266 with self.assertRaises(FormError) as cm:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2267 actions.RegisterAction(cl).handle()
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2268 self.assertEqual(cm.exception.args,
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2269 ('Form is corrupted, missing: opaqueregister.',))
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2270
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2271 # broken/invalid opaqueregister
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2272 # strings chosen to generate:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2273 # binascii.Error Incorrect padding
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2274 # struct.error requires a string argument of length 4
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2275 cl = self._make_client({'username':'new_user1',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2276 'password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2277 '@confirm@password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2278 'address':'new_user@bork.bork',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2279 'opaqueregister': 'zzz' },
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2280 nodeid=None, userid='2')
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2281 with self.assertRaises(FormError) as cm:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2282 actions.RegisterAction(cl).handle()
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2283 self.assertEqual(cm.exception.args, ('Form is corrupted.',))
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2284
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2285 cl = self._make_client({'username':'new_user1',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2286 'password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2287 '@confirm@password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2288 'address':'new_user@bork.bork',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2289 'opaqueregister': 'xyzzyzl=' },
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2290 nodeid=None, userid='2')
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2291 with self.assertRaises(FormError) as cm:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2292 actions.RegisterAction(cl).handle()
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2293 self.assertEqual(cm.exception.args, ('Form is corrupted.',))
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2294
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2295 # valid opaqueregister
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2296 cl = self._make_client({'username':'new_user1', 'password':'secret',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2297 '@confirm@password':'secret', 'address':'new_user@bork.bork',
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2298 'opaqueregister': pack_timestamp() },
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2299 nodeid=None, userid='2')
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2300 # submitted too fast, so raises error
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2301 with self.assertRaises(FormError) as cm:
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2302 actions.RegisterAction(cl).handle()
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2303 self.assertEqual(cm.exception.args,
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2304 ('Responding to form too quickly.',))
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2305
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2306 sleep(4.1) # sleep as requested so submit will take long enough
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2307 self.assertRaises(Redirect, actions.RegisterAction(cl).handle)
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2308
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2309 # FIXME check that email output makes sense at some point
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2310
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2311 # clean up from email log
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2312 if os.path.exists(SENDMAILDEBUG):
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2313 os.remove(SENDMAILDEBUG)
fe334430ca07 issue2550919 - Anti-bot signup using 4 second delay
John Rouillard <rouilj@ieee.org>
parents: 5924
diff changeset
2314
5976
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2315 def testRegisterActionUnusedUserCheck(self):
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2316 # need to set SENDMAILDEBUG to prevent
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2317 # downstream issue when email is sent on successful
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2318 # issue creation. Also delete the file afterwards
6681
ab2ed11c021e issue2551205: Add support for specifying valid origins for api: xmlrpc/rest
John Rouillard <rouilj@ieee.org>
parents: 6651
diff changeset
2319 # just to make sure that some other test looking for
5976
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2320 # SENDMAILDEBUG won't trip over ours.
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2321 if 'SENDMAILDEBUG' not in os.environ:
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2322 os.environ['SENDMAILDEBUG'] = 'mail-test1.log'
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2323 SENDMAILDEBUG = os.environ['SENDMAILDEBUG']
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2324
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2325 nodeid = self.db.user.create(username='iexist',
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2326 password=password.Password('foo'))
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2327
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2328 # enable check and remove delay time
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2329 self.db.config.WEB_REGISTRATION_PREVALIDATE_USERNAME = 1
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2330 self.db.config.WEB_REGISTRATION_DELAY = 0
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2331
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2332 # Make a request with existing user. Use iexist.
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2333 # do not need opaqueregister as we have disabled the delay check
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2334 cl = self._make_client({'username':'iexist', 'password':'secret',
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2335 '@confirm@password':'secret', 'address':'iexist@bork.bork'},
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2336 nodeid=None, userid='2')
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2337 with self.assertRaises(Reject) as cm:
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2338 actions.RegisterAction(cl).handle()
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2339 self.assertEqual(cm.exception.args,
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2340 ("Username 'iexist' is already used.",))
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2341
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2342 cl = self._make_client({'username':'i-do@not.exist',
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2343 'password':'secret',
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2344 '@confirm@password':'secret', 'address':'iexist@bork.bork'},
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2345 nodeid=None, userid='2')
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2346 self.assertRaises(Redirect, actions.RegisterAction(cl).handle)
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2347
5978
fefdf5f97c50 Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents: 5976
diff changeset
2348 # clean up from email log
fefdf5f97c50 Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents: 5976
diff changeset
2349 if os.path.exists(SENDMAILDEBUG):
fefdf5f97c50 Clean up SENDMAILDEBUG in test case.
John Rouillard <rouilj@ieee.org>
parents: 5976
diff changeset
2350 os.remove(SENDMAILDEBUG)
5976
71c68961d9f4 - issue2550920 - Optionally detect duplicate username at registration.
John Rouillard <rouilj@ieee.org>
parents: 5973
diff changeset
2351
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2352 def testserve_static_files(self):
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2353 # make a client instance
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2354 cl = self._make_client({})
6651
da6c9050a79e Fix modification of Cache_Control
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6601
diff changeset
2355 # Make local copy in cl to not modify value in class
da6c9050a79e Fix modification of Cache_Control
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6601
diff changeset
2356 cl.Cache_Control = copy.copy (cl.Cache_Control)
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2357
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2358 # hijack _serve_file so I can see what is found
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2359 output = []
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2360 def my_serve_file(a, b, c, d):
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2361 output.append((a,b,c,d))
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2362 cl._serve_file = my_serve_file
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2363
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2364 # check case where file is not found.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2365 self.assertRaises(NotFound,
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2366 cl.serve_static_file,"missing.css")
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2367
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2368 # TEMPLATES dir is searched by default. So this file exists.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2369 # Check the returned values.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2370 cl.serve_static_file("issue.index.html")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2371 self.assertEqual(output[0][1], "text/html")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2372 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2373 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2374
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2375 # stop searching TEMPLATES for the files.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2376 cl.instance.config['STATIC_FILES'] = '-'
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2377 # previously found file should not be found
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2378 self.assertRaises(NotFound,
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2379 cl.serve_static_file,"issue.index.html")
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2380
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2381 # explicitly allow html directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2382 cl.instance.config['STATIC_FILES'] = 'html -'
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2383 cl.serve_static_file("issue.index.html")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2384 self.assertEqual(output[0][1], "text/html")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2385 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2386 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2387
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2388 # set the list of files and do not look at the templates directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2389 cl.instance.config['STATIC_FILES'] = 'detectors extensions - '
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2390
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2391 # find file in first directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2392 cl.serve_static_file("messagesummary.py")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2393 self.assertEqual(output[0][1], "text/x-python")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2394 self.assertEqual(output[0][3], "_test_cgi_form/detectors/messagesummary.py")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2395 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2396
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2397 # find file in second directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2398 cl.serve_static_file("README.txt")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2399 self.assertEqual(output[0][1], "text/plain")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2400 self.assertEqual(output[0][3], "_test_cgi_form/extensions/README.txt")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2401 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2402
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2403 # make sure an embedded - ends the searching.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2404 cl.instance.config['STATIC_FILES'] = ' detectors - extensions '
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2405 self.assertRaises(NotFound, cl.serve_static_file, "README.txt")
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2406
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2407 cl.instance.config['STATIC_FILES'] = ' detectors - extensions '
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2408 self.assertRaises(NotFound, cl.serve_static_file, "issue.index.html")
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2409
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2410 # create an empty README.txt in the first directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2411 f = open('_test_cgi_form/detectors/README.txt', 'a').close()
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2412 # find file now in first directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2413 cl.serve_static_file("README.txt")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2414 self.assertEqual(output[0][1], "text/plain")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2415 self.assertEqual(output[0][3], "_test_cgi_form/detectors/README.txt")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2416 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2417
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2418 cl.instance.config['STATIC_FILES'] = ' detectors extensions '
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2419 # make sure lack of trailing - allows searching TEMPLATES
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2420 cl.serve_static_file("issue.index.html")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2421 self.assertEqual(output[0][1], "text/html")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2422 self.assertEqual(output[0][3], "_test_cgi_form/html/issue.index.html")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2423 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2424
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2425 # Make STATIC_FILES a single element.
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2426 cl.instance.config['STATIC_FILES'] = 'detectors'
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2427 # find file now in first directory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2428 cl.serve_static_file("messagesummary.py")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2429 self.assertEqual(output[0][1], "text/x-python")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2430 self.assertEqual(output[0][3], "_test_cgi_form/detectors/messagesummary.py")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2431 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2432
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2433 # make sure files found in subdirectory
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2434 os.mkdir('_test_cgi_form/detectors/css')
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2435 f = open('_test_cgi_form/detectors/css/README.css', 'a').close()
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2436 # use subdir in filename
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2437 cl.serve_static_file("css/README.css")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2438 self.assertEqual(output[0][1], "text/css")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2439 self.assertEqual(output[0][3], "_test_cgi_form/detectors/css/README.css")
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2440 del output[0] # reset output buffer
5980
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2441
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2442 cl.Cache_Control['text/css'] = 'public, max-age=3600'
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2443 # use subdir in static files path
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2444 cl.instance.config['STATIC_FILES'] = 'detectors html/css'
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2445 os.mkdir('_test_cgi_form/html/css')
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2446 f = open('_test_cgi_form/html/css/README1.css', 'a').close()
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2447 cl.serve_static_file("README1.css")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2448 self.assertEqual(output[0][1], "text/css")
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2449 self.assertEqual(output[0][3], "_test_cgi_form/html/css/README1.css")
5980
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2450 self.assertTrue( "Cache-Control" in cl.additional_headers )
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2451 self.assertEqual( cl.additional_headers,
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2452 {'Cache-Control': 'public, max-age=3600'} )
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2453 del output[0] # reset output buffer
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2454
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2455 cl.Cache_Control['README1.css'] = 'public, max-age=60'
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2456 cl.serve_static_file("README1.css")
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2457 self.assertEqual(output[0][1], "text/css")
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2458 self.assertEqual(output[0][3], "_test_cgi_form/html/css/README1.css")
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2459 self.assertTrue( "Cache-Control" in cl.additional_headers )
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2460 self.assertEqual( cl.additional_headers,
54d0080769f9 Support setting cache-control headers for static files
John Rouillard <rouilj@ieee.org>
parents: 5978
diff changeset
2461 {'Cache-Control': 'public, max-age=60'} )
5231
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2462 del output[0] # reset output buffer
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2463
8743b7226dc7 Fix issue with retreiving raw template files using the @@file mechanism.
John Rouillard <rouilj@ieee.org>
parents: 5220
diff changeset
2464
4306
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2465 def testRoles(self):
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2466 cl = self._make_client({})
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2467 self.db.user.set('1', roles='aDmin, uSer')
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2468 item = HTMLItem(cl, 'user', '1')
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2469 self.assertTrue(item.hasRole('Admin'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2470 self.assertTrue(item.hasRole('User'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2471 self.assertTrue(item.hasRole('AdmiN'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2472 self.assertTrue(item.hasRole('UseR'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2473 self.assertTrue(item.hasRole('UseR','Admin'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2474 self.assertTrue(item.hasRole('UseR','somethingelse'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2475 self.assertTrue(item.hasRole('somethingelse','Admin'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2476 self.assertTrue(not item.hasRole('userr'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2477 self.assertTrue(not item.hasRole('adminn'))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2478 self.assertTrue(not item.hasRole(''))
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2479 self.assertTrue(not item.hasRole(' '))
4306
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2480 self.db.user.set('1', roles='')
5649
f8893e1cde0d assert_ is depricated. Replacing with assertTrue to reduce logs in travisci.
John Rouillard <rouilj@ieee.org>
parents: 5624
diff changeset
2481 self.assertTrue(not item.hasRole(''))
4306
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4112
diff changeset
2482
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2483 def testCSVExportCharset(self):
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2484 cl = self._make_client(
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2485 {'@columns': 'id,title,status,keyword,assignedto,nosy'},
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2486 nodeid=None, userid='1')
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2487 cl.classname = 'issue'
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2488
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2489 demo_id=self.db.user.create(username='demo', address='demo@test.test',
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2490 roles='User', realname='demo')
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2491 self.db.issue.create(title=b2s(b'foo1\xc3\xa4'), status='2', assignedto='4', nosy=['3',demo_id])
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2492
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2493 output = io.BytesIO()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2494 cl.request = MockNull()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2495 cl.request.wfile = output
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2496 # call export version that outputs names
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2497 actions.ExportCSVAction(cl).handle()
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2498 should_be=(b'"id","title","status","keyword","assignedto","nosy"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2499 b'"1","foo1\xc3\xa4","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo"\r\n')
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2500 self.assertEqual(output.getvalue(), should_be)
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2501
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2502 output = io.BytesIO()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2503 cl.request = MockNull()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2504 cl.request.wfile = output
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2505 # call export version that outputs id numbers
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2506 actions.ExportCSVWithIdAction(cl).handle()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2507 print(output.getvalue())
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2508 self.assertEqual(b'"id","title","status","keyword","assignedto","nosy"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2509 b"\"1\",\"foo1\xc3\xa4\",\"2\",\"[]\",\"4\",\"['3', '4', '5']\"\r\n",
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2510 output.getvalue())
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2511
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2512 # again with ISO-8859-1 client charset
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2513 cl.charset = 'iso8859-1'
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2514 output = io.BytesIO()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2515 cl.request = MockNull()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2516 cl.request.wfile = output
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2517 # call export version that outputs names
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2518 actions.ExportCSVAction(cl).handle()
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2519 should_be=(b'"id","title","status","keyword","assignedto","nosy"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2520 b'"1","foo1\xe4","deferred","","Contrary, Mary","Bork, Chef;Contrary, Mary;demo"\r\n')
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2521 self.assertEqual(output.getvalue(), should_be)
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2522
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2523 output = io.BytesIO()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2524 cl.request = MockNull()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2525 cl.request.wfile = output
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2526 # call export version that outputs id numbers
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2527 actions.ExportCSVWithIdAction(cl).handle()
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2528 print(output.getvalue())
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2529 self.assertEqual(b'"id","title","status","keyword","assignedto","nosy"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2530 b"\"1\",\"foo1\xe4\",\"2\",\"[]\",\"4\",\"['3', '4', '5']\"\r\n",
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2531 output.getvalue())
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2532
4624
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2533 def testCSVExportBadColumnName(self):
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2534 cl = self._make_client({'@columns': 'falseid,name'}, nodeid=None,
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2535 userid='1')
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2536 cl.classname = 'status'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2537 output = io.BytesIO()
4624
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2538 cl.request = MockNull()
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2539 cl.request.wfile = output
5168
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2540 self.assertRaises(exceptions.NotFound,
4624
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2541 actions.ExportCSVAction(cl).handle)
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2542
5168
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2543 def testCSVExportFailPermissionBadColumn(self):
4112
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2544 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None,
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2545 userid='2')
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2546 cl.classname = 'user'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2547 output = io.BytesIO()
4112
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2548 cl.request = MockNull()
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2549 cl.request.wfile = output
4624
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2550 # used to be self.assertRaises(exceptions.Unauthorised,
21705126dafa Committed edited fix for issue2550712 by Cedric Krier.
Bernhard Reiter <bernhard@intevation.de>
parents: 4623
diff changeset
2551 # but not acting like the column name is not found
5168
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2552 # see issue2550755 - should this return Unauthorised?
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2553 # The unauthorised user should never get to the point where
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2554 # they can determine if the column name is valid or not.
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2555 self.assertRaises(exceptions.NotFound,
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2556 actions.ExportCSVAction(cl).handle)
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2557
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2558 def testCSVExportFailPermissionValidColumn(self):
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2559 passwd=password.Password('foo')
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2560 demo_id=self.db.user.create(username='demo', address='demo@test.test',
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2561 roles='User', realname='demo',
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2562 password=passwd)
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2563 cl = self._make_client({'@columns': 'id,username,address,password'},
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2564 nodeid=None, userid=demo_id)
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2565 cl.classname = 'user'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2566 output = io.BytesIO()
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2567 cl.request = MockNull()
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2568 cl.request.wfile = output
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2569 # used to be self.assertRaises(exceptions.Unauthorised,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2570 # but not acting like the column name is not found
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2571
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2572 actions.ExportCSVAction(cl).handle()
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2573 #print(output.getvalue())
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2574 self.assertEqual(s2b('"id","username","address","password"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2575 '"1","admin","[hidden]","[hidden]"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2576 '"2","anonymous","[hidden]","[hidden]"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2577 '"3","Chef","[hidden]","[hidden]"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2578 '"4","mary","[hidden]","[hidden]"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2579 '"5","demo","demo@test.test","%s"\r\n'%(passwd)),
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2580 output.getvalue())
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2581
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2582 def testCSVExportWithId(self):
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2583 cl = self._make_client({'@columns': 'id,name'}, nodeid=None,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2584 userid='1')
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2585 cl.classname = 'status'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2586 output = io.BytesIO()
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2587 cl.request = MockNull()
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2588 cl.request.wfile = output
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2589 actions.ExportCSVWithIdAction(cl).handle()
6190
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2590 self.assertEqual(s2b('"id","name"\r\n"1","unread"\r\n"2","deferred"\r\n"3","chatting"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2591 '"4","need-eg"\r\n"5","in-progress"\r\n"6","testing"\r\n"7","done-cbb"\r\n'
15fd91fd3c4c Quote all exported CSV data
John Rouillard <rouilj@ieee.org>
parents: 6083
diff changeset
2592 '"8","resolved"\r\n'),
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2593 output.getvalue())
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2594
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2595 def testCSVExportWithIdBadColumnName(self):
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2596 cl = self._make_client({'@columns': 'falseid,name'}, nodeid=None,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2597 userid='1')
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2598 cl.classname = 'status'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2599 output = io.BytesIO()
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2600 cl.request = MockNull()
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2601 cl.request.wfile = output
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2602 self.assertRaises(exceptions.NotFound,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2603 actions.ExportCSVWithIdAction(cl).handle)
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2604
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2605 def testCSVExportWithIdFailPermissionBadColumn(self):
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2606 cl = self._make_client({'@columns': 'id,email,password'}, nodeid=None,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2607 userid='2')
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2608 cl.classname = 'user'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2609 output = io.BytesIO()
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2610 cl.request = MockNull()
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2611 cl.request.wfile = output
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2612 # used to be self.assertRaises(exceptions.Unauthorised,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2613 # but not acting like the column name is not found
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2614 # see issue2550755 - should this return Unauthorised?
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2615 # The unauthorised user should never get to the point where
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2616 # they can determine if the column name is valid or not.
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2617 self.assertRaises(exceptions.NotFound,
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2618 actions.ExportCSVWithIdAction(cl).handle)
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2619
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2620 def testCSVExportWithIdFailPermissionValidColumn(self):
5168
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2621 cl = self._make_client({'@columns': 'id,address,password'}, nodeid=None,
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2622 userid='2')
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2623 cl.classname = 'user'
6083
f74d078cfd9a issue2551019 needs to be handled in the action code itself, not the WSGI handler
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5980
diff changeset
2624 output = io.BytesIO()
5168
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2625 cl.request = MockNull()
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2626 cl.request.wfile = output
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2627 # used to be self.assertRaises(exceptions.Unauthorised,
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2628 # but not acting like the column name is not found
9e41254430fe issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi fix tests
John Rouillard <rouilj@ieee.org>
parents: 5166
diff changeset
2629 self.assertRaises(exceptions.Unauthorised,
5614
be99aa02c616 issue2550833 enhance the export csv action to include the keys for
John Rouillard <rouilj@ieee.org>
parents: 5519
diff changeset
2630 actions.ExportCSVWithIdAction(cl).handle)
4112
6441ffe588f7 fix bug introduced into CSV export and view (issue 2550529)
Richard Jones <richard@users.sourceforge.net>
parents: 4088
diff changeset
2631
6593
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
2632 class TemplateHtmlRendering(unittest.TestCase, testFtsQuery):
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2633 ''' try to test the rendering code for tal '''
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2634 def setUp(self):
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2635 self.dirname = '_test_template'
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2636 # set up and open a tracker
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2637 self.instance = setupTracker(self.dirname)
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2638
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2639 # open the database
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2640 self.db = self.instance.open('admin')
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2641 self.db.tx_Source = "web"
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2642 self.db.user.create(username='Chef', address='chef@bork.bork.bork',
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2643 realname='Bork, Chef', roles='User')
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2644 self.db.user.create(username='mary', address='mary@test.test',
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2645 roles='User', realname='Contrary, Mary')
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2646 self.db.post_init()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2647
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2648 # create a client instance and hijack write_html
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2649 self.client = client.Client(self.instance, "user",
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2650 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2651 form=db_test_base.makeForm({"@template": "item"}))
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2652
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2653 self.client._error_message = []
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2654 self.client._ok_message = []
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2655 self.client.db = self.db
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2656 self.client.userid = '1'
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2657 self.client.language = ('en',)
5208
23b8eeaf9864 fixing some tests due to changes to classic template by adding anti-csrf code
John Rouillard <rouilj@ieee.org>
parents: 5203
diff changeset
2658 self.client.session_api = MockNull(_sid="1234567890")
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2659
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2660 self.output = []
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2661 # ugly hack to get html_write to return data here.
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2662 def html_write(s):
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2663 self.output.append(s)
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2664
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2665 # hijack html_write
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2666 self.client.write_html = html_write
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2667
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2668 self.db.issue.create(title='foo')
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2669
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2670 def tearDown(self):
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2671 self.db.close()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2672 try:
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2673 shutil.rmtree(self.dirname)
5248
198b6e810c67 Use Python-3-compatible 'as' syntax for except statements
Eric S. Raymond <esr@thyrsus.com>
parents: 5231
diff changeset
2674 except OSError as error:
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2675 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2676
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2677 def testrenderFrontPage(self):
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2678 self.client.renderFrontPage("hello world RaNdOmJunk")
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2679 # make sure we can find the "hello world RaNdOmJunk"
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2680 # message in the output.
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2681 self.assertNotEqual(-1,
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2682 self.output[0].index('<p class="error-message">hello world RaNdOmJunk <br/ > </p>'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2683 # make sure we can find issue 1 title foo in the output
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2684 self.assertNotEqual(-1,
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2685 self.output[0].index('<a href="issue1">foo</a>'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2686
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2687 # make sure we can find the last SHA1 sum line at the end of the
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2688 # page
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2689 self.assertNotEqual(-1,
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2690 self.output[0].index('<!-- SHA: c87a4e18d59a527331f1d367c0c6cc67ee123e63 -->'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2691
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2692 def testRenderError(self):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2693 # set up the client;
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2694 # run determine_context to set the required client attributes
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2695 # run renderError(); check result for proper page
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2696
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2697 self.client.form=db_test_base.makeForm({})
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2698 self.client.path = ''
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2699 self.client.determine_context()
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2700
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2701 error = "Houston, we have a problem"
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2702
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2703
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2704 # template rendering will fail and return fallback html
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2705 out = self.client.renderError(error, 404)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2706
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2707 expected_fallback = (
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2708 '\n<html><head><title>Roundup issue tracker: '
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2709 'An error has occurred</title>\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2710 ' <link rel="stylesheet" type="text/css" href="@@file/style.css">\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2711 '</head>\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2712 '<body class="body" marginwidth="0" marginheight="0">\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2713 ' <p class="error-message">Houston, we have a problem</p>\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2714 '</body></html>\n')
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2715
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2716 self.assertEqual(out, expected_fallback)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2717 self.assertIn(error, self.client._error_message)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2718 self.assertEqual(self.client.response_code, 404)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2719
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2720 ### next test
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2721 # Set this so template rendering works.
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2722 self.client.classname = 'issue'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2723
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2724 out = self.client.renderError("Houston, we have a problem", 404)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2725 # match hard coded line in 404 template
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2726 expected = ('There is no <span>issue</span> with id')
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2727
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2728 self.assertIn(expected, out)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2729 self.assertEqual(self.client.response_code, 404)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2730
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2731
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2732 ### next test
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2733 # disable template use get fallback
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2734 out = self.client.renderError("Houston, we have a problem", 404,
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2735 use_template=False)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2736
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2737 self.assertEqual(out, expected_fallback)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2738 self.assertEqual(self.client.response_code, 404)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2739
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2740 ### next test
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2741 # no 400 template (default 2nd param) so we get fallback
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2742 out = self.client.renderError("Houston, we have a problem")
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2743 self.assertEqual(out, expected_fallback)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2744 self.assertIn(error, self.client._error_message)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2745 self.assertEqual(self.client.response_code, 400)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
2746
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2747 def testrenderContext(self):
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2748 # set up the client;
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2749 # run determine_context to set the required client attributes
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2750 # run renderContext(); check result for proper page
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2751
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2752 # this will generate the default home page like
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2753 # testrenderFrontPage
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2754 self.client.form=db_test_base.makeForm({})
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2755 self.client.path = ''
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2756 self.client.determine_context()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2757 self.assertEqual((self.client.classname, self.client.template, self.client.nodeid), (None, '', None))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2758 self.assertEqual(self.client._ok_message, [])
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2759
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2760 result = self.client.renderContext()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2761 self.assertNotEqual(-1,
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2762 result.index('<!-- SHA: c87a4e18d59a527331f1d367c0c6cc67ee123e63 -->'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2763
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2764 # now look at the user index page
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2765 self.client.form=db_test_base.makeForm(
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2766 { "@ok_message": "ok message", "@template": "index"})
5160
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2767 self.client.path = 'user'
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2768 self.client.determine_context()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2769 self.assertEqual((self.client.classname, self.client.template, self.client.nodeid), ('user', 'index', None))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2770 self.assertEqual(self.client._ok_message, ['ok message'])
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2771
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2772 result = self.client.renderContext()
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2773 self.assertNotEqual(-1, result.index('<title>User listing - Roundup issue tracker</title>'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2774 self.assertNotEqual(-1, result.index('ok message'))
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2775 # print result
f8a32b7331f1 add basic crappy test framework for the client.py::Client::renderFrontPage() ::determine_context() and ::renderContext() methods.
John Rouillard <rouilj@ieee.org>
parents: 5159
diff changeset
2776
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2777 def testRenderAltTemplates(self):
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2778 # check that right page is returned when rendering
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2779 # @template=oktempl|errortmpl
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2780
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2781 # set up the client;
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2782 # run determine_context to set the required client attributes
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2783 # run renderContext(); check result for proper page
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2784
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2785 # Test ok state template that uses user.forgotten.html
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2786 self.client.form=db_test_base.makeForm({"@template": "forgotten|item"})
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2787 self.client.path = 'user'
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2788 self.client.determine_context()
5201
a9ace22e0a2f issue 2550690 - Adding anti-csrf measures to roundup following
John Rouillard <rouilj@ieee.org>
parents: 5185
diff changeset
2789 self.client.session_api = MockNull(_sid="1234567890")
5316
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2790 self.assertEqual(
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2791 (self.client.classname, self.client.template, self.client.nodeid),
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2792 ('user', 'forgotten|item', None))
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2793 self.assertEqual(self.client._ok_message, [])
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2794
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2795 result = self.client.renderContext()
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
2796 print(result)
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
2797 # sha1sum of classic tracker user.forgotten.template must be found
5316
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2798 sha1sum = '<!-- SHA: f93570f95f861da40f9c45bbd2b049bb3a7c0fc5 -->'
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2799 self.assertNotEqual(-1, result.index(sha1sum))
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2800
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2801 # now set an error in the form to get error template user.item.html
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2802 self.client.form=db_test_base.makeForm({"@template": "forgotten|item",
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2803 "@error_message": "this is an error"})
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2804 self.client.path = 'user'
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2805 self.client.determine_context()
5316
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2806 self.assertEqual(
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2807 (self.client.classname, self.client.template, self.client.nodeid),
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2808 ('user', 'forgotten|item', None))
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2809 self.assertEqual(self.client._ok_message, [])
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2810 self.assertEqual(self.client._error_message, ["this is an error"])
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2811
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2812 result = self.client.renderContext()
5376
64b05e24dbd8 Python 3 preparation: convert print to a function.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5316
diff changeset
2813 print(result)
5218
44f7e6b958fe Added tests for csrf with xmlrpc.
John Rouillard <rouilj@ieee.org>
parents: 5210
diff changeset
2814 # sha1sum of classic tracker user.item.template must be found
5316
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2815 sha1sum = '<!-- SHA: 3b7ce7cbf24f77733c9b9f64a569d6429390cc3f -->'
351763d6400a Fix failing test after recent tab changes
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5310
diff changeset
2816 self.assertNotEqual(-1, result.index(sha1sum))
5185
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2817
349bef975367 Make @template support two alternate templates for error and ok cases.
John Rouillard <rouilj@ieee.org>
parents: 5168
diff changeset
2818
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2819 def testexamine_url(self):
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2820 ''' test the examine_url function '''
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2821
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2822 def te(url, exception, raises=ValueError):
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2823 with self.assertRaises(raises) as cm:
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2824 examine_url(url)
5453
2b4f606d8e72 use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5418
diff changeset
2825 self.assertEqual(cm.exception.args, (exception,))
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2826
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2827
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2828 action = actions.Action(self.client)
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2829 examine_url = action.examine_url
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2830
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2831 # Christmas tree url: test of every component that passes
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2832 self.assertEqual(
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2833 examine_url("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue"),
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2834 'http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue')
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2835
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2836 # allow replacing http with https if base is http
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2837 self.assertEqual(
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2838 examine_url("https://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue"),
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2839 'https://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue')
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2840
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2841
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2842 # change base to use https and make sure we don't redirect to http
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2843 saved_base = action.base
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2844 action.base = "https://tracker.example/cgi-bin/roundup.cgi/bugs/"
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2845 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue",
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2846 'Base url https://tracker.example/cgi-bin/roundup.cgi/bugs/ requires https. Redirect url http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue uses http.')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2847 action.base = saved_base
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2848
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2849 # url doesn't have to be valid to roundup, just has to be contained
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2850 # inside of roundup. No zoik class is defined
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2851 self.assertEqual(examine_url("http://tracker.example/cgi-bin/roundup.cgi/bugs/zoik7;parm=bar?@template=foo&parm=(zot)#issue"), "http://tracker.example/cgi-bin/roundup.cgi/bugs/zoik7;parm=bar?@template=foo&parm=(zot)#issue")
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2852
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2853 # test with wonky schemes
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2854 te("email://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue",
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2855 'Unrecognized scheme in email://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2856
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2857 te("http%3a//tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Unrecognized scheme in http%3a//tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2858
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2859 # test different netloc/path prefix
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2860 # assert port
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2861 te("http://tracker.example:1025/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue",'Net location in http://tracker.example:1025/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2862
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2863 #assert user
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2864 te("http://user@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://user@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2865
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2866 #assert user:password
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2867 te("http://user:pass@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://user:pass@tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2868
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2869 # try localhost http scheme
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2870 te("http://localhost/cgi-bin/roundup.cgi/bugs/user3", 'Net location in http://localhost/cgi-bin/roundup.cgi/bugs/user3 does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2871
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2872 # try localhost https scheme
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2873 te("https://localhost/cgi-bin/roundup.cgi/bugs/user3", 'Net location in https://localhost/cgi-bin/roundup.cgi/bugs/user3 does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2874
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2875 # try different host
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2876 te("http://bad.guys.are.us/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Net location in http://bad.guys.are.us/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#issue does not match base: tracker.example')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2877
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2878 # change the base path to .../bug from .../bugs
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2879 te("http://tracker.example/cgi-bin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue", 'Base path /cgi-bin/roundup.cgi/bugs/ is not a prefix for url http://tracker.example/cgi-bin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2880
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2881 # change the base path eliminate - in cgi-bin
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2882 te("http://tracker.example/cgibin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue",'Base path /cgi-bin/roundup.cgi/bugs/ is not a prefix for url http://tracker.example/cgibin/roundup.cgi/bug/user3;parm=bar?@template=foo&parm=(zot)#issue')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2883
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2884
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2885 # scan for unencoded characters
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2886 # we skip schema and net location since unencoded character
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2887 # are allowed only by an explicit match to a reference.
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2888 #
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2889 # break components with unescaped character '<'
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2890 # path component
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2891 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/<user3;parm=bar?@template=foo&parm=(zot)#issue", 'Path component (/cgi-bin/roundup.cgi/bugs/<user3) in http://tracker.example/cgi-bin/roundup.cgi/bugs/<user3;parm=bar?@template=foo&parm=(zot)#issue is not properly escaped')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2892
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2893 # params component
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2894 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=b<ar?@template=foo&parm=(zot)#issue", 'Params component (parm=b<ar) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=b<ar?@template=foo&parm=(zot)#issue is not properly escaped')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2895
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2896 # query component
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2897 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=<foo>&parm=(zot)#issue", 'Query component (@template=<foo>&parm=(zot)) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=<foo>&parm=(zot)#issue is not properly escaped')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2898
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2899 # fragment component
5162
3ee79a2d95d4 rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
John Rouillard <rouilj@ieee.org>
parents: 5161
diff changeset
2900 te("http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#iss<ue", 'Fragment component (iss<ue) in http://tracker.example/cgi-bin/roundup.cgi/bugs/user3;parm=bar?@template=foo&parm=(zot)#iss<ue is not properly escaped')
5161
12190efa30d4 I realized that the __came_from and __redirect_to url parameters I
John Rouillard <rouilj@ieee.org>
parents: 5160
diff changeset
2901
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2902 class TemplateTestCase(unittest.TestCase):
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2903 ''' Test the template resolving code, i.e. what can be given to @template
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2904 '''
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2905 def setUp(self):
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2906 self.dirname = '_test_template'
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2907 # set up and open a tracker
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2908 self.instance = setupTracker(self.dirname)
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2909
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2910 # open the database
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2911 self.db = self.instance.open('admin')
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2912 self.db.tx_Source = "web"
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2913 self.db.user.create(username='Chef', address='chef@bork.bork.bork',
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2914 realname='Bork, Chef', roles='User')
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2915 self.db.user.create(username='mary', address='mary@test.test',
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2916 roles='User', realname='Contrary, Mary')
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2917 self.db.post_init()
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2918
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2919 def tearDown(self):
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2920 self.db.close()
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2921 try:
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2922 shutil.rmtree(self.dirname)
5248
198b6e810c67 Use Python-3-compatible 'as' syntax for except statements
Eric S. Raymond <esr@thyrsus.com>
parents: 5231
diff changeset
2923 except OSError as error:
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2924 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2925
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2926 def testTemplateSubdirectory(self):
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2927 # test for templates in subdirectories
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2928
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2929 # make the directory
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2930 subdir = self.dirname + "/html/subdir"
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2931 os.mkdir(subdir)
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2932
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2933 # get the client instance The form is needed to initialize,
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2934 # but not used since I call selectTemplate directly.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2935 t = client.Client(self.instance, "user",
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2936 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
5310
efb34cbdba7c Add (currently failing) test for atomic actions
Ralf Schlatterbeck <rsc@runtux.com>
parents: 5248
diff changeset
2937 form=db_test_base.makeForm({"@template": "item"}))
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2938
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2939 # create new file in subdir and a dummy file outside of
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2940 # the tracker's html subdirectory
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2941 shutil.copyfile(self.dirname + "/html/issue.item.html",
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2942 subdir + "/issue.item.html")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2943 shutil.copyfile(self.dirname + "/html/user.item.html",
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2944 self.dirname + "/user.item.html")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2945
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2946 # create link outside the html subdir. This should fail due to
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2947 # path traversal check.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2948 os.symlink("../../user.item.html", subdir + "/user.item.html")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2949 # it will be removed and replaced by a later test
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2950
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2951 # make sure a simple non-subdir template works.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2952 # user.item.html exists so this works.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2953 # note that the extension is not included just the basename
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2954 self.assertEqual("user.item", t.selectTemplate("user", "item"))
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2955
5159
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2956
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2957 # make sure home templates work
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2958 self.assertEqual("home", t.selectTemplate(None, ""))
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2959 self.assertEqual("home.classlist", t.selectTemplate(None, "classlist"))
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2960
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2961 # home.item doesn't exist should return _generic.item.
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2962 self.assertEqual("_generic.item", t.selectTemplate(None, "item"))
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2963
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2964 # test case where there is no view so generic template can't
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2965 # be determined.
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2966 with self.assertRaises(NoTemplate) as cm:
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2967 t.selectTemplate("user", "")
5453
2b4f606d8e72 use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5418
diff changeset
2968 self.assertEqual(cm.exception.args,
2b4f606d8e72 use exception.args instead of exception.message
Christof Meerwald <cmeerw@cmeerw.org>
parents: 5418
diff changeset
2969 ('''Template "user" doesn't exist''',))
5159
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2970
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2971 # there is no html/subdir/user.item.{,xml,html} so it will
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2972 # raise NoTemplate.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2973 self.assertRaises(NoTemplate,
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2974 t.selectTemplate, "user", "subdir/item")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2975
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2976 # there is an html/subdir/issue.item.html so this succeeeds
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2977 r = t.selectTemplate("issue", "subdir/item")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2978 self.assertEqual("subdir/issue.item", r)
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2979
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2980 # there is a self.directory + /html/subdir/user.item.html file,
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2981 # but it is a link to self.dir /user.item.html which is outside
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2982 # the html subdir so is rejected by the path traversal check.
5159
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2983 # Prefer NoTemplate here, or should the code be changed to
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2984 # report a new PathTraversal exception? Could the PathTraversal
7fb697267fdb adding test case for home templates in various incantations. Also added comment about possibly creating/raising PageTraversal exception. I don't think we need it since @@file doesn't do it but...
John Rouillard <rouilj@ieee.org>
parents: 5154
diff changeset
2985 # exception leak useful info to an attacker??
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2986 self.assertRaises(NoTemplate,
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2987 t.selectTemplate, "user", "subdir/item")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2988
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2989 # clear out the link and create a new one to self.dirname +
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2990 # html/user.item.html which is inside the html subdir
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2991 # so the template check returns the symbolic link path.
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2992 os.remove(subdir + "/user.item.html")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2993 os.symlink("../user.item.html", subdir + "/user.item.xml")
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2994
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2995 # template check works
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2996 r = t.selectTemplate("user", "subdir/item")
5786
68b0c1767b50 Replace assertEquals (depricated) with assertEqual.
John Rouillard <rouilj@ieee.org>
parents: 5771
diff changeset
2997 self.assertEqual("subdir/user.item", r)
5154
f608eeecf638 issue2550891: Allow subdir in template value. Anthony (antmail)
John Rouillard <rouilj@ieee.org>
parents: 5094
diff changeset
2998
7836
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
2999 class TemplateUtilsTestCase(unittest.TestCase):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3000 ''' Test various TemplateUtils
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3001 '''
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3002 def setUp(self):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3003 self.dirname = '_test_template'
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3004 # set up and open a tracker
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3005 self.instance = setupTracker(self.dirname)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3006
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3007 # open the database
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3008 self.db = self.instance.open('admin')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3009 self.db.tx_Source = "web"
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3010 self.db.user.create(username='Chef', address='chef@bork.bork.bork',
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3011 realname='Bork, Chef', roles='User')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3012 self.db.user.create(username='mary', address='mary@test.test',
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3013 roles='User', realname='Contrary, Mary')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3014 self.db.post_init()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3015
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3016 def tearDown(self):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3017 self.db.close()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3018 try:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3019 shutil.rmtree(self.dirname)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3020 except OSError as error:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3021 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3022
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3023 @pytest.fixture(autouse=True)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3024 def inject_fixtures(self, caplog):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3025 self._caplog = caplog
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3026
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3027 def testReadfile(self):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3028 # create new files in html dir
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3029 testfiles = [
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3030 { "name": "file_to_read.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3031 "content": ('hello world'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3032 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3033 { # for future test expanding TAL
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3034 "name": "_generic.readfile_success.html",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3035 "content": (
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3036
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3037 '''<span tal:content="python:utils.readfile('''
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3038 """'example.js')"></span>""" ),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3039 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3040 ]
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3041
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3042 for file_spec in testfiles:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3043 file_path = "%s/html/%s" % (self.dirname, file_spec['name'])
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3044 with open(file_path, "w") as f:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3045 f.write(file_spec['content'])
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3046
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3047 # get the client instance The form is needed to initialize,
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3048 # but not used since I call selectTemplate directly.
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3049 t = client.Client(self.instance, "user",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3050 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3051 form=db_test_base.makeForm({"@template": "readfile_success"}))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3052
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3053 tu = TemplatingUtils(t)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3054 # testcase 1 - file exists
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3055 r = tu.readfile("file_to_read.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3056 self.assertEqual(r, 'hello world')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3057 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3058
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3059 # testcase 2 - file does not exist
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3060 with self.assertRaises(NoTemplate) as e:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3061 r = tu.readfile("no_file_to_read.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3062
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3063 self.assertEqual(
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3064 e.exception.args[0],
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3065 "Unable to read or expand file 'no_file_to_read.js' "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3066 "in template 'home'.")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3067 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3068
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3069 # testcase 3 - file does not exist - optional = True
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3070 r = tu.readfile("no_file_to_read.js", optional=True)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3071 self.assertEqual(r, '')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3072
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3073 # make sure a created template is found
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3074 # note that the extension is not included just the basename
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3075 self.assertEqual("_generic.readfile_success",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3076 t.selectTemplate("", "readfile_success"))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3077
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3078
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3079
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3080 def testExpandfile(self):
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3081 # test for templates in subdirectories
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3082
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3083 # make the directory
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3084 subdir = self.dirname + "/html/subdir"
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3085 os.mkdir(subdir)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3086
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3087 # create new files in html dir
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3088 testfiles = [
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3089 { "name": "file_to_read.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3090 "content": ('hello world'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3091 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3092 { "name": "file_no_content.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3093 "content": '',
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3094 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3095 { "name": "file_to_expand.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3096 "content": ('hello world %(base)s'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3097 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3098 { "name": "file_with_broken_expand_type.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3099 "content": ('hello world %(base)'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3100 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3101 { "name": "file_with_odd_token.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3102 "content": ('hello world %(base)s, %(No,token)s'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3103 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3104 { "name": "file_with_missing.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3105 "content": ('hello world %(base)s, %(idontexist)s'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3106 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3107 { "name": "subdir/file_to_read.js",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3108 "content": ('hello world from subdir'),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3109 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3110 { # for future test expanding TAL
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3111 "name": "_generic.expandfile_success.html",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3112 "content": (
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3113
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3114 '''<span tal:content="python:utils.expandfile('''
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3115 """'example.js', { 'No Token': "NT",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3116 "dict_token': 'DT'})"></span>""" ),
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3117 },
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3118 ]
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3119
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3120 for file_spec in testfiles:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3121 file_path = "%s/html/%s" % (self.dirname, file_spec['name'])
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3122 with open(file_path, "w") as f:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3123 f.write(file_spec['content'])
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3124
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3125 # get the client instance The form is needed to initialize,
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3126 # but not used since I call selectTemplate directly.
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3127 t = client.Client(self.instance, "user",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3128 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3129 form=db_test_base.makeForm({"@template": "readfile_success"}))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3130
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3131 t.db = MockNull()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3132 t.db.config = MockNull()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3133 t.db.config.TRACKER_WEB = '_tracker_template'
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3134 tu = TemplatingUtils(t)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3135
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3136 # testcase 1 - file exists
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3137 r = tu.expandfile("file_to_read.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3138 self.assertEqual(r, 'hello world')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3139 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3140
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3141 # testcase 2 - file does not exist
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3142 with self.assertRaises(NoTemplate) as e:
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3143 r = tu.expandfile("no_file_to_read.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3144
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3145 self.assertEqual(
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3146 e.exception.args[0],
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3147 "Unable to read or expand file 'no_file_to_read.js' "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3148 "in template 'home'.")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3149 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3150
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3151 # testcase 3 - file does not exist - optional = True
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3152 r = tu.expandfile("no_file_to_read.js", optional=True)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3153 self.assertEqual(r, '')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3154 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3155
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3156 # testcase 4 - file is empty
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3157 r = tu.expandfile("file_no_content.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3158 self.assertEqual(r, '')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3159 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3160
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3161 # testcase 5 - behave like readfile (values = None)
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3162 r = tu.expandfile("file_to_expand.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3163 self.assertEqual(r, "hello world %(base)s")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3164 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3165
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3166 # testcase 6 - expand predefined
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3167 r = tu.expandfile("file_to_expand.js", {})
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3168 self.assertEqual(r, "hello world _tracker_template")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3169 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3170
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3171 # testcase 7 - missing trailing type specifier
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3172 r = tu.expandfile("file_with_broken_expand_type.js", {})
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3173
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3174 self.assertEqual(r, "")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3175
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3176 # self._caplog.record_tuples[0] - without line breaks
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3177 # ('roundup.template', 40, "Found an incorrect token when
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3178 # expandfile applied string subsitution on
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3179 # '/home/roundup/_test_template/html/file_with_broken_expand_type.js.
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3180 # ValueError('incomplete format') was raised. Check the format
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3181 # of your named conversion specifiers."
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3182
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3183 # name used for logging
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3184 self.assertEqual(self._caplog.record_tuples[0][0], 'roundup.template')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3185 # severity ERROR = 40
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3186 self.assertEqual(self._caplog.record_tuples[0][1], 40,
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3187 msg="logging level != 40 (ERROR)")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3188 # message. It includes a full path to the problem file, so Regex
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3189 # match the changable filename directory
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3190 self.assertRegex(self._caplog.record_tuples[0][2], (
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3191 r"^Found an incorrect token when expandfile applied "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3192 r"string subsitution on "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3193 r"'[^']*/_test_template/html/file_with_broken_expand_type.js'. "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3194 r"ValueError\('incomplete format'\) was raised. Check the format "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3195 r"of your named conversion specifiers."))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3196 self._caplog.clear()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3197 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3198
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3199 # testcase 8 - odd token. Apparently names are not identifiers
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3200 r = tu.expandfile("file_with_odd_token.js", {'No,token': 'NT'})
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3201
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3202 self.assertEqual(r, "hello world _tracker_template, NT")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3203
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3204 # self._caplog.record_tuples[0] - without line breaks
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3205 # ('roundup.template', 40, "Found an incorrect token when
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3206 # expandfile applied string subsitution on
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3207 # '/home/roundup/_test_template/html/file_with_broken_expand_type.js.
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3208 # ValueError('incomplete format') was raised. Check the format
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3209 # of your named conversion specifiers."
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3210
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3211 # no logs should be present
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3212 self.assertEqual(self._caplog.text, '')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3213 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3214
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3215 # testcase 9 - key missing from values
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3216 r = tu.expandfile("file_with_missing.js", {})
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3217
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3218 self.assertEqual(r, "")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3219
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3220 # self._caplog.record_tuples[0] - without line breaks
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3221 # ('roundup.template', 40, "Found an incorrect token when
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3222 # expandfile applied string subsitution on
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3223 # '/home/roundup/_test_template/html/file_with_broken_expand_type.js.
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3224 # ValueError('incomplete format') was raised. Check the format
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3225 # of your named conversion specifiers."
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3226
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3227 # name used for logging
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3228 self.assertEqual(self._caplog.record_tuples[0][0], 'roundup.template')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3229 # severity ERROR = 40
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3230 self.assertEqual(self._caplog.record_tuples[0][1], 40,
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3231 msg="logging level != 40 (ERROR)")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3232 # message. It includes a full path to the problem file, so Regex
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3233 # match the changable filename directory
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3234 self.assertRegex(self._caplog.record_tuples[0][2], (
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3235 r"When running "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3236 r"expandfile\('[^']*/_test_template/html/file_with_missing.js'\) "
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3237 r"in 'home' there was no value for token: 'idontexist'."))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3238 self._caplog.clear()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3239 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3240
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3241 # testcase 10 - set key missing from values in test 8
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3242 r = tu.expandfile("file_with_missing.js", {'idontexist': 'I do exist'})
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3243
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3244 self.assertEqual(r, "hello world _tracker_template, I do exist")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3245
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3246 # no logging
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3247 self.assertEqual(self._caplog.text, '')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3248 self._caplog.clear()
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3249
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3250 # testcase 11 - file exists in subdir
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3251 r = tu.expandfile("subdir/file_to_read.js")
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3252 self.assertEqual(r, 'hello world from subdir')
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3253 r = None
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3254
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3255
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3256 # make sure a created template is found
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3257 # note that the extension is not included just the basename
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3258 self.assertEqual("_generic.expandfile_success",
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3259 t.selectTemplate("", "expandfile_success"))
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3260
219fc5804345 issue2551270 - Better templating support for JavaScript
John Rouillard <rouilj@ieee.org>
parents: 7582
diff changeset
3261
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3262 class SqliteNativeFtsCgiTest(unittest.TestCase, testFtsQuery, testCsvExport):
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3263 """All of the rest of the tests use anydbm as the backend.
6593
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3264 In addtion to normal fts test, this class tests renderError
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3265 when renderContext fails.
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3266 Triggering this error requires the native-fts backend for
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3267 the sqlite db.
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3268 """
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3269
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3270 def setUp(self):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3271 self.dirname = '_test_template'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3272 # set up and open a tracker
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3273 self.instance = setupTracker(self.dirname, backend="sqlite")
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3274
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3275 self.instance.config.INDEXER = "native-fts"
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3276
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3277 # open the database
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3278 self.db = self.instance.open('admin')
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3279 self.db.tx_Source = "web"
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3280 self.db.user.create(username='Chef', address='chef@bork.bork.bork',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3281 realname='Bork, Chef', roles='User')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3282 self.db.user.create(username='mary', address='mary@test.test',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3283 roles='User', realname='Contrary, Mary')
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3284 self.db.post_init()
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3285
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3286 # create a client instance and hijack write_html
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3287 self.client = client.Client(self.instance, "user",
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3288 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3289 form=db_test_base.makeForm({"@template": "item"}))
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3290
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3291 self.client._error_message = []
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3292 self.client._ok_message = []
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3293 self.client.db = self.db
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3294 self.client.userid = '1'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3295 self.client.language = ('en',)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3296 self.client.session_api = MockNull(_sid="1234567890")
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3297
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3298 self.output = []
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3299 # ugly hack to get html_write to return data here.
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3300 def html_write(s):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3301 self.output.append(s)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3302
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3303 # hijack html_write
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3304 self.client.write_html = html_write
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3305
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3306 def tearDown(self):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3307 self.db.close()
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3308 try:
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3309 shutil.rmtree(self.dirname)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3310 except OSError as error:
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3311 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3312
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3313 def testRenderContextBadFtsQuery(self):
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3314 # only test for sqlite
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3315 if self.db.dbtype not in [ "sqlite" ]:
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3316 pytest.skip("Not tested for backends without native FTS")
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3317
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3318 # generate a bad fts query
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3319 self.client.form=db_test_base.makeForm(
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3320 { "@ok_message": "ok message", "@template": "index",
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3321 "@search_text": "foo-bar"})
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3322 self.client.path = 'issue'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3323 self.client.determine_context()
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3324
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3325 result = self.client.renderContext()
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3326
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3327 expected = '\n<html><head><title>Roundup issue tracker: An error has occurred</title>\n <link rel="stylesheet" type="text/css" href="@@file/style.css">\n</head>\n<body class="body" marginwidth="0" marginheight="0">\n <p class="error-message">Search failed. Try quoting any terms that include a \'-\' and retry the search.</p>\n</body></html>\n'
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3328
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3329 self.assertEqual(result, expected)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3330 self.assertEqual(self.client.response_code, 400)
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3331
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3332 #
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3333 # SECURITY
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3334 #
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3335 # XXX test all default permissions
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3336 def _make_client(self, form, classname='user', nodeid='1',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3337 userid='2', template='item'):
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3338 cl = client.Client(self.instance, None, {'PATH_INFO':'/',
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3339 'REQUEST_METHOD':'POST'}, db_test_base.makeForm(form))
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3340 cl.classname = classname
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3341 if nodeid is not None:
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3342 cl.nodeid = nodeid
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3343 cl.db = self.db
7164
5487882ff17a Fix test failure when run alone.
John Rouillard <rouilj@ieee.org>
parents: 7160
diff changeset
3344 cl.db.Otk = cl.db.getOTKManager()
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3345 #cl.db.Otk = MockNull()
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3346 #cl.db.Otk.data = {}
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3347 #cl.db.Otk.getall = self.data_get
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3348 #cl.db.Otk.set = self.data_set
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3349 cl.userid = userid
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3350 cl.language = ('en',)
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3351 cl._error_message = []
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3352 cl._ok_message = []
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3353 cl.template = template
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3354 return cl
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3355
6600
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3356 def testCSVExportSearchError(self):
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3357 # test full text search
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3358 cl = self._make_client(
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3359 {'@columns': 'id,title,status,keyword,assignedto,nosy',
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3360 "@search_text": "foo + ^bar2"}, nodeid=None, userid='1')
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3361 cl.classname = 'issue'
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3362 output = io.BytesIO()
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3363 cl.request = MockNull()
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3364 cl.request.wfile = output
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3365
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3366 # note NotFound isn't quite right. however this exception
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3367 # passes up the stack to where it is handled with a suitable
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3368 # display of the error.
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3369 # call export version that outputs names
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3370 with self.assertRaises(NotFound) as cm:
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3371 actions.ExportCSVAction(cl).handle()
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3372
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3373 # call export version that outputs id numbers
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3374 with self.assertRaises(NotFound) as cm:
65336409738c Fix csv export with text search. test csv export Sqlite FTS syntax error
John Rouillard <rouilj@ieee.org>
parents: 6599
diff changeset
3375 actions.ExportCSVWithIdAction(cl).handle()
6599
39189dd94f2c issue2551189 - increase size of words in full text index.
John Rouillard <rouilj@ieee.org>
parents: 6593
diff changeset
3376
6593
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3377 class SqliteNativeCgiTest(unittest.TestCase, testFtsQuery):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3378 """All of the rest of the tests use anydbm as the backend.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3379 This class tests renderContext for fulltext search.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3380 Run with sqlite and native indexer.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3381 """
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3382
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3383 def setUp(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3384 self.dirname = '_test_template'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3385 # set up and open a tracker
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3386 self.instance = setupTracker(self.dirname, backend="sqlite")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3387
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3388 self.instance.config.INDEXER = "native"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3389
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3390 # open the database
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3391 self.db = self.instance.open('admin')
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3392 self.db.tx_Source = "web"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3393
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3394 # create a client instance and hijack write_html
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3395 self.client = client.Client(self.instance, "user",
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3396 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3397 form=db_test_base.makeForm({"@template": "item"}))
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3398
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3399 self.client._error_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3400 self.client._ok_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3401 self.client.db = self.db
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3402 self.client.userid = '1'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3403 self.client.language = ('en',)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3404 self.client.session_api = MockNull(_sid="1234567890")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3405
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3406 self.output = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3407 # ugly hack to get html_write to return data here.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3408 def html_write(s):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3409 self.output.append(s)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3410
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3411 # hijack html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3412 self.client.write_html = html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3413
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3414 def tearDown(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3415 self.db.close()
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3416 try:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3417 shutil.rmtree(self.dirname)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3418 except OSError as error:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3419 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3420
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3421 @skip_postgresql
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3422 class PostgresqlNativeCgiTest(unittest.TestCase, testFtsQuery):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3423 """All of the rest of the tests use anydbm as the backend.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3424 This class tests renderContext for fulltext search.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3425 Run with postgresql and native indexer.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3426 """
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3427
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3428 def setUp(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3429 self.dirname = '_test_template'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3430 # set up and open a tracker
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3431 self.instance = setupTracker(self.dirname, backend="postgresql")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3432
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3433 self.instance.config.INDEXER = "native"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3434
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3435 # open the database
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3436 self.db = self.instance.open('admin')
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3437 self.db.tx_Source = "web"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3438
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3439 # create a client instance and hijack write_html
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3440 self.client = client.Client(self.instance, "user",
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3441 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3442 form=db_test_base.makeForm({"@template": "item"}))
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3443
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3444 self.client._error_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3445 self.client._ok_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3446 self.client.db = self.db
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3447 self.client.userid = '1'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3448 self.client.language = ('en',)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3449 self.client.session_api = MockNull(_sid="1234567890")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3450
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3451 self.output = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3452 # ugly hack to get html_write to return data here.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3453 def html_write(s):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3454 self.output.append(s)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3455
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3456 # hijack html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3457 self.client.write_html = html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3458
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3459 def tearDown(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3460 self.db.close()
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3461 try:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3462 shutil.rmtree(self.dirname)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3463 except OSError as error:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3464 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3465
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3466 @skip_mysql
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3467 class MysqlNativeCgiTest(unittest.TestCase, testFtsQuery):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3468 """All of the rest of the tests use anydbm as the backend.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3469 This class tests renderContext for fulltext search.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3470 Run with mysql and native indexer.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3471 """
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3472
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3473 def setUp(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3474 self.dirname = '_test_template'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3475 # set up and open a tracker
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3476 self.instance = setupTracker(self.dirname, backend="mysql")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3477
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3478 self.instance.config.INDEXER = "native"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3479
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3480 # open the database
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3481 self.db = self.instance.open('admin')
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3482 self.db.tx_Source = "web"
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3483
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3484 # create a client instance and hijack write_html
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3485 self.client = client.Client(self.instance, "user",
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3486 {'PATH_INFO':'/user', 'REQUEST_METHOD':'POST'},
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3487 form=db_test_base.makeForm({"@template": "item"}))
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3488
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3489 self.client._error_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3490 self.client._ok_message = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3491 self.client.db = self.db
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3492 self.client.userid = '1'
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3493 self.client.language = ('en',)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3494 self.client.session_api = MockNull(_sid="1234567890")
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3495
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3496 self.output = []
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3497 # ugly hack to get html_write to return data here.
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3498 def html_write(s):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3499 self.output.append(s)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3500
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3501 # hijack html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3502 self.client.write_html = html_write
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3503
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3504 def tearDown(self):
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3505 self.db.close()
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3506 try:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3507 shutil.rmtree(self.dirname)
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3508 except OSError as error:
e70e2789bc2c issue2551189 - increase text search maxlength
John Rouillard <rouilj@ieee.org>
parents: 6588
diff changeset
3509 if error.errno not in (errno.ENOENT, errno.ESRCH): raise
6588
91ab3e0ffcd0 Summary: Add test cases for sqlite fts
John Rouillard <rouilj@ieee.org>
parents: 6435
diff changeset
3510
2696
a5c5a1106e3b init.initialize() was removed in [[CVS:1.30]] (27-jul-2004)
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2027
diff changeset
3511 # vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/